Bug 346663 – Segmentation error with fakesrc, fakesink and a filter

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 346663 - Segmentation error with fakesrc, fakesink and a filter


Summary:	Segmentation error with fakesrc, fakesink and a filter


Status:	VERIFIED FIXED

Product:	GStreamer
Classification:	Platform
Component:	gstreamer (core)
Version:	0.10.x
Hardware:	Other All

Importance:	Normal critical
Target Milestone:	0.10.9
Assigned To:	Wim Taymans
QA Contact:	GStreamer Maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2006-07-05 15:44 UTC by Peter Kjellerstedt
Modified:	2006-07-18 10:42 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Peter Kjellerstedt 2006-07-05 15:44:32 UTC

Steps to reproduce:
I get a segmentation error when I run the following command:

gst-launch fakesrc ! 'video/x-raw-yuv,format=(fourcc)YUY2,width=176,height=144' ! ffmpegcolorspace ! fakesink

It seems to be caused by gst_base_transform_prepare_output_buffer() being called with an in_buf with size 0 and out_size being 0, which causes a call to gst_buffer_create_sub() with size being 0, which in turn causes it to return NULL, which isn't handled...


Stack trace:

+ Trace 69204

#0 gst_caps_replace
at ../../../gstreamer/gst/gstcaps.c line 1581
#1 gst_base_transform_prepare_output_buffer
at ../../../../../gstreamer/libs/gst/base/gstbasetransform.c line 902
#2 gst_base_transform_handle_buffer
at ../../../../../gstreamer/libs/gst/base/gstbasetransform.c line 1337
#3 gst_base_transform_chain
at ../../../../../gstreamer/libs/gst/base/gstbasetransform.c line 1457
#4 gst_pad_chain
at ../../../gstreamer/gst/gstpad.c line 3232
#5 gst_pad_push
at ../../../gstreamer/gst/gstpad.c line 3348
#6 gst_base_src_loop
at ../../../../../gstreamer/libs/gst/base/gstbasesrc.c line 1497
#7 gst_task_func
at ../../../gstreamer/gst/gsttask.c line 193
#8 g_thread_pool_thread_proxy
at ../../../glib/glib/gthreadpool.c line 265
#9 g_thread_create_proxy
at ../../../glib/glib/gthread.c line 582
#10 pthread_start_thread
at libpthread/linuxthreads.old/manager.c line 311
#11 pthread_start_thread_event
at libpthread/linuxthreads.old/manager.c line 335
#12 clone
at libc/sysdeps/linux/cris/clone.S line 77



Other information:
The trace above was attained on an embedded box running on the CRIS architecture and using uClibc. However, the same segmentation error occurs with ix86 and glibc.

Comment 1 Wim Taymans 2006-07-05 17:02:41 UTC

yeah, that subbuffer size > 0 check is unneeded. working an fix and unit tests for various other 0 size related buffer stuff.

Comment 2 Wim Taymans 2006-07-05 17:11:10 UTC

This should fix the assert. No guarantee that the next element will handle a 0 sized buffer.


        * gst/gstbuffer.c: (_gst_buffer_copy), (gst_buffer_create_sub):
        * tests/check/gst/gstbuffer.c: (GST_START_TEST),
        (gst_buffer_suite):
        No point in checking if the size of the subbuffer > 0, the
        code handles it correclty as demonstrated by unit test.
        Also add a unit test for the zero sized _new_and_alloc and
        _copy. Fixes #346663.