Opened 10 months ago
Last modified 10 months ago
#10439 new defect
Segmentation fault of ffprobe with the official static build for ts files with Debian 12
Reported by: | Stéphane Diemer | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | undetermined |
Version: | unspecified | Keywords: | SEGFAULT |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | no | |
Analyzed by developer: | no |
Description
Environment:
OS: Debian 12.
Media: All .ts files.
The problem was tested on many ts files (local files and files served on HTTPS).
How to reproduce:
# docker run -it --rm "debian:bookworm" /bin/bash apt update apt install -y wget xz-utils cd /tmp # Get static build files wget 'https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-amd64-static.tar.xz' tar -xf ffmpeg-release-amd64-static.tar.xz # Get a ts file wget 'https://test-streams.mux.dev/x36xhzz/url_6/url_846/193039199_mp4_h264_aac_hq_7.ts' /tmp/ffmpeg-6.0-amd64-static/ffprobe 193039199_mp4_h264_aac_hq_7.ts
Result:
root@951410b240f6:/tmp# /tmp/ffmpeg-6.0-amd64-static/ffprobe -v 9 -loglevel 99 193039199_mp4_h264_aac_hq_7.ts ffprobe version 6.0-static https://johnvansickle.com/ffmpeg/ Copyright (c) 2007-2023 the FFmpeg developers built with gcc 8 (Debian 8.3.0-6) configuration: --enable-gpl --enable-version3 --enable-static --disable-debug --disable-ffplay --disable-indev=sndio --disable-outdev=sndio --cc=gcc --enable-fontconfig --enable-frei0r --enable-gnutls --enable-gmp --enable-libgme --enable-gray --enable-libaom --enable-libfribidi --enable-libass --enable-libvmaf --enable-libfreetype --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-librubberband --enable-libsoxr --enable-libspeex --enable-libsrt --enable-libvorbis --enable-libopus --enable-libtheora --enable-libvidstab --enable-libvo-amrwbenc --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-libdav1d --enable-libxvid --enable-libzvbi --enable-libzimg libavutil 58. 2.100 / 58. 2.100 libavcodec 60. 3.100 / 60. 3.100 libavformat 60. 3.100 / 60. 3.100 libavdevice 60. 1.100 / 60. 1.100 libavfilter 9. 3.100 / 9. 3.100 libswscale 7. 1.100 / 7. 1.100 libswresample 4. 10.100 / 4. 10.100 libpostproc 57. 1.100 / 57. 1.100 [NULL @ 0x5975fc0] Opening '193039199_mp4_h264_aac_hq_7.ts' for reading [file @ 0x59767c0] Setting default whitelist 'file,crypto,data' Probing aac score:25 size:2048 Probing mp3 score:1 size:2048 Probing mpegts score:50 size:2048 [mpegts @ 0x5975fc0] Format mpegts probed with size=2048 and score=50 [mpegts @ 0x5975fc0] Probe: 8192, score: 44, dvhs_score: -2, fec_score: -2 [mpegts @ 0x5975fc0] Filter: pid=0x11 type=1 [mpegts @ 0x5975fc0] Filter: pid=0x0 type=1 [mpegts @ 0x5975fc0] Filter: pid=0x12 type=1 [mpegts @ 0x5975fc0] SDT: [mpegts @ 0x5975fc0] tag: 0x48 len=23 Segmentation fault (core dumped)
The "-report" option does not provide any additional information.
Debug information with strace:
root@951410b240f6:/tmp# strace /tmp/ffmpeg-6.0-amd64-static/ffprobe 193039199_mp4_h264_aac_hq_7.ts execve("/tmp/ffmpeg-6.0-amd64-static/ffprobe", ["/tmp/ffmpeg-6.0-amd64-static/ffp"..., "193039199_mp4_h264_aac_hq_7.ts"], 0x7ffed83b0148 /* 8 vars */) = 0 brk(NULL) = 0x6cef000 brk(0x6cf02c0) = 0x6cf02c0 arch_prctl(ARCH_SET_FS, 0x6cef980) = 0 uname({sysname="Linux", nodename="951410b240f6", ...}) = 0 set_tid_address(0x6cefc50) = 2843 set_robust_list(0x6cefc60, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x139db70, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x139d150}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x139dc00, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x139d150}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/tmp/ffmpeg-6.0-amd64-static/ffp"..., 4096) = 36 brk(0x6d112c0) = 0x6d112c0 brk(0x6d12000) = 0x6d12000 futex(0x54066ac, FUTEX_WAKE_PRIVATE, 2147483647) = 0 futex(0x54066b8, FUTEX_WAKE_PRIVATE, 2147483647) = 0 brk(0x6d33000) = 0x6d33000 getrandom("\x58", 1, GRND_NONBLOCK) = 1 stat("/etc/gnutls/config", 0x7ffd4bd01780) = -1 ENOENT (No such file or directory) brk(0x6d57000) = 0x6d57000 brk(0x6d52000) = 0x6d52000 ioctl(2, TCGETS, {c_iflag=ICRNL|IXON, c_oflag=NL0|CR0|TAB0|BS0|VT0|FF0|OPOST|ONLCR, c_cflag=B38400|CS8|CREAD, c_lflag=ISIG|ICANON|ECHO|ECHOE|ECHOK|IEXTEN|ECHOCTL|ECHOKE, ...}) = 0 ioctl(2, TCGETS, {c_iflag=ICRNL|IXON, c_oflag=NL0|CR0|TAB0|BS0|VT0|FF0|OPOST|ONLCR, c_cflag=B38400|CS8|CREAD, c_lflag=ISIG|ICANON|ECHO|ECHOE|ECHOK|IEXTEN|ECHOCTL|ECHOKE, ...}) = 0 write(2, "ffprobe version 6.0-static https"..., 61ffprobe version 6.0-static https://johnvansickle.com/ffmpeg/ ) = 61 write(2, " Copyright (c) 2007-2023 the FFm"..., 46 Copyright (c) 2007-2023 the FFmpeg developers) = 46 write(2, "\n", 1 ) = 1 write(2, " built with gcc 8 (Debian 8.3.0"..., 36 built with gcc 8 (Debian 8.3.0-6) ) = 36 write(2, " configuration: --enable-gpl --"..., 757 configuration: --enable-gpl --enable-version3 --enable-static --disable-debug --disable-ffplay --disable-indev=sndio --disable-outdev=sndio --cc=gcc --enable-fontconfig --enable-frei0r --enable-gnutls --enable-gmp --enable-libgme --enable-gray --enable-libaom --enable-libfribidi --enable-libass --enable-libvmaf --enable-libfreetype --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-librubberband --enable-libsoxr --enable-libspeex --enable-libsrt --enable-libvorbis --enable-libopus --enable-libtheora --enable-libvidstab --enable-libvo-amrwbenc --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-libdav1d --enable-libxvid --enable-libzvbi --enable-libzimg ) = 757 write(2, " libavutil 58. 2.100 / 58"..., 41 libavutil 58. 2.100 / 58. 2.100 ) = 41 write(2, " libavcodec 60. 3.100 / 60"..., 41 libavcodec 60. 3.100 / 60. 3.100 ) = 41 write(2, " libavformat 60. 3.100 / 60"..., 41 libavformat 60. 3.100 / 60. 3.100 ) = 41 write(2, " libavdevice 60. 1.100 / 60"..., 41 libavdevice 60. 1.100 / 60. 1.100 ) = 41 write(2, " libavfilter 9. 3.100 / 9"..., 41 libavfilter 9. 3.100 / 9. 3.100 ) = 41 write(2, " libswscale 7. 1.100 / 7"..., 41 libswscale 7. 1.100 / 7. 1.100 ) = 41 write(2, " libswresample 4. 10.100 / 4"..., 41 libswresample 4. 10.100 / 4. 10.100 ) = 41 write(2, " libpostproc 57. 1.100 / 57"..., 41 libpostproc 57. 1.100 / 57. 1.100 ) = 41 openat(AT_FDCWD, "193039199_mp4_h264_aac_hq_7.ts", O_RDONLY) = 3 fcntl(3, F_SETFD, FD_CLOEXEC) = 0 fstat(3, {st_mode=S_IFREG|0644, st_size=905784, ...}) = 0 lseek(3, 0, SEEK_SET) = 0 read(3, "G@\21\20\0B\360*\0\1\301\0\0\0\1\377\0\1\374\200\31H\27\1\nlumberj"..., 32768) = 32768 brk(0x6d77000) = 0x6d77000 futex(0x53f5be8, FUTEX_WAKE_PRIVATE, 2147483647) = 0 openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache", O_RDONLY) = 4 fstat(4, {st_mode=S_IFREG|0644, st_size=27028, ...}) = 0 mmap(NULL, 27028, PROT_READ, MAP_SHARED, 4, 0) = 0x7f03923d3000 close(4) = 0 futex(0x544da90, FUTEX_WAKE_PRIVATE, 2147483647) = 0 openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/gconv/ISO_6937.so", O_RDONLY|O_CLOEXEC) = 4 read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0644, st_size=26872, ...}) = 0 mmap(NULL, 28728, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f03923cb000 mmap(0x7f03923cc000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x1000) = 0x7f03923cc000 mmap(0x7f03923ce000, 12288, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3000) = 0x7f03923ce000 mmap(0x7f03923d1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x5000) = 0x7f03923d1000 close(4) = 0 openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4 fstat(4, {st_mode=S_IFREG|0644, st_size=4958, ...}) = 0 mmap(NULL, 4958, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f03923c9000 close(4) = 0 openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 4 read(4, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0Ps\2\0\0\0\0\0"..., 832) = 832 lseek(4, 64, SEEK_SET) = 64 read(4, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784) = 784 lseek(4, 848, SEEK_SET) = 848 read(4, "\4\0\0\0\20\0\0\0\5\0\0\0GNU\0\2\200\0\300\4\0\0\0\1\0\0\0\0\0\0\0", 32) = 32 lseek(4, 880, SEEK_SET) = 880 read(4, "\4\0\0\0\24\0\0\0\3\0\0\0GNU\0\4\1\275\215\246\355\253>E9\235bW\23W\253"..., 68) = 68 fstat(4, {st_mode=S_IFREG|0755, st_size=1922136, ...}) = 0 lseek(4, 64, SEEK_SET) = 64 read(4, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784) = 784 mmap(NULL, 1970000, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f03921e8000 mmap(0x7f039220e000, 1396736, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x26000) = 0x7f039220e000 mmap(0x7f0392363000, 339968, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x17b000) = 0x7f0392363000 mmap(0x7f03923b6000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x1ce000) = 0x7f03923b6000 mmap(0x7f03923bc000, 53072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f03923bc000 close(4) = 0 openat(AT_FDCWD, "/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2", O_RDONLY|O_CLOEXEC) = 4 read(4, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300\251\1\0\0\0\0\0"..., 832) = 832 fstat(4, {st_mode=S_IFREG|0755, st_size=210968, ...}) = 0 mmap(NULL, 209624, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f03921b4000 mmap(0x7f03921b5000, 151552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x1000) = 0x7f03921b5000 mmap(0x7f03921da000, 40960, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x26000) = 0x7f03921da000 mmap(0x7f03921e4000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x30000) = 0x7f03921e4000 close(4) = 0 mprotect(0x7f03921e4000, 8192, PROT_READ) = 0 mprotect(0x7f03923b6000, 16384, PROT_READ) = 0 mprotect(0x7f03923d1000, 4096, PROT_READ) = 0 --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x27020} --- +++ killed by SIGSEGV (core dumped) +++ Segmentation fault
Change History (2)
comment:1 by , 10 months ago
comment:2 by , 10 months ago
When I take a look at the ffprobe header, it shows that it has been compiled with an old version of gcc : 8.3.0.
Debian 11 comes with gcc 10.X and Debian 12 with gcc 12.X.
The problem is probably linked to these outdated libraries.
Note:
See TracTickets
for help on using tickets.
The problem also occurs on the latest build from the master branch: