[Bug 699518] Segfault inside either GStreamer or gst-plugins-base.

GStreamer (bugzilla.gnome.org) bugzilla at gnome.org
Mon Jul 21 12:53:31 PDT 2014 

https://bugzilla.gnome.org/show_bug.cgi?id=699518
  GStreamer | gstreamer (core) | git

--- Comment #12 from Stirling Westrup <swestrup at gmail.com> 2014-07-21 19:53:23 UTC ---
Not sure how to check the stride. However it looks like I was misquoting things
for Valgrind. Here's what I get now:

$ valgrind --suppressions=gstreamer/common/gst.supp
--suppressions=gst-libav/tests/check/gst-libav.supp
--suppressions=gst-plugins-base/tests/check/gst-plugins-base.supp
--suppressions=gst-plugins-good/tests/check/gst-plugins-good.supp
--suppressions=gst-plugins-bad/tests/check/gst-plugins-bad.supp
--suppressions=gst-plugins-ugly/tests/check/gst-plugins-ugly.supp
--read-var-info=yes --tool=memcheck --track-origins=yes --leak-check=full
--show-reachable=no --show-possibly-lost=no -- gst-launch-1.0 videotestsrc
pattern=black ! video/x-raw,width=1920,height=1080 ! clockoverlay
valignment=top halignment=left font-desc="Sans 8" time-format="%T %T %T %T %T
%T %T %T %T %T %T %T %T %T %T %T %T %T %T %T %T %T %T" ! videocrop right=540
bottom=540 ! xvimagesink display=:1.3
==20597== Memcheck, a memory error detector
==20597== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==20597== Using Valgrind-3.9.0 and LibVEX; rerun with -h for copyright info
==20597== Command: gst-launch-1.0 videotestsrc pattern=black !
video/x-raw,width=1920,height=1080 ! clockoverlay valignment=top
halignment=left font-desc=Sans\ 8 time-format=%T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\
%T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T ! videocrop
right=540 bottom=540 ! xvimagesink display=:1.3
==20597== 
GStreamer has detected that it is running inside valgrind.
It might now take different code paths to ease debugging.
Of course, this may also lead to different bugs.
Setting pipeline to PAUSED ...
Pipeline is PREROLLING ...
--20597-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0xf2
--20597-- warning: evaluate_Dwarf3_Expr: unhandled DW_OP_ 0xf2
==20597== Thread 3 videotestsrc0:sr:
==20597== Invalid write of size 2
==20597==    at 0x4C2CB96: memcpy@@GLIBC_2.14 (mc_replace_strmem.c:882)
==20597==    by 0xD160BD6: gst_video_crop_transform_frame (gstvideocrop.c:370)
==20597==    by 0x71F2BE6: gst_video_filter_transform (gstvideofilter.c:270)
==20597==    by 0x745A9E6: gst_base_transform_handle_buffer
(gstbasetransform.c:2117)
==20597==    by 0x745B221: gst_base_transform_chain (gstbasetransform.c:2224)
==20597==    by 0x4E9910D: gst_pad_push_data (gstpad.c:3836)
==20597==    by 0x7B149D7: gst_base_text_overlay_push_frame
(gstbasetextoverlay.c:1896)
==20597==    by 0x7B16E8F: gst_base_text_overlay_video_chain
(gstbasetextoverlay.c:2366)
==20597==    by 0x4E9910D: gst_pad_push_data (gstpad.c:3836)
==20597==    by 0x745B3E4: gst_base_transform_chain (gstbasetransform.c:2260)
==20597==    by 0x4E9910D: gst_pad_push_data (gstpad.c:3836)
==20597==    by 0x7453044: gst_base_src_loop (gstbasesrc.c:2835)
==20597==  Address 0x105b929c is not stack'd, malloc'd or (recently) free'd
==20597== 
Caught SIGSEGV
#0  0x0000000038140350 in ?? ()
#1  0x0000000000000008 in ?? ()
#2  0x00000008099b5e10 in ?? ()
#3  0x00000008099b5dd0 in ?? ()
#4  0x0000000039be6eb0 in ?? ()
#5  0x0000000000000007 in ?? ()
#6  0x0000000039be6ea0 in ?? ()
#7  0x0000000039fd09f8 in ?? ()
#8  0x0000000039fd0a88 in ?? ()
#9  0x0000000000000007 in ?? ()
#10 0x0000000000000001 in ?? ()
#11 0x0000000039fd09f8 in ?? ()
#12 0x00000000380eed67 in ?? ()
#13 0x0000000000000005 in ?? ()
#14 0x0000000000000001 in ?? ()
#15 0x00000000000000b8 in ?? ()
#16 0x0000000039fd0a40 in ?? ()
#17 0x0000000000000000 in ?? ()
==20602== 
==20602== HEAP SUMMARY:
==20602==     in use at exit: 6,590,084 bytes in 27,036 blocks
==20602==   total heap usage: 50,793 allocs, 23,757 frees, 14,314,314 bytes
allocated
==20602== 
==20602== Thread 1:
==20602== 2,340 (768 direct, 1,572 indirect) bytes in 1 blocks are definitely
lost in loss record 3,144 of 3,248
==20602==    at 0x4C2A7CE: realloc (vg_replace_malloc.c:687)
==20602==    by 0x88C8879: FcPatternObjectInsertElt (in
/usr/lib/x86_64-linux-gnu/libfontconfig.so.1.8.0)
==20602==    by 0x88C8F11: FcPatternObjectListAdd (in
/usr/lib/x86_64-linux-gnu/libfontconfig.so.1.8.0)
==20602==    by 0x88C622A: FcFontRenderPrepare (in
/usr/lib/x86_64-linux-gnu/libfontconfig.so.1.8.0)
==20602==    by 0x88C670F: FcFontMatch (in
/usr/lib/x86_64-linux-gnu/libfontconfig.so.1.8.0)
==20602==    by 0x86A2F4C: ??? (in
/usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0.3600.3)
==20602==    by 0x86A30AC: ??? (in
/usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0.3600.3)
==20602==    by 0x7F43FEF: ??? (in
/usr/lib/x86_64-linux-gnu/libpango-1.0.so.0.3600.3)
==20602==    by 0x7F44429: ??? (in
/usr/lib/x86_64-linux-gnu/libpango-1.0.so.0.3600.3)
==20602==    by 0x7F45207: pango_itemize_with_base_dir (in
/usr/lib/x86_64-linux-gnu/libpango-1.0.so.0.3600.3)
==20602==    by 0x7F4C27F: ??? (in
/usr/lib/x86_64-linux-gnu/libpango-1.0.so.0.3600.3)
==20602==    by 0x7F4E037: ??? (in
/usr/lib/x86_64-linux-gnu/libpango-1.0.so.0.3600.3)
==20602== 
==20602== LEAK SUMMARY:
==20602==    definitely lost: 768 bytes in 1 blocks
==20602==    indirectly lost: 2,826 bytes in 121 blocks
==20602==      possibly lost: 400 bytes in 2 blocks
==20602==    still reachable: 4,689,297 bytes in 2,551 blocks
==20602==         suppressed: 1,793,793 bytes in 24,013 blocks
==20602== Reachable blocks (those to which a pointer was found) are not shown.
==20602== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==20602== 
==20602== For counts of detected and suppressed errors, rerun with: -v
==20602== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 172 from 172)
Spinning.  Please run 'gdb gst-launch-1.0 20597' to continue debugging, Ctrl-C
to quit, or Ctrl-\ to dump core.

---

And this is what GDB has to say (when run by itself):

$ gdb --args gst-launch-1.0 videotestsrc pattern=black !
video/x-raw,width=1920,height=1080 ! clockoverlay valignment=top
halignment=left font-desc="Sans 8" time-format="%T %T %T %T %T %T %T %T %T %T
%T %T %T %T %T %T %T %T %T %T %T %T %T" ! videocrop right=540 bottom=540 !
xvimagesink display=:1.3GNU gdb (GDB) 7.6.2 (Debian 7.6.2-1.1+b1)
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/local/bin/gst-launch-1.0...done.
(gdb) r
Starting program: /usr/local/bin/gst-launch-1.0 videotestsrc pattern=black \!
video/x-raw,width=1920,height=1080 \! clockoverlay valignment=top
halignment=left font-desc=Sans\ 8 time-format=%T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\
%T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T\ %T \! videocrop
right=540 bottom=540 \! xvimagesink display=:1.3
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Setting pipeline to PAUSED ...
[New Thread 0x7fffef41f700 (LWP 20659)]
[New Thread 0x7fffeec1e700 (LWP 20660)]
Pipeline is PREROLLING ...
[New Thread 0x7fffee41d700 (LWP 20661)]
Pipeline is PREROLLED ...
Setting pipeline to PLAYING ...
New clock: GstSystemClock

(gst-launch-1.0:20654): GStreamer-CRITICAL **: gst_mini_object_lock: assertion
'GST_MINI_OBJECT_IS_LOCKABLE (object)' failed

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffeec1e700 (LWP 20660)]
0x00007ffff7b2d3f9 in gst_memory_copy (mem=0x7fffed791010, offset=0, size=-1)
at gstmemory.c:362
362       copy = mem->allocator->mem_copy (mem, offset, size);
(gdb) bt
#0  0x00007ffff7b2d3f9 in gst_memory_copy (mem=0x7fffed791010, offset=0,
size=-1) at gstmemory.c:362
#1  0x00007ffff7b2d4d1 in gst_memory_make_mapped (mem=0x7fffed791010,
info=0x7fffeec1d628, flags=GST_MAP_READ) at gstmemory.c:239
#2  0x00007ffff7b03816 in gst_buffer_map_range (buffer=0x9787e0, idx=0,
length=1, info=0x7fffeec1d628, flags=GST_MAP_READ) at gstbuffer.c:1560
#3  0x00007ffff6004b99 in default_map (meta=0x9705c8, plane=<optimized out>,
info=0x7fffeec1d628, data=0x7fffeec1d608, stride=0x7fffeec1d5b8,
flags=GST_MAP_READ) at gstvideometa.c:144
#4  0x00007ffff60012cf in gst_video_frame_map_id (frame=0x7fffed791010,
info=0x9705f8, buffer=0xffffffffffffffff, id=0, flags=(unknown: 49152)) at
video-frame.c:83
#5  0x00007ffff60177c1 in gst_video_overlay_composition_blend
(comp=0x7fffe0026c60, video_buf=0x7fffeec1d860) at
video-overlay-composition.c:489
#6  0x00007ffff56f9a6d in gst_base_text_overlay_push_frame (overlay=0x96e140,
video_frame=0x9786d0) at gstbasetextoverlay.c:1890
#7  0x00007ffff56fbe90 in gst_base_text_overlay_video_chain (pad=0x9622d0,
parent=0x96e140, buffer=0xffffffffffffffff) at gstbasetextoverlay.c:2366
#8  0x00007ffff7b3210e in gst_pad_chain_data_unchecked (data=<optimized out>,
type=<optimized out>, pad=<optimized out>) at gstpad.c:3836
#9  gst_pad_push_data (pad=0x962ff0, type=4117736640, data=0x9786d0) at
gstpad.c:4069
#10 0x00007ffff5dc23e5 in gst_base_transform_chain (pad=0x7fffed791010,
parent=0x976110, buffer=0x0) at gstbasetransform.c:2260
#11 0x00007ffff7b3210e in gst_pad_chain_data_unchecked (data=<optimized out>,
type=<optimized out>, pad=<optimized out>) at gstpad.c:3836
#12 gst_pad_push_data (pad=0x9620a0, type=4124844480, data=0x9786d0) at
gstpad.c:4069
#13 0x00007ffff5dba045 in gst_base_src_loop (pad=0x9620a0) at gstbasesrc.c:2835
#14 0x00007ffff7b5f477 in gst_task_func (task=0x98e050) at gsttask.c:317
#15 0x00007ffff73dd89c in g_thread_pool_thread_proxy (data=<optimized out>) at
/tmp/buildd/glib2.0-2.40.0/./glib/gthreadpool.c:307
#16 0x00007ffff73dcf15 in g_thread_proxy (data=0x974800) at
/tmp/buildd/glib2.0-2.40.0/./glib/gthread.c:764
#17 0x00007ffff6f560a4 in start_thread (arg=0x7fffeec1e700) at
pthread_create.c:309
#18 0x00007ffff6c8b04d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:111
(gdb)

-- 
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.

More information about the gstreamer-bugs mailing list