free(): invalid pointer with ffmpeg 5.0

[KuleRucket]

Describe the Bug

Recently on Arch, ffmpeg was updated from v4 to v5

$ grep ffmpeg /var/log/pacman.log
[2022-02-18T09:24:18+0100] [ALPM] upgraded ffmpeg (2:4.4.1-1 -> 2:5.0-4)
[2022-02-18T09:24:20+0100] [ALPM] installed ffmpeg4.4 (4.4.1-3)
[2022-02-19T11:02:18+0100] [ALPM] upgraded ffmpeg4.4 (4.4.1-3 -> 4.4.1-4)

This updated the libraries used to build sunshine:

[luke@monster sunshine]$ ldd /usr/bin/sunshine | grep libav
        libavcodec.so.58 => /usr/lib/libavcodec.so.58 (0x00007f011a831000)
        libavutil.so.56 => /usr/lib/libavutil.so.56 (0x00007f011a588000)
[luke@monster sunshine]$ ldd build/sunshine | grep libav
        libavformat.so.58 => /usr/lib/libavformat.so.58 (0x00007fafb6438000)
        libavdevice.so.58 => /usr/lib/libavdevice.so.58 (0x00007fafb6414000)
        libavcodec.so.58 => /usr/lib/libavcodec.so.58 (0x00007fafb4fc9000)
        libavutil.so.56 => /usr/lib/libavutil.so.56 (0x00007fafb4d20000)
        libavfilter.so.7 => /usr/lib/libavfilter.so.7 (0x00007fafb1605000)
        libavc1394.so.0 => /usr/lib/libavc1394.so.0 (0x00007fafb15ec000)

Now sunshine crashes during initialisation with the following error when avcodec_receive_packet() is called:
free(): invalid pointer

here is a gdb stack trace with some logs:

[2022:02:22:08:39:23]: Info: //////////////////////////////////////////////////////////////////
[2022:02:22:08:39:23]: Info: //                                                              //
[2022:02:22:08:39:23]: Info: //   Testing for available encoders, this may generate errors.  //
[2022:02:22:08:39:23]: Info: //   You can safely ignore those errors.                        //
[2022:02:22:08:39:23]: Info: //                                                              //
[2022:02:22:08:39:23]: Info: //////////////////////////////////////////////////////////////////
[2022:02:22:08:39:23]: Info: Trying encoder [nvenc]
[2022:02:22:08:39:23]: Info: Screencasting with NvFBC
[2022:02:22:08:39:23]: Info: Color coding [Rec. 601]
[2022:02:22:08:39:23]: Info: Color range: [JPEG]
[New Thread 0x7fcabddff000 (LWP 21509)]
[New Thread 0x7fcabd5fe000 (LWP 21510)]
free(): invalid pointer

Thread 1 "sunshine" received signal SIGABRT, Aborted.
0x00007fcaf00b034c in __pthread_kill_implementation () from /usr/lib/libc.so.6
(gdb) bt
#0  0x00007fcaf00b034c in __pthread_kill_implementation () at /usr/lib/libc.so.6
#1  0x00007fcaf00634b8 in raise () at /usr/lib/libc.so.6
#2  0x00007fcaf004d534 in abort () at /usr/lib/libc.so.6
#3  0x00007fcaf00a4397 in __libc_message () at /usr/lib/libc.so.6
#4  0x00007fcaf00ba33c in  () at /usr/lib/libc.so.6
#5  0x00007fcaf00bbff4 in _int_free () at /usr/lib/libc.so.6
#6  0x00007fcaf00bebe3 in free () at /usr/lib/libc.so.6
#7  0x00007fcaf2b90970 in av_buffer_unref () at /usr/lib/libavutil.so.57
#8  0x00007fcaf2ee8eb8 in av_packet_unref () at /usr/lib/libavcodec.so.59
#9  0x00007fcaf302929b in avcodec_receive_packet () at /usr/lib/libavcodec.so.59
#10 0x000055bc24349833 in video::encode(long, video::session_t&, AVFrame*, std::shared_ptr<safe::post_t<safe::queue_t<std::unique_ptr<video::packet_raw_t, std::default_delete<video::packet_raw_t> > > > >&, void*)
    (frame_nr=1, session=..., frame=0x55bc2716f500, packets=std::shared_ptr<safe::post_t<safe::queue_t<std::unique_ptr<video::packet_raw_t, std::default_delete<video::packet_raw_t> > > >> (use count 1, weak count 1) = {...}, channel_data=0x0)
    at /home/luke/Projects/sunshine/sunshine.git/sunshine/video.cpp:740
#11 0x000055bc2434e1c7 in video::validate_config(std::shared_ptr<platf::display_t>&, video::encoder_t const&, video::config_t const&) (disp=std::shared_ptr<platf::display_t> (use count 1, weak count 0) = {...}, encoder=..., config=...)
    at /home/luke/Projects/sunshine/sunshine.git/sunshine/video.cpp:1427
#12 0x000055bc2434e992 in video::validate_encoder(video::encoder_t&) (encoder=...) at /home/luke/Projects/sunshine/sunshine.git/sunshine/video.cpp:1474
#13 0x000055bc24350334 in video::init() () at /home/luke/Projects/sunshine/sunshine.git/sunshine/video.cpp:1589
#14 0x000055bc241e9ba5 in main(int, char**) (argc=2, argv=0x7fff31d46ea8) at /home/luke/Projects/sunshine/sunshine.git/sunshine/main.cpp:261

Either there is a bug in ffmpeg and it is trying to free memory it shouldn't, or there is something about the way util::safe_ptr works that it doesn't like.

Expected Behavior

Starts up without crashing

Additional Context

The same thing occurs event of the loki repo.

Sunshine Host Operating System and Version

Arch Linux

Architecture

64-bit

Sunshine Version

master/0.12.0

GPU Type

NVidia

GPU Model

Geforce RTX 3070

GPU Driver/Mesa Version

510.54

Capture Method (Linux Only)

NvFBC

[KuleRucket]

Just as a test I tried forcing the old libraries in the generated CMakeCache.txt:

sed -i 's/libavcodec.so/libavcodec.so.58/' build/CMakeCache.txt
sed -i 's/libavdevice.so/libavdevice.so.58/' build/CMakeCache.txt
sed -i 's/libavformat.so/libavformat.so.58/' build/CMakeCache.txt
sed -i 's/libavutil.so/libavutil.so.56/' build/CMakeCache.txt
sed -i 's/libswscale.so/libswscale.so.5/' build/CMakeCache.txt

This stops the crash but causes other problems. I'm not sure if there is a proper way to force cmake to find non-default libraries. I tried changing this in the CMakeList.txt but it didn't work:
find_package(FFMPEG 4 EXACT REQUIRED)

[KuleRucket]

Proper solution found, supply the following cmake cache entries as arguments:

-DLIBAVCODEC_INCLUDE_DIR=/usr/include/ffmpeg4.4 -DLIBAVCODEC_LIBRARIES=/usr/lib/ffmpeg4.4/libavcodec.so
-DLIBAVDEVICE_INCLUDE_DIR=/usr/include/ffmpeg4.4 -DLIBAVDEVICE_LIBRARIES=/usr/lib/ffmpeg4.4/libavdevice.so
-DLIBAVFORMAT_INCLUDE_DIR=/usr/include/ffmpeg4.4 -DLIBAVFORMAT_LIBRARIES=/usr/lib/ffmpeg4.4/libavformat.so
-DLIBAVUTIL_INCLUDE_DIR=/usr/include/ffmpeg4.4 -DLIBAVUTIL_LIBRARIES=/usr/lib/ffmpeg4.4/libavutil.so
-DLIBSWSCALE_INCLUDE_DIR=/usr/include/ffmpeg4.4 -DLIBSWSCALE_LIBRARIES=/usr/lib/ffmpeg4.4/libswscale.so