Opened 6 years ago

Closed 6 years ago

#6820 closed defect (fixed)

Segfault with DASH live stream

Reported by: mrskman Owned by:
Priority: important Component: avformat
Version: git-master Keywords: dash crash SIGSEGV
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no

Description

I wanted to test the new DASH demuxer but ffmpeg segfaulted on Ubuntu server 12.04.

ffmpeg -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd -loglevel 99
ffmpeg version 3.4 Copyright (c) 2000-2017 the FFmpeg developers
  built with gcc 4.6 (Ubuntu/Linaro 4.6.3-1ubuntu5)
  configuration: --prefix=/opt/ffmpeg/3.4-test/build --cc= --cxx= --objcc= --dep-cc= --extra-cflags= --extra-cxxflags= --extra-ldflags='-Wl,-rpath,/opt/ffmpeg/3.4-test/build/lib -L/opt/ffmpeg/3.4-test/build/lib' --bindir=/opt/ffmpeg/3.4-test/build/bin --enable-shared --disable-static --disable-doc --disable-htmlpages --disable-manpages --disable-podpages --disable-txtpages --enable-gpl --enable-libass --enable-libbluray --enable-libcelt --enable-libfdk-aac --enable-libfreetype --enable-libfribidi --enable-libgme --enable-libgsm --enable-libilbc --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-nonfree --enable-openssl --enable-rpath --enable-version3
  libavutil      55. 78.100 / 55. 78.100
  libavcodec     57.107.100 / 57.107.100
  libavformat    57. 83.100 / 57. 83.100
  libavdevice    57. 10.100 / 57. 10.100
  libavfilter     6.107.100 /  6.107.100
  libswscale      4.  8.100 /  4.  8.100
  libswresample   2.  9.100 /  2.  9.100
  libpostproc    54.  7.100 / 54.  7.100
Splitting the commandline.
Reading option '-i' ... matched as input url with argument 'http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd'.
Reading option '-loglevel' ... matched as option 'loglevel' (set logging level) with argument '99'.
Finished splitting the commandline.
Parsing a group of options: global .
Applying option loglevel (set logging level) with argument 99.
Successfully parsed a group of options.
Parsing a group of options: input url http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd.
Successfully parsed a group of options.
Opening an input file: http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd.
[NULL @ 0x2602580] Opening 'http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd' for reading
[http @ 0x2602e60] Setting default whitelist 'http,https,tls,rtp,tcp,udp,crypto,httpproxy'
[http @ 0x2602e60] request: GET /live/dash/jtv.mpd HTTP/1.1
User-Agent: Lavf/57.83.100
Accept: */*
Range: bytes=0-
Connection: close
Host: vysilani.zaktv.cz:8000
Icy-MetaData: 1


[http @ 0x2602e60] header='HTTP/1.1 206 Partial Content'
[http @ 0x2602e60] http_code=206
[http @ 0x2602e60] header='Server: nginx/1.13.1'
[http @ 0x2602e60] header='Date: Wed, 08 Nov 2017 20:12:24 GMT'
[http @ 0x2602e60] header='Content-Type: application/dash+xml'
[http @ 0x2602e60] header='Content-Length: 2484'
[http @ 0x2602e60] header='Last-Modified: Wed, 08 Nov 2017 20:12:24 GMT'
[http @ 0x2602e60] header='Connection: close'
[http @ 0x2602e60] header='ETag: "5a036528-9b4"'
[http @ 0x2602e60] header='Cache-Control: no-cache'
[http @ 0x2602e60] header='Access-Control-Allow-Origin: *'
[http @ 0x2602e60] header='Content-Range: bytes 0-2483/2484'
[http @ 0x2602e60] header=''
Probing dash score:100 size:2048
[dash @ 0x2602580] Format dash probed with size=2048 and score=100
[dash @ 0x2602580] rep_idx[0]
[dash @ 0x2602580] rep_count[0]
[http @ 0x260bbc0] Setting default whitelist 'http,https,tls,rtp,tcp,udp,crypto,httpproxy'
[http @ 0x260bbc0] request: GET /live/dash/jtv.mpd HTTP/1.1
User-Agent: Lavf/57.83.100
Accept: */*
Range: bytes=0-
Connection: close
Host: vysilani.zaktv.cz:8000
Icy-MetaData: 1


[http @ 0x260bbc0] header='HTTP/1.1 206 Partial Content'
[http @ 0x260bbc0] http_code=206
[http @ 0x260bbc0] header='Server: nginx/1.13.1'
[http @ 0x260bbc0] header='Date: Wed, 08 Nov 2017 20:12:24 GMT'
[http @ 0x260bbc0] header='Content-Type: application/dash+xml'
[http @ 0x260bbc0] header='Content-Length: 2484'
[http @ 0x260bbc0] header='Last-Modified: Wed, 08 Nov 2017 20:12:24 GMT'
[http @ 0x260bbc0] header='Connection: close'
[http @ 0x260bbc0] header='ETag: "5a036528-9b4"'
[http @ 0x260bbc0] header='Cache-Control: no-cache'
[http @ 0x260bbc0] header='Access-Control-Allow-Origin: *'
[http @ 0x260bbc0] header='Content-Range: bytes 0-2483/2484'
[http @ 0x260bbc0] header=''
[dash @ 0x2602580] rep_idx[0]
[dash @ 0x2602580] rep_count[0]
[AVIOContext @ 0x26067e0] Statistics: 2484 bytes read, 0 seeks
Segmentation fault (core dumped)

GDB output:

ffmpeg_g...done.
(gdb) r -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
Starting program: /opt/ffmpeg/3.4-test/sources/ffmpeg-3.4/ffmpeg_g -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
warning: no loadable sections found in added symbol-file system-supplied DSO at 0x7ffff7ffa000
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
ffmpeg version 3.4 Copyright (c) 2000-2017 the FFmpeg developers
  built with gcc 4.6 (Ubuntu/Linaro 4.6.3-1ubuntu5)
  configuration: --prefix=/opt/ffmpeg/3.4-test/build --cc= --cxx= --objcc= --dep-cc= --extra-cflags= --extra-cxxflags= --extra-ldflags='-Wl,-rpath,/opt/ffmpeg/3.4-test/build/lib -L/opt/ffmpeg/3.4-test/build/lib' --bindir=/opt/ffmpeg/3.4-test/build/bin --enable-shared --disable-static --disable-doc --disable-htmlpages --disable-manpages --disable-podpages --disable-txtpages --enable-gpl --enable-libass --enable-libbluray --enable-libcelt --enable-libfdk-aac --enable-libfreetype --enable-libfribidi --enable-libgme --enable-libgsm --enable-libilbc --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-nonfree --enable-openssl --enable-rpath --enable-version3
  libavutil      55. 78.100 / 55. 78.100
  libavcodec     57.107.100 / 57.107.100
  libavformat    57. 83.100 / 57. 83.100
  libavdevice    57. 10.100 / 57. 10.100
  libavfilter     6.107.100 /  6.107.100
  libswscale      4.  8.100 /  4.  8.100
  libswresample   2.  9.100 /  2.  9.100
  libpostproc    54.  7.100 / 54.  7.100

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff737cddd in ?? () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57

Valgrind output:

valgrind ffmpeg_g -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
==3088== Memcheck, a memory error detector
==3088== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==3088== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==3088== Command: sources/ffmpeg-3.4/ffmpeg_g -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
==3088== 
ffmpeg version 3.4 Copyright (c) 2000-2017 the FFmpeg developers
  built with gcc 4.6 (Ubuntu/Linaro 4.6.3-1ubuntu5)
  configuration: --prefix=/opt/ffmpeg/3.4-test/build --cc= --cxx= --objcc= --dep-cc= --extra-cflags= --extra-cxxflags= --extra-ldflags='-Wl,-rpath,/opt/ffmpeg/3.4-test/build/lib -L/opt/ffmpeg/3.4-test/build/lib' --bindir=/opt/ffmpeg/3.4-test/build/bin --enable-shared --disable-static --disable-doc --disable-htmlpages --disable-manpages --disable-podpages --disable-txtpages --enable-gpl --enable-libass --enable-libbluray --enable-libcelt --enable-libfdk-aac --enable-libfreetype --enable-libfribidi --enable-libgme --enable-libgsm --enable-libilbc --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-nonfree --enable-openssl --enable-rpath --enable-version3
  libavutil      55. 78.100 / 55. 78.100
  libavcodec     57.107.100 / 57.107.100
  libavformat    57. 83.100 / 57. 83.100
  libavdevice    57. 10.100 / 57. 10.100
  libavfilter     6.107.100 /  6.107.100
  libswscale      4.  8.100 /  4.  8.100
  libswresample   2.  9.100 /  2.  9.100
  libpostproc    54.  7.100 / 54.  7.100
==3088== Invalid read of size 8
==3088==    at 0x553ADDD: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553DAC3: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553DEBE: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553E222: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x552D6FD: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x552E033: avio_read (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x55583D0: av_probe_input_buffer2 (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x55585A8: av_probe_input_buffer (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553A85A: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553B5D4: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553E700: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x56528B5: avformat_open_input (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==  Address 0x18 is not stack'd, malloc'd or (recently) free'd
==3088== 
==3088== 
==3088== Process terminating with default action of signal 11 (SIGSEGV)
==3088==  Access not within mapped region at address 0x18
==3088==    at 0x553ADDD: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553DAC3: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553DEBE: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553E222: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x552D6FD: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x552E033: avio_read (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x55583D0: av_probe_input_buffer2 (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x55585A8: av_probe_input_buffer (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553A85A: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553B5D4: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x553E700: ??? (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==    by 0x56528B5: avformat_open_input (in /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57.83.100)
==3088==  If you believe this happened as a result of a stack
==3088==  overflow in your program's main thread (unlikely but
==3088==  possible), you can try to increase the size of the
==3088==  main thread stack using the --main-stacksize= flag.
==3088==  The main thread stack size used in this run was 8388608.
==3088== 
==3088== HEAP SUMMARY:
==3088==     in use at exit: 165,431 bytes in 2,801 blocks
==3088==   total heap usage: 3,796 allocs, 995 frees, 475,449 bytes allocated
==3088== 
==3088== LEAK SUMMARY:
==3088==    definitely lost: 625 bytes in 4 blocks
==3088==    indirectly lost: 79 bytes in 6 blocks
==3088==      possibly lost: 0 bytes in 0 blocks
==3088==    still reachable: 164,727 bytes in 2,791 blocks
==3088==         suppressed: 0 bytes in 0 blocks
==3088== Rerun with --leak-check=full to see details of leaked memory
==3088== 
==3088== For counts of detected and suppressed errors, rerun with: -v
==3088== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2)
Segmentation fault (core dumped)

Change History (13)

comment:1 by mrskman, 6 years ago

Full GBD output:

gdb ffmpeg_g 
GNU gdb (Ubuntu/Linaro 7.4-2012.04-0ubuntu2.1) 7.4-2012.04
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /opt/ffmpeg/3.4-test/sources/ffmpeg-3.4/ffmpeg_g...done.
(gdb) r -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
Starting program: /opt/ffmpeg/3.4-test/sources/ffmpeg-3.4/ffmpeg_g -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
warning: no loadable sections found in added symbol-file system-supplied DSO at 0x7ffff7ffa000
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
ffmpeg version 3.4 Copyright (c) 2000-2017 the FFmpeg developers
  built with gcc 4.6 (Ubuntu/Linaro 4.6.3-1ubuntu5)
  configuration: --prefix=/opt/ffmpeg/3.4-test/build --cc= --cxx= --objcc= --dep-cc= --extra-cflags= --extra-cxxflags= --extra-ldflags='-Wl,-rpath,/opt/ffmpeg/3.4-test/build/lib -L/opt/ffmpeg/3.4-test/build/lib' --bindir=/opt/ffmpeg/3.4-test/build/bin --enable-shared --disable-static --disable-doc --disable-htmlpages --disable-manpages --disable-podpages --disable-txtpages --enable-gpl --enable-libass --enable-libbluray --enable-libcelt --enable-libfdk-aac --enable-libfreetype --enable-libfribidi --enable-libgme --enable-libgsm --enable-libilbc --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-nonfree --enable-openssl --enable-rpath --enable-version3
  libavutil      55. 78.100 / 55. 78.100
  libavcodec     57.107.100 / 57.107.100
  libavformat    57. 83.100 / 57. 83.100
  libavdevice    57. 10.100 / 57. 10.100
  libavfilter     6.107.100 /  6.107.100
  libswscale      4.  8.100 /  4.  8.100
  libswresample   2.  9.100 /  2.  9.100
  libpostproc    54.  7.100 / 54.  7.100

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff737cddd in ?? () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
(gdb) bt
#0  0x00007ffff737cddd in ?? () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#1  0x00007ffff737fac4 in ?? () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#2  0x00007ffff737febf in ?? () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#3  0x00007ffff7380223 in ?? () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#4  0x00007ffff736f6fe in ?? () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#5  0x00007ffff7370034 in avio_read () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#6  0x00007ffff739a3d1 in av_probe_input_buffer2 () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#7  0x00007ffff739a5a9 in av_probe_input_buffer () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#8  0x00007ffff737c85b in ?? () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#9  0x00007ffff737d5d5 in ?? () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#10 0x00007ffff7380701 in ?? () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#11 0x00007ffff74948b6 in avformat_open_input () from /opt/ffmpeg/3.4-test/build/lib/libavformat.so.57
#12 0x000000000040dbfd in open_input_file (o=0x7fffffffdef0, filename=<optimized out>) at fftools/ffmpeg_opt.c:1060
#13 0x000000000040b38c in open_files (inout=0x42efc0 "input", open_file=0x40d830 <open_input_file>, l=<optimized out>) at fftools/ffmpeg_opt.c:3278
#14 0x00000000004130b7 in ffmpeg_parse_options (argc=<optimized out>, argv=<optimized out>) at fftools/ffmpeg_opt.c:3318
#15 0x0000000000409366 in main (argc=3, argv=0x7fffffffe528) at fftools/ffmpeg.c:4794
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x7ffff737cdbd to 0x7ffff737cdfd:
   0x00007ffff737cdbd:	add    %al,(%rax)
   0x00007ffff737cdbf:	jmpq   0x7ffff7370190 <avio_seek>
   0x00007ffff737cdc4:	nopl   0x0(%rax)
   0x00007ffff737cdc8:	mov    $0xffffffffffffffda,%rax
   0x00007ffff737cdcf:	retq   
   0x00007ffff737cdd0:	push   %rbp
   0x00007ffff737cdd1:	push   %rbx
   0x00007ffff737cdd2:	sub    $0x18,%rsp
   0x00007ffff737cdd6:	mov    0x118(%rdi),%rax
=> 0x00007ffff737cddd:	mov    0x18(%rax),%rbx
   0x00007ffff737cde1:	mov    0x190(%rdi),%eax
   0x00007ffff737cde7:	test   %eax,%eax
   0x00007ffff737cde9:	jne    0x7ffff737ce70
   0x00007ffff737cdef:	mov    0x1a0(%rdi),%esi
   0x00007ffff737cdf5:	test   %esi,%esi
   0x00007ffff737cdf7:	je     0x7ffff737ce30
   0x00007ffff737cdf9:	movslq %esi,%rax
   0x00007ffff737cdfc:	add    0x1b0(%rdi),%rax
End of assembler dump.
(gdb) info all-registers
rax            0x0	0
rbx            0x6594a0	6657184
rcx            0x7ffff4d90740	140737301251904
rdx            0x679a20	6789664
rsi            0xffffffff	4294967295
rdi            0x65bc40	6667328
rbp            0x65a4e0	0x65a4e0
rsp            0x7fffffffc9d0	0x7fffffffc9d0
r8             0x0	0
r9             0x679f00	6790912
r10            0x0	0
r11            0x6	6
r12            0x65bc40	6667328
r13            0x0	0
r14            0x659670	6657648
r15            0x65c300	6669056
rip            0x7ffff737cddd	0x7ffff737cddd
eflags         0x10202	[ IF RF ]
cs             0x33	51
ss             0x2b	43
ds             0x0	0
es             0x0	0
fs             0x0	0
gs             0x0	0
st0            0	(raw 0x00000000000000000000)
st1            0	(raw 0x00000000000000000000)
st2            0	(raw 0x00000000000000000000)
st3            0	(raw 0x00000000000000000000)
st4            0	(raw 0x00000000000000000000)
st5            0	(raw 0x00000000000000000000)
st6            0	(raw 0x00000000000000000000)
st7            0	(raw 0x00000000000000000000)
fctrl          0x37f	895
fstat          0x0	0
ftag           0xffff	65535
fiseg          0x0	0
fioff          0x0	0
foseg          0x0	0
fooff          0x0	0
fop            0x0	0
mxcsr          0x1fa0	[ PE IM DM ZM OM UM PM ]
ymm0           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x8000000000000000, 0x0, 0x0}, v32_int8 = {0x0 <repeats 14 times>, 0xff, 0xff, 0x0 <repeats 16 times>}, v16_int16 = {0x0, 
    0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x0, 0x0, 0x0, 0xffff0000, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0xffff000000000000, 0x0, 0x0}, v2_int128 = {
    0xffff0000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm1           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x8000000000000000, 0x0, 0x0, 0x0}, v32_int8 = {0x6a, 0x74, 0x76, 0x2d, 0x24, 0x54, 0x69, 0x6d, 0x65, 0x24, 0x2e, 0x6d, 0x34, 
    0x61, 0x0 <repeats 18 times>}, v16_int16 = {0x746a, 0x2d76, 0x5424, 0x6d69, 0x2465, 0x6d2e, 0x6134, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x2d76746a, 0x6d695424, 0x6d2e2465, 0x6134, 
    0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x6d6954242d76746a, 0x61346d2e2465, 0x0, 0x0}, v2_int128 = {0x000061346d2e24656d6954242d76746a, 0x00000000000000000000000000000000}}
ymm2           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 
    0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm3           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 
    0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm4           {v8_float = {0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x10, 0x41, 0x0 <repeats 28 times>}, v16_int16 = {0x0, 0x4110, 
    0x0 <repeats 14 times>}, v8_int32 = {0x41100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x41100000, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000041100000, 
    0x00000000000000000000000000000000}}
ymm5           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x74, 0x3d, 0x22, 0x32, 0x33, 0x37, 0x38, 0x34, 0x32, 0x31, 0x22, 0x20, 0x64, 0x3d, 0x22, 
    0x35, 0x0 <repeats 16 times>}, v16_int16 = {0x3d74, 0x3222, 0x3733, 0x3438, 0x3132, 0x2022, 0x3d64, 0x3522, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x32223d74, 0x34383733, 0x20223132, 
---Type <return> to continue, or q <return> to quit---
    0x35223d64, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3438373332223d74, 0x35223d6420223132, 0x0, 0x0}, v2_int128 = {0x35223d64202231323438373332223d74, 0x00000000000000000000000000000000}}
ymm6           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x33, 0x32, 0x30, 0x22, 0x2f, 0x3e, 0xa, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 
    0x0 <repeats 16 times>}, v16_int16 = {0x3233, 0x2230, 0x3e2f, 0x200a, 0x2020, 0x2020, 0x2020, 0x2020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x22303233, 0x200a3e2f, 0x20202020, 0x20202020, 
    0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x200a3e2f22303233, 0x2020202020202020, 0x0, 0x0}, v2_int128 = {0x2020202020202020200a3e2f22303233, 0x00000000000000000000000000000000}}
ymm7           {v8_float = {0x3c200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x8000000000000000, 0x8000000000000000, 0x0, 0x0}, v32_int8 = {0x20, 0x3c, 0x2f, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 
    0x74, 0x54, 0x69, 0x6d, 0x65, 0x6c, 0x69, 0x0 <repeats 16 times>}, v16_int16 = {0x3c20, 0x532f, 0x6765, 0x656d, 0x746e, 0x6954, 0x656d, 0x696c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {
    0x532f3c20, 0x656d6765, 0x6954746e, 0x696c656d, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x656d6765532f3c20, 0x696c656d6954746e, 0x0, 0x0}, v2_int128 = {0x696c656d6954746e656d6765532f3c20, 
    0x00000000000000000000000000000000}}
ymm8           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x8000000000000000, 0x0, 0x0}, v32_int8 = {0x6e, 0x65, 0x3e, 0xa, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3c, 
    0x2f, 0x53, 0x65, 0x0 <repeats 16 times>}, v16_int16 = {0x656e, 0xa3e, 0x2020, 0x2020, 0x2020, 0x2020, 0x2f3c, 0x6553, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0xa3e656e, 0x20202020, 
    0x20202020, 0x65532f3c, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x202020200a3e656e, 0x65532f3c20202020, 0x0, 0x0}, v2_int128 = {0x65532f3c20202020202020200a3e656e, 0x00000000000000000000000000000000}}
ymm9           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x8000000000000000, 0x0, 0x0, 0x0}, v32_int8 = {0x67, 0x6d, 0x65, 0x6e, 0x74, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 
    0x3e, 0xa, 0x20, 0x0 <repeats 16 times>}, v16_int16 = {0x6d67, 0x6e65, 0x5474, 0x6d65, 0x6c70, 0x7461, 0x3e65, 0x200a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x6e656d67, 0x6d655474, 
    0x74616c70, 0x200a3e65, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x6d6554746e656d67, 0x200a3e6574616c70, 0x0, 0x0}, v2_int128 = {0x200a3e6574616c706d6554746e656d67, 0x00000000000000000000000000000000}}
ymm10          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 
    0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm11          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x66, 0x94, 0x48, 0xf, 0x11, 0x14, 0xe3, 0x39, 0x0 <repeats 24 times>}, v16_int16 = {0x9466, 
    0xf48, 0x1411, 0x39e3, 0x0 <repeats 12 times>}, v8_int32 = {0xf489466, 0x39e31411, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x39e314110f489466, 0x0, 0x0, 0x0}, v2_int128 = {
    0x000000000000000039e314110f489466, 0x00000000000000000000000000000000}}
ymm12          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xb8, 0x8, 0xdb, 0x19, 0xa0, 0x1, 0x2a, 0xbf, 0x0 <repeats 24 times>}, v16_int16 = {0x8b8, 
    0x19db, 0x1a0, 0xbf2a, 0x0 <repeats 12 times>}, v8_int32 = {0x19db08b8, 0xbf2a01a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xbf2a01a019db08b8, 0x0, 0x0, 0x0}, v2_int128 = {
    0x0000000000000000bf2a01a019db08b8, 0x00000000000000000000000000000000}}
ymm13          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xd9, 0x7e, 0x9a, 0x7b, 0xe2, 0x1d, 0xc7, 0x3e, 0x0 <repeats 24 times>}, v16_int16 = {0x7ed9, 
    0x7b9a, 0x1de2, 0x3ec7, 0x0 <repeats 12 times>}, v8_int32 = {0x7b9a7ed9, 0x3ec71de2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3ec71de27b9a7ed9, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000003ec71de27b9a7ed9, 0x00000000000000000000000000000000}}
ymm14          {v8_float = {0xffffff82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x59, 0xdf, 0xfc, 0xc2, 0xff, 0xdd, 0x5a, 0xbe, 0x0 <repeats 24 times>}, v16_int16 = {
    0xdf59, 0xc2fc, 0xddff, 0xbe5a, 0x0 <repeats 12 times>}, v8_int32 = {0xc2fcdf59, 0xbe5addff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xbe5addffc2fcdf59, 0x0, 0x0, 0x0}, v2_int128 = {
    0x0000000000000000be5addffc2fcdf59, 0x00000000000000000000000000000000}}
ymm15          {v8_float = {0x92854080, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x7f, 0xf5, 0xda, 0xce, 0xf0, 0x39, 0xc1, 0x3f, 0x0 <repeats 24 times>}, v16_int16 = {
    0xf57f, 0xceda, 0x39f0, 0x3fc1, 0x0 <repeats 12 times>}, v8_int32 = {0xcedaf57f, 0x3fc139f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3fc139f0cedaf57f, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000003fc139f0cedaf57f, 0x00000000000000000000000000000000}}

comment:2 by James, 6 years ago

Could you reconfigure with "--disable-stripping --disable-optimizations"? Valgrind and gdb output is useless without debug symbols.

comment:3 by mrskman, 6 years ago

Valgrind:

valgrind ffmpeg_g -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
==55778== Memcheck, a memory error detector
==55778== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==55778== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==55778== Command: sources/ffmpeg-3.4/ffmpeg_g -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
==55778== 
ffmpeg version 3.4 Copyright (c) 2000-2017 the FFmpeg developers
  built with gcc 4.6 (Ubuntu/Linaro 4.6.3-1ubuntu5)
  configuration: --prefix=/opt/ffmpeg/3.4-test/build --cc= --cxx= --objcc= --dep-cc= --extra-cflags= --extra-cxxflags= --extra-ldflags='-Wl,-rpath,/opt/ffmpeg/3.4-test/build/lib -L/opt/ffmpeg/3.4-test/build/lib' --bindir=/opt/ffmpeg/3.4-test/build/bin --enable-shared --disable-static --disable-doc --disable-htmlpages --disable-manpages --disable-podpages --disable-txtpages --enable-gpl --enable-libass --enable-libbluray --enable-libcelt --enable-libfdk-aac --enable-libfreetype --enable-libfribidi --enable-libgme --enable-libgsm --enable-libilbc --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-nonfree --enable-openssl --enable-rpath --enable-version3 --disable-stripping --disable-optimizations
  libavutil      55. 78.100 / 55. 78.100
  libavcodec     57.107.100 / 57.107.100
  libavformat    57. 83.100 / 57. 83.100
  libavdevice    57. 10.100 / 57. 10.100
  libavfilter     6.107.100 /  6.107.100
  libswscale      4.  8.100 /  4.  8.100
  libswresample   2.  9.100 /  2.  9.100
  libpostproc    54.  7.100 / 54.  7.100
==55778== Invalid read of size 8
==55778==    at 0x567DC97: calc_max_seg_no (dashdec.c:1084)
==55778==    by 0x567DEA2: move_timelines (dashdec.c:1111)
==55778==    by 0x567E268: refresh_manifest (dashdec.c:1172)
==55778==    by 0x567E58B: get_current_fragment (dashdec.c:1232)
==55778==    by 0x567EEE2: read_data (dashdec.c:1406)
==55778==    by 0x5667D38: fill_buffer (aviobuf.c:573)
==55778==    by 0x5668103: avio_read (aviobuf.c:667)
==55778==    by 0x56A3D81: av_probe_input_buffer2 (format.c:314)
==55778==    by 0x56A3F6E: av_probe_input_buffer (format.c:368)
==55778==    by 0x567F4CE: reopen_demux_for_component (dashdec.c:1530)
==55778==    by 0x567F637: open_demux_for_component (dashdec.c:1565)
==55778==    by 0x567F88D: dash_read_header (dashdec.c:1615)
==55778==  Address 0x18 is not stack'd, malloc'd or (recently) free'd
==55778== 
==55778== 
==55778== Process terminating with default action of signal 11 (SIGSEGV)
==55778==  Access not within mapped region at address 0x18
==55778==    at 0x567DC97: calc_max_seg_no (dashdec.c:1084)
==55778==    by 0x567DEA2: move_timelines (dashdec.c:1111)
==55778==    by 0x567E268: refresh_manifest (dashdec.c:1172)
==55778==    by 0x567E58B: get_current_fragment (dashdec.c:1232)
==55778==    by 0x567EEE2: read_data (dashdec.c:1406)
==55778==    by 0x5667D38: fill_buffer (aviobuf.c:573)
==55778==    by 0x5668103: avio_read (aviobuf.c:667)
==55778==    by 0x56A3D81: av_probe_input_buffer2 (format.c:314)
==55778==    by 0x56A3F6E: av_probe_input_buffer (format.c:368)
==55778==    by 0x567F4CE: reopen_demux_for_component (dashdec.c:1530)
==55778==    by 0x567F637: open_demux_for_component (dashdec.c:1565)
==55778==    by 0x567F88D: dash_read_header (dashdec.c:1615)
==55778==  If you believe this happened as a result of a stack
==55778==  overflow in your program's main thread (unlikely but
==55778==  possible), you can try to increase the size of the
==55778==  main thread stack using the --main-stacksize= flag.
==55778==  The main thread stack size used in this run was 8388608.
==55778== 
==55778== HEAP SUMMARY:
==55778==     in use at exit: 165,431 bytes in 2,801 blocks
==55778==   total heap usage: 3,798 allocs, 997 frees, 475,513 bytes allocated
==55778== 
==55778== LEAK SUMMARY:
==55778==    definitely lost: 18 bytes in 3 blocks
==55778==    indirectly lost: 27 bytes in 3 blocks
==55778==      possibly lost: 0 bytes in 0 blocks
==55778==    still reachable: 165,386 bytes in 2,795 blocks
==55778==         suppressed: 0 bytes in 0 blocks
==55778== Rerun with --leak-check=full to see details of leaked memory
==55778== 
==55778== For counts of detected and suppressed errors, rerun with: -v
==55778== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2)
Segmentation fault (core dumped)

gdb:

gdb ffmpeg_g 
GNU gdb (Ubuntu/Linaro 7.4-2012.04-0ubuntu2.1) 7.4-2012.04
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /opt/ffmpeg/3.4-test/sources/ffmpeg-3.4/ffmpeg_g...done.
(gdb) r -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
Starting program: /opt/ffmpeg/3.4-test/sources/ffmpeg-3.4/ffmpeg_g -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
warning: no loadable sections found in added symbol-file system-supplied DSO at 0x7ffff7ffa000
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
ffmpeg version 3.4 Copyright (c) 2000-2017 the FFmpeg developers
  built with gcc 4.6 (Ubuntu/Linaro 4.6.3-1ubuntu5)
  configuration: --prefix=/opt/ffmpeg/3.4-test/build --cc= --cxx= --objcc= --dep-cc= --extra-cflags= --extra-cxxflags= --extra-ldflags='-Wl,-rpath,/opt/ffmpeg/3.4-test/build/lib -L/opt/ffmpeg/3.4-test/build/lib' --bindir=/opt/ffmpeg/3.4-test/build/bin --enable-shared --disable-static --disable-doc --disable-htmlpages --disable-manpages --disable-podpages --disable-txtpages --enable-gpl --enable-libass --enable-libbluray --enable-libcelt --enable-libfdk-aac --enable-libfreetype --enable-libfribidi --enable-libgme --enable-libgsm --enable-libilbc --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-nonfree --enable-openssl --enable-rpath --enable-version3 --disable-stripping --disable-optimizations
  libavutil      55. 78.100 / 55. 78.100
  libavcodec     57.107.100 / 57.107.100
  libavformat    57. 83.100 / 57. 83.100
  libavdevice    57. 10.100 / 57. 10.100
  libavfilter     6.107.100 /  6.107.100
  libswscale      4.  8.100 /  4.  8.100
  libswresample   2.  9.100 /  2.  9.100
  libpostproc    54.  7.100 / 54.  7.100

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff71cdc97 in calc_max_seg_no (pls=0x666c40) at libavformat/dashdec.c:1084
1084	    DASHContext *c = pls->parent->priv_data;
(gdb) bt
#0  0x00007ffff71cdc97 in calc_max_seg_no (pls=0x666c40) at libavformat/dashdec.c:1084
#1  0x00007ffff71cdea3 in move_timelines (rep_src=0x684a20, rep_dest=0x666c40) at libavformat/dashdec.c:1111
#2  0x00007ffff71ce269 in refresh_manifest (s=0x660560) at libavformat/dashdec.c:1172
#3  0x00007ffff71ce58c in get_current_fragment (pls=0x6654e0) at libavformat/dashdec.c:1232
#4  0x00007ffff71ceee3 in read_data (opaque=0x6654e0, buf=0x6746e0 "@Cf", buf_size=32768) at libavformat/dashdec.c:1406
#5  0x00007ffff71b7d39 in fill_buffer (s=0x6654e8) at libavformat/aviobuf.c:573
#6  0x00007ffff71b8104 in avio_read (s=0x6654e8, buf=0x669340 "\330\fy\364\377\177", size=2048) at libavformat/aviobuf.c:667
#7  0x00007ffff71f3d82 in av_probe_input_buffer2 (pb=0x6654e8, fmt=0x7fffffffdca8, filename=0x7ffff7373bc3 "", logctx=0x0, offset=0, max_probe_size=1048576) at libavformat/format.c:314
#8  0x00007ffff71f3f6f in av_probe_input_buffer (pb=0x6654e8, fmt=0x7fffffffdca8, filename=0x7ffff7373bc3 "", logctx=0x0, offset=0, max_probe_size=0) at libavformat/format.c:368
#9  0x00007ffff71cf4cf in reopen_demux_for_component (s=0x660560, pls=0x6654e0) at libavformat/dashdec.c:1530
#10 0x00007ffff71cf638 in open_demux_for_component (s=0x660560, pls=0x6654e0) at libavformat/dashdec.c:1565
#11 0x00007ffff71cf88e in dash_read_header (s=0x660560) at libavformat/dashdec.c:1615
#12 0x00007ffff733b3e4 in avformat_open_input (ps=0x7fffffffddf8, filename=0x7fffffffe7c5 "http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd", fmt=0x0, options=0x660368) at libavformat/utils.c:595
#13 0x000000000040ce77 in open_input_file (o=0x7fffffffdf10, filename=0x7fffffffe7c5 "http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd") at fftools/ffmpeg_opt.c:1060
#14 0x0000000000416e10 in open_files (l=0x660318, inout=0x4380ef "input", open_file=0x40c5f8 <open_input_file>) at fftools/ffmpeg_opt.c:3278
#15 0x0000000000416fa2 in ffmpeg_parse_options (argc=3, argv=0x7fffffffe528) at fftools/ffmpeg_opt.c:3318
#16 0x00000000004357f9 in main (argc=3, argv=0x7fffffffe528) at fftools/ffmpeg.c:4794
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x7ffff71cdc77 to 0x7ffff71cdcb7:
   0x00007ffff71cdc77 <calc_min_seg_no+177>:	loopne 0x7ffff71cdcc1 <calc_max_seg_no+66>
   0x00007ffff71cdc79 <calc_min_seg_no+179>:	add    $0x38,%esp
   0x00007ffff71cdc7c <calc_min_seg_no+182>:	pop    %rbx
   0x00007ffff71cdc7d <calc_min_seg_no+183>:	pop    %rbp
   0x00007ffff71cdc7e <calc_min_seg_no+184>:	retq   
   0x00007ffff71cdc7f <calc_max_seg_no+0>:	push   %rbp
   0x00007ffff71cdc80 <calc_max_seg_no+1>:	mov    %rsp,%rbp
   0x00007ffff71cdc83 <calc_max_seg_no+4>:	push   %rbx
   0x00007ffff71cdc84 <calc_max_seg_no+5>:	sub    $0x38,%rsp
   0x00007ffff71cdc88 <calc_max_seg_no+9>:	mov    %rdi,-0x38(%rbp)
   0x00007ffff71cdc8c <calc_max_seg_no+13>:	mov    -0x38(%rbp),%rax
   0x00007ffff71cdc90 <calc_max_seg_no+17>:	mov    0x118(%rax),%rax
=> 0x00007ffff71cdc97 <calc_max_seg_no+24>:	mov    0x18(%rax),%rax
   0x00007ffff71cdc9b <calc_max_seg_no+28>:	mov    %rax,-0x20(%rbp)
   0x00007ffff71cdc9f <calc_max_seg_no+32>:	movq   $0x0,-0x28(%rbp)
   0x00007ffff71cdca7 <calc_max_seg_no+40>:	mov    -0x38(%rbp),%rax
   0x00007ffff71cdcab <calc_max_seg_no+44>:	mov    0x190(%rax),%eax
   0x00007ffff71cdcb1 <calc_max_seg_no+50>:	test   %eax,%eax
   0x00007ffff71cdcb3 <calc_max_seg_no+52>:	je     0x7ffff71cdcdc <calc_max_seg_no+93>
   0x00007ffff71cdcb5 <calc_max_seg_no+54>:	mov    -0x38(%rbp),%rax
End of assembler dump.
(gdb) info all-registers
rax            0x0	0
rbx            0x684a20	6834720
rcx            0x7ffff4790740	140737294960448
rdx            0x0	0
rsi            0xffffffff	4294967295
rdi            0x666c40	6712384
rbp            0x7fffffffc9b0	0x7fffffffc9b0
rsp            0x7fffffffc970	0x7fffffffc970
r8             0x7ffff4cd95b2	140737300501938
r9             0x1	1
r10            0x0	0
r11            0x246	582
r12            0x409260	4231776
r13            0x7fffffffe520	140737488348448
r14            0x0	0
r15            0x0	0
rip            0x7ffff71cdc97	0x7ffff71cdc97 <calc_max_seg_no+24>
eflags         0x10202	[ IF RF ]
cs             0x33	51
ss             0x2b	43
ds             0x0	0
es             0x0	0
fs             0x0	0
gs             0x0	0
st0            0	(raw 0x00000000000000000000)
st1            0	(raw 0x00000000000000000000)
st2            0	(raw 0x00000000000000000000)
st3            0	(raw 0x00000000000000000000)
st4            0	(raw 0x00000000000000000000)
st5            0	(raw 0x00000000000000000000)
st6            0	(raw 0x00000000000000000000)
st7            0	(raw 0x00000000000000000000)
fctrl          0x37f	895
fstat          0x0	0
ftag           0xffff	65535
fiseg          0x0	0
fioff          0x0	0
foseg          0x0	0
fooff          0x0	0
fop            0x0	0
mxcsr          0x1fa0	[ PE IM DM ZM OM UM PM ]
ymm0           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 
    0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm1           {v8_float = {0x0, 0x0, 0x191dc00, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x8000000000000000, 0x8000000000000000, 0x0, 0x0}, v32_int8 = {0x2e, 0x0, 0x5f, 0x5f, 0x67, 0x65, 0x74, 0x63, 0x77, 0x64, 
    0x0, 0x50, 0x57, 0x44, 0x0, 0x73, 0x0 <repeats 16 times>}, v16_int16 = {0x2e, 0x5f5f, 0x6567, 0x6374, 0x6477, 0x5000, 0x4457, 0x7300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x5f5f002e, 
    0x63746567, 0x50006477, 0x73004457, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x637465675f5f002e, 0x7300445750006477, 0x0, 0x0}, v2_int128 = {0x7300445750006477637465675f5f002e, 0x00000000000000000000000000000000}}
ymm2           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xff, 0x0, 0x0, 0x1, 
    0x0 <repeats 16 times>}, v16_int16 = {0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0xff, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x0, 0x0, 0xffff0000, 0x10000ff, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {
    0x0, 0x10000ffffff0000, 0x0, 0x0}, v2_int128 = {0x010000ffffff00000000000000000000, 0x00000000000000000000000000000000}}
ymm3           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x8000000000000000, 0x0, 0x0, 0x0}, v32_int8 = {0x20, 0x0, 0x41, 0x64, 0x61, 0x70, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 
    0x65, 0x74, 0x0 <repeats 17 times>}, v16_int16 = {0x20, 0x6441, 0x7061, 0x6174, 0x6974, 0x6e6f, 0x6553, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x64410020, 0x61747061, 0x6e6f6974, 
    0x746553, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x6174706164410020, 0x7465536e6f6974, 0x0, 0x0}, v2_int128 = {0x007465536e6f69746174706164410020, 0x00000000000000000000000000000000}}
ymm4           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x20 <repeats 13 times>, 0x3c, 0x53, 0x20, 0x0 <repeats 16 times>}, v16_int16 = {0x2020, 
    0x2020, 0x2020, 0x2020, 0x2020, 0x2020, 0x3c20, 0x2053, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x20202020, 0x20202020, 0x20202020, 0x20533c20, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {
    0x2020202020202020, 0x20533c2020202020, 0x0, 0x0}, v2_int128 = {0x20533c20202020202020202020202020, 0x00000000000000000000000000000000}}
ymm5           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x74, 0x3d, 0x22, 0x33, 0x35, 0x35, 0x39, 0x31, 0x30, 0x31, 0x22, 0x20, 0x64, 0x3d, 0x22, 
---Type <return> to continue, or q <return> to quit---
    0x35, 0x0 <repeats 16 times>}, v16_int16 = {0x3d74, 0x3322, 0x3535, 0x3139, 0x3130, 0x2022, 0x3d64, 0x3522, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x33223d74, 0x31393535, 0x20223130, 
    0x35223d64, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3139353533223d74, 0x35223d6420223130, 0x0, 0x0}, v2_int128 = {0x35223d64202231303139353533223d74, 0x00000000000000000000000000000000}}
ymm6           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x31, 0x36, 0x30, 0x22, 0x2f, 0x3e, 0xa, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 
    0x0 <repeats 16 times>}, v16_int16 = {0x3631, 0x2230, 0x3e2f, 0x200a, 0x2020, 0x2020, 0x2020, 0x2020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x22303631, 0x200a3e2f, 0x20202020, 0x20202020, 
    0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x200a3e2f22303631, 0x2020202020202020, 0x0, 0x0}, v2_int128 = {0x2020202020202020200a3e2f22303631, 0x00000000000000000000000000000000}}
ymm7           {v8_float = {0x3c200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x8000000000000000, 0x8000000000000000, 0x0, 0x0}, v32_int8 = {0x20, 0x3c, 0x2f, 0x53, 0x65, 0x67, 0x6d, 0x65, 0x6e, 
    0x74, 0x54, 0x69, 0x6d, 0x65, 0x6c, 0x69, 0x0 <repeats 16 times>}, v16_int16 = {0x3c20, 0x532f, 0x6765, 0x656d, 0x746e, 0x6954, 0x656d, 0x696c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {
    0x532f3c20, 0x656d6765, 0x6954746e, 0x696c656d, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x656d6765532f3c20, 0x696c656d6954746e, 0x0, 0x0}, v2_int128 = {0x696c656d6954746e656d6765532f3c20, 
    0x00000000000000000000000000000000}}
ymm8           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x8000000000000000, 0x0, 0x0}, v32_int8 = {0x6e, 0x65, 0x3e, 0xa, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3c, 
    0x2f, 0x53, 0x65, 0x0 <repeats 16 times>}, v16_int16 = {0x656e, 0xa3e, 0x2020, 0x2020, 0x2020, 0x2020, 0x2f3c, 0x6553, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0xa3e656e, 0x20202020, 
    0x20202020, 0x65532f3c, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x202020200a3e656e, 0x65532f3c20202020, 0x0, 0x0}, v2_int128 = {0x65532f3c20202020202020200a3e656e, 0x00000000000000000000000000000000}}
ymm9           {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x8000000000000000, 0x0, 0x0, 0x0}, v32_int8 = {0x67, 0x6d, 0x65, 0x6e, 0x74, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 
    0x3e, 0xa, 0x20, 0x0 <repeats 16 times>}, v16_int16 = {0x6d67, 0x6e65, 0x5474, 0x6d65, 0x6c70, 0x7461, 0x3e65, 0x200a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v8_int32 = {0x6e656d67, 0x6d655474, 
    0x74616c70, 0x200a3e65, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x6d6554746e656d67, 0x200a3e6574616c70, 0x0, 0x0}, v2_int128 = {0x200a3e6574616c706d6554746e656d67, 0x00000000000000000000000000000000}}
ymm10          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x0 <repeats 32 times>}, v16_int16 = {0x0 <repeats 16 times>}, v8_int32 = {0x0, 0x0, 0x0, 0x0, 
    0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x0, 0x0, 0x0, 0x0}, v2_int128 = {0x00000000000000000000000000000000, 0x00000000000000000000000000000000}}
ymm11          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x66, 0x94, 0x48, 0xf, 0x11, 0x14, 0xe3, 0x39, 0x0 <repeats 24 times>}, v16_int16 = {0x9466, 
    0xf48, 0x1411, 0x39e3, 0x0 <repeats 12 times>}, v8_int32 = {0xf489466, 0x39e31411, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x39e314110f489466, 0x0, 0x0, 0x0}, v2_int128 = {
    0x000000000000000039e314110f489466, 0x00000000000000000000000000000000}}
ymm12          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xb8, 0x8, 0xdb, 0x19, 0xa0, 0x1, 0x2a, 0xbf, 0x0 <repeats 24 times>}, v16_int16 = {0x8b8, 
    0x19db, 0x1a0, 0xbf2a, 0x0 <repeats 12 times>}, v8_int32 = {0x19db08b8, 0xbf2a01a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xbf2a01a019db08b8, 0x0, 0x0, 0x0}, v2_int128 = {
    0x0000000000000000bf2a01a019db08b8, 0x00000000000000000000000000000000}}
ymm13          {v8_float = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0xd9, 0x7e, 0x9a, 0x7b, 0xe2, 0x1d, 0xc7, 0x3e, 0x0 <repeats 24 times>}, v16_int16 = {0x7ed9, 
    0x7b9a, 0x1de2, 0x3ec7, 0x0 <repeats 12 times>}, v8_int32 = {0x7b9a7ed9, 0x3ec71de2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3ec71de27b9a7ed9, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000003ec71de27b9a7ed9, 0x00000000000000000000000000000000}}
ymm14          {v8_float = {0xffffff82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x59, 0xdf, 0xfc, 0xc2, 0xff, 0xdd, 0x5a, 0xbe, 0x0 <repeats 24 times>}, v16_int16 = {
    0xdf59, 0xc2fc, 0xddff, 0xbe5a, 0x0 <repeats 12 times>}, v8_int32 = {0xc2fcdf59, 0xbe5addff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0xbe5addffc2fcdf59, 0x0, 0x0, 0x0}, v2_int128 = {
    0x0000000000000000be5addffc2fcdf59, 0x00000000000000000000000000000000}}
ymm15          {v8_float = {0x92854080, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_double = {0x0, 0x0, 0x0, 0x0}, v32_int8 = {0x7f, 0xf5, 0xda, 0xce, 0xf0, 0x39, 0xc1, 0x3f, 0x0 <repeats 24 times>}, v16_int16 = {
    0xf57f, 0xceda, 0x39f0, 0x3fc1, 0x0 <repeats 12 times>}, v8_int32 = {0xcedaf57f, 0x3fc139f0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, v4_int64 = {0x3fc139f0cedaf57f, 0x0, 0x0, 0x0}, v2_int128 = {
    0x00000000000000003fc139f0cedaf57f, 0x00000000000000000000000000000000}}

comment:4 by Carl Eugen Hoyos, 6 years ago

I cannot reproduce, neither with 32bit nor 64bit, static or shared compilation.

Could you test with the following build and the resulting ffmpeg_g binary?

$ ./configure --enable-libxml2 && make ffmpeg
Last edited 6 years ago by Carl Eugen Hoyos (previous) (diff)

comment:5 by mrskman, 6 years ago

Still the same result. No matter if it is with system's or the latest downloaded libxml2 library.

But on Ubuntu desktop 16.04 is everything working. Do you have any idea what can be wrong? Maybe GCC version?

Ubuntu 16.04 output:

ffmpeg -i http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd
ffmpeg version 3.4 Copyright (c) 2000-2017 the FFmpeg developers
  built with gcc 5.4.0 (Ubuntu 5.4.0-6ubuntu1~16.04.4) 20160609
  configuration: --prefix=/home/mrskman/ffmpeg/3.4/build --cc= --cxx= --objcc= --dep-cc= --extra-cflags= --extra-cxxflags= --extra-ldflags='-Wl,-rpath,/home/mrskman/ffmpeg/3.4/build/lib -L/home/mrskman/ffmpeg/3.4/build/lib' --bindir=/home/mrskman/ffmpeg/3.4/build/bin --enable-shared --disable-static --disable-doc --disable-htmlpages --disable-manpages --disable-podpages --disable-txtpages --enable-gpl --enable-libass --enable-libbluray --enable-libcelt --enable-libfdk-aac --enable-libfreetype --enable-libfribidi --enable-libgme --enable-libgsm --enable-libilbc --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-libopus --enable-librtmp --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-nonfree --enable-openssl --enable-rpath --enable-version3
  libavutil      55. 78.100 / 55. 78.100
  libavcodec     57.107.100 / 57.107.100
  libavformat    57. 83.100 / 57. 83.100
  libavdevice    57. 10.100 / 57. 10.100
  libavfilter     6.107.100 /  6.107.100
  libswscale      4.  8.100 /  4.  8.100
  libswresample   2.  9.100 /  2.  9.100
  libpostproc    54.  7.100 / 54.  7.100
[dash @ 0xea24a0] Opening 'http://vysilani.zaktv.cz:8000/live/dash/jtv-init.m4v' for reading
[dash @ 0xea24a0] Could not read complete fragment.
[dash @ 0xea24a0] Opening 'http://vysilani.zaktv.cz:8000/live/dash/jtv-7210621.m4v' for reading
[dash @ 0xea24a0] Opening 'http://vysilani.zaktv.cz:8000/live/dash/jtv-init.m4a' for reading
[dash @ 0xea24a0] Could not read complete fragment.
[dash @ 0xea24a0] Opening 'http://vysilani.zaktv.cz:8000/live/dash/jtv-7210621.m4a' for reading
Input #0, dash, from 'http://vysilani.zaktv.cz:8000/live/dash/jtv.mpd':
  Duration: N/A, start: 7210.621000, bitrate: 1 kb/s
  Program 0 
    Stream #0:0: Video: h264 (High) (avc1 / 0x31637661), yuv420p, 1024x576 [SAR 1:1 DAR 16:9], 1 kb/s, 25 fps, 25 tbr, 1k tbn, 50 tbc
    Stream #0:1: Audio: aac (LC) (mp4a / 0x6134706D), 48000 Hz, mono, fltp, 0 kb/s
At least one output file must be specified

comment:6 by Carl Eugen Hoyos, 6 years ago

Please test current FFmpeg git head, if it still crashes, feel free to test the (imo unrelated) patch I just sent:
http://ffmpeg.org/pipermail/ffmpeg-devel/2017-November/219407.html

(Please remember that only current FFmpeg git head is supported on this bug tracker, I also did test 3.4 though)

comment:7 by mrskman, 6 years ago

It still crashes with git head version and also with your patch. Do you need to see any output?

comment:8 by Carl Eugen Hoyos, 6 years ago

Component: undeterminedavformat
Keywords: dash crash SIGSEGV added
Priority: normalminor
Reproduced by developer: set
Status: newopen
Version: unspecifiedgit-master

I can reproduce the crash and the backtrace with vanilla gcc-4.9.1 and gcc-4.4.6 (and five other gcc-4 versions) and current FFmpeg git head here.

Last edited 6 years ago by Carl Eugen Hoyos (previous) (diff)

comment:9 by mrskman, 6 years ago

Any chance for this to be fixed? Is gcc-4 considered too old these days?

in reply to:  9 comment:10 by Carl Eugen Hoyos, 6 years ago

Replying to mrskman:

Any chance for this to be fixed? Is gcc-4 considered too old these days?

I don't think the gcc developers are still releasing updates for gcc-4 that would fix this issue.

in reply to:  11 comment:12 by mrskman, 6 years ago

Replying to stevenliu:

http://ffmpeg.org/pipermail/ffmpeg-devel/2017-November/219428.html

Try this patch please

It's working now!

comment:13 by Carl Eugen Hoyos, 6 years ago

Priority: minorimportant
Resolution: fixed
Status: openclosed

Also reproducible with --disable-optimizations (no compiler issue), fixed by Steven Liu in 1b323c3f9c8997c4df8e843cb065f10d097ae18c.

Note: See TracTickets for help on using tickets.