[FFmpeg-trac] #6611(ffserver:new): ffserver crashes on status page request
FFmpeg
trac at avcodec.org
Thu Aug 24 02:41:50 EEST 2017
#6611: ffserver crashes on status page request
----------------------------------+---------------------------------------
Reporter: nlebeck | Type: defect
Status: new | Priority: normal
Component: ffserver | Version: unspecified
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
----------------------------------+---------------------------------------
Summary of the bug:
When I add a new stream to the sample ffserver.conf that streams from a
video file on disk, the ffserver process crashes when I request the
/stat.html status page.
How to reproduce:
1. Add a new Stream entry to ffserver.conf with a File parameter pointing
to the video file. The video file I used for this bug report was the first
10MB of an H.264 movie trailer available online ([http://www.digital-
digest.com/movies/Rogue_One_A_Star_Wars_Story_1080p_Theatrical_Trailer_2.html]),
but the problem also appears when using the full 137MB trailer available
at that link.
2. Start ffserver with the modified ffserver.conf.
3. Access "http://localhost:8090/stat.html" in a web browser.
Details:
Although it's not clear in the GDB/valgrind stack traces below, the
compute_status() function in ffserver.c is the function that calls abort()
and crashes the server. I put in some debug print statements to figure out
exactly where the program was crashing, and I think I found out where and
why abort() is called. When the while loop starting at line 1987 of
ffserver.c is on the iteration corresponding to the stream I added (named
“test2.mp4” in my ffserver.conf), after the call to avcodec_find_encoder()
at line 2036, the value of st->codecpar->codec_type is equal to -1. As a
result, the switch statement on line 2038 goes to the default case, which
calls abort() on line 2059.
I don't know why the codec_type variable is set to -1. The video file
plays fine with ffplay, but maybe there is some issue with the parameters
in my ffserver.conf file. In any case, I’m assuming that if I’m
configuring something wrong, the correct behavior would be to print an
error message rather than crashing the server.
The command I ran:
{{{
% ./ffserver -f ~/research/temp/ffserver.conf
}}}
My ffserver.conf file:
{{{
HTTPPort 8090
HTTPBindAddress 0.0.0.0
MaxHTTPConnections 2000
MaxClients 1000
MaxBandwidth 10000
CustomLog -
<Feed feed1.ffm>
File /tmp/feed1.ffm
FileMaxSize 200K
ACL allow 127.0.0.1
</Feed>
<Stream test1.mpg>
Feed feed1.ffm
Format mpeg
AudioBitRate 32
AudioChannels 1
AudioSampleRate 44100
VideoBitRate 64
VideoBufferSize 40
VideoFrameRate 24
VideoSize 160x128
VideoGopSize 12
</Stream>
<Stream test.asf>
Feed feed1.ffm
Format asf
VideoFrameRate 15
VideoSize 352x240
VideoBitRate 256
VideoBufferSize 40
VideoGopSize 30
AudioBitRate 64
StartSendOnKey
</Stream>
<Stream test2.mp4>
File "/home/nl35/research/temp/H.264/rogue_one_trailer_2_small.mp4"
</Stream>
<Stream stat.html>
Format status
ACL allow localhost
ACL allow 192.168.0.0 192.168.255.255
</Stream>
<Redirect index.html>
URL http://www.ffmpeg.org/
</Redirect>
}}}
Below I've included valgrind and GDB output. I can provide the verbose
console output for ffserver on request, but it is 2.4 MB, which seemed too
large to put in the bug report text.
Valgrind output:
{{{
==21903== Memcheck, a memory error detector
==21903== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==21903== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright
info
==21903== Command: ./ffserver_g -f /home/nl35/research/temp/ffserver.conf
==21903==
ffserver version N-87034-geca2a49 Copyright (c) 2000-2017 the FFmpeg
developers
built with gcc 5.4.0 (Ubuntu 5.4.0-6ubuntu1~16.04.4) 20160609
configuration: --enable-debug=0
libavutil 55. 74.100 / 55. 74.100
libavcodec 57.103.100 / 57.103.100
libavformat 57. 76.100 / 57. 76.100
libavdevice 57. 7.101 / 57. 7.101
libavfilter 6.100.100 / 6.100.100
libswscale 4. 7.102 / 4. 7.102
libswresample 2. 8.100 / 2. 8.100
/home/nl35/research/temp/ffserver.conf:164: Setting default value for
video bit rate tolerance = 16000. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:164: Setting default value for
video rate control equation = tex^qComp. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:164: Setting default value for
video max rate = 128000. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:219: Setting default value for
audio sample rate = 22050. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:219: Setting default value for
audio channel count = 1. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:219: Setting default value for
video bit rate tolerance = 64000. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:219: Setting default value for
video rate control equation = tex^qComp. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:219: Setting default value for
video max rate = 512000. Use NoDefaults to disable it.
Wed Aug 23 15:48:47 2017 Opening feed file
'/home/nl35/research/temp/H.264/rogue_one_trailer_2_small.mp4' for stream
'test2.mp4'
Wed Aug 23 15:48:47 2017 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x5b98da0]stream 0,
timescale not set
Wed Aug 23 15:48:48 2017 Codecs do not match for stream 0
Wed Aug 23 15:48:48 2017 [ffm @ 0x65a9a60]Using AVStream.codec to pass
codec parameters to muxers is deprecated, use AVStream.codecpar instead.
Wed Aug 23 15:48:48 2017 [ffm @ 0x65a9a60]Using AVStream.codec to pass
codec parameters to muxers is deprecated, use AVStream.codecpar instead.
Wed Aug 23 15:48:48 2017 [ffm @ 0x65a9a60]Using AVStream.codec to pass
codec parameters to muxers is deprecated, use AVStream.codecpar instead.
Wed Aug 23 15:48:48 2017 [ffm @ 0x65a9a60]Using AVStream.codec to pass
codec parameters to muxers is deprecated, use AVStream.codecpar instead.
Wed Aug 23 15:48:48 2017 FFserver started.
==21903==
==21903== Process terminating with default action of signal 6 (SIGABRT)
==21903== at 0x57B3428: raise (raise.c:54)
==21903== by 0x57B5029: abort (abort.c:89)
==21903== by 0x47CF3A: http_parse_request (in /home/nl35/research
/video-streaming/ffmpeg/ffserver_g)
==21903== by 0x46E024: main (in /home/nl35/research/video-
streaming/ffmpeg/ffserver_g)
==21903==
==21903== HEAP SUMMARY:
==21903== in use at exit: 293,447 bytes in 81 blocks
==21903== total heap usage: 1,555 allocs, 1,474 frees, 8,874,581 bytes
allocated
==21903==
==21903== LEAK SUMMARY:
==21903== definitely lost: 32 bytes in 1 blocks
==21903== indirectly lost: 8,608 bytes in 20 blocks
==21903== possibly lost: 0 bytes in 0 blocks
==21903== still reachable: 284,807 bytes in 60 blocks
==21903== suppressed: 0 bytes in 0 blocks
==21903== Rerun with --leak-check=full to see details of leaked memory
==21903==
==21903== For counts of detected and suppressed errors, rerun with: -v
==21903== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
Aborted (core dumped)
}}}
GDB output:
{{{
(gdb) run
Starting program: /home/nl35/research/video-streaming/ffmpeg/ffserver_g -f
/home/nl35/research/temp/ffserver.conf
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
ffserver version N-87034-geca2a49 Copyright (c) 2000-2017 the FFmpeg
developers
built with gcc 5.4.0 (Ubuntu 5.4.0-6ubuntu1~16.04.4) 20160609
configuration: --enable-debug=0
libavutil 55. 74.100 / 55. 74.100
libavcodec 57.103.100 / 57.103.100
libavformat 57. 76.100 / 57. 76.100
libavdevice 57. 7.101 / 57. 7.101
libavfilter 6.100.100 / 6.100.100
libswscale 4. 7.102 / 4. 7.102
libswresample 2. 8.100 / 2. 8.100
/home/nl35/research/temp/ffserver.conf:164: Setting default value for
video bit rate tolerance = 16000. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:164: Setting default value for
video rate control equation = tex^qComp. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:164: Setting default value for
video max rate = 128000. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:219: Setting default value for
audio sample rate = 22050. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:219: Setting default value for
audio channel count = 1. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:219: Setting default value for
video bit rate tolerance = 64000. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:219: Setting default value for
video rate control equation = tex^qComp. Use NoDefaults to disable it.
/home/nl35/research/temp/ffserver.conf:219: Setting default value for
video max rate = 512000. Use NoDefaults to disable it.
Wed Aug 23 15:44:56 2017 Opening feed file
'/home/nl35/research/temp/H.264/rogue_one_trailer_2_small.mp4' for stream
'test2.mp4'
Wed Aug 23 15:44:56 2017 [mov,mp4,m4a,3gp,3g2,mj2 @ 0x1d4f060]stream 0,
timescale not set
Wed Aug 23 15:44:56 2017 Codecs do not match for stream 0
Wed Aug 23 15:44:56 2017 [ffm @ 0x1d4fa20]Using AVStream.codec to pass
codec parameters to muxers is deprecated, use AVStream.codecpar instead.
Wed Aug 23 15:44:56 2017 [ffm @ 0x1d4fa20]Using AVStream.codec to pass
codec parameters to muxers is deprecated, use AVStream.codecpar instead.
Wed Aug 23 15:44:56 2017 [ffm @ 0x1d4fa20]Using AVStream.codec to pass
codec parameters to muxers is deprecated, use AVStream.codecpar instead.
Wed Aug 23 15:44:56 2017 [ffm @ 0x1d4fa20]Using AVStream.codec to pass
codec parameters to muxers is deprecated, use AVStream.codecpar instead.
Wed Aug 23 15:44:56 2017 FFserver started.
Program received signal SIGABRT, Aborted.
0x00007ffff70fe428 in __GI_raise (sig=sig at entry=6) at
../sysdeps/unix/sysv/linux/raise.c:54
54 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0 0x00007ffff70fe428 in __GI_raise (sig=sig at entry=6) at
../sysdeps/unix/sysv/linux/raise.c:54
#1 0x00007ffff710002a in __GI_abort () at abort.c:89
#2 0x000000000047cf3b in http_parse_request ()
#3 0x000000000046e025 in main ()
(gdb) disass $pc-32,$pc+32
Dump of assembler code from 0x7ffff70fe408 to 0x7ffff70fe448:
0x00007ffff70fe408 <__GI_raise+24>: mov $0xf000000,%edx
0x00007ffff70fe40d <__GI_raise+29>: add $0x8964c189,%eax
0x00007ffff70fe412 <__GI_raise+34>: add $0x25,%al
0x00007ffff70fe414 <__GI_raise+36>: rolb (%rdx)
0x00007ffff70fe416 <__GI_raise+38>: add %al,(%rax)
0x00007ffff70fe418 <__GI_raise+40>: movslq %eax,%rsi
0x00007ffff70fe41b <__GI_raise+43>: movslq %edi,%rdx
0x00007ffff70fe41e <__GI_raise+46>: mov $0xea,%eax
0x00007ffff70fe423 <__GI_raise+51>: movslq %ecx,%rdi
0x00007ffff70fe426 <__GI_raise+54>: syscall
=> 0x00007ffff70fe428 <__GI_raise+56>: cmp $0xfffffffffffff000,%rax
0x00007ffff70fe42e <__GI_raise+62>: ja 0x7ffff70fe450
<__GI_raise+96>
0x00007ffff70fe430 <__GI_raise+64>: repz retq
0x00007ffff70fe432 <__GI_raise+66>: nopw 0x0(%rax,%rax,1)
0x00007ffff70fe438 <__GI_raise+72>: test %ecx,%ecx
0x00007ffff70fe43a <__GI_raise+74>: jg 0x7ffff70fe41b
<__GI_raise+43>
0x00007ffff70fe43c <__GI_raise+76>: mov %ecx,%edx
0x00007ffff70fe43e <__GI_raise+78>: neg %edx
0x00007ffff70fe440 <__GI_raise+80>: and $0x7fffffff,%ecx
0x00007ffff70fe446 <__GI_raise+86>: cmove %esi,%edx
End of assembler dump.
}}}
--
Ticket URL: <https://trac.ffmpeg.org/ticket/6611>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list