After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 783647 - gst-omx: Segfault in gst_omx_memory_map()
gst-omx: Segfault in gst_omx_memory_map()
Status: RESOLVED INCOMPLETE
Product: GStreamer
Classification: Platform
Component: gst-omx
git master
Other Linux
: Normal normal
: git master
Assigned To: GStreamer Maintainers
GStreamer Maintainers
Depends on:
Blocks:
 
 
Reported: 2017-06-10 22:43 UTC by minfrin
Modified: 2018-05-07 15:55 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
Fail gracefully if any of the components of GstOMXMemory is NULL (946 bytes, patch)
2017-06-10 22:49 UTC, minfrin 		none Details | Review

Description minfrin 2017-06-10 22:43:06 UTC 
From time to time, we segfault inside gst_omx_memory_map() as below.

Most specifically, omem->buf->omx_buf is NULL.

x #5  0x71b669bc in gst_omx_memory_map (mem=0x71a4cf18, maxsize=470016, flags=GST_MAP_READ) at gstomxbufferpool.c:81
81	  return omem->buf->omx_buf->pBuffer + omem->mem.offset;
(gdb) print omem
$1 = (GstOMXMemory *) 0x71a4cf18
(gdb) print omem->buf
$2 = (GstOMXBuffer *) 0x74c161c0
(gdb) print omem->buf->omx_buf
$3 = (OMX_BUFFERHEADERTYPE *) 0x0
(gdb) print omem->mem.offset
$4 = 0

The stacktrace is as below.

+ Trace 237566

  • #0 nanosleep
    at ../sysdeps/unix/syscall-template.S line 81
  • #1 g_usleep
    at /build/glib2.0-tTvduh/glib2.0-2.42.1/./glib/gtimer.c line 259
  • #2 fault_spin
    at gst-launch.c line 113
  • #3 fault_handler_sighandler
    at gst-launch.c line 94
  • #4 <signal handler called>
  • #5 gst_omx_memory_map
    at gstomxbufferpool.c line 81
  • #6 gst_memory_map
    at gstmemory.c line 306
  • #7 _fallback_mem_copy
    at gstallocator.c line 99
  • #8 gst_memory_copy
    at gstmemory.c line 373
  • #9 gst_buffer_copy_into
  • #10 gst_buffer_copy_with_flags
  • #11 _gst_buffer_copy
    at gstbuffer.c line 675
  • #12 gst_mini_object_copy
    at gstminiobject.c line 145
  • #13 gst_mini_object_make_writable
    at gstminiobject.c line 314
  • #14 gst_video_rate_flush_prev
    at gstvideorate.c line 643
  • #15 gst_video_rate_transform_ip
    at gstvideorate.c line 1460
  • #16 default_generate_output
    at gstbasetransform.c line 2118
  • #17 gst_base_transform_chain
    at gstbasetransform.c line 2276
  • #18 gst_pad_chain_data_unchecked
    at gstpad.c line 4205
  • #19 gst_pad_push_data
    at gstpad.c line 4457
  • #20 gst_pad_push
    at gstpad.c line 4576
  • #21 gst_base_transform_chain
    at gstbasetransform.c line 2312
  • #22 gst_pad_chain_data_unchecked
    at gstpad.c line 4205
  • #23 gst_pad_push_data
    at gstpad.c line 4457
  • #24 gst_pad_push
    at gstpad.c line 4576
  • #25 gst_base_transform_chain
    at gstbasetransform.c line 2312
  • #26 gst_pad_chain_data_unchecked
    at gstpad.c line 4205
  • #27 gst_pad_push_data
    at gstpad.c line 4457
  • #28 gst_pad_push
    at gstpad.c line 4576
  • #29 gst_base_transform_chain
    at gstbasetransform.c line 2312
  • #30 gst_pad_chain_data_unchecked
    at gstpad.c line 4205
  • #31 gst_pad_push_data
    at gstpad.c line 4457
  • #32 gst_pad_push
    at gstpad.c line 4576
  • #33 gst_stream_splitter_chain
    at gststreamsplitter.c line 140
  • #34 gst_pad_chain_data_unchecked
    at gstpad.c line 4205
  • #35 gst_pad_push_data
    at gstpad.c line 4457
  • #36 gst_pad_push
    at gstpad.c line 4576
  • #37 gst_queue_push_one
    at gstqueue.c line 1365
  • #38 gst_queue_loop
    at gstqueue.c line 1517
  • #39 gst_task_func
    at gsttask.c line 332
  • #40 default_func
    at gsttaskpool.c line 69
  • #41 g_thread_pool_thread_proxy
    at /build/glib2.0-tTvduh/glib2.0-2.42.1/./glib/gthreadpool.c line 307
  • #42 g_thread_proxy
    at /build/glib2.0-tTvduh/glib2.0-2.42.1/./glib/gthread.c line 764
  • #43 start_thread
    at pthread_create.c line 311
  • #44 ??
    at ../ports/sysdeps/unix/sysv/linux/arm/nptl/../clone.S line 92 






Comment 1


minfrin





          2017-06-10 22:49:58 UTC
        



Created attachment 353549 [details] [review]
Fail gracefully if any of the components of GstOMXMemory is  NULL

Avoid the segfault by gracefully returning NULL.

This is in turn checked in gstmemory.c for NULL, which handles the error.






Comment 2


Sebastian Dröge (slomo)





          2017-06-12 06:41:56 UTC
        



The question is rather *why* is it NULL. It should never be NULL at that point. Can you debug that, and e.g. check from a debug log?






Comment 3


Sebastian Dröge (slomo)





          2018-05-07 15:55:39 UTC
        



Closing this bug report as no further information has been provided. Please feel free to reopen this bug report if you can provide the information that was asked for in a previous comment.
Thanks!