Update modules/stream_out/smem.c #2
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Remove p_pixels mutation
|
Please send your patches on our mailing list or come over our IRC channel. |
robUx4
pushed a commit
to robUx4/vlc
that referenced
this pull request
Jun 17, 2016
This reverts commit 9e9b227. The preparser must obviously outlive the playlist (and thus interfaces). This fixes use after free: ERROR: AddressSanitizer: heap-use-after-free on address 0x611000005548 at pc 0x7fad5e11bffa bp 0x7fad50daac10 sp 0x7fad50daac08 READ of size 8 at 0x611000005548 thread T1 #0 0x7fad5e11bff9 in playlist_preparser_fetcher_Push ../../src/playlist/preparser.c:128 #1 0x7fad5e0e7640 in libvlc_ArtRequest ../../src/libvlc.c:648 videolan#2 0x7fad5e10ad37 in PlayItem ../../src/playlist/thread.c:232 videolan#3 0x7fad5e10d167 in Next ../../src/playlist/thread.c:478 videolan#4 0x7fad5e10d448 in Thread ../../src/playlist/thread.c:501 #5 0x7fad5fba3463 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7463) #6 0x7fad5f6dce5c in clone (/lib/x86_64-linux-gnu/libc.so.6+0xe8e5c) 0x611000005548 is located 8 bytes inside of 208-byte region [0x611000005540,0x611000005610) freed by thread T0 here: #0 0x7fad60ea69d0 in free (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc19d0) #1 0x7fad5e11cf8f in playlist_preparser_Delete ../../src/playlist/preparser.c:184 videolan#2 0x7fad5e0e6b53 in libvlc_InternalCleanup ../../src/libvlc.c:512 videolan#3 0x7fad60b2ed14 in libvlc_release ../../lib/core.c:105 videolan#4 0x4024da in main ../../bin/vlc.c:275 #5 0x7fad5f6145ef in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x205ef) previously allocated by thread T0 here: #0 0x7fad60ea6ce8 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1ce8) #1 0x7fad5e11b3cd in playlist_preparser_New ../../src/playlist/preparser.c:74 videolan#2 0x7fad5e0e62a2 in libvlc_InternalInit ../../src/libvlc.c:374 videolan#3 0x7fad60b2e6d3 in libvlc_new ../../lib/core.c:59 videolan#4 0x4022dd in main ../../bin/vlc.c:228 #5 0x7fad5f6145ef in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x205ef) Thread T1 created by T0 here: #0 0x7fad60e15f19 in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x30f19) #1 0x7fad5e30d9f6 in vlc_clone_attr ../../src/posix/thread.c:484 videolan#2 0x7fad5e30dbd8 in vlc_clone ../../src/posix/thread.c:496 videolan#3 0x7fad5e1091a9 in playlist_Activate ../../src/playlist/thread.c:54 videolan#4 0x7fad5e1117a0 in playlist_Create ../../src/playlist/engine.c:299 #5 0x7fad5e106139 in intf_GetPlaylist ../../src/interface/interface.c:149 #6 0x7fad5e1061d9 in intf_InsertItem ../../src/interface/interface.c:165 videolan#7 0x7fad5e0e72f7 in GetFilenames ../../src/libvlc.c:605 videolan#8 0x7fad5e0e6979 in libvlc_InternalInit ../../src/libvlc.c:488 videolan#9 0x7fad60b2e6d3 in libvlc_new ../../lib/core.c:59 videolan#10 0x4022dd in main ../../bin/vlc.c:228 videolan#11 0x7fad5f6145ef in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x205ef) SUMMARY: AddressSanitizer: heap-use-after-free ../../src/playlist/preparser.c:128 in playlist_preparser_fetcher_Push
DaemonSnake
pushed a commit
to DaemonSnake/vlc
that referenced
this pull request
Jul 6, 2016
This fixes a crash (a Windows Exception) when VLC is run just after windows start and when an unactive device is activated. This issue is very hard to reproduce, here is the backtrace: #0 0x000007feb6ef2f2a in ntdll!ZwDelayExecution () from C:\Windows\SYSTEM32\ntdll.dll #1 0x000007feb42111f2 in SleepEx () from C:\Windows\system32\KernelBase.dll videolan#2 0x000007feb5f989b0 in SetStateVersion () from C:\Windows\system32\kernel32.dll videolan#3 0x000007feb4290ba7 in UnhandledExceptionFilter () from C:\Windows\system32\KernelBase.dll videolan#4 0x000007feb6fe9183 in ntdll!SbExecuteProcedure () from C:\Windows\SYSTEM32\ntdll.dll #5 0x000007feb6f14fea in ntdll!__C_specific_handler () from C:\Windows\SYSTEM32\ntdll.dll #6 0x000007feb6f1464d in ntdll!RtlLookupFunctionEntry () from C:\Windows\SYSTEM32\ntdll.dll videolan#7 0x000007feb6f1567c in ntdll!DbgPrint () from C:\Windows\SYSTEM32\ntdll.dll videolan#8 0x000007feb6f15b28 in ntdll!RtlRaiseException () from C:\Windows\SYSTEM32\ntdll.dll videolan#9 0x000007feb42289cc in RaiseException () from C:\Windows\system32\KernelBase.dll videolan#10 0x000007feb157278b in MMDevAPI!DllCanUnloadNow () from C:\Windows\System32\MMDevAPI.dll videolan#11 0x000007feb1574b24 in MMDevAPI!DllGetClassObject () from C:\Windows\System32\MMDevAPI.dll videolan#12 0x000007fea57e1c87 in DllGetClassObject () from C:\Windows\SYSTEM32\AudioSes.dll videolan#13 0x000007feb1575a15 in MMDevAPI!DllGetClassObject () from C:\Windows\System32\MMDevAPI.dll videolan#14 0x0000000054a71438 in ActivateDevice (opaque=<optimized out>, iid=<optimized out>, actparms=<optimized out>, pv=<optimized out>) at ../../extras/package/win32/../../../modules/audio_output/mmdevice.c:1018 ... Signed-off-by: Thomas Guillem <thomas@gllm.fr>
robUx4
referenced
this pull request
in robUx4/vlc
Sep 26, 2016
-- replaces https://patches.videolan.org/patch/14420/ * redo the API so that the structure is allocated and released via the API * add missing libvlc.sym changes * add API tests * media_player variables are not inherited replaces https://patches.videolan.org/patch/14457/ * warn the user the structure must be allocated with get_viewpoint() * get_viewpoint() returns the allocated structure directly * use libvlc_free instead of a release function * move the structure so it's in a libvlc video doc replaces https://patches.videolan.org/patch/14468/ * use an API entry to allocate the structure * get/set individually on the vout number, if no vout set the local variable that will be inherited when vout(s) will be created * get/set return error values and set an error string replaces https://patches.videolan.org/patch/14475/ * use msleep instead of sleep to wait for the vout in tests * use vlc_viewpoint rather than "viepoint" replaces https://patches.videolan.org/patch/14482/ * remove a NULL pointer check * more value checks in media_player tests replaces https://patches.videolan.org/patch/14491/ * the values are in radians replaces https://patches.videolan.org/patch/14482/ * rename vlc_viewpoint to vlc_viewpoint_t
vlc-altair
pushed a commit
that referenced
this pull request
Dec 21, 2017
==9090==ERROR: AddressSanitizer: heap-use-after-free on address 0x602000173170 at pc 0x7f8a86e19063 bp 0x7f8a7bbf9230 sp 0x7f8a7bbf89e0
READ of size 2 at 0x602000173170 thread T10
[000061200002c080] dbus interface debug: Getting All properties
[000061200002c080] dbus interface debug: Getting All properties
#0 0x7f8a86e19062 (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x3c062)
#1 0x7f8a84dda3b6 in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x1203b6)
#2 0x7f8a4d1bfef1 in XmlFile::ReadNextNode(demux_t*, xml_reader_t*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&) ../../modules/access/dcp/dcpparser.cpp:750
#3 0x7f8a4d1c0d82 in PKL::Parse() ../../modules/access/dcp/dcpparser.cpp:864
#4 0x7f8a4d1bbe32 in AssetMap::Parse() ../../modules/access/dcp/dcpparser.cpp:291
#5 0x7f8a4d1b2f7c in parseXML(demux_t*) ../../modules/access/dcp/dcp.cpp:1011
#6 0x7f8a4d1b2b12 in dcpInit(demux_t*) ../../modules/access/dcp/dcp.cpp:942
#7 0x7f8a4d1ad3c2 in Open ../../modules/access/dcp/dcp.cpp:326
#8 0x7f8a8653b97d in generic_start ../../src/modules/modules.c:356
#9 0x7f8a8653acd4 in module_load ../../src/modules/modules.c:183
#10 0x7f8a8653b328 in vlc_module_load ../../src/modules/modules.c:279
#11 0x7f8a8653bace in module_need ../../src/modules/modules.c:371
#12 0x7f8a8658c8c5 in demux_NewAdvanced ../../src/input/demux.c:270
#13 0x7f8a865c84c7 in InputDemuxNew ../../src/input/input.c:2403
#14 0x7f8a865c8e89 in InputSourceNew ../../src/input/input.c:2555
#15 0x7f8a865c15bf in Init ../../src/input/input.c:1303
#16 0x7f8a865bc641 in Run ../../src/input/input.c:498
#17 0x7f8a857ee493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
#18 0x7f8a8532cafe in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe8afe)
0x602000173170 is located 0 bytes inside of 12-byte region [0x602000173170,0x60200017317c)
freed by thread T10 here:
#0 0x7f8a86e9ea10 in free (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1a10)
#1 0x7f8a78a29181 in ReaderNextNode ../../modules/misc/xml/libxml.c:217
#2 0x7f8a4d1ba838 in xml_ReaderNextNode ../../include/vlc_xml.h:87
#3 0x7f8a4d1bfec2 in XmlFile::ReadNextNode(demux_t*, xml_reader_t*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&) ../../modules/access/dcp/dcpparser.cpp:744
#4 0x7f8a4d1c0d82 in PKL::Parse() ../../modules/access/dcp/dcpparser.cpp:864
#5 0x7f8a4d1bbe32 in AssetMap::Parse() ../../modules/access/dcp/dcpparser.cpp:291
#6 0x7f8a4d1b2f7c in parseXML(demux_t*) ../../modules/access/dcp/dcp.cpp:1011
#7 0x7f8a4d1b2b12 in dcpInit(demux_t*) ../../modules/access/dcp/dcp.cpp:942
#8 0x7f8a4d1ad3c2 in Open ../../modules/access/dcp/dcp.cpp:326
#9 0x7f8a8653b97d in generic_start ../../src/modules/modules.c:356
#10 0x7f8a8653acd4 in module_load ../../src/modules/modules.c:183
#11 0x7f8a8653b328 in vlc_module_load ../../src/modules/modules.c:279
#12 0x7f8a8653bace in module_need ../../src/modules/modules.c:371
#13 0x7f8a8658c8c5 in demux_NewAdvanced ../../src/input/demux.c:270
#14 0x7f8a865c84c7 in InputDemuxNew ../../src/input/input.c:2403
#15 0x7f8a865c8e89 in InputSourceNew ../../src/input/input.c:2555
#16 0x7f8a865c15bf in Init ../../src/input/input.c:1303
#17 0x7f8a865bc641 in Run ../../src/input/input.c:498
#18 0x7f8a857ee493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
lmartin-gpsw
pushed a commit
to G-P-S/vlc
that referenced
this pull request
Jan 11, 2018
==9090==ERROR: AddressSanitizer: heap-use-after-free on address 0x602000173170 at pc 0x7f8a86e19063 bp 0x7f8a7bbf9230 sp 0x7f8a7bbf89e0
READ of size 2 at 0x602000173170 thread T10
[000061200002c080] dbus interface debug: Getting All properties
[000061200002c080] dbus interface debug: Getting All properties
#0 0x7f8a86e19062 (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x3c062)
#1 0x7f8a84dda3b6 in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x1203b6)
videolan#2 0x7f8a4d1bfef1 in XmlFile::ReadNextNode(demux_t*, xml_reader_t*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&) ../../modules/access/dcp/dcpparser.cpp:750
videolan#3 0x7f8a4d1c0d82 in PKL::Parse() ../../modules/access/dcp/dcpparser.cpp:864
videolan#4 0x7f8a4d1bbe32 in AssetMap::Parse() ../../modules/access/dcp/dcpparser.cpp:291
#5 0x7f8a4d1b2f7c in parseXML(demux_t*) ../../modules/access/dcp/dcp.cpp:1011
#6 0x7f8a4d1b2b12 in dcpInit(demux_t*) ../../modules/access/dcp/dcp.cpp:942
videolan#7 0x7f8a4d1ad3c2 in Open ../../modules/access/dcp/dcp.cpp:326
videolan#8 0x7f8a8653b97d in generic_start ../../src/modules/modules.c:356
videolan#9 0x7f8a8653acd4 in module_load ../../src/modules/modules.c:183
videolan#10 0x7f8a8653b328 in vlc_module_load ../../src/modules/modules.c:279
videolan#11 0x7f8a8653bace in module_need ../../src/modules/modules.c:371
videolan#12 0x7f8a8658c8c5 in demux_NewAdvanced ../../src/input/demux.c:270
videolan#13 0x7f8a865c84c7 in InputDemuxNew ../../src/input/input.c:2403
videolan#14 0x7f8a865c8e89 in InputSourceNew ../../src/input/input.c:2555
videolan#15 0x7f8a865c15bf in Init ../../src/input/input.c:1303
videolan#16 0x7f8a865bc641 in Run ../../src/input/input.c:498
videolan#17 0x7f8a857ee493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
videolan#18 0x7f8a8532cafe in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe8afe)
0x602000173170 is located 0 bytes inside of 12-byte region [0x602000173170,0x60200017317c)
freed by thread T10 here:
#0 0x7f8a86e9ea10 in free (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1a10)
#1 0x7f8a78a29181 in ReaderNextNode ../../modules/misc/xml/libxml.c:217
videolan#2 0x7f8a4d1ba838 in xml_ReaderNextNode ../../include/vlc_xml.h:87
videolan#3 0x7f8a4d1bfec2 in XmlFile::ReadNextNode(demux_t*, xml_reader_t*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&) ../../modules/access/dcp/dcpparser.cpp:744
videolan#4 0x7f8a4d1c0d82 in PKL::Parse() ../../modules/access/dcp/dcpparser.cpp:864
#5 0x7f8a4d1bbe32 in AssetMap::Parse() ../../modules/access/dcp/dcpparser.cpp:291
#6 0x7f8a4d1b2f7c in parseXML(demux_t*) ../../modules/access/dcp/dcp.cpp:1011
videolan#7 0x7f8a4d1b2b12 in dcpInit(demux_t*) ../../modules/access/dcp/dcp.cpp:942
videolan#8 0x7f8a4d1ad3c2 in Open ../../modules/access/dcp/dcp.cpp:326
videolan#9 0x7f8a8653b97d in generic_start ../../src/modules/modules.c:356
videolan#10 0x7f8a8653acd4 in module_load ../../src/modules/modules.c:183
videolan#11 0x7f8a8653b328 in vlc_module_load ../../src/modules/modules.c:279
videolan#12 0x7f8a8653bace in module_need ../../src/modules/modules.c:371
videolan#13 0x7f8a8658c8c5 in demux_NewAdvanced ../../src/input/demux.c:270
videolan#14 0x7f8a865c84c7 in InputDemuxNew ../../src/input/input.c:2403
videolan#15 0x7f8a865c8e89 in InputSourceNew ../../src/input/input.c:2555
videolan#16 0x7f8a865c15bf in Init ../../src/input/input.c:1303
videolan#17 0x7f8a865bc641 in Run ../../src/input/input.c:498
videolan#18 0x7f8a857ee493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
(cherry picked from commit 1b1de3b)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
vlc-altair
pushed a commit
that referenced
this pull request
Feb 9, 2018
Updating the dialog will call processEvents, which could end up processing another dialog progress update, calling the event loop again, and so on until we stack overflow. Basically, having a modal progress dialog means that any user of that API could potentially cause stack overflows if update calls were to be unpaced. Part #2 of fixing #18640 and #17060
lmartin-gpsw
pushed a commit
to G-P-S/vlc
that referenced
this pull request
Feb 26, 2018
Updating the dialog will call processEvents, which could end up processing another dialog progress update, calling the event loop again, and so on until we stack overflow. Basically, having a modal progress dialog means that any user of that API could potentially cause stack overflows if update calls were to be unpaced. Part videolan#2 of fixing #18640 and #17060 (cherry picked from commit 55e6be0) Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
vlc-mirrorer
pushed a commit
that referenced
this pull request
Oct 19, 2018
Fix the following tsan report:
~/work/git/vlc/build-tsan/modules $ ./h2conn_test
==================
WARNING: ThreadSanitizer: data race (pid=20689)
Write of size 1 at 0x7b20000000a5 by thread T4:
#0 vlc_h2_stream_reset ../../modules/access/http/h2conn.c:206 (h2conn_test+0x8a6a)
#1 vlc_h2_recv_thread ../../modules/access/http/h2conn.c:676 (h2conn_test+0x9029)
#2 <null> <null> (libtsan.so.0+0x29b4d)
Previous read of size 1 at 0x7b20000000a5 by main thread (mutexes: write M12):
#0 vlc_h2_stream_wait ../../modules/access/http/h2conn.c:246 (h2conn_test+0x917d)
#1 vlc_http_stream_read_headers ../../modules/access/http/message.h:360 (h2conn_test+0x40ff)
#2 main ../../modules/access/http/h2conn_test.c:283 (h2conn_test+0x40ff)
Location is heap block of size 128 at 0x7b2000000080 allocated by main thread:
#0 malloc <null> (libtsan.so.0+0x2b1b3)
#1 vlc_h2_stream_open ../../modules/access/http/h2conn.c:404 (h2conn_test+0x9afc)
#2 vlc_http_stream_open ../../modules/access/http/conn.h:49 (h2conn_test+0x3be8)
#3 stream_open ../../modules/access/http/h2conn_test.c:124 (h2conn_test+0x3be8)
#4 main ../../modules/access/http/h2conn_test.c:280 (h2conn_test+0x40c3)
Mutex M12 (0x7b1800000030) created at:
#0 pthread_mutex_init <null> (libtsan.so.0+0x2c5bd)
#1 vlc_mutex_init ../../src/posix/thread.c:116 (libvlccore.so.9+0xeadba)
#2 vlc_h2_conn_create ../../modules/access/http/h2conn.c:736 (h2conn_test+0xa10e)
#3 conn_create ../../modules/access/http/h2conn_test.c:100 (h2conn_test+0x393c)
#4 main ../../modules/access/http/h2conn_test.c:165 (h2conn_test+0x3cd1)
Thread T4 (tid=20707, running) created by main thread at:
#0 pthread_create <null> (libtsan.so.0+0x2be2b)
#1 vlc_clone_attr ../../src/posix/thread.c:431 (libvlccore.so.9+0xeabcf)
#2 vlc_clone ../../src/posix/thread.c:443 (libvlccore.so.9+0xeb11b)
#3 vlc_h2_conn_create ../../modules/access/http/h2conn.c:739 (h2conn_test+0xa13a)
#4 conn_create ../../modules/access/http/h2conn_test.c:100 (h2conn_test+0x393c)
#5 main ../../modules/access/http/h2conn_test.c:165 (h2conn_test+0x3cd1)
The good news is that there is only 4 remaining tests to fix with tsan.
linkflowlab
referenced
this pull request
in linkflow-repo/nexx-lib-vlc
Nov 19, 2018
SquidLink
referenced
this pull request
in linkflow-repo/nexx-lib-vlc
Jan 30, 2019
SquidLink
referenced
this pull request
in linkflow-repo/nexx-lib-vlc
Jan 31, 2019
vlc-mirrorer
pushed a commit
that referenced
this pull request
Mar 13, 2019
assert(!ObjectHasChild(obj)) was causing the following data_race:
WARNING: ThreadSanitizer: data race (pid=18491)
Write of size 8 at 0x7b7000041888 by thread T7 (mutexes: write M150, write M148, write M18):
#0 vlc_list_add_between ../../include/vlc_list.h:75 (libvlccore.so.9+0xe4765)
#1 vlc_list_add_before ../../include/vlc_list.h:100 (libvlccore.so.9+0xe4765)
#2 vlc_list_append ../../include/vlc_list.h:112 (libvlccore.so.9+0xe4765)
#3 vlc_custom_create ../../src/misc/objects.c:247 (libvlccore.so.9+0xe4765)
#4 CreateDecoder ../../src/input/decoder.c:1765 (libvlccore.so.9+0x69538)
#5 decoder_New ../../src/input/decoder.c:2014 (libvlccore.so.9+0x69d1d)
#6 input_DecoderNew ../../src/input/decoder.c:2077 (libvlccore.so.9+0x6a7a4)
#7 EsOutCreateDecoder ../../src/input/es_out.c:1824 (libvlccore.so.9+0x7025d)
#8 EsOutSelectEs ../../src/input/es_out.c:1932 (libvlccore.so.9+0x706c2)
#9 EsOutSelect ../../src/input/es_out.c:2164 (libvlccore.so.9+0x716e6)
#10 EsOutVaControlLocked ../../src/input/es_out.c:2523 (libvlccore.so.9+0x77d57)
#11 EsOutControl ../../src/input/es_out.c:3208 (libvlccore.so.9+0x79f3e)
#12 es_out_vaControl ../../include/vlc_es_out.h:158 (libvlccore.so.9+0x7c1ba)
#13 es_out_Control ../../include/vlc_es_out.h:167 (libvlccore.so.9+0x7c1ba)
#14 CmdExecuteControl ../../src/input/es_out_timeshift.c:1556 (libvlccore.so.9+0x7c4a8)
#15 ControlLocked ../../src/input/es_out_timeshift.c:638 (libvlccore.so.9+0x7df40)
#16 Control ../../src/input/es_out_timeshift.c:764 (libvlccore.so.9+0x7e35c)
#17 es_out_vaControl ../../include/vlc_es_out.h:158 (libvlccore.so.9+0x7fd81)
#18 es_out_Control ../../include/vlc_es_out.h:167 (libvlccore.so.9+0x7fd81)
#19 es_out_SetMode ../../src/input/es_out.h:97 (libvlccore.so.9+0x82b25)
#20 InitPrograms ../../src/input/input.c:1304 (libvlccore.so.9+0x82b25)
#21 Init ../../src/input/input.c:1385 (libvlccore.so.9+0x8887c)
#22 Run ../../src/input/input.c:532 (libvlccore.so.9+0x89757)
Previous read of size 8 at 0x7b7000041888 by thread T20:
#0 vlc_list_it_next ../../include/vlc_list.h:229 (libvlccore.so.9+0xe42b9)
#1 ObjectHasChild ../../src/misc/objects.c:83 (libvlccore.so.9+0xe42b9)
#2 vlc_object_release ../../src/misc/objects.c:405 (libvlccore.so.9+0xe4adf)
#3 vlc_object_delete ../../include/vlc_objects.h:120 (libvlccore.so.9+0x59210)
#4 InvokeModule ../../src/preparser/fetcher.c:161 (libvlccore.so.9+0x59210)
#5 SearchArt ../../src/preparser/fetcher.c:188 (libvlccore.so.9+0x5925a)
#6 SearchByScope ../../src/preparser/fetcher.c:207 (libvlccore.so.9+0x5a029)
#7 SearchNetwork ../../src/preparser/fetcher.c:309 (libvlccore.so.9+0x5a068)
#8 FetcherThread ../../src/preparser/fetcher.c:338 (libvlccore.so.9+0x59153)
vlc-mirrorer
pushed a commit
that referenced
this pull request
Oct 1, 2019
There was various data-races between any avcodec threads and the pf_decode
thread. The scope of sem wait/post need to be increased. Indeed, dec->fmt_out,
pts, p_va must be accessed while being protected, the same for
lavc_UpdateVideoFormat() and decoder_NewPicture().
PS: decoder_QueuePicture() and picture_Release() don't have to be protected,
it's better to release the sempahore before calling it in order to unlock
avcodec threads while the picture is being queued.
WARNING: ThreadSanitizer: data race (pid=6962)
Write of size 4 at 0x7b800002001c by thread T14 (mutexes: write M499, write M491):
#0 date_Change ../../src/misc/mtime.c:83 (libvlccore.so.9+0xcec72)
#1 lavc_UpdateVideoFormat ../../modules/codec/avcodec/video.c:357 (libavcodec_plugin.so+0xc50fa)
#2 lavc_GetFrame ../../modules/codec/avcodec/video.c:1598 (libavcodec_plugin.so+0xc8d0e)
#3 get_buffer_internal src/libavcodec/decode.c:1940 (libavcodec_plugin.so+0x12b4f2)
#4 ff_get_buffer src/libavcodec/decode.c:1965 (libavcodec_plugin.so+0x12b4f2)
Previous read of size 4 at 0x7b800002001c by thread T18:
#0 date_Increment ../../src/misc/mtime.c:91 (libvlccore.so.9+0xceced)
#1 interpolate_next_pts ../../modules/codec/avcodec/video.c:798 (libavcodec_plugin.so+0xc4856)
#2 DecodeBlock ../../modules/codec/avcodec/video.c:1199 (libavcodec_plugin.so+0xc7f4e)
#3 DecodeVideo ../../modules/codec/avcodec/video.c:1357 (libavcodec_plugin.so+0xc8996)
#4 DecoderThread_DecodeBlock ../../src/input/decoder.c:1278 (libvlccore.so.9+0x5cac7)
#5 DecoderThread_ProcessInput ../../src/input/decoder.c:1400 (libvlccore.so.9+0x5ca99)
#6 DecoderThread ../../src/input/decoder.c:1676 (libvlccore.so.9+0x5cd69)
WARNING: ThreadSanitizer: data race (pid=6962)
Atomic write of size 8 at 0x7b4c0002fc70 by thread T18:
#0 __tsan_atomic64_fetch_sub ../../../../src/libsanitizer/tsan/tsan_interface_atomic.cc:646 (libtsan.so.0+0x648dd)
#1 picture_Release ../../include/vlc_picture.h:203 (libavcodec_plugin.so+0xc6aa8)
#2 lavc_ReleaseFrame ../../modules/codec/avcodec/video.c:1461 (libavcodec_plugin.so+0xc6aa8)
#3 buffer_replace src/libavutil/buffer.c:120 (libavcodec_plugin.so+0x999596)
#4 av_buffer_unref src/libavutil/buffer.c:130 (libavcodec_plugin.so+0x999596)
#5 DecoderThread_Flush ../../src/input/decoder.c:1420 (libvlccore.so.9+0x58c8e)
#6 DecoderThread ../../src/input/decoder.c:1581 (libvlccore.so.9+0x5ce24)
Previous write of size 8 at 0x7b4c0002fc70 by thread T12 (mutexes: write M494, write M491):
#0 malloc ../../../../src/libsanitizer/tsan/tsan_interceptors.cc:606 (libtsan.so.0+0x2b1a3)
#1 malloc ../../../../src/libsanitizer/tsan/tsan_interceptors.cc:601 (libtsan.so.0+0x2b1a3)
#2 picture_NewPrivate ../../src/misc/picture.c:200 (libvlccore.so.9+0xd3239)
#3 picture_NewFromResource ../../src/misc/picture.c:226 (libvlccore.so.9+0xd338c)
#4 picture_pool_ClonePicture ../../src/misc/picture_pool.c:109 (libvlccore.so.9+0xd4ba2)
#5 picture_pool_Wait ../../src/misc/picture_pool.c:271 (libvlccore.so.9+0xd5375)
#6 vout_GetPicture ../../src/video_output/video_output.c:326 (libvlccore.so.9+0xa9c2f)
#7 ModuleThread_NewVideoBuffer ../../src/input/decoder.c:605 (libvlccore.so.9+0x5af28)
#8 decoder_NewPicture ../../src/input/decoder_helpers.c:93 (libvlccore.so.9+0x5f8b6)
#9 lavc_dr_GetFrame ../../modules/codec/avcodec/video.c:1504 (libavcodec_plugin.so+0xc6b44)
#10 lavc_GetFrame ../../modules/codec/avcodec/video.c:1611 (libavcodec_plugin.so+0xc8d47)
#11 get_buffer_internal src/libavcodec/decode.c:1940 (libavcodec_plugin.so+0x12b4f2)
#12 ff_get_buffer src/libavcodec/decode.c:1965 (libavcodec_plugin.so+0x12b4f2)
WARNING: ThreadSanitizer: data race (pid=7336)
Read of size 4 at 0x7b8000021020 by thread T13 (mutexes: write M444, write M438):
#0 date_Change ../../src/misc/mtime.c:81 (libvlccore.so.9+0xcec41)
#1 lavc_UpdateVideoFormat ../../modules/codec/avcodec/video.c:357 (libavcodec_plugin.so+0xc50fa)
#2 lavc_GetFrame ../../modules/codec/avcodec/video.c:1598 (libavcodec_plugin.so+0xc8d0e)
#3 get_buffer_internal src/libavcodec/decode.c:1940 (libavcodec_plugin.so+0x12b4f2)
#4 ff_get_buffer src/libavcodec/decode.c:1965 (libavcodec_plugin.so+0x12b4f2)
Previous write of size 4 at 0x7b8000021020 by thread T18:
#0 date_Set ../../include/vlc_tick.h:260 (libavcodec_plugin.so+0xc7f38)
#1 DecodeBlock ../../modules/codec/avcodec/video.c:1197 (libavcodec_plugin.so+0xc7f38)
#2 DecodeVideo ../../modules/codec/avcodec/video.c:1357 (libavcodec_plugin.so+0xc8996)
#3 DecoderThread_DecodeBlock ../../src/input/decoder.c:1278 (libvlccore.so.9+0x5cac7)
#4 DecoderThread_ProcessInput ../../src/input/decoder.c:1400 (libvlccore.so.9+0x5ca99)
#5 DecoderThread ../../src/input/decoder.c:1676 (libvlccore.so.9+0x5cd69)
vlc-mirrorer
pushed a commit
that referenced
this pull request
Oct 2, 2019
Locks were used for reading but not for writting.
WARNING: ThreadSanitizer: data race (pid=1969)
Write of size 8 at 0x7b3c000005c8 by thread T6:
#0 input_rate_Add ../../src/input/stats.c:122 (libvlccore.so.9+0x93036)
#1 AStreamReadBlock ../../src/input/access.c:239 (libvlccore.so.9+0x55591)
#2 vlc_stream_ReadRaw ../../src/input/stream.c:439 (libvlccore.so.9+0x9333d)
#3 vlc_stream_ReadPartial ../../src/input/stream.c:462 (libvlccore.so.9+0x938e2)
#4 ThreadRead ../../modules/stream_filter/prefetch.c:89 (libprefetch_plugin.so+0x2f8d)
#5 Thread ../../modules/stream_filter/prefetch.c:253 (libprefetch_plugin.so+0x336f)
Previous read of size 8 at 0x7b3c000005c8 by thread T4 (mutexes: write M121):
#0 input_stats_Compute ../../src/input/stats.c:84 (libvlccore.so.9+0x92e4f)
#1 MainLoopStatistics ../../src/input/input.c:638 (libvlccore.so.9+0x75225)
#2 MainLoop ../../src/input/input.c:724 (libvlccore.so.9+0x7d8ac)
#3 Run ../../src/input/input.c:465 (libvlccore.so.9+0x7db97)
SquidLink
referenced
this pull request
in linkflow-repo/nexx-lib-vlc
Nov 29, 2019
linkflowlab
referenced
this pull request
in linkflow-repo/nexx-lib-vlc
Aug 26, 2020
vlc-mirrorer
pushed a commit
that referenced
this pull request
Dec 10, 2020
From asan report:
==774849==ERROR: AddressSanitizer: heap-use-after-free on address 0x6080000051a8 at pc 0x7f06d1d61af3 bp 0x7ffe464e1af0 sp 0x7ffe464e1ae0
WRITE of size 8 at 0x6080000051a8 thread T0
#0 0x7f06d1d61af2 in vlc_atomic_rc_dec ../../include/vlc_atomic.h:58
#1 0x7f06d1d61af2 in libvlc_release ../../lib/core.c:82
#2 0x55bc01a4167c in QtVLCWidget::cleanup() ../qtvlcwidget.cpp:253
#3 0x55bc01a439c1 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>, QtPrivate::List<>, void, void (QtVLCWidget::*)()>::call(void (QtVLCWidget::*)(), QtVLCWidget*, void**) /usr/include/qt/QtCore/qobjectdefs_impl.h:152
#4 0x55bc01a439c1 in void QtPrivate::FunctionPointer<void (QtVLCWidget::*)()>::call<QtPrivate::List<>, void>(void (QtVLCWidget::*)(), QtVLCWidget*, void**) /usr/include/qt/QtCore/qobjectdefs_impl.h:185
#5 0x55bc01a439c1 in QtPrivate::QSlotObject<void (QtVLCWidget::*)(), QtPrivate::List<>, void>::impl(int, QtPrivate::QSlotObjectBase*, QObject*, void**, bool*) /usr/include/qt/QtCore/qobjectdefs_impl.h:418
#6 0x7f06d0d86035 (/usr/lib/libQt5Core.so.5+0x2eb035)
#7 0x7f06d116db79 in QOpenGLContext::destroy() (/usr/lib/libQt5Gui.so.5+0x180b79)
#8 0x7f06d116de77 in QOpenGLContext::~QOpenGLContext() (/usr/lib/libQt5Gui.so.5+0x180e77)
#9 0x7f06d116de99 in QOpenGLContext::~QOpenGLContext() (/usr/lib/libQt5Gui.so.5+0x180e99)
#10 0x7f06d1874c0b (/usr/lib/libQt5Widgets.so.5+0x1bac0b)
#11 0x7f06d1874c94 in QOpenGLWidget::~QOpenGLWidget() (/usr/lib/libQt5Widgets.so.5+0x1bac94)
#12 0x55bc01a430e1 in QtVLCWidget::~QtVLCWidget() ../qtvlcwidget.cpp:237
#13 0x7f06d0d7936d in QObjectPrivate::deleteChildren() (/usr/lib/libQt5Core.so.5+0x2de36d)
#14 0x7f06d185104d in QWidget::~QWidget() (/usr/lib/libQt5Widgets.so.5+0x19704d)
#15 0x55bc01a40e25 in main ../main.cpp:27
#16 0x7f06d0513151 in __libc_start_main (/usr/lib/libc.so.6+0x28151)
#17 0x55bc01a40fed in _start (/home/alexandre/workspace/videolabs/vlc/doc/libvlc/QtGL/build/qtglvlc+0x5fed)
vlc-mirrorer
pushed a commit
that referenced
this pull request
Jan 3, 2021
Indirect leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x7f04fac97f41 in operator new(unsigned long) /build/gcc/src/gcc/libsanitizer/asan/asan_new_delete.cpp:99
#1 0x7f04e0928773 in VLCMenuBar::PopupMenu(intf_thread_t*, bool) ../../modules/gui/qt/menus/menus.cpp:864
#2 0x7f04e060c348 in DialogsProvider::sendKey(int) ../../modules/gui/qt/dialogs/dialogs_provider.cpp:814
#3 0x7f04de8cc4be in QObject::event(QEvent*) (/usr/lib/libQt5Core.so.5+0x2e24be)
#4 0x7f04df367751 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/libQt5Widgets.so.5+0x15a751)
vlc-mirrorer
pushed a commit
that referenced
this pull request
Mar 1, 2021
If a video filter has parameters, then a config_chain_t was leaked:
./vlc --video-filter='sharpen{sigma=0.05}' video.mkv
Direct leak of 24 byte(s) in 1 object(s) allocated from:
#0 0x7f37f3e8ee8f in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
#1 0x7f37f370b196 in config_ChainParseOptions ../../src/config/chain.c:198
#2 0x7f37f370b5c6 in config_ChainCreate ../../src/config/chain.c:245
#3 0x7f37f3839bb1 in ThreadChangeFilters ../../src/video_output/video_output.c:867
#4 0x7f37f383db35 in ThreadDisplayPicture ../../src/video_output/video_output.c:1362
#5 0x7f37f3840bfe in Thread ../../src/video_output/video_output.c:1785
#6 0x7f37f3d69ea6 in start_thread nptl/pthread_create.c:477
Co-authored-by: Romain Vimont <rom1v@videolabs.io>
Signed-off-by: Alexandre Janniaux <ajanni@videolabs.io>
vlc-mirrorer
pushed a commit
that referenced
this pull request
Nov 21, 2021
Each cuInit is leaking memory, and cuInit is supposed to be called only
once. Ensure it through a vlc_once_t wrapper, but since the function
table needs to be loaded in order to call into cuda functions, forward
some available device for the initialization.
Below, there is two leaks because of the double decoder device
allocation in debug mode. The first leak is leaked once, and is still
there. The second and third leaks are now reduced to a single one.
Direct leak of 65536 byte(s) in 1 object(s) allocated from:
#0 0x7febb6bf3652 in __interceptor_realloc /build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cpp:164
#1 0x7feb8b56828f (<unknown module>)
Direct leak of 56 byte(s) in 1 object(s) allocated from:
#0 0x7febb6bf3459 in __interceptor_calloc /build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cpp:154
#1 0x7feb89dc586a (/home/alexandre/workspace/videolabs/vlc-meson/build-native/modules/.libs/libskins2_plugin.so+0x2f1086a)
#2 0x7febb5f195c1 in decoder_device_Open ../../src/input/decoder_helpers.c:174
#3 0x7febb5e67106 in vlc_module_load ../../src/modules/modules.c:243
#4 0x7febb5f196e8 in vlc_decoder_device_Create ../../src/input/decoder_helpers.c:188
#5 0x7febb60a7435 in vout_GetDevice ../../src/video_output/video_output.c:2244
#6 0x7febb5ef7f26 in ModuleThread_GetDecoderDevice ../../src/input/decoder.c:608
#7 0x7feba02ee139 in decoder_GetDecoderDevice ../../include/vlc_codec.h:304
#8 0x7feba02fb51e in lavc_UpdateVideoFormat ../../modules/codec/avcodec/video.c:286
#9 0x7feba0313ff7 in ffmpeg_GetFormat ../../modules/codec/avcodec/video.c:1682
#10 0x7feb9f0bfe12 (/usr/lib/libavcodec.so.58+0x29ae12)
Direct leak of 56 byte(s) in 1 object(s) allocated from:
#0 0x7febb6bf3459 in __interceptor_calloc /build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cpp:154
#1 0x7feb8b5d386a (<unknown module>)
#2 0x7febb5f195c1 in decoder_device_Open ../../src/input/decoder_helpers.c:174
#3 0x7febb5e67106 in vlc_module_load ../../src/modules/modules.c:243
#4 0x7febb5f196e8 in vlc_decoder_device_Create ../../src/input/decoder_helpers.c:188
#5 0x7febb60a7435 in vout_GetDevice ../../src/video_output/video_output.c:2244
#6 0x7febb5ef7f26 in ModuleThread_GetDecoderDevice ../../src/input/decoder.c:608
#7 0x7feba02ee139 in decoder_GetDecoderDevice ../../include/vlc_codec.h:304
#8 0x7feba02fb51e in lavc_UpdateVideoFormat ../../modules/codec/avcodec/video.c:286
#9 0x7feba0313ff7 in ffmpeg_GetFormat ../../modules/codec/avcodec/video.c:1682
#10 0x7feb9f0bfe12 (/usr/lib/libavcodec.so.58+0x29ae12)
vlc-mirrorer
pushed a commit
that referenced
this pull request
Mar 10, 2022
Identified by a different invocation of ASAN than I'd previously used.
wrt. the second fix it seems `clear()` alone does not destroy these items.
```
Direct leak of 64560 byte(s) in 1345 object(s) allocated from:
#0 0x7f1f87268f37 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:99
#1 0x7f1f71099981 in ExpertPrefsTableModel::ExpertPrefsTableModel(module_t**, unsigned long, QWidget*) ../../modules/gui/qt/dialogs/preferences/expert_model.cpp:260
#2 0x7f1f710a32fa in PrefsDialog::setExpert() ../../modules/gui/qt/dialogs/preferences/preferences.cpp:106
#3 0x7f1f710a8851 in PrefsDialog::PrefsDialog(QWindow*, qt_intf_t*) ../../modules/gui/qt/dialogs/preferences/preferences.cpp:74
#4 0x7f1f70ee43e2 in DialogsProvider::prefsDialog() ../../modules/gui/qt/dialogs/dialogs_provider.cpp:253
#5 0x7f1f714f6f97 in DialogsProvider::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) gui/qt/dialogs/dialogs_provider.moc.cpp:268
#6 0x7f1f714f7c11 in DialogsProvider::qt_metacall(QMetaObject::Call, int, void**) gui/qt/dialogs/dialogs_provider.moc.cpp:388
#7 0x7f1f70568f1c (/lib/x86_64-linux-gnu/libQt5Qml.so.5+0x2c4f1c)
...
Direct leak of 1112 byte(s) in 122 object(s) allocated from:
#0 0x7f1f872127a7 in __interceptor_strdup ../../../../src/libsanitizer/asan/asan_interceptors.cpp:454
#1 0x7f1f710950f0 in ExpertPrefsTableItem::ExpertPrefsTableItem(module_config_t*, QString const&, QString const&, bool) ../../modules/gui/qt/dialogs/preferences/expert_model.cpp:61
#2 0x7f1f710999ac in ExpertPrefsTableModel::ExpertPrefsTableModel(module_t**, unsigned long, QWidget*) ../../modules/gui/qt/dialogs/preferences/expert_model.cpp:260
#3 0x7f1f710a32fa in PrefsDialog::setExpert() ../../modules/gui/qt/dialogs/preferences/preferences.cpp:106
#4 0x7f1f710a8851 in PrefsDialog::PrefsDialog(QWindow*, qt_intf_t*) ../../modules/gui/qt/dialogs/preferences/preferences.cpp:74
#5 0x7f1f70ee43e2 in DialogsProvider::prefsDialog() ../../modules/gui/qt/dialogs/dialogs_provider.cpp:253
#6 0x7f1f714f6f97 in DialogsProvider::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) gui/qt/dialogs/dialogs_provider.moc.cpp:268
#7 0x7f1f714f7c11 in DialogsProvider::qt_metacall(QMetaObject::Call, int, void**) gui/qt/dialogs/dialogs_provider.moc.cpp:388
#8 0x7f1f70568f1c (/lib/x86_64-linux-gnu/libQt5Qml.so.5+0x2c4f1c)
...
Direct leak of 33 byte(s) in 33 object(s) allocated from:
#0 0x7f1f872677cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
#1 0x7f1f86eac342 in vlc_alloc ../../include/vlc_common.h:1149
#2 0x7f1f86eac342 in module_config_get ../../src/modules/modules.c:346
#3 0x7f1f710995f5 in ExpertPrefsTableModel::ExpertPrefsTableModel(module_t**, unsigned long, QWidget*) ../../modules/gui/qt/dialogs/preferences/expert_model.cpp:230
#4 0x7f1f710a32fa in PrefsDialog::setExpert() ../../modules/gui/qt/dialogs/preferences/preferences.cpp:106
#5 0x7f1f710a8851 in PrefsDialog::PrefsDialog(QWindow*, qt_intf_t*) ../../modules/gui/qt/dialogs/preferences/preferences.cpp:74
#6 0x7f1f70ee43e2 in DialogsProvider::prefsDialog() ../../modules/gui/qt/dialogs/dialogs_provider.cpp:253
#7 0x7f1f714f6f97 in DialogsProvider::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) gui/qt/dialogs/dialogs_provider.moc.cpp:268
#8 0x7f1f714f7c11 in DialogsProvider::qt_metacall(QMetaObject::Call, int, void**) gui/qt/dialogs/dialogs_provider.moc.cpp:388
#9 0x7f1f70568f1c (/lib/x86_64-linux-gnu/libQt5Qml.so.5+0x2c4f1c)
```
vlc-mirrorer
pushed a commit
that referenced
this pull request
Apr 6, 2022
Fix a leak happening when an input slave fails to load.
Leak detected with asan:
```
Direct leak of 120 byte(s) in 1 object(s) allocated from:
#0 0x7f56cb985ad7 in calloc (/lib64/libasan.so.6)
#1 0x7f56cad22849 in InputSourceNew src/input/input.c:2605
#2 0x7f56cad2c9ca in input_SlaveSourceAdd src/input/input.c:3408
#3 0x7f56cad0f838 in LoadSlaves src/input/input.c:1164
#4 0x7f56cad1219a in Init src/input/input.c:1360
#5 0x7f56cad06092 in Run src/input/input.c:466
#6 0x7f56c9998b19 in start_thread (/lib64/libc.so.6)
```
vlc-mirrorer
pushed a commit
that referenced
this pull request
Apr 9, 2022
Reset the meter fmt to NULL when destroying the stream.
WARNING: ThreadSanitizer: heap-use-after-free (pid=45968)
Read of size 1 at 0x7b4400019fdc by main thread:
#0 aout_filter_Create ../../src/audio_output/filters.c:56 (libvlccore.so.9+0xa4945)
#1 vlc_audio_meter_CreatePluginFilter ../../src/audio_output/meter.c:83 (libvlccore.so.9+0xa7074)
#2 vlc_audio_meter_AddPlugin ../../src/audio_output/meter.c:108 (libvlccore.so.9+0xa71df)
#3 aout_AddMeterPlugin ../../src/audio_output/output.c:1008 (libvlccore.so.9+0xaa088)
#4 vlc_player_AddMetadataLoudnessListener ../../src/player/metadata.c:106 (libvlccore.so.9+0x98f93)
#5 vlc_player_AddMetadataListener ../../src/player/metadata.c:181 (libvlccore.so.9+0x990bc)
#6 test_audio_loudness_meter ../../test/src/player/player.c:2842 (test_src_player+0x5db2)
#7 main ../../test/src/player/player.c:2961 (test_src_player+0xa9fa)
Previous write of size 8 at 0x7b4400019fd8 by main thread:
#0 free ../../../../src/libsanitizer/tsan/tsan_interceptors_posix.cpp:711 (libtsan.so.0+0x368a8)
#1 vlc_player_track_priv_Delete ../../src/player/track.c:145 (libvlccore.so.9+0x94d60)
#2 vlc_player_track_Delete ../../src/player/track.c:153 (libvlccore.so.9+0x94d7d)
#3 ctx_reset ../../test/src/player/player.c:630 (test_src_player+0x484d)
#4 test_end ../../test/src/player/player.c:1044 (test_src_player+0x5696)
#5 test_es_selection_override ../../test/src/player/player.c:2913 (test_src_player+0x5b18)
#6 main ../../test/src/player/player.c:2960 (test_src_player+0xa9f2)
vlc-mirrorer
pushed a commit
that referenced
this pull request
Jun 2, 2022
For now we use the default values it would use otherwise. DXGI WARNING: IDXGIFactory::CreateSwapChain/IDXGISwapChain::ResizeBuffers: The buffer height inferred from the output window is zero. Taking 8 as a reasonable default instead [ MISCELLANEOUS WARNING #2: ]
vlc-mirrorer
pushed a commit
that referenced
this pull request
Jun 24, 2022
There is no requirement to call flush on exit. Indeed,
avcodec_flush_buffers is documented as needed for seeking or switching
to a different stream.
In addition, calling avcodec_flush_buffers currently triggers TSAN
warnings. Those warnings are still happening when calling the pf_flush
function from avcodec module, so it does not fix them per se, but it
does remove a systematic TSAN warning when opening/closing avcodec.
With ffmpeg at commit 73302aa193714958afb8262ceb14d9613e9df5ad:
WARNING: ThreadSanitizer: data race (pid=749126)
Write of size 8 at 0x7b8000053000 by thread T9:
#0 free /usr/src/debug/gcc/libsanitizer/tsan/tsan_interceptors_posix.cpp:706 (libtsan.so.2+0x4e64f)
#1 ff_h264_free_tables src/libavcodec/h264dec.c:159 (libavcodec_plugin.so+0x24bced)
#2 module_unneed ../../src/modules/modules.c:304 (libvlccore.so.9+0x4ce1a)
#3 decoder_Clean ../../src/input/decoder_helpers.c:56 (libvlccore.so.9+0x8835f)
#4 DeleteDecoder ../../src/input/decoder.c:2005 (libvlccore.so.9+0x83edd)
#5 vlc_input_decoder_Delete ../../src/input/decoder.c:2254 (libvlccore.so.9+0x84f5c)
#6 EsOutDestroyDecoder ../../src/input/es_out.c:2406 (libvlccore.so.9+0x97c9b)
#7 EsOutUnselectEs ../../src/input/es_out.c:2575 (libvlccore.so.9+0x98902)
#8 EsOutVaPrivControlLocked ../../src/input/es_out.c:3734 (libvlccore.so.9+0x9f359)
#9 EsOutPrivControl ../../src/input/es_out.c:4028 (libvlccore.so.9+0xa1f0a)
#10 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0xa554f)
#11 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0xa5623)
#12 CmdExecutePrivControl ../../src/input/es_out_timeshift.c:1809 (libvlccore.so.9+0xadb9f)
#13 PrivControlLocked ../../src/input/es_out_timeshift.c:799 (libvlccore.so.9+0xa7c59)
#14 PrivControl ../../src/input/es_out_timeshift.c:858 (libvlccore.so.9+0xa8428)
#15 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0xafd79)
#16 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0xafe4d)
#17 es_out_SetMode ../../src/input/es_out.h:119 (libvlccore.so.9+0xafeb1)
#18 End ../../src/input/input.c:1400 (libvlccore.so.9+0xb5ec5)
#19 Run ../../src/input/input.c:431 (libvlccore.so.9+0xb1ba0)
Previous write of size 8 at 0x7b8000053000 by thread T10 (mutexes: write M847):
#0 memset /usr/src/debug/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:799 (libtsan.so.2+0x652d2)
#1 ff_er_add_slice src/libavcodec/error_resilience.c:863 (libavcodec_plugin.so+0x866185)
Mutex M847 (0x7b7400024ea8) created at:
#0 pthread_mutex_init /usr/src/debug/gcc/libsanitizer/tsan/tsan_interceptors_posix.cpp:1295 (libtsan.so.2+0x57446)
#1 ff_pthread_init src/libavcodec/pthread.c:122 (libavcodec_plugin.so+0x93ce3)
#2 OpenVideoCodec ../../modules/codec/avcodec/video.c:393 (libavcodec_plugin.so+0xdaac8)
#3 InitVideoDec ../../modules/codec/avcodec/video.c:592 (libavcodec_plugin.so+0xdbb26)
#4 generic_start ../../src/modules/modules.c:275 (libvlccore.so.9+0x4cc3d)
#5 vlc_module_load ../../src/modules/modules.c:243 (libvlccore.so.9+0x4c9db)
#6 module_need ../../src/modules/modules.c:286 (libvlccore.so.9+0x4cce2)
#7 module_need_var ../../include/vlc_modules.h:120 (libvlccore.so.9+0x7b8cb)
#8 LoadDecoder ../../src/input/decoder.c:234 (libvlccore.so.9+0x7bea7)
#9 CreateDecoder ../../src/input/decoder.c:1958 (libvlccore.so.9+0x83a70)
#10 decoder_New ../../src/input/decoder.c:2111 (libvlccore.so.9+0x847ba)
#11 vlc_input_decoder_New ../../src/input/decoder.c:2172 (libvlccore.so.9+0x84be5)
#12 EsOutCreateDecoder ../../src/input/es_out.c:2358 (libvlccore.so.9+0x977d5)
#13 EsOutSelectEs ../../src/input/es_out.c:2488 (libvlccore.so.9+0x98261)
#14 EsOutSelect ../../src/input/es_out.c:2774 (libvlccore.so.9+0x992d1)
#15 EsOutVaPrivControlLocked ../../src/input/es_out.c:3738 (libvlccore.so.9+0x9f418)
#16 EsOutPrivControl ../../src/input/es_out.c:4028 (libvlccore.so.9+0xa1f0a)
#17 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0xa554f)
#18 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0xa5623)
#19 CmdExecutePrivControl ../../src/input/es_out_timeshift.c:1809 (libvlccore.so.9+0xadb9f)
#20 PrivControlLocked ../../src/input/es_out_timeshift.c:799 (libvlccore.so.9+0xa7c59)
#21 PrivControl ../../src/input/es_out_timeshift.c:858 (libvlccore.so.9+0xa8428)
#22 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0xafd79)
#23 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0xafe4d)
#24 es_out_SetMode ../../src/input/es_out.h:119 (libvlccore.so.9+0xafeb1)
#25 InitPrograms ../../src/input/input.c:1227 (libvlccore.so.9+0xb5322)
#26 Init ../../src/input/input.c:1316 (libvlccore.so.9+0xb58c9)
#27 Run ../../src/input/input.c:426 (libvlccore.so.9+0xb1b7f)
Thread T9 'vlc-input' (tid=749136, running) created by main thread at:
#0 pthread_create /usr/src/debug/gcc/libsanitizer/tsan/tsan_interceptors_posix.cpp:1001 (libtsan.so.2+0x670c9)
#1 vlc_clone_attr ../../src/posix/thread.c:179 (libvlccore.so.9+0x17910c)
#2 vlc_clone ../../src/posix/thread.c:190 (libvlccore.so.9+0x1791b5)
#3 input_Start ../../src/input/input.c:130 (libvlccore.so.9+0xb0aca)
#4 vlc_player_input_Start ../../src/player/input.c:96 (libvlccore.so.9+0xc9640)
#5 vlc_player_Start ../../src/player/player.c:1176 (libvlccore.so.9+0xc54be)
#6 vlc_playlist_Start ../../src/playlist/player.c:176 (libvlccore.so.9+0x6146e)
#7 libvlc_InternalPlay ../../src/interface/interface.c:238 (libvlccore.so.9+0x59fa4)
#8 libvlc_playlist_play ../../lib/playlist.c:36 (libvlc.so.12+0xdd1b)
#9 main ../../bin/vlc.c:245 (vlc-static+0x2acd)
Thread T10 (tid=749137, running) created by thread T9 at:
#0 pthread_create /usr/src/debug/gcc/libsanitizer/tsan/tsan_interceptors_posix.cpp:1001 (libtsan.so.2+0x670c9)
#1 init_thread src/libavcodec/pthread_frame.c:834 (libavcodec_plugin.so+0x93ebd)
#2 ff_frame_thread_init src/libavcodec/pthread_frame.c:890 (libavcodec_plugin.so+0x93ebd)
#3 OpenVideoCodec ../../modules/codec/avcodec/video.c:393 (libavcodec_plugin.so+0xdaac8)
#4 InitVideoDec ../../modules/codec/avcodec/video.c:592 (libavcodec_plugin.so+0xdbb26)
#5 generic_start ../../src/modules/modules.c:275 (libvlccore.so.9+0x4cc3d)
#6 vlc_module_load ../../src/modules/modules.c:243 (libvlccore.so.9+0x4c9db)
#7 module_need ../../src/modules/modules.c:286 (libvlccore.so.9+0x4cce2)
#8 module_need_var ../../include/vlc_modules.h:120 (libvlccore.so.9+0x7b8cb)
#9 LoadDecoder ../../src/input/decoder.c:234 (libvlccore.so.9+0x7bea7)
#10 CreateDecoder ../../src/input/decoder.c:1958 (libvlccore.so.9+0x83a70)
#11 decoder_New ../../src/input/decoder.c:2111 (libvlccore.so.9+0x847ba)
#12 vlc_input_decoder_New ../../src/input/decoder.c:2172 (libvlccore.so.9+0x84be5)
#13 EsOutCreateDecoder ../../src/input/es_out.c:2358 (libvlccore.so.9+0x977d5)
#14 EsOutSelectEs ../../src/input/es_out.c:2488 (libvlccore.so.9+0x98261)
#15 EsOutSelect ../../src/input/es_out.c:2774 (libvlccore.so.9+0x992d1)
#16 EsOutVaPrivControlLocked ../../src/input/es_out.c:3738 (libvlccore.so.9+0x9f418)
#17 EsOutPrivControl ../../src/input/es_out.c:4028 (libvlccore.so.9+0xa1f0a)
#18 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0xa554f)
#19 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0xa5623)
#20 CmdExecutePrivControl ../../src/input/es_out_timeshift.c:1809 (libvlccore.so.9+0xadb9f)
#21 PrivControlLocked ../../src/input/es_out_timeshift.c:799 (libvlccore.so.9+0xa7c59)
#22 PrivControl ../../src/input/es_out_timeshift.c:858 (libvlccore.so.9+0xa8428)
#23 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0xafd79)
#24 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0xafe4d)
#25 es_out_SetMode ../../src/input/es_out.h:119 (libvlccore.so.9+0xafeb1)
#26 InitPrograms ../../src/input/input.c:1227 (libvlccore.so.9+0xb5322)
#27 Init ../../src/input/input.c:1316 (libvlccore.so.9+0xb58c9)
#28 Run ../../src/input/input.c:426 (libvlccore.so.9+0xb1b7f)
SUMMARY: ThreadSanitizer: data race src/libavcodec/h264dec.c:159 in ff_h264_free_tables
Revert of commit f2f61bf.
vlc-mirrorer
pushed a commit
that referenced
this pull request
Sep 12, 2022
The test is reliably failing with thread sanitizer enabled, without the
previous patches:
==================
WARNING: ThreadSanitizer: data race (pid=242170)
Write of size 8 at 0x7b6c00010088 by thread T10:
#0 DecoderPlayCc ../../src/input/decoder.c:1008 (libvlccore.so.9+0xebbf5)
#1 ModuleThread_QueueCc ../../src/input/decoder.c:1064 (libvlccore.so.9+0xec031)
#2 decoder_QueueCc ../../include/vlc_codec.h:444 (test_src_input_decoder+0x5768)
#3 decoder_decode_check_cc ../../test/src/input/decoder/input_decoder_scenarios.c:79 (test_src_input_decoder+0x5a4e)
#4 DecoderDecode ../../test/src/input/decoder/input_decoder.c:90 (test_src_input_decoder+0x3dd4)
#5 DecoderThread_DecodeBlock ../../src/input/decoder.c:1376 (libvlccore.so.9+0xed9f1)
#6 DecoderThread_ProcessInput ../../src/input/decoder.c:1498 (libvlccore.so.9+0xee14a)
#7 DecoderThread ../../src/input/decoder.c:1786 (libvlccore.so.9+0xef877)
Previous read of size 1 at 0x7b6c00010088 by thread T8:
#0 vlc_input_decoder_HasCCChanFlag ../../src/input/decoder.c:2445 (libvlccore.so.9+0xf2a2b)
#1 vlc_input_decoder_SetCcState ../../src/input/decoder.c:2464 (libvlccore.so.9+0xf2b5f)
#2 EsOutSelectEs ../../src/input/es_out.c:2446 (libvlccore.so.9+0x1095c4)
#3 EsOutSelect ../../src/input/es_out.c:2686 (libvlccore.so.9+0x10a7fc)
#4 EsOutVaControlLocked ../../src/input/es_out.c:3270 (libvlccore.so.9+0x10dea5)
#5 EsOutControlLocked ../../src/input/es_out.c:3147 (libvlccore.so.9+0x10d0ae)
#6 EsOutVaPrivControlLocked ../../src/input/es_out.c:3759 (libvlccore.so.9+0x112282)
#7 EsOutPrivControl ../../src/input/es_out.c:4028 (libvlccore.so.9+0x11505c)
#8 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0x125a49)
#9 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0x125b38)
#10 es_out_SetEs ../../src/input/es_out.h:124 (libvlccore.so.9+0x125c4b)
#11 Control ../../src/input/input.c:2123 (libvlccore.so.9+0x130e15)
#12 MainLoop ../../src/input/input.c:724 (libvlccore.so.9+0x129676)
#13 Run ../../src/input/input.c:428 (libvlccore.so.9+0x127faa)
vlc-mirrorer
pushed a commit
that referenced
this pull request
Sep 18, 2022
m_deviceLister is listening to media source tree callbacks and need be
cleaned (and callbacks removed) before m_devices, since callbacks read
m_devices.
==1750167==ERROR: AddressSanitizer: heap-use-after-free on address 0x61100002c640 at pc 0x7f8906109b0e bp 0x7f88ef176630 sp 0x7f88ef176628
READ of size 8 at 0x61100002c640 thread T22
#0 0x7f8906109b0d in std::__shared_ptr<medialibrary::fs::IDevice, (__gnu_cxx::_Lock_policy)2>::get() const /usr/include/c++/12/bits/shared_ptr_base.h:1666
#1 0x7f8906109b0d in std::__shared_ptr_access<medialibrary::fs::IDevice, (__gnu_cxx::_Lock_policy)2, false, false>::_M_get() const /usr/include/c++/12/bits/shared_ptr_base.h:1363
#2 0x7f8906109b0d in std::__shared_ptr_access<medialibrary::fs::IDevice, (__gnu_cxx::_Lock_policy)2, false, false>::operator->() const /usr/include/c++/12/bits/shared_ptr_base.h:1357
#3 0x7f8906109b0d in operator() ../../modules/misc/medialibrary/fs/fs.cpp:195
#4 0x7f8906109cac in operator()<__gnu_cxx::__normal_iterator<std::shared_ptr<medialibrary::fs::IDevice>*, std::vector<std::shared_ptr<medialibrary::fs::IDevice> > > > /usr/include/c++/12/bits/predefined_ops.h:318
#5 0x7f8906109cac in __find_if<__gnu_cxx::__normal_iterator<std::shared_ptr<medialibrary::fs::IDevice>*, std::vector<std::shared_ptr<medialibrary::fs::IDevice> > >, __gnu_cxx::__ops::_Iter_pred<vlc::medialibrary::SDFileSystemFactory::deviceByUuid(const std::string&)::<lambda(const std::shared_ptr<medialibrary::fs::IDevice>&)> > > /usr/include/c++/12/bits/stl_algobase.h:2067
#6 0x7f8906109f54 in __find_if<__gnu_cxx::__normal_iterator<std::shared_ptr<medialibrary::fs::IDevice>*, std::vector<std::shared_ptr<medialibrary::fs::IDevice> > >, __gnu_cxx::__ops::_Iter_pred<vlc::medialibrary::SDFileSystemFactory::deviceByUuid(const std::string&)::<lambda(const std::shared_ptr<medialibrary::fs::IDevice>&)> > > /usr/include/c++/12/bits/stl_algobase.h:2112
#7 0x7f8906109f54 in find_if<__gnu_cxx::__normal_iterator<std::shared_ptr<medialibrary::fs::IDevice>*, std::vector<std::shared_ptr<medialibrary::fs::IDevice> > >, vlc::medialibrary::SDFileSystemFactory::deviceByUuid(const std::string&)::<lambda(const std::shared_ptr<medialibrary::fs::IDevice>&)> > /usr/include/c++/12/bits/stl_algo.h:3877
#8 0x7f890610b532 in vlc::medialibrary::SDFileSystemFactory::deviceByUuid(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) ../../modules/misc/medialibrary/fs/fs.cpp:193
#9 0x7f890610c16e in vlc::medialibrary::SDFileSystemFactory::onDeviceMounted(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, bool) ../../modules/misc/medialibrary/fs/fs.cpp:146
#10 0x7f890610edd1 in vlc::medialibrary::DeviceLister::onChildrenAdded(vlc_media_tree*, input_item_node_t*, input_item_node_t* const*, unsigned long) ../../modules/misc/medialibrary/fs/devicelister.cpp:131
#11 0x7f890610f06e in vlc::medialibrary::DeviceLister::onChildrenAdded(vlc_media_tree*, input_item_node_t*, input_item_node_t* const*, unsigned long, void*) ../../modules/misc/medialibrary/fs/devicelister.cpp:105
#12 0x7f8908b01f44 in vlc_media_tree_Add ../../src/media_source/media_tree.c:303
#13 0x7f8908b00dc0 in services_discovery_item_added ../../src/media_source/media_source.c:81
#14 0x7f8907972be6 in services_discovery_AddItem ../../include/vlc_services_discovery.h:166
#15 0x7f8907972be6 in entry_item_append ../../modules/access/dsm/sd.c:73
#16 0x7f8907972daf in netbios_ns_discover_on_entry_added ../../modules/access/dsm/sd.c:117
#17 0x7f8907980930 in netbios_ns_discover_thread (/home/tom/work/out/lib/x86_64-linux-gnu/libdsm.so.3+0x5930)
#18 0x7f89086a3d7f in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7d7f)
#19 0x7f89085bdbae in clone (/lib/x86_64-linux-gnu/libc.so.6+0xfabae)
0x61100002c640 is located 0 bytes inside of 256-byte region [0x61100002c640,0x61100002c740)
freed by thread T0 here:
#0 0x7f8908cba3c8 in operator delete(void*, unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:164
#1 0x7f890610c7d8 in std::__new_allocator<std::shared_ptr<medialibrary::fs::IDevice> >::deallocate(std::shared_ptr<medialibrary::fs::IDevice>*, unsigned long) /usr/include/c++/12/bits/new_allocator.h:158
#2 0x7f890610c7d8 in std::allocator_traits<std::allocator<std::shared_ptr<medialibrary::fs::IDevice> > >::deallocate(std::allocator<std::shared_ptr<medialibrary::fs::IDevice> >&, std::shared_ptr<medialibrary::fs::IDevice>*, unsigned long) /usr/include/c++/12/bits/alloc_traits.h:496
#3 0x7f890610c7d8 in std::_Vector_base<std::shared_ptr<medialibrary::fs::IDevice>, std::allocator<std::shared_ptr<medialibrary::fs::IDevice> > >::_M_deallocate(std::shared_ptr<medialibrary::fs::IDevice>*, unsigned long) /usr/include/c++/12/bits/stl_vector.h:387
#4 0x7f890610c7d8 in std::_Vector_base<std::shared_ptr<medialibrary::fs::IDevice>, std::allocator<std::shared_ptr<medialibrary::fs::IDevice> > >::~_Vector_base() /usr/include/c++/12/bits/stl_vector.h:366
#5 0x7f890610cc47 in std::vector<std::shared_ptr<medialibrary::fs::IDevice>, std::allocator<std::shared_ptr<medialibrary::fs::IDevice> > >::~vector() /usr/include/c++/12/bits/stl_vector.h:733
#6 0x7f890610ccb4 in vlc::medialibrary::SDFileSystemFactory::~SDFileSystemFactory() ../../modules/misc/medialibrary/fs/fs.h:45
#7 0x7f89060dd7f0 (/home/tom/work/git/vlc/build-asan/modules/.libs/libmedialibrary_plugin.so+0xdd7f0)
#8 0x7f8906192379 in std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2>::_M_release() /usr/include/c++/12/bits/shared_ptr_base.h:346
#9 0x7f8906192379 in std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2>::_M_release() /usr/include/c++/12/bits/shared_ptr_base.h:317
#10 0x7f8906192379 in std::__shared_count<(__gnu_cxx::_Lock_policy)2>::~__shared_count() /usr/include/c++/12/bits/shared_ptr_base.h:1071
#11 0x7f8906192379 in std::__shared_ptr<medialibrary::fs::IFileSystemFactory, (__gnu_cxx::_Lock_policy)2>::~__shared_ptr() /usr/include/c++/12/bits/shared_ptr_base.h:1524
#12 0x7f8906192379 in std::shared_ptr<medialibrary::fs::IFileSystemFactory>::~shared_ptr() /usr/include/c++/12/bits/shared_ptr.h:175
#13 0x7f8906192379 in void std::_Destroy<std::shared_ptr<medialibrary::fs::IFileSystemFactory> >(std::shared_ptr<medialibrary::fs::IFileSystemFactory>*) /usr/include/c++/12/bits/stl_construct.h:151
#14 0x7f8906192379 in void std::_Destroy_aux<false>::__destroy<std::shared_ptr<medialibrary::fs::IFileSystemFactory>*>(std::shared_ptr<medialibrary::fs::IFileSystemFactory>*, std::shared_ptr<medialibrary::fs::IFileSystemFactory>*) /usr/include/c++/12/bits/stl_construct.h:163
#15 0x7f8906192379 in void std::_Destroy<std::shared_ptr<medialibrary::fs::IFileSystemFactory>*>(std::shared_ptr<medialibrary::fs::IFileSystemFactory>*, std::shared_ptr<medialibrary::fs::IFileSystemFactory>*) /usr/include/c++/12/bits/stl_construct.h:196
#16 0x7f8906192379 in void std::_Destroy<std::shared_ptr<medialibrary::fs::IFileSystemFactory>*, std::shared_ptr<medialibrary::fs::IFileSystemFactory> >(std::shared_ptr<medialibrary::fs::IFileSystemFactory>*, std::shared_ptr<medialibrary::fs::IFileSystemFactory>*, std::allocator<std::shared_ptr<medialibrary::fs::IFileSystemFactory> >&) /usr/include/c++/12/bits/alloc_traits.h:850
#17 0x7f8906192379 in std::vector<std::shared_ptr<medialibrary::fs::IFileSystemFactory>, std::allocator<std::shared_ptr<medialibrary::fs::IFileSystemFactory> > >::~vector() /usr/include/c++/12/bits/stl_vector.h:730
#18 0x7f8906192379 in medialibrary::FsHolder::~FsHolder() ../src/filesystem/FsHolder.cpp:66
previously allocated by thread T22 here:
#0 0x7f8908cb94c8 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:95
#1 0x7f890610d4d8 in std::__new_allocator<std::shared_ptr<medialibrary::fs::IDevice> >::allocate(unsigned long, void const*) /usr/include/c++/12/bits/new_allocator.h:137
#2 0x7f890610d789 in std::allocator_traits<std::allocator<std::shared_ptr<medialibrary::fs::IDevice> > >::allocate(std::allocator<std::shared_ptr<medialibrary::fs::IDevice> >&, unsigned long) /usr/include/c++/12/bits/alloc_traits.h:464
#3 0x7f890610d789 in std::_Vector_base<std::shared_ptr<medialibrary::fs::IDevice>, std::allocator<std::shared_ptr<medialibrary::fs::IDevice> > >::_M_allocate(unsigned long) /usr/include/c++/12/bits/stl_vector.h:378
#4 0x7f890610d789 in void std::vector<std::shared_ptr<medialibrary::fs::IDevice>, std::allocator<std::shared_ptr<medialibrary::fs::IDevice> > >::_M_realloc_insert<std::shared_ptr<medialibrary::fs::IDevice> const&>(__gnu_cxx::__normal_iterator<std::shared_ptr<medialibrary::fs::IDevice>*, std::vector<std::shared_ptr<medialibrary::fs::IDevice>, std::allocator<std::shared_ptr<medialibrary::fs::IDevice> > > >, std::shared_ptr<medialibrary::fs::IDevice> const&) /usr/include/c++/12/bits/vector.tcc:453
#5 0x7f890610dc02 in std::vector<std::shared_ptr<medialibrary::fs::IDevice>, std::allocator<std::shared_ptr<medialibrary::fs::IDevice> > >::push_back(std::shared_ptr<medialibrary::fs::IDevice> const&) /usr/include/c++/12/bits/stl_vector.h:1287
#6 0x7f890610c3b3 in vlc::medialibrary::SDFileSystemFactory::onDeviceMounted(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, bool) ../../modules/misc/medialibrary/fs/fs.cpp:151
#7 0x7f890610edd1 in vlc::medialibrary::DeviceLister::onChildrenAdded(vlc_media_tree*, input_item_node_t*, input_item_node_t* const*, unsigned long) ../../modules/misc/medialibrary/fs/devicelister.cpp:131
#8 0x7f890610f06e in vlc::medialibrary::DeviceLister::onChildrenAdded(vlc_media_tree*, input_item_node_t*, input_item_node_t* const*, unsigned long, void*) ../../modules/misc/medialibrary/fs/devicelister.cpp:105
#9 0x7f8908b01f44 in vlc_media_tree_Add ../../src/media_source/media_tree.c:303
Thread T22 created by T0 here:
#0 0x7f8908c49726 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:207
#1 0x7f890798126c in netbios_ns_discover_start (/home/tom/work/out/lib/x86_64-linux-gnu/libdsm.so.3+0x626c)
#2 0x7f8908b022b5 in generic_start ../../src/modules/modules.c:275
SUMMARY: AddressSanitizer: heap-use-after-free /usr/include/c++/12/bits/shared_ptr_base.h:1666 in std::__shared_ptr<medialibrary::fs::IDevice, (__gnu_cxx::_Lock_policy)2>::get() const
Shadow bytes around the buggy address:
0x0c227fffd870: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
0x0c227fffd880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c227fffd890: 00 00 00 00 00 00 fa fa fa fa fa fa fa fa fa fa
0x0c227fffd8a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c227fffd8b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa fa
=>0x0c227fffd8c0: fa fa fa fa fa fa fa fa[fd]fd fd fd fd fd fd fd
0x0c227fffd8d0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c227fffd8e0: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
0x0c227fffd8f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c227fffd900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa fa
0x0c227fffd910: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==1750167==ABORTING
vlc-mirrorer
pushed a commit
that referenced
this pull request
Sep 26, 2022
By using the new `vlc_encoder_Delete` call that closes the module
properly.
Caught with asan:
Direct leak of 104 byte(s) in 1 object(s) allocated from:
#0 0x7ff80d66891f in __interceptor_malloc (/lib64/libasan.so.6+0xae91f)
#1 0x7ff7f75daa14 in OpenEncoder ../../modules/codec/flac.c:809
#2 0x7ff80c8a946f in generic_start ../../src/modules/modules.c:275
#3 0x7ff80c8a9083 in vlc_module_load ../../src/modules/modules.c:243
#4 0x7ff80c8a95a5 in module_need ../../src/modules/modules.c:286
#5 0x7ff800fce802 in transcode_encoder_audio_test ../../modules/stream_out/transcode/encoder/audio.c:175
#6 0x7ff800fcb583 in transcode_encoder_test ../../modules/stream_out/transcode/encoder/encoder.c:246
#7 0x7ff800fe0484 in transcode_audio_init ../../modules/stream_out/transcode/audio.c:168
#8 0x7ff800fc6995 in Add ../../modules/stream_out/transcode/transcode.c:631
#9 0x7ff80cc3fe5a in sout_StreamIdAdd ../../src/stream_output/stream_output.c:699
#10 0x7ff80cc39913 in sout_InputNew ../../src/stream_output/stream_output.c:134
#11 0x7ff80c9405a5 in DecoderThread_ProcessSout ../../src/input/decoder.c:1006
#12 0x7ff80c94685d in DecoderThread_ProcessInput ../../src/input/decoder.c:1518
#13 0x7ff80c95142d in vlc_input_decoder_Decode ../../src/input/decoder.c:2295
#14 0x7ff80c995b52 in EsOutSend ../../src/input/es_out.c:3017
#15 0x7ff80c9ad499 in es_out_Send ../../include/vlc_es_out.h:161
#16 0x7ff80c9beca6 in CmdExecuteSend ../../src/input/es_out_timeshift.c:1484
#17 0x7ff80c9af854 in Send ../../src/input/es_out_timeshift.c:486
#18 0x7ff7ffd8eab2 in es_out_Send ../../include/vlc_es_out.h:161
#19 0x7ff7ffd9db18 in Demux ../../modules/demux/mpeg/es.c:400
#20 0x7ff80c960edd in demux_Demux ../../src/input/demux.c:212
#21 0x7ff80c9d0abb in MainLoopDemux ../../src/input/input.c:498
#22 0x7ff80c9d30a6 in MainLoop ../../src/input/input.c:645
#23 0x7ff80c9d024b in Run ../../src/input/input.c:428
#24 0x7ff80b66b821 in start_thread (/lib64/libc.so.6+0x9f821)
vlc-mirrorer
pushed a commit
that referenced
this pull request
Jan 15, 2023
Refactor code to always call the encoder at the end and separate the
filtering case.
Fix a crash (double-free) when the image handler needs to resize the
picture before encoding it.
==150429==ERROR: AddressSanitizer: heap-use-after-free on address 0x614000002bb8 at pc 0x7f4ce1a8a092 bp 0x7fff205294c0 sp 0x7fff205294b0
WRITE of size 8 at 0x614000002bb8 thread T0
#0 0x7f4ce1a8a091 in vlc_atomic_rc_dec ../../include/vlc_atomic.h:66
#1 0x7f4ce1a8a091 in picture_Release ../../include/vlc_picture.h:372
#2 0x7f4ce1a8a091 in ImageWrite ../../src/misc/image.c:454
#3 0x564f4f6a00f7 in OpenIntf ../../test/src/misc/image.c:52
#4 0x7f4ce177bfee in generic_start ../../src/modules/modules.c:275
#5 0x7f4ce177db75 in vlc_module_load ../../src/modules/modules.c:243
#6 0x7f4ce177df33 in module_need ../../src/modules/modules.c:286
#7 0x7f4ce179cbdd in intf_Create ../../src/interface/interface.c:172
#8 0x7f4ce179d86a in libvlc_InternalAddIntf ../../src/interface/interface.c:267
#9 0x7f4ce2350b22 in libvlc_add_intf ../../lib/playlist.c:41
#10 0x564f4f69f53c in main ../../test/src/misc/image.c:122
vlc-mirrorer
pushed a commit
that referenced
this pull request
Jan 30, 2023
Single `module_unneed` calls aren't enough to properly close encoders as
their disable callbacks are stored independently from the module.
As a side effect, this patch fixes a double-free where the custom
`close` callback was called after the `module_unneed` call in the
encoder destroy function:
```
READ of size 8 at 0x619000050498 thread T10 (vlc-input)
#0 0x7f83c0e72a67 in CloseEncoder ../../modules/codec/x264.c:1523
#1 0x7f83d64b7613 in vlc_encoder_Destroy ../../src/input/decoder_helpers.c:176
#2 0x7f83ccb31986 in transcode_encoder_delete ../../modules/stream_out/transcode/encoder/encoder.c:55
#3 0x7f83ccb53203 in transcode_video_clean ../../modules/stream_out/transcode/video.c:405
#4 0x7f83ccb2f6ac in Del ../../modules/stream_out/transcode/transcode.c:736
#5 0x7f83d679814f in sout_StreamIdDel ../../src/stream_output/stream_output.c:707
#6 0x7f83d6791cc3 in sout_InputDelete ../../src/stream_output/stream_output.c:155
#7 ...
0x619000050498 is located 1048 bytes inside of 1072-byte region [0x619000050080,0x6190000504b0)
freed by thread T10 (vlc-input) here:
#0 0x7f83d73b6388 in __interceptor_free.part.0 (/lib64/libasan.so.8+0xb9388)
#1 0x7f83d6740fcd in vlc_objres_clear ../../src/misc/objres.c:93
#2 0x7f83d640265d in module_unneed ../../src/modules/modules.c:307
#3 0x7f83ccb3f212 in transcode_encoder_video_close ../../modules/stream_out/transcode/encoder/video.c:390
#4 0x7f83ccb331a2 in transcode_encoder_close ../../modules/stream_out/transcode/encoder/encoder.c:188
#5 0x7f83ccb53178 in transcode_video_clean ../../modules/stream_out/transcode/video.c:404
#6 0x7f83ccb2f6ac in Del ../../modules/stream_out/transcode/transcode.c:736
#7 ...
```
vlc-mirrorer
pushed a commit
that referenced
this pull request
Feb 11, 2023
The lua interrupt will get cleaned when reaching Close_Extension through
if (sys->L)
{
lua_close(sys->L);
vlclua_fd_cleanup(&sys->dtable);
}
However, the call to lua_ExtensionDeactivate when reaching a
CMD_DEACTIVATE will also close the lua state and reset the sys->L to
NULL, preventing the previous snippet from cleaning the interrupt and
resulting in memory leaks.
Direct leak of 120 byte(s) in 3 object(s) allocated from:
#0 0x7f2a27cbfa89 in __interceptor_malloc /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7f2a2725f870 in vlc_interrupt_create ../../src/misc/interrupt.c:61
#2 0x7f29eea1d997 in vlclua_fd_init ../../modules/lua/libs/net.c:503
#3 0x7f29ee9e9d6e in GetLuaState ../../modules/lua/extension.c:805
#4 0x7f29ee9ec360 in lua_ExecuteFunctionVa ../../modules/lua/extension.c:896
#5 0x7f29ee9eca25 in lua_ExecuteFunction ../../modules/lua/extension.c:874
#6 0x7f29ee9f234d in Run ../../modules/lua/extension_thread.c:296
#7 0x7f2a2609ebb4 (/usr/lib/libc.so.6+0x85bb4)
If we try to also clean the interrupt from there, we might also reach
use-after-free because of races between the extension thread and the
client thread.
==457157==ERROR: AddressSanitizer: heap-use-after-free on address 0x604000069661 at pc 0x7f3894c5f648 bp 0x7ffc0f0e3bc0 sp 0x7ffc0f0e3bb0
WRITE of size 1 at 0x604000069661 thread T0
#0 0x7f3894c5f647 in vlc_interrupt_kill ../../src/misc/interrupt.c:181
#1 0x7f3891329c40 in Close_Extension ../../modules/lua/extension.c:155
#2 0x7f389497d22e in module_unneed ../../src/modules/modules.c:305
#3 0x55b734884085 in OpenIntf ../../test/modules/lua/extension.c:95
#4 0x7f389497b12e in generic_start ../../src/modules/modules.c:275
#5 0x7f389497ccb5 in vlc_module_load ../../src/modules/modules.c:243
#6 0x7f389497d073 in module_need ../../src/modules/modules.c:286
#7 0x7f389499bd1d in intf_Create ../../src/interface/interface.c:172
#8 0x7f389499c9aa in libvlc_InternalAddIntf ../../src/interface/interface.c:267
#9 0x7f3895550b22 in libvlc_add_intf ../../lib/playlist.c:41
#10 0x55b73488358c in main ../../test/modules/lua/extension.c:127
#11 0x7f3893a3c78f (/usr/lib/libc.so.6+0x2378f)
#12 0x7f3893a3c849 in __libc_start_main (/usr/lib/libc.so.6+0x23849)
#13 0x55b7348836e4 in _start (/home/janniaux/Projects/videolabs/vlc/build-asan/test/test_modules_lua_extension+0x36e4)
0x604000069661 is located 17 bytes inside of 40-byte region [0x604000069650,0x604000069678)
freed by thread T8 (vlc-lua-ext) here:
#0 0x7f38956be672 in __interceptor_free /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:52
#1 0x7f389132cd5d in lua_ExtensionDeactivate ../../modules/lua/extension.c:642
#2 0x7f389132ec83 in Run ../../modules/lua/extension_thread.c:331
#3 0x7f3893a9ebb4 (/usr/lib/libc.so.6+0x85bb4)
Removing the closing of sys->L in lua_ExtensionDeactivate and leaving it
after the vlc_join() in Close_Extension ensure it will get called at
some point and called only once.
mohit-marathe
pushed a commit
to mohit-marathe/vlc
that referenced
this pull request
Jul 16, 2023
This commit fixes a memory leak on playlist event.
After MR !3189 [^1], the leak was fixed when closing the interface
before the events are processed, but not when the events were being
processed and the ownership moved to the dbus thread.
When a second tracklist (append or remove) event was queued to the dbus
thread, it detected that an existing event was already there and
discarded the event without destroying it, despite the ownership being
transferred.
It is necessary to check whether the event was transferred or not and
release it if not, which will be done in a following commit, but the
tracklist events are gathered by the event processing code and event
type duplicates don't have the same information and shouldn't be
discarded first, which solves the following root leak:
==81939==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 40 byte(s) in 1 object(s) allocated from:
#0 0x7fd01ced85cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7fd00d6a3129 in tracklist_append_event_create ../../modules/control/dbus/dbus_tracklist.c:41
videolan#2 0x7fd00d6b1f98 in playlist_on_items_added ../../modules/control/dbus/dbus.c:1063
videolan#3 0x7fd01c03e071 in vlc_playlist_ItemsInserted ../../src/playlist/content.c:76
videolan#4 0x7fd01c045b3e in vlc_playlist_Expand ../../src/playlist/content.c:382
#5 0x7fd01c0537e8 in vlc_playlist_ExpandItem ../../src/playlist/preparse.c:59
#6 0x7fd01c053942 in vlc_playlist_ExpandItemFromNode ../../src/playlist/preparse.c:76
videolan#7 0x7fd01c05397f in on_subtree_added ../../src/playlist/preparse.c:87
videolan#8 0x7fd01c070088 in OnParserSubtreeAdded ../../src/preparser/preparser.c:171
videolan#9 0x7fd01c08848b in input_item_parser_InputEvent ../../src/input/item.c:1402
[^1]: https://code.videolan.org/videolan/vlc/-/merge_requests/3189
Refs #27780
Fixes #28307
mohit-marathe
pushed a commit
to mohit-marathe/vlc
that referenced
this pull request
Jul 16, 2023
Fix the following leak:
Direct leak of 440 byte(s) in 1 object(s) allocated from:
#0 0x7f16238e1369 in __interceptor_malloc /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x7f162362bb1b in picture_NewFromFormat ../../src/misc/picture.c:271
videolan#2 0x55a72c5485c7 in test_opengl_offscreen ../../test/modules/video_output/opengl/filters.c:158
videolan#3 0x55a72c547005 in main ../../test/modules/video_output/opengl/filters.c:294
videolan#4 0x7f162314c84f (/usr/lib/libc.so.6+0x2384f) (BuildId: 2f005a79cd1a8e385972f5a102f16adba414d75e)
mohit-marathe
pushed a commit
to mohit-marathe/vlc
that referenced
this pull request
Aug 28, 2023
We cannot read or write the decoder object without being under the fifo
lock, so ensure we locked first. It fixes some thread sanitizer issues
between decoder_Init() and vlc_input_decoder_Flush().
WARNING: ThreadSanitizer: data race (pid=876901)
Read of size 8 at 0x7b7000010028 by thread T25:
#0 vlc_input_decoder_Flush ../../src/input/decoder.c:2317 (libvlccore.so.9+0x69d7a) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
#1 EsOutDestroyDecoder ../../src/input/es_out.c:2360 (libvlccore.so.9+0x716cf) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
videolan#2 EsOutUnselectEs ../../src/input/es_out.c:2534 (libvlccore.so.9+0x7a1bd) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
videolan#3 EsOutVaPrivControlLocked ../../src/input/es_out.c:3733 (libvlccore.so.9+0x75832) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
videolan#4 EsOutPrivControl ../../src/input/es_out.c:4043 (libvlccore.so.9+0x783ad) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
#5 es_out_in_vaPrivControl ../../src/input/es_out_timeshift.c:464 (libvlccore.so.9+0x81a06) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
#6 es_out_in_PrivControl ../../src/input/es_out_timeshift.c:474 (libvlccore.so.9+0x81a06)
videolan#7 CmdExecutePrivControl ../../src/input/es_out_timeshift.c:1868 (libvlccore.so.9+0x81b78) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
videolan#8 PrivControlLocked ../../src/input/es_out_timeshift.c:758 (libvlccore.so.9+0x840be) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
videolan#9 PrivControl ../../src/input/es_out_timeshift.c:817 (libvlccore.so.9+0x840be)
videolan#10 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0x86f7c) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
videolan#11 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0x86f7c)
videolan#12 es_out_SetMode ../../src/input/es_out.h:119 (libvlccore.so.9+0x91ba9) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
videolan#13 End ../../src/input/input.c:1425 (libvlccore.so.9+0x91ba9)
videolan#14 Run ../../src/input/input.c:431 (libvlccore.so.9+0x920d4) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
Previous write of size 8 at 0x7b7000010028 by thread T27:
#0 decoder_Init ../../src/input/decoder_helpers.c:50 (libvlccore.so.9+0x6c1ce) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
#1 LoadDecoder ../../src/input/decoder.c:370 (libvlccore.so.9+0x672ae) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
videolan#2 DecoderThread_Reload ../../src/input/decoder.c:431 (libvlccore.so.9+0x67593) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
videolan#3 DecoderThread_ProcessInput ../../src/input/decoder.c:1595 (libvlccore.so.9+0x687f9) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
videolan#4 DecoderThread_DecodeBlock ../../src/input/decoder.c:1562 (libvlccore.so.9+0x6865b) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
#5 DecoderThread_ProcessInput ../../src/input/decoder.c:1667 (libvlccore.so.9+0x6895e) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
#6 DecoderThread ../../src/input/decoder.c:1795 (libvlccore.so.9+0x6a487) (BuildId: 1912c3713753e3bafbd8f9b735ec069a39be1f4d)
mohit-marathe
pushed a commit
to mohit-marathe/vlc
that referenced
this pull request
Aug 28, 2023
Reloading the decoder was never protected against races because
processing an input frame was done unprotected. The rationale behind was
that we cannot lock the vlc_input_decoder_t FIFO when calling any
function from the decoder_t object implementation.
This commit is broadening the locks everywhere but when:
- the decoder is created (LoadDecoder)
- the decoder is destroyed (decoder_Clean)
- the decode callback is called on the decoder (decoder_t::pf_decode)
It fixes race conditions on the outputs (audio, video) and the usage of
the dec_fmt_in structure.
WARNING: ThreadSanitizer: data race (pid=2404868)
Write of size 8 at 0x7b7000010028 by thread T27:
#0 decoder_Init ../../src/input/decoder_helpers.c:50 (libvlccore.so.9+0x6c1fe) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#1 DecoderThread_Reload ../../src/input/decoder.c:428 (libvlccore.so.9+0x67581) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#2 DecoderThread_ProcessInput ../../src/input/decoder.c:1593 (libvlccore.so.9+0x68829) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#3 DecoderThread_DecodeBlock ../../src/input/decoder.c:1560 (libvlccore.so.9+0x6868b) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#4 DecoderThread_ProcessInput ../../src/input/decoder.c:1665 (libvlccore.so.9+0x6898e) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#5 DecoderThread ../../src/input/decoder.c:1793 (libvlccore.so.9+0x6a4b7) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
Previous read of size 8 at 0x7b7000010028 by thread T25:
#0 vlc_input_decoder_Flush ../../src/input/decoder.c:2318 (libvlccore.so.9+0x69dc2) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#1 EsOutDestroyDecoder ../../src/input/es_out.c:2360 (libvlccore.so.9+0x716ff) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#2 EsOutUnselectEs ../../src/input/es_out.c:2534 (libvlccore.so.9+0x7a1ed) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#3 EsOutVaPrivControlLocked ../../src/input/es_out.c:3733 (libvlccore.so.9+0x75862) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#4 EsOutPrivControl ../../src/input/es_out.c:4043 (libvlccore.so.9+0x783dd) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#5 es_out_in_vaPrivControl ../../src/input/es_out_timeshift.c:464 (libvlccore.so.9+0x81a36) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#6 es_out_in_PrivControl ../../src/input/es_out_timeshift.c:474 (libvlccore.so.9+0x81a36)
videolan#7 CmdExecutePrivControl ../../src/input/es_out_timeshift.c:1868 (libvlccore.so.9+0x81ba8) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#8 PrivControlLocked ../../src/input/es_out_timeshift.c:758 (libvlccore.so.9+0x840ee) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#9 PrivControl ../../src/input/es_out_timeshift.c:817 (libvlccore.so.9+0x840ee)
videolan#10 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0x86fac) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#11 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0x86fac)
videolan#12 es_out_SetMode ../../src/input/es_out.h:119 (libvlccore.so.9+0x91bd9) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#13 End ../../src/input/input.c:1425 (libvlccore.so.9+0x91bd9)
videolan#14 Run ../../src/input/input.c:431 (libvlccore.so.9+0x92104) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
Location is heap block of size 2008 at 0x7b7000010000 allocated by thread T25:
#0 calloc /usr/src/debug/gcc/gcc/libsanitizer/tsan/tsan_interceptors_posix.cpp:701 (libtsan.so.2+0x43413) (BuildId: 7e8fcb9ed0a63b98f2293e37c92ac955413efd9e)
#1 vlc_custom_create ../../src/misc/objects.c:97 (libvlccore.so.9+0x10e4c3) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#2 CreateDecoder ../../src/input/decoder.c:1873 (libvlccore.so.9+0x676cf) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#3 decoder_New ../../src/input/decoder.c:2132 (libvlccore.so.9+0x676cf)
videolan#4 vlc_input_decoder_New ../../src/input/decoder.c:2191 (libvlccore.so.9+0x698a0) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#5 EsOutCreateDecoder ../../src/input/es_out.c:2302 (libvlccore.so.9+0x786da) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#6 EsOutSelectEs ../../src/input/es_out.c:2444 (libvlccore.so.9+0x78ec3) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#7 EsOutSelect ../../src/input/es_out.c:2733 (libvlccore.so.9+0x7935a) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#8 EsOutVaPrivControlLocked ../../src/input/es_out.c:3737 (libvlccore.so.9+0x7713c) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#9 EsOutPrivControl ../../src/input/es_out.c:4043 (libvlccore.so.9+0x783dd) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#10 es_out_in_vaPrivControl ../../src/input/es_out_timeshift.c:464 (libvlccore.so.9+0x81a36) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#11 es_out_in_PrivControl ../../src/input/es_out_timeshift.c:474 (libvlccore.so.9+0x81a36)
videolan#12 CmdExecutePrivControl ../../src/input/es_out_timeshift.c:1868 (libvlccore.so.9+0x81ba8) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#13 PrivControlLocked ../../src/input/es_out_timeshift.c:758 (libvlccore.so.9+0x840ee) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#14 PrivControl ../../src/input/es_out_timeshift.c:817 (libvlccore.so.9+0x840ee)
videolan#15 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0x86fac) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#16 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0x86fac)
videolan#17 es_out_SetMode ../../src/input/es_out.h:119 (libvlccore.so.9+0x8d118) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#18 InitPrograms ../../src/input/input.c:1262 (libvlccore.so.9+0x8d118)
videolan#19 Init ../../src/input/input.c:1343 (libvlccore.so.9+0x8d118)
videolan#20 Run ../../src/input/input.c:426 (libvlccore.so.9+0x92064) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
Thread T27 'vlc-dec-video' (tid=2404917, running) created by thread T25 at:
#0 pthread_create /usr/src/debug/gcc/gcc/libsanitizer/tsan/tsan_interceptors_posix.cpp:1036 (libtsan.so.2+0x44219) (BuildId: 7e8fcb9ed0a63b98f2293e37c92ac955413efd9e)
#1 vlc_clone_attr ../../src/posix/thread.c:180 (libvlccore.so.9+0x11f789) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#2 vlc_clone ../../src/posix/thread.c:191 (libvlccore.so.9+0x11f789)
videolan#3 decoder_New ../../src/input/decoder.c:2169 (libvlccore.so.9+0x67eea) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#4 vlc_input_decoder_New ../../src/input/decoder.c:2191 (libvlccore.so.9+0x698a0) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#5 EsOutCreateDecoder ../../src/input/es_out.c:2302 (libvlccore.so.9+0x786da) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#6 EsOutSelectEs ../../src/input/es_out.c:2444 (libvlccore.so.9+0x78ec3) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#7 EsOutSelect ../../src/input/es_out.c:2733 (libvlccore.so.9+0x7935a) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#8 EsOutVaPrivControlLocked ../../src/input/es_out.c:3737 (libvlccore.so.9+0x7713c) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#9 EsOutPrivControl ../../src/input/es_out.c:4043 (libvlccore.so.9+0x783dd) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#10 es_out_in_vaPrivControl ../../src/input/es_out_timeshift.c:464 (libvlccore.so.9+0x81a36) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#11 es_out_in_PrivControl ../../src/input/es_out_timeshift.c:474 (libvlccore.so.9+0x81a36)
videolan#12 CmdExecutePrivControl ../../src/input/es_out_timeshift.c:1868 (libvlccore.so.9+0x81ba8) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#13 PrivControlLocked ../../src/input/es_out_timeshift.c:758 (libvlccore.so.9+0x840ee) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#14 PrivControl ../../src/input/es_out_timeshift.c:817 (libvlccore.so.9+0x840ee)
videolan#15 es_out_vaPrivControl ../../src/input/es_out.h:105 (libvlccore.so.9+0x86fac) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#16 es_out_PrivControl ../../src/input/es_out.h:112 (libvlccore.so.9+0x86fac)
videolan#17 es_out_SetMode ../../src/input/es_out.h:119 (libvlccore.so.9+0x8d118) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#18 InitPrograms ../../src/input/input.c:1262 (libvlccore.so.9+0x8d118)
videolan#19 Init ../../src/input/input.c:1343 (libvlccore.so.9+0x8d118)
videolan#20 Run ../../src/input/input.c:426 (libvlccore.so.9+0x92064) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
Thread T25 'vlc-input' (tid=2404915, running) created by main thread at:
#0 pthread_create /usr/src/debug/gcc/gcc/libsanitizer/tsan/tsan_interceptors_posix.cpp:1036 (libtsan.so.2+0x44219) (BuildId: 7e8fcb9ed0a63b98f2293e37c92ac955413efd9e)
#1 vlc_clone_attr ../../src/posix/thread.c:180 (libvlccore.so.9+0x11f789) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#2 vlc_clone ../../src/posix/thread.c:191 (libvlccore.so.9+0x11f789)
videolan#3 input_Start ../../src/input/input.c:131 (libvlccore.so.9+0x8a4a3) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#4 vlc_player_input_Start ../../src/player/input.c:96 (libvlccore.so.9+0x9e4a2) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#5 vlc_player_Start ../../src/player/player.c:1177 (libvlccore.so.9+0x998f0) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
#6 play_scenario ../../test/src/input/decoder/input_decoder.c:260 (test_src_input_decoder+0x3295) (BuildId: 37860f3bd060e79331c2c7c0168bd76a7e275f6e)
videolan#7 OpenIntf ../../test/src/input/decoder/input_decoder.c:289 (test_src_input_decoder+0x3295)
videolan#8 generic_start ../../src/modules/modules.c:280 (libvlccore.so.9+0x3fca9) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#9 vlc_module_load ../../src/modules/modules.c:248 (libvlccore.so.9+0x40992) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#10 module_need ../../src/modules/modules.c:291 (libvlccore.so.9+0x40c39) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#11 intf_Create ../../src/interface/interface.c:173 (libvlccore.so.9+0x49a3a) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#12 libvlc_InternalAddIntf ../../src/interface/interface.c:268 (libvlccore.so.9+0x49e71) (BuildId: 177c3c73d277ee30e8dd794a139cdeda1889ec4d)
videolan#13 libvlc_add_intf ../../lib/playlist.c:41 (libvlc.so.12+0xd678) (BuildId: 9df6c3ada3ed68d6ad4df6e6a25454ae0f0d2376)
videolan#14 main ../../test/src/input/decoder/input_decoder.c:351 (test_src_input_decoder+0x2584) (BuildId: 37860f3bd060e79331c2c7c0168bd76a7e275f6e)
SUMMARY: ThreadSanitizer: data race ../../src/input/decoder_helpers.c:50 in decoder_Init
==================
Fixes #27582
mohit-marathe
pushed a commit
to mohit-marathe/vlc
that referenced
this pull request
Aug 28, 2023
The builder wasn't releasing the helper's internal leading to several
leaks. This was likely forgotten.
Caught with ASAN:
```
Direct leak of 516 byte(s) in 1 object(s) allocated from:
#0 0x7fa012fddcd7 in calloc (/lib64/libasan.so.8+0xd8cd7)
#1 0x7f9fe032dd15 in hevc_decode_sps modules/packetizer/hevc_nal.c:929
videolan#2 0x7f9fe0371883 in hevc_helper_parse_nal modules/codec/hxxx_helper.c:315
videolan#3 0x7f9fe0374131 in hxxx_helper_process_nal modules/codec/hxxx_helper.c:516
videolan#4 0x7f9fe0374532 in hxxx_helper_process_buffer modules/codec/hxxx_helper.c:535
#5 0x7f9fe0354661 in hxxx_extradata_builder_Feed modules/mux/extradata.c:174
#6 0x7f9fe0355701 in mux_extradata_builder_Feed modules/mux/extradata.c:263
videolan#7 0x7f9fe02ed827 in BlockDequeue modules/mux/mp4/mp4.c:616
videolan#8 0x7f9fe02fbe7f in MuxFrag modules/mux/mp4/mp4.c:1458
```
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Remove p_pixels mutation