Opened 2 months ago
Last modified 2 months ago
#11118 new defect
segfault when using ffprobe parse ts file on the host whose linux kernel is 6.8.0 and glibc is 2.39
| Reported by: | kaidilala | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | ffprobe |
| Version: | unspecified | Keywords: | |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | no | |
| Analyzed by developer: | no |
Description
Summary of the bug:
when using ffprobe parse ts file, it will segfault.
Both the latest ffprobe download from official and the ffprobe built from source code of FFmpeg4.3.1 will also segfault. It doesn't seem to be related to the specific TS file.
on my test environment linux kernel is 6.8.0, and glibc is 2.39.
we can use gdb for debug, and output stack details when segfault occurs:
Program received signal SIGSEGV, Segmentation fault.
0x000000000002a060 in ?? ()
(gdb) bt
#0 0x000000000002a060 in ?? ()
#1 0x000000000132c25a in call_init.part ()
#2 0x000000000132c361 in _dl_init ()
#3 0x00000000012ea3e5 in _dl_catch_exception ()
#4 0x000000000131bf8f in dl_open_worker ()
#5 0x00000000012ea388 in _dl_catch_exception ()
#6 0x000000000131b89a in _dl_open ()
#7 0x00000000012e8a96 in do_dlopen ()
#8 0x00000000012ea388 in _dl_catch_exception ()
#9 0x00000000012ea453 in _dl_catch_error ()
#10 0x00000000012e8f18 in libc_dlopen_mode ()
#11 0x000000000125c8a9 in gconv_find_shlib ()
#12 0x000000000125bf28 in find_module ()
#13 0x000000000125c525 in gconv_lookup_cache ()
#14 0x00000000012526e6 in gconv_find_transform ()
#15 0x0000000001251316 in gconv_open ()
#16 0x0000000001250ec8 in iconv_open ()
#17 0x000000000073e02c in getstr8 (pp=pp@entry=0x7fffffffdb60, p_end=p_end@entry=0x22e9b3c "=2L\355", '\377' <repeats 119 times>) at libavformat/mpegts.c:721
#18 0x0000000000740876 in sdt_cb (filter=<optimized out>, section=<optimized out>, section_len=<optimized out>) at libavformat/mpegts.c:2673
#19 0x000000000073e66f in write_section_data (buf=<optimized out>, buf_size=<optimized out>, is_start=<optimized out>, tss1=0x22e9a80, ts=0x22f9cc0)
at libavformat/mpegts.c:466
#20 write_section_data (ts=0x22f9cc0, tss1=0x22e9a80, buf=<optimized out>, buf_size=<optimized out>, is_start=<optimized out>) at libavformat/mpegts.c:415
#21 0x000000000073f6fc in handle_packet (ts=ts@entry=0x22f9cc0, packet=<optimized out>, pos=188) at libavformat/mpegts.c:2794
#22 0x000000000073f89f in handle_packets (ts=ts@entry=0x22f9cc0, nb_packets=26595) at libavformat/mpegts.c:2959
#23 0x0000000000741560 in mpegts_read_header (s=0x22e8b40) at libavformat/mpegts.c:3076
#24 0x00000000007c55f5 in avformat_open_input (ps=ps@entry=0x7fffffffdff8,
filename=filename@entry=0x7fffffffe51e "/home/nvme/inputs/container/Sunflower_1920x1080p30_600_h264.ts", fmt=<optimized out>,
options=options@entry=0x1fd99e0 <format_opts>) at libavformat/utils.c:627
#25 0x000000000048ab03 in open_input_file (print_filename=0x0, filename=0x7fffffffe51e "/home/nvme/inputs/container/Sunflower_1920x1080p30_600_h264.ts",
ifile=0x7fffffffe000) at fftools/ffprobe.c:2870
#26 probe_file (print_filename=0x0, filename=0x7fffffffe51e "/home/nvme/inputs/container/Sunflower_1920x1080p30_600_h264.ts", wctx=0x22e5d00) at fftools/ffprobe.c:3003
#27 main (argc=<optimized out>, argv=<optimized out>) at fftools/ffprobe.c:3722
(gdb)
How to reproduce:
% ffprobe -i xxx.ts -show_streams -print_format json you can use the latest ffprobe download from official for test.
Patches should be submitted to the ffmpeg-devel mailing list and not this bug tracker.
Attachments (1)
Change History (2)
by , 2 months ago
| Attachment: | dca947ed-412c-496b-aa8e-2c6a9cedff34.png added |
|---|
comment:1 by , 2 months ago
on my test environment linux kernel is 6.8.0, and glibc is 2.39, only this environment will hit this issue, I have tested on some other machine on which linux kernel is 5.15.0 and glibc is 2.31, it will success.
gdb info