[FFmpeg-trac] #6820(undetermined:new): Segfault with DASH live stream
FFmpeg
trac at avcodec.org
Wed Nov 8 22:23:56 EET 2017
#6820: Segfault with DASH live stream
-------------------------------------+-------------------------------------
Reporter: mrskman | Type: defect
Status: new | Priority: normal
Component: | Version:
undetermined | unspecified
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
I wanted to test the new DASH demuxer but ffmpeg segfaulted on Ubuntu
server 12.04.
{{{
ffmpeg -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd -loglevel 99
ffmpeg version 3.4 Copyright (c) 2000-2017 the FFmpeg developers
built with gcc 4.6 (Ubuntu/Linaro 4.6.3-1ubuntu5)
configuration: --prefix=/opt/ffmpeg/3.4-test/build --cc= --cxx= --objcc=
--dep-cc= --extra-cflags= --extra-cxxflags= --extra-
ldflags='-Wl,-rpath,/opt/ffmpeg/3.4-test/build/lib
-L/opt/ffmpeg/3.4-test/build/lib' --bindir=/opt/ffmpeg/3.4-test/build/bin
--enable-shared --disable-static --disable-doc --disable-htmlpages
--disable-manpages --disable-podpages --disable-txtpages --enable-gpl
--enable-libass --enable-libbluray --enable-libcelt --enable-libfdk-aac
--enable-libfreetype --enable-libfribidi --enable-libgme --enable-libgsm
--enable-libilbc --enable-libmp3lame --enable-libopencore-amrnb --enable-
libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp
--enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis
--enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265
--enable-libxml2 --enable-nonfree --enable-openssl --enable-rpath
--enable-version3
libavutil 55. 78.100 / 55. 78.100
libavcodec 57.107.100 / 57.107.100
libavformat 57. 83.100 / 57. 83.100
libavdevice 57. 10.100 / 57. 10.100
libavfilter 6.107.100 / 6.107.100
libswscale 4. 8.100 / 4. 8.100
libswresample 2. 9.100 / 2. 9.100
libpostproc 54. 7.100 / 54. 7.100
Splitting the commandline.
Reading option '-i' ... matched as input url with argument
'http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd'.
Reading option '-loglevel' ... matched as option 'loglevel' (set logging
level) with argument '99'.
Finished splitting the commandline.
Parsing a group of options: global .
Applying option loglevel (set logging level) with argument 99.
Successfully parsed a group of options.
Parsing a group of options: input url
http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd.
Successfully parsed a group of options.
Opening an input file: http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd.
[NULL @ 0x2602580] Opening
'http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd' for reading
[http @ 0x2602e60] Setting default whitelist
'http,https,tls,rtp,tcp,udp,crypto,httpproxy'
[http @ 0x2602e60] request: GET /live/dash/jtv.mpd HTTP/1.1
User-Agent: Lavf/57.83.100
Accept: */*
Range: bytes=0-
Connection: close
Host: vysilani.zaktv.cz:8000
Icy-MetaData: 1
[http @ 0x2602e60] header='HTTP/1.1 206 Partial Content'
[http @ 0x2602e60] http_code=206
[http @ 0x2602e60] header='Server: nginx/1.13.1'
[http @ 0x2602e60] header='Date: Wed, 08 Nov 2017 20:12:24 GMT'
[http @ 0x2602e60] header='Content-Type: application/dash+xml'
[http @ 0x2602e60] header='Content-Length: 2484'
[http @ 0x2602e60] header='Last-Modified: Wed, 08 Nov 2017 20:12:24 GMT'
[http @ 0x2602e60] header='Connection: close'
[http @ 0x2602e60] header='ETag: "5a036528-9b4"'
[http @ 0x2602e60] header='Cache-Control: no-cache'
[http @ 0x2602e60] header='Access-Control-Allow-Origin: *'
[http @ 0x2602e60] header='Content-Range: bytes 0-2483/2484'
[http @ 0x2602e60] header=''
Probing dash score:100 size:2048
[dash @ 0x2602580] Format dash probed with size=2048 and score=100
[dash @ 0x2602580] rep_idx[0]
[dash @ 0x2602580] rep_count[0]
[http @ 0x260bbc0] Setting default whitelist
'http,https,tls,rtp,tcp,udp,crypto,httpproxy'
[http @ 0x260bbc0] request: GET /live/dash/jtv.mpd HTTP/1.1
User-Agent: Lavf/57.83.100
Accept: */*
Range: bytes=0-
Connection: close
Host: vysilani.zaktv.cz:8000
Icy-MetaData: 1
[http @ 0x260bbc0] header='HTTP/1.1 206 Partial Content'
[http @ 0x260bbc0] http_code=206
[http @ 0x260bbc0] header='Server: nginx/1.13.1'
[http @ 0x260bbc0] header='Date: Wed, 08 Nov 2017 20:12:24 GMT'
[http @ 0x260bbc0] header='Content-Type: application/dash+xml'
[http @ 0x260bbc0] header='Content-Length: 2484'
[http @ 0x260bbc0] header='Last-Modified: Wed, 08 Nov 2017 20:12:24 GMT'
[http @ 0x260bbc0] header='Connection: close'
[http @ 0x260bbc0] header='ETag: "5a036528-9b4"'
[http @ 0x260bbc0] header='Cache-Control: no-cache'
[http @ 0x260bbc0] header='Access-Control-Allow-Origin: *'
[http @ 0x260bbc0] header='Content-Range: bytes 0-2483/2484'
[http @ 0x260bbc0] header=''
[dash @ 0x2602580] rep_idx[0]
[dash @ 0x2602580] rep_count[0]
[AVIOContext @ 0x26067e0] Statistics: 2484 bytes read, 0 seeks
Segmentation fault (core dumped)
}}}
GDB output:
{{{
ffmpeg_g...done.
(gdb) r -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
Starting program: /opt/ffmpeg/3.4-test/sources/ffmpeg-3.4/ffmpeg_g -i
http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
warning: no loadable sections found in added symbol-file system-supplied
DSO at 0x7ffff7ffa000
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
ffmpeg version 3.4 Copyright (c) 2000-2017 the FFmpeg developers
built with gcc 4.6 (Ubuntu/Linaro 4.6.3-1ubuntu5)
configuration: --prefix=/opt/ffmpeg/3.4-test/build --cc= --cxx= --objcc=
--dep-cc= --extra-cflags= --extra-cxxflags= --extra-
ldflags='-Wl,-rpath,/opt/ffmpeg/3.4-test/build/lib
-L/opt/ffmpeg/3.4-test/build/lib' --bindir=/opt/ffmpeg/3.4-test/build/bin
--enable-shared --disable-static --disable-doc --disable-htmlpages
--disable-manpages --disable-podpages --disable-txtpages --enable-gpl
--enable-libass --enable-libbluray --enable-libcelt --enable-libfdk-aac
--enable-libfreetype --enable-libfribidi --enable-libgme --enable-libgsm
--enable-libilbc --enable-libmp3lame --enable-libopencore-amrnb --enable-
libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp
--enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis
--enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265
--enable-libxml2 --enable-nonfree --enable-openssl --enable-rpath
--enable-version3
libavutil 55. 78.100 / 55. 78.100
libavcodec 57.107.100 / 57.107.100
libavformat 57. 83.100 / 57. 83.100
libavdevice 57. 10.100 / 57. 10.100
libavfilter 6.107.100 / 6.107.100
libswscale 4. 8.100 / 4. 8.100
libswresample 2. 9.100 / 2. 9.100
libpostproc 54. 7.100 / 54. 7.100
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff737cddd in ?? () from
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
}}}
Valgrind output:
{{{
valgrind ffmpeg_g -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
==3088== Memcheck, a memory error detector
==3088== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==3088== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==3088== Command: sources/ffmpeg-3.4/ffmpeg_g -i
http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
==3088==
ffmpeg version 3.4 Copyright (c) 2000-2017 the FFmpeg developers
built with gcc 4.6 (Ubuntu/Linaro 4.6.3-1ubuntu5)
configuration: --prefix=/opt/ffmpeg/3.4-test/build --cc= --cxx= --objcc=
--dep-cc= --extra-cflags= --extra-cxxflags= --extra-
ldflags='-Wl,-rpath,/opt/ffmpeg/3.4-test/build/lib
-L/opt/ffmpeg/3.4-test/build/lib' --bindir=/opt/ffmpeg/3.4-test/build/bin
--enable-shared --disable-static --disable-doc --disable-htmlpages
--disable-manpages --disable-podpages --disable-txtpages --enable-gpl
--enable-libass --enable-libbluray --enable-libcelt --enable-libfdk-aac
--enable-libfreetype --enable-libfribidi --enable-libgme --enable-libgsm
--enable-libilbc --enable-libmp3lame --enable-libopencore-amrnb --enable-
libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp
--enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis
--enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265
--enable-libxml2 --enable-nonfree --enable-openssl --enable-rpath
--enable-version3
libavutil 55. 78.100 / 55. 78.100
libavcodec 57.107.100 / 57.107.100
libavformat 57. 83.100 / 57. 83.100
libavdevice 57. 10.100 / 57. 10.100
libavfilter 6.107.100 / 6.107.100
libswscale 4. 8.100 / 4. 8.100
libswresample 2. 9.100 / 2. 9.100
libpostproc 54. 7.100 / 54. 7.100
==3088== Invalid read of size 8
==3088== at 0x553ADDD: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553DAC3: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553DEBE: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553E222: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x552D6FD: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x552E033: avio_read (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x55583D0: av_probe_input_buffer2 (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x55585A8: av_probe_input_buffer (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553A85A: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553B5D4: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553E700: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x56528B5: avformat_open_input (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== Address 0x18 is not stack'd, malloc'd or (recently) free'd
==3088==
==3088==
==3088== Process terminating with default action of signal 11 (SIGSEGV)
==3088== Access not within mapped region at address 0x18
==3088== at 0x553ADDD: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553DAC3: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553DEBE: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553E222: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x552D6FD: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x552E033: avio_read (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x55583D0: av_probe_input_buffer2 (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x55585A8: av_probe_input_buffer (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553A85A: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553B5D4: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x553E700: ??? (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== by 0x56528B5: avformat_open_input (in
/opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088== If you believe this happened as a result of a stack
==3088== overflow in your program's main thread (unlikely but
==3088== possible), you can try to increase the size of the
==3088== main thread stack using the --main-stacksize= flag.
==3088== The main thread stack size used in this run was 8388608.
==3088==
==3088== HEAP SUMMARY:
==3088== in use at exit: 165,431 bytes in 2,801 blocks
==3088== total heap usage: 3,796 allocs, 995 frees, 475,449 bytes
allocated
==3088==
==3088== LEAK SUMMARY:
==3088== definitely lost: 625 bytes in 4 blocks
==3088== indirectly lost: 79 bytes in 6 blocks
==3088== possibly lost: 0 bytes in 0 blocks
==3088== still reachable: 164,727 bytes in 2,791 blocks
==3088== suppressed: 0 bytes in 0 blocks
==3088== Rerun with --leak-check=full to see details of leaked memory
==3088==
==3088== For counts of detected and suppressed errors, rerun with: -v
==3088== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2)
Segmentation fault (core dumped)
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/6820>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list