GNOME Bugzilla – Bug 740672
queue2 : get_buffering_percent() returns negative percentage may cause segmentation fault
Last modified: 2017-07-14 15:20:31 UTC
Created attachment 291435 [details] [review] make sure percent >=0 before returning the buffering percent. get_buffering_percent() has chance to return a negative percentage value. then gst_message_new_buffering() in update_buffering() returns a NULL message, that will cause a segmentation fault in gst_message_set_buffering_stats().
How can the percentage ever be smaller than 0? The only possibility seems to be if the byte-based percentage is smaller than 0, which only happens if a negative amount of bytes is buffered or something is wrong in the ringbuffer calculations. In which situation did you get this?
(In reply to comment #1) > How can the percentage ever be smaller than 0? The only possibility seems to be > if the byte-based percentage is smaller than 0, which only happens if a > negative amount of bytes is buffered or something is wrong in the ringbuffer > calculations. > > In which situation did you get this? play a http streaming, then unplug the network cable. the interesting thing is once I add some printing in get_buffering_percent(). the segmentation fault will gone. so it's hard for me to check which part cause the negative value.
Can you try to provide a testcase? I can't reproduce this here like that. Your patch is obviously correct but there must be a deeper problem that it even gets to a negative percentage... and that problem should be fixed instead. If printf() does not help, try adding some g_assert() in there and when it happens in a debugger you can check things then... or if it also does not happen when running in a debugger, let it crash and create a coredump with which you can then inspect that state of the queue. Are you using queue2 in ringbuffer mode? Or with any other non-default property settings?
This looks familiar, I think it's been fixed since. Please re-open if it's still an issue in recent versions, thanks!