Bug 762229 - media-libs/gstreamer-1.16.2 crashes with double free after rtp / HEVC content playing (via media-plugins/gst-plugins-libde265 ? or media-video/ffmpeg-4.3.1 ) )
Summary: media-libs/gstreamer-1.16.2 crashes with double free after rtp / HEVC content...
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: AMD64 Linux
: Normal normal (vote)
Assignee: GStreamer package maintainers
Depends on:
Reported: 2020-12-28 13:17 UTC by Bas Nedermeijer
Modified: 2020-12-28 13:53 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Description Bas Nedermeijer 2020-12-28 13:17:22 UTC
When playing or decoding a h265 stream (from rtp) on my computer a double-free occurs when the stream is being asked to stop.

This happens when using the gst-launch-1.0 utility. (sidenote; I found out when using the python bindings)

URL is a local stream from a camera, which serves h265 (this does not happen when using h264).

** Possible fix in FFMPEG? **

Since this problem only occurred for me since I have a 16-core processor, this got me thinking and I have done some (well, hours of) debugging, the furthest I have come is to change the following line in ffmpeg code.

#define MAX_NB_THREADS 16

I changed this to 64, and the problem disappears for me. But I am not familiar enough to know if it is a good solution, but I thought I would share.

Reproducible: Always

Steps to Reproduce:
1.  gst-launch-1.0 -e -m -v rtspsrc location=${URL} name=src latency=300 src. ! "application/x-rtp, media=(string)audio" ! decodebin ! audioconvert ! fakesink silent=false src. ! "application/x-rtp, media=(string)video" ! decodebin ! videoconvert ! autovideosink silent=false
Actual Results:  
Interrupt: Stopping pipeline ...
Interrupt while waiting for EOS - stopping pipeline...
Execution ended after 0:00:50.867978910
Setting pipeline to PAUSED ...
Setting pipeline to READY ...
double free or corruption (out) line 9: 249854 Aborted                 gst-launch-1.0 -e -m -v rtspsrc location=${URL} name=src latency=300 src. ! "application/x-rtp, media=(string)audio" ! decodebin ! audioconvert ! fakesink silent=false src. ! "application/x-rtp, media=(string)video" ! decodebin ! videoconvert ! autovideosink silent=false

Expected Results:  
no  "double free or corruption (out)"  when stopping the application

Portage 3.0.12 (python 3.7.9-final-0, default/linux/amd64/17.1/desktop/plasma, gcc-8.4.0, glibc-2.32-r3, 5.8.14-gentoo-x86_64 x86_64)
System uname: Linux-5.8.14-gentoo-x86_64-x86_64-AMD_Ryzen_9_3950X_16-Core_Processor-with-gentoo-2.7
KiB Mem:    65838928 total,  16186720 free
KiB Swap:   41943036 total,  41807612 free
Timestamp of repository gentoo: Mon, 28 Dec 2020 02:00:01 +0000
Head commit of repository gentoo: ef702b63852166a476b5491e3fef407a97ed2481
Head commit of repository steam-overlay: 6ed5630096d43208168572264f204d40e6b2a5c0

sh bash 5.1_p4
ld GNU ld (Gentoo 2.32 p2) 2.32.0
app-shells/bash:          5.1_p4::gentoo
dev-java/java-config:     2.3.1::gentoo
dev-lang/perl:            5.30.3::gentoo
dev-lang/python:          2.7.18-r5::gentoo, 3.6.12-r1::gentoo, 3.7.9-r1::gentoo, 3.8.7::gentoo, 3.9.1::gentoo
dev-util/cmake:           3.19.2::gentoo
sys-apps/baselayout:      2.7-r1::gentoo
sys-apps/openrc:          0.42.1::gentoo
sys-apps/sandbox:         2.20::gentoo
sys-devel/autoconf:       2.13-r1::gentoo, 2.69-r5::gentoo
sys-devel/automake:       1.16.3-r1::gentoo
sys-devel/binutils:       2.32-r1::gentoo, 2.34-r2::gentoo, 2.35.1-r1::gentoo
sys-devel/gcc:            8.3.0-r3::gentoo, 8.4.0-r2::gentoo, 9.3.0::gentoo, 10.2.0-r4::gentoo
sys-devel/gcc-config:     2.3.2-r1::gentoo
sys-devel/libtool:        2.4.6-r6::gentoo
sys-devel/make:           4.3::gentoo
sys-kernel/linux-headers: 5.10::gentoo (virtual/os-headers)
sys-libs/glibc:           2.32-r3::gentoo

    location: /var/db/repos/gentoo
    sync-type: rsync
    sync-uri: rsync://
    priority: -1000
    sync-rsync-verify-metamanifest: yes
    sync-rsync-verify-max-age: 24
    sync-rsync-verify-jobs: 1

    location: /var/db/repos/portage-crossdev
    masters: gentoo
    priority: 10

    location: /var/lib/layman/brother-overlay
    masters: gentoo
    priority: 50

    location: /usr/local/portage/steam-overlay
    sync-type: git
    masters: gentoo
    priority: 50

Installed sets: @steam
CFLAGS="-march=native -O2 -pipe"
CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified.txt /usr/share/maven-bin-3.6/conf"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-march=native -O2 -pipe"
FCFLAGS="-march=native -O2 -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-march=native -O2 -pipe"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
USE="X a52 aac aalib accessibility acl acpi activities additions addressbook adns aiglx akonandi alsa amarok amd64 amr amrnb amrwb apache2 apm apng asf assisant assistant async asyncns augeas auto-hinter autoipd automount avahi bash-completion beagle berkdb binfilter bitmap-fonts blender-game bluetooth bluray boost branding bzip2 c++ cairo caps cdb cdda cdr cgi cgmanager chromecast clearcase cleartype cli clucene compressed-lumas connectionstatus consolekit contactnotes contacts corefonts corosync crypt css ctype cuda cups curl curlwrappers cxx dar32 dbox2 dbus declarative deprecated device-mapper dhcpcd disk-partition diskio doomsday dri dri3 dts dv dvd dvdnav dvdr dvdread dynamic dynamicplugin eac3 efiemu elogind embedded emboss emerald encode eselect evo examples exchange exif fastcgi festival ffmpeg fftw filepicker firefox3 flac fluidsynth font-server fontconfig fontforge fortran frei0r fts3 g3dvl gd gdbm gdu geolocation gif gimp glamor gles1 gles2 glitz glsa glusterfs gmp gnokii gnome gnutls google-gadgets gpac gpgme gphoto2 gpm graphviz gre gstreamer gtk3 gui hardcoded-tables haskell history horde howl-compat hp1018 http2 hwdb iconv icu imap imlib inline inotify introspection iproute2 iptv ipv6 irc jabber jack jadetex java java6 javafx jingle jpeg jpeg2k kde kdehiddenvisibility kdepim kdevelop kdrive keymap kipi kqemu kvm kwallet lame lcms ldap libass libcaca libglvnd libnotify libsamplerate libtirpc libv4l2 libwww lirc live lm_sensors log4j lua lvm lzma lzo mad maemo6 mailwrapper management matroska mbox mdnsresponder-compat melt metalink mhash midi mjpeg mmap mmx mmxext mng mozilla mp3 mp4 mpeg mpi mplayer mpm-threadpool mpm-worker msn mtp multilib multitarget mysql mythtv nas ncurses netapi netboot network nftables nls nptl nsplugin ntpl nut nvenc nvidia obex objc ocr odk offensive ofx ogg okteta old-daemons openal opencl opencv openexr opengl opengl-video opengl-xvmc openh264 openmp openni openvpn optimization osmesa overlays ovs pam pango parcheck parted pascal pcap pcre pdf pdfimport perl phonon php pic pipewire plasma png policykit portage postgres ppds ppp prison private-headers pth pulseaudio pvr python python2 qca qemu-block qml qt3support qt5 qthelp qtscript rar rdesktop rdp readline real realtime regex replytolist reports resolvconf romio rss rtc rtmp rtsp rubberband samba sasl scale0tilt scanner scenarios script sdl seamonkey seccomp secure-delete semantic-desktop server session shadow share sip sipim smbclient smp sms snmp sockets source speex spell spice split-usr sql sqlite sqlite3 sse sse2 sse3 ssl ssse3 startup-notification statistics stream strigi subversion suhosin svg taglib tcl tcltk tcpd templates test-programs theora threads threadsafe thumbnail thunar thunderbird tiff timidity tk tomcat tracker transcode truehd truetype truetype-fonts type1 type1-fonts udev udisks unicode upnp upower usb utempter uxa v4l v4l2 vaapi vdo vdpau vhosts video vim-syntax virgl visualization vnc vorbis vpx webdav webengine webinterface webkit webserver widgets win32codecs winbind wlm wxwidgets wxwindows x264 x265 xattr xcb xcomposite xforms xfs xkb xml xmp xprint xrandr xscreensaver xulrunner xv xvid xvmc zeroconf zlib" ABI_X86="64" ADA_TARGET="gnat_2018" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" CAMERAS="directory kodak_dc120 kodak_dc210 kodak_dc240 kodak_dc3200 kodak_ez200 ptp2 canon" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt sha sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="efi-64" INPUT_DEVICES="libinput" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-2 php7-3 php7-4" POSTGRES_TARGETS="postgres10 postgres11" PYTHON_SINGLE_TARGET="python3_7" PYTHON_TARGETS="python2_7 python3_8 python3_6 python3_7" RUBY_TARGETS="ruby25 ruby26" USERLAND="GNU" VIDEO_CARDS="nvidia virgl" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"