After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 741115 - videomixer segfault when output height is smaller than input height and ypos is negative
videomixer segfault when output height is smaller than input height and ypos ...
Status: RESOLVED FIXED
Product: GStreamer
Classification: Platform
Component: gst-plugins-good
1.4.4
Other Linux
: Normal normal
: 1.5.1
Assigned To: GStreamer Maintainers
GStreamer Maintainers
Depends on:
Blocks:
 
 
Reported: 2014-12-04 14:55 UTC by Florent Thiéry
Modified: 2015-01-19 12:40 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Florent Thiéry 2014-12-04 14:55:23 UTC
The following crashes on all tested gsteamer versions, including 1.4.4; to reproduce:

gst-launch-1.0 videotestsrc ! "video/x-raw, width=(int)1280, height=(int)730, format=(string)I420, pixel-aspect-ratio=(fraction)1/1" ! videomixer sink_0::ypos=-25 ! "video/x-raw, width=(int)1280, height=(int)720" ! fakesink -v

Sample output:
fthiery@nanotop:~$ gst-launch-1.0 videotestsrc ! "video/x-raw, width=(int)1280, height=(int)730, format=(string)I420, pixel-aspect-ratio=(fraction)1/1" ! videomixer sink_0::ypos=-25 ! "video/x-raw, width=(int)1280, height=(int)720" ! fakesink -v
Setting pipeline to PAUSED ...
Pipeline is PREROLLING ...
/GstPipeline:pipeline0/GstVideoTestSrc:videotestsrc0.GstPad:src: caps = video/x-raw, format=(string)I420, width=(int)1280, height=(int)730, framerate=(fraction)30/1, pixel-aspect-ratio=(fraction)1/1, interlace-mode=(string)progressive
/GstPipeline:pipeline0/GstCapsFilter:capsfilter0.GstPad:src: caps = video/x-raw, format=(string)I420, width=(int)1280, height=(int)730, framerate=(fraction)30/1, pixel-aspect-ratio=(fraction)1/1, interlace-mode=(string)progressive
/GstPipeline:pipeline0/GstVideoMixer2:videomixer2-0.GstVideoMixer2Pad:sink_0: caps = video/x-raw, format=(string)I420, width=(int)1280, height=(int)730, framerate=(fraction)30/1, pixel-aspect-ratio=(fraction)1/1, interlace-mode=(string)progressive
/GstPipeline:pipeline0/GstCapsFilter:capsfilter0.GstPad:sink: caps = video/x-raw, format=(string)I420, width=(int)1280, height=(int)730, framerate=(fraction)30/1, pixel-aspect-ratio=(fraction)1/1, interlace-mode=(string)progressive
/GstPipeline:pipeline0/GstVideoMixer2:videomixer2-0.GstPad:src: caps = video/x-raw, format=(string)I420, width=(int)1280, height=(int)720, pixel-aspect-ratio=(fraction)1/1, interlace-mode=(string)progressive, colorimetry=(string)bt709, framerate=(fraction)30/1
/GstPipeline:pipeline0/GstCapsFilter:capsfilter1.GstPad:src: caps = video/x-raw, format=(string)I420, width=(int)1280, height=(int)720, pixel-aspect-ratio=(fraction)1/1, interlace-mode=(string)progressive, colorimetry=(string)bt709, framerate=(fraction)30/1
/GstPipeline:pipeline0/GstFakeSink:fakesink0.GstPad:sink: caps = video/x-raw, format=(string)I420, width=(int)1280, height=(int)720, pixel-aspect-ratio=(fraction)1/1, interlace-mode=(string)progressive, colorimetry=(string)bt709, framerate=(fraction)30/1
/GstPipeline:pipeline0/GstCapsFilter:capsfilter1.GstPad:sink: caps = video/x-raw, format=(string)I420, width=(int)1280, height=(int)720, pixel-aspect-ratio=(fraction)1/1, interlace-mode=(string)progressive, colorimetry=(string)bt709, framerate=(fraction)30/1
Pipeline is PREROLLED ...
Setting pipeline to PLAYING ...
New clock: GstSystemClock
Caught SIGSEGV
Spinning.  Please run 'gdb gst-launch-1.0 24273' to continue debugging, Ctrl-C to quit, or Ctrl-\ to dump core.
Comment 1 Florent Thiéry 2014-12-04 14:55:54 UTC
Conditions are unclear for now (a small negative value works...)
Comment 2 Thibault Saunier 2014-12-04 15:05:43 UTC
Same issue with compositor:

(gdb) t a a bt

Thread 3 (Thread 0x7f7feffff700 (LWP 8545))

  • #0 nanosleep
    at ../sysdeps/unix/syscall-template.S line 81
  • #1 g_usleep
    at gtimer.c line 259
  • #2 fault_handler_sighandler
    at gst-launch.c line 109
  • #3 fault_handler_sighandler
    at gst-launch.c line 90
  • #4 <signal handler called>
  • #5 __memcpy_avx_unaligned
    at ../sysdeps/x86_64/multiarch/memcpy-avx-unaligned.S line 193
  • #6 blend_i420
  • #7 gst_compositor_aggregate_frames
  • #8 gst_videoaggregator_aggregate
  • #9 aggregate_func
  • #10 g_main_context_dispatch
    at gmain.c line 3111
  • #11 g_main_context_dispatch
    at gmain.c line 3710
  • #12 g_main_context_iterate
    at gmain.c line 3781
  • #13 g_main_context_iteration
    at gmain.c line 3842
  • #14 gst_task_func
    at gsttask.c line 317
  • #15 g_thread_pool_thread_proxy
    at gthreadpool.c line 307
  • #16 g_thread_proxy
    at gthread.c line 764
  • #17 start_thread
    at pthread_create.c line 310
  • #18 clone
    at ../sysdeps/unix/sysv/linux/x86_64/clone.S line 109

Comment 3 Sebastian Dröge (slomo) 2014-12-04 15:07:39 UTC
Confirmed also with GIT master, and also with compositor. glvideomixer breaks with lots of assertions.
Comment 4 Vincent Penquerc'h 2015-01-19 12:40:58 UTC
Fixed, with the same commit also pushed to compositor in -bad.
Should blend functions not be in libgstvideo in -base ?

commit 84c44fceac88d1caa3f0dc29daa4c4c263f8c2d0
Author: Vincent Penquerc'h <vincent.penquerch@collabora.co.uk>
Date:   Mon Jan 19 12:34:25 2015 +0000

    videomixer: fix illegal memory access in blend function with negative ypos
    
    https://bugzilla.gnome.org/show_bug.cgi?id=741115