After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 506643 - crash in fixate_value/gst_value_init_and_copy on empty list GValues
crash in fixate_value/gst_value_init_and_copy on empty list GValues
Status: RESOLVED DUPLICATE of bug 505799
Product: GStreamer
Classification: Platform
Component: gstreamer (core)
0.10.15
Other Linux
: Normal critical
: 0.10.16
Assigned To: GStreamer Maintainers
GStreamer Maintainers
Depends on:
Blocks:
 
 
Reported: 2008-01-01 01:00 UTC by Andrzej Szombierski
Modified: 2008-01-04 18:40 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Andrzej Szombierski 2008-01-01 01:00:47 UTC
GStreamer fails an assertion and then crashes on the following pipeline: v4l2src ! fakesink

A relevant fragment of the stack-trace (gstreamer 0.10.16) :
  • #0 gst_value_init_and_copy
    at gstvalue.c line 3216
  • #1 fixate_value
    at gstpad.c line 2113
  • #2 gst_pad_default_fixate
    at gstpad.c line 2151
  • #3 gst_structure_foreach
    at gststructure.c line 914
  • #4 gst_pad_fixate_caps
    at gstpad.c line 2188

And the assertion: gst_value_list_get_value: assertion `index < gst_value_list_get_size (value)'.

When fixate_value finds a list, it attempts to read its first element, which doesn't exist. This triggers the assertion failed. Then the NULL value is passed to gst_value_init_and_copy, which crashes gstreamer. It's quite possible that the empty list itself is a sign of a problem with the v4l2src, but gstreamer should survive such problems. Unfortunately I don't really understand what fixate_value is supposed to do, so I can't fix it myself.
The last line of the debug output confirms that an empty list triggers the bug: 
gstv4l2src.c:384:gst_v4l2src_fixate:<v4l2src0> fixating caps video/x-raw-yuv, format=(fourcc)UYVY, width=(int)640, height=(int)480, framerate=(int){  }

This seems related to the 505799 bug, although I'm not sure if it's the same problem.
Comment 1 Wim Taymans 2008-01-04 18:39:36 UTC
I fixed the crasher but the main reason is that the framerate is not detected correctly.

        * gst/gstpad.c: (fixate_value):
        Don't crash when trying to fixate and empty list.
        Fixes #506643.


*** This bug has been marked as a duplicate of 505799 ***