After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 694010 - qtdemux: crash with partial mp4 / moov atom
qtdemux: crash with partial mp4 / moov atom
Status: RESOLVED FIXED
Product: GStreamer
Classification: Platform
Component: gst-plugins-good
1.x
Other Linux
: Normal critical
: 1.0.6
Assigned To: GStreamer Maintainers
GStreamer Maintainers
Depends on:
Blocks:
 
 
Reported: 2013-02-17 07:50 UTC by Fabio
Modified: 2013-02-18 16:37 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Fabio 2013-02-17 07:50:03 UTC
Downstream at Launchpad:
https://bugs.launchpad.net/ubuntu/+source/totem/+bug/1103599

totem-video-thumbnailer crashed

ProblemType: Crash
DistroRelease: Ubuntu 13.04
Package: totem 3.6.3-0ubuntu2
ProcVersionSignature: Ubuntu 3.8.0-1.5-generic 3.8.0-rc4
Uname: Linux 3.8.0-1-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.8-0ubuntu2
Architecture: amd64
Date: Wed Jan 23 12:36:13 2013
ExecutablePath: /usr/bin/totem-video-thumbnailer
MarkForUpload: True
ProcCmdline: /usr/bin/totem-video-thumbnailer -s 128 file:///home/username/Radna%20povr%C5%A1ina/Jism.mp4.part /tmp/.gnome_desktop_thumbnail.GTWCRW
ProcEnviron:
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=hr_HR.UTF-8
 SHELL=/bin/bash
SegvAnalysis:
 Segfault happened at: 0x7f87810fab09 <gst_mini_object_unlock+41>: testb $0x1,0x10(%rdi)
 PC (0x7f87810fab09) ok
 source "$0x1" ok
 destination "0x10(%rdi)" (0x7f876a02c020) not located in a known VMA region (needed writable region)!
 Stack memory exhausted (SP below stack segment)
SegvReason: writing unknown VMA
Signal: 11
SourcePackage: totem
StacktraceTop:
 gst_mini_object_unlock () from /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
 ?? () from /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
 ?? () from /usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstisomp4.so
 ?? () from /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
 ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
Title: totem-video-thumbnailer crashed with SIGSEGV in gst_mini_object_unlock()
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo


StacktraceTop:
 gst_mini_object_unlock (object=0x7f876a02c010, flags=flags@entry=GST_LOCK_FLAG_EXCLUSIVE) at gstminiobject.c:241
 _gst_buffer_free (buffer=0x7f8760032230) at gstbuffer.c:530
 gst_buffer_unref (buf=<optimized out>) at /usr/include/gstreamer-1.0/gst/gstbuffer.h:350
 gst_qtdemux_loop_state_header (qtdemux=0x7f876006a130) at qtdemux.c:2785
 gst_qtdemux_loop (pad=0x7f878455d2a0) at qtdemux.c:3872
Comment 1 Bastien Nocera 2013-02-18 14:04:43 UTC
Looks like a crash in the ISO MP4/QuickTime demuxer.
Comment 2 Tim-Philipp Müller 2013-02-18 15:04:10 UTC
Can reproduce with truncated file.
Comment 3 Tim-Philipp Müller 2013-02-18 15:34:51 UTC
Will push a fix after lunch.
Comment 4 Tim-Philipp Müller 2013-02-18 16:37:07 UTC
commit 34b81f7c93fd09db77ebb58301de5ef967c15157
Author: Tim-Philipp Müller <tim.muller@collabora.co.uk>
Date:   Mon Feb 18 16:32:13 2013 +0000

    qtdemux: fix potential crash on short MOOV atom
    
    Don't unmap short MOOV atom buffer twice, which happened
    in the case where we don't fix up the MOOV atom.
    
    Fixes crashes when thumbnailing partial mp4 file where
    the MOOV atom is still incomplete.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=694010