GNOME Bugzilla – Bug 753902
gstgl: make check fails for NVIDIA driver
Last modified: 2016-11-15 05:05:27 UTC
When i run make check for bad plugins, the gl elements fail with the below error *** Error in `/home/vineethtm/gst/master/gst-plugins-bad/tests/check/libs/.libs/lt-gstglcontext': double free or corruption (fasttop): 0x43200468 *** *** Error in `/home/vineethtm/gst/master/gst-plugins-bad/tests/check/libs/.libs/lt-gstglcontext': double free or corruption (fasttop): 0x43200468 *** This happens only with NVIDIA driver(version 346.82. It happened with older version 340.76 as well). If i change to Nouveau driver, it doesn't give any issue. This seems to happen only with gst_gl_context_create (context, 0, &error); when 0/NULL is passed as the shared context. Lets take example of test_share in gstglcontext.c test file I removed everything else and just ran GST_START_TEST (test_share) { GstGLContext *context; GstGLWindow *window; GError *error = NULL; context = gst_gl_context_new (display); window = gst_gl_window_new (display); gst_gl_context_set_window (context, window); gst_gl_context_create (context, 0, &error); gst_object_unref (window); gst_object_unref (context); } This gives the same failure. If i just comment the line gst_gl_context_create (context, 0, &error);, then it does not fail. It does not fail even if i comment either of the window/context unref functions. But that will cause memory leak i guess. I debugged a bit. but could not find anything. It is using context_glx and window_x11
1. What happens in valgrind? 2. Are you running with GST_GL_XINITTHREADS=1 ?
With or without GST_GL_XINITTHREADS=1 there is same issue. With valgrind, i get below error. ==14008== Conditional jump or move depends on uninitialised value(s) ==14008== at 0x5F21527: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x5EB8A67: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x5EBB56B: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x6046E88: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x6048979: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x5EF2880: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x5EF2B28: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x6047912: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x602F3AD: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x5B56F5D: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x6037559: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x5A9D103: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== Uninitialised value was created by a heap allocation ==14008== at 0x402C17C: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==14008== by 0x468AA21: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14008== by 0x5FDFA9B: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x5F1AE16: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x5E8DAA7: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14008== by 0x4636472: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14008== by 0x46600B9: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14008== by 0x4664CDF: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14008== by 0x465B2C2: glXCreateContextAttribsARB (in /usr/lib/nvidia-346/libGL.so.346.82) ==14008== by 0x406D46C: gst_gl_context_glx_create_context (gstglcontext_glx.c:176) ==14008== by 0x4048D7E: gst_gl_context_create_thread (gstglcontext.c:1290) ==14008== by 0x424B9A9: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.4002.0)
The valgrind i posted in comment 2 happens with the original test_share test case. But with the changes i made as mentioned in comment 2, the above error does not happen. They might not be related as such. With only those changes for test_share, i get only few memory leaks, other than that valgrind doesn't complain much. ==14866== 20 (12 direct, 8 indirect) bytes in 1 blocks are definitely lost in loss record 855 of 1,585 ==14866== at 0x402E109: calloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==14866== by 0x468C52E: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x5AF53F0: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14866== by 0x5EF0384: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14866== by 0x46678CB: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x4668DE4: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x400ED36: call_init.part.0 (dl-init.c:64) ==14866== by 0x400EE63: _dl_init (dl-init.c:36) ==14866== by 0x400110E: ??? (in /lib/i386-linux-gnu/ld-2.19.so) ==14866== ==14866== 82 bytes in 1 blocks are definitely lost in loss record 1,509 of 1,585 ==14866== at 0x402C17C: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==14866== by 0x43819C7: strdup (strdup.c:42) ==14866== by 0x4687433: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x4668F2E: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x400ED36: call_init.part.0 (dl-init.c:64) ==14866== by 0x400EE63: _dl_init (dl-init.c:36) ==14866== by 0x400110E: ??? (in /lib/i386-linux-gnu/ld-2.19.so) ==14866== ==14866== 84 bytes in 1 blocks are definitely lost in loss record 1,513 of 1,585 ==14866== at 0x402E109: calloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==14866== by 0x468C52E: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x5EF0443: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14866== by 0x46678CB: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x4668DE4: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x400ED36: call_init.part.0 (dl-init.c:64) ==14866== by 0x400EE63: _dl_init (dl-init.c:36) ==14866== by 0x400110E: ??? (in /lib/i386-linux-gnu/ld-2.19.so) ==14866== ==14866== 139,159 bytes in 1 blocks are definitely lost in loss record 1,585 of 1,585 ==14866== at 0x402E109: calloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==14866== by 0x468C52E: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x5E988F2: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14866== by 0x5ABC8A9: ??? (in /usr/lib/nvidia-346/libnvidia-glcore.so.346.82) ==14866== by 0x465FD34: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x4667903: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x4668DE4: ??? (in /usr/lib/nvidia-346/libGL.so.346.82) ==14866== by 0x400ED36: call_init.part.0 (dl-init.c:64) ==14866== by 0x400EE63: _dl_init (dl-init.c:36) ==14866== by 0x400110E: ??? (in /lib/i386-linux-gnu/ld-2.19.so)
If i use GST_CHECKS=test_share G_SLICE=always-malloc valgrind --tool=memcheck make libs/gstglcontext.check It does not fail with valgrind. But if i remove always-malloc GST_CHECKS=test_share valgrind --tool=memcheck make libs/gstglcontext.check it fails!!!!
You always want G_SLICE=always-malloc with valgrind otherwise valgrind gets confused very quickly with GLib's slice allocator. There's also the .valgrind target for tests which will set all this up as required. e.g. GST_GL_XINITTHREADS=1 make libs/gstglcontext.valgrind See 'make help' in the tests/check directory of any module for more information. Nothing obvious stands out from the valgrind logs. You can try debugging with the .gdb target on the test and see where the double free comes from.
it does not fail when run with gdb! and as mentioned above, it does not fail with valgrind as well. But always fails in normal check.. Not sure how to proceed though.
This looks very much like a driver bug that's been fixed since as it doesn't happen here on the nvidia drivers.