[FFmpeg-devel] [PATCH v1 1/3] avcodec: v4l2_m2m: fix races around freeing data on close

Jorge Ramirez-Ortiz jramirez at baylibre.com
Mon Jan 22 10:09:15 EET 2018 

On 01/21/2018 01:46 AM, Mark Thompson wrote:
> On 09/01/18 22:56, Jorge Ramirez-Ortiz wrote:
>> From: Mark Thompson <sw at jkqxz.net>
>>
>> Refcount all of the context information. This also fixes a potential
>> segmentation fault when accessing freed memory  (buffer returned after
>> the codec has been closed).
>>
>> Tested-by: Jorge Ramirez-Ortiz <jorge.ramirez.ortiz at gmail.com>
>> ---
>>   libavcodec/v4l2_buffers.c | 32 ++++++++++------
>>   libavcodec/v4l2_buffers.h |  6 +++
>>   libavcodec/v4l2_m2m.c     | 93 +++++++++++++++++++++++++++++------------------
>>   libavcodec/v4l2_m2m.h     | 35 ++++++++++++++----
>>   libavcodec/v4l2_m2m_dec.c | 22 +++++++----
>>   libavcodec/v4l2_m2m_enc.c | 22 +++++++----
>>   6 files changed, 140 insertions(+), 70 deletions(-)
> I've done some more testing of this set on s5p-mfc.  I still don't like the residual use of atomics in what I wrote, but it is overall a bit better than before so I've applied the whole set.
>
> Other stuff:
> * There's a timestamp overflow case, patch follows.

ok
> * Reinitialisation still fails in some cases - decoding fate/h264/reinit-large_420_8-to-small_420_8.h264 currently hangs.  That needs more investigation, which I haven't done.

yes, that needs to be done properly: I think what was merged at the time 
was working around some v4l2 kernel issues in the db820c so it wasnt 
quite following the expected kernel API hence why it might not work on 
other boards.


> * valgrind still shows leaks when h264_mp4toannexb feeds the decoder, but the bsf doesn't show it in isolation.  Buffer references leaking in the decoder somehow?

you suspect it to be in the v4l2 decoder or in the framework? I did a 
backport to 3.3 some time ago (so not using h264_mp4toannexb as you also 
mentioned) and confirmed that the leaks disappeared. Since the overall 
decoder didn't change it thought it had to be something broken in the 
framework.

>
> Thanks,
>
> - Mark
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

More information about the ffmpeg-devel mailing list