[FFmpeg-devel] Possible memory leaks in dshow capture

James Almer jamrial at gmail.com
Thu Jan 3 17:42:20 EET 2019


On 1/3/2019 4:59 AM, Oliver Collyer wrote:
> 
> 
>> On 2 Jan 2019, at 17:52, Oliver Collyer <ovcollyer at mac.com> wrote:
>>
>>
>>
>>> On 2 Jan 2019, at 11:30, Oliver Collyer <ovcollyer at mac.com> wrote:
>>>
>>>
>>>
>>>> On 1 Jan 2019, at 23:58, James Almer <jamrial at gmail.com> wrote:
>>>>
>>>> On 1/1/2019 5:01 PM, Oliver Collyer wrote:
>>>>> ---------- Block 26224 at 0x0000000074240F70: 151 bytes ----------
>>>>> Leak Hash: 0x357CD5AF, Count: 1, Total 151 bytes
>>>>> Call Stack (TID 55752):
>>>>>  ucrtbased.dll!aligned_malloc()
>>>>>  c:\ffmpeg\source\ffmpeg\libavutil\mem.c (90): emu-server.exe!av_malloc() + 0x10 bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow_pin.c (213): emu-server.exe!libAVPin_Setup() + 0xA bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow_pin.c (252): emu-server.exe!libAVPin_Create() + 0x9B bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow_filter.c (184): emu-server.exe!libAVFilter_Setup() + 0xA bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow_filter.c (198): emu-server.exe!libAVFilter_Create() + 0xA8 bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow.c (809): emu-server.exe!dshow_open_device() + 0x1C bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow.c (1150): emu-server.exe!dshow_read_header() + 0x18 bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavformat\utils.c (631): emu-server.exe!avformat_open_input() + 0x11 bytes
>>>>>  c:\users\oliver\perforce\non-si\emu\shared\dsdevice_streaming_session.cpp (1142): emu-server.exe!DSDEVICE_STREAMING_SESSION::CAPTURE_THREAD::thread_run() + 0x23 bytes
>>>>>  c:\users\oliver\perforce\non-si\emu\shared\thread_base.cpp (241): emu-server.exe!THREAD_BASE::thread_func() + 0xE bytes
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\type_traits (16707566): emu-server.exe!std::_Invoker_functor::_Call<int (__cdecl*)(void *),void *>() + 0x2B bytes
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\type_traits (16707566): emu-server.exe!std::invoke<int (__cdecl*)(void *),void *>() + 0x31 bytes
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\thr\xthread (239): emu-server.exe!std::_LaunchPad<std::unique_ptr<std::tuple<int (__cdecl*)(void *),void *>,std::default_delete<std::tuple<int (__cdecl*)(void *),void *> > > >::_Execute<0,1>()
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\thr\xthread (245): emu-server.exe!std::_LaunchPad<std::unique_ptr<std::tuple<int (__cdecl*)(void *),void *>,std::default_delete<std::tuple<int (__cdecl*)(void *),void *> > > >::_Run() + 0x19 bytes
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\thr\xthread (231): emu-server.exe!std::_LaunchPad<std::unique_ptr<std::tuple<int (__cdecl*)(void *),void *>,std::default_delete<std::tuple<int (__cdecl*)(void *),void *> > > >::_Go()
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\thr\xthread (209): emu-server.exe!std::_Pad::_Call_func()
>>>>>  ucrtbased.dll!register_onexit_function() + 0x4A8 bytes
>>>>>  ucrtbased.dll!register_onexit_function() + 0xE1 bytes
>>>>>  KERNEL32.DLL!BaseThreadInitThunk() + 0x14 bytes
>>>>>  ntdll.dll!RtlUserThreadStart() + 0x21 bytes
>>>>> Data:
>>>>>  70 0F 24 74    46 02 00 00    ED ED ED ED    ED ED ED ED     p.$tF... ........
>>>>>  36 DE C8 49    F7 7F 00 00    68 F0 CA 49    F7 7F 00 00     6..I.... h..I....
>>>>>  8D 99 CA 49    F7 7F 00 00    1F D6 C9 49    F7 7F 00 00     ...I.... ...I....
>>>>>  C9 9E CA 49    F7 7F 00 00    B7 FD C8 49    F7 7F 00 00     ...I.... ...I....
>>>>>  22 EC C9 49    F7 7F 00 00    7E E1 C8 49    F7 7F 00 00     "..I.... ~..I....
>>>>>  3B 82 CA 49    F7 7F 00 00    CD CD CD CD    CD CD CD CD     ;..I.... ........
>>>>>  CD CD CD CD    CD CD CD CD    CD CD CD CD    CD CD CD CD     ........ ........
>>>>>  CD CD CD CD    CD CD CD CD    CD CD CD CD    CD CD CD CD     ........ ........
>>>>>  CD CD CD CD    CD CD CD CD    CD CD CD CD    CD CD CD CD     ........ ........
>>>>>  CD CD CD CD    CD CD CD                                      ........ ........
>>>>>
>>>>>
>>>>> ---------- Block 26879 at 0x0000000074242E10: 151 bytes ----------
>>>>> Leak Hash: 0xA886255F, Count: 1, Total 151 bytes
>>>>> Call Stack (TID 55752):
>>>>>  ucrtbased.dll!aligned_malloc()
>>>>>  c:\ffmpeg\source\ffmpeg\libavutil\mem.c (90): emu-server.exe!av_malloc() + 0x10 bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow_pin.c (213): emu-server.exe!libAVPin_Setup() + 0xA bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow_pin.c (252): emu-server.exe!libAVPin_Create() + 0x9B bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow_filter.c (184): emu-server.exe!libAVFilter_Setup() + 0xA bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow_filter.c (198): emu-server.exe!libAVFilter_Create() + 0xA8 bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow.c (809): emu-server.exe!dshow_open_device() + 0x1C bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavdevice\dshow.c (1157): emu-server.exe!dshow_read_header() + 0x1E bytes
>>>>>  c:\ffmpeg\source\ffmpeg\libavformat\utils.c (631): emu-server.exe!avformat_open_input() + 0x11 bytes
>>>>>  c:\users\oliver\perforce\non-si\emu\shared\dsdevice_streaming_session.cpp (1142): emu-server.exe!DSDEVICE_STREAMING_SESSION::CAPTURE_THREAD::thread_run() + 0x23 bytes
>>>>>  c:\users\oliver\perforce\non-si\emu\shared\thread_base.cpp (241): emu-server.exe!THREAD_BASE::thread_func() + 0xE bytes
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\type_traits (16707566): emu-server.exe!std::_Invoker_functor::_Call<int (__cdecl*)(void *),void *>() + 0x2B bytes
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\type_traits (16707566): emu-server.exe!std::invoke<int (__cdecl*)(void *),void *>() + 0x31 bytes
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\thr\xthread (239): emu-server.exe!std::_LaunchPad<std::unique_ptr<std::tuple<int (__cdecl*)(void *),void *>,std::default_delete<std::tuple<int (__cdecl*)(void *),void *> > > >::_Execute<0,1>()
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\thr\xthread (245): emu-server.exe!std::_LaunchPad<std::unique_ptr<std::tuple<int (__cdecl*)(void *),void *>,std::default_delete<std::tuple<int (__cdecl*)(void *),void *> > > >::_Run() + 0x19 bytes
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\thr\xthread (231): emu-server.exe!std::_LaunchPad<std::unique_ptr<std::tuple<int (__cdecl*)(void *),void *>,std::default_delete<std::tuple<int (__cdecl*)(void *),void *> > > >::_Go()
>>>>>  c:\program files (x86)\microsoft visual studio\2017\community\vc\tools\msvc\14.16.27023\include\thr\xthread (209): emu-server.exe!std::_Pad::_Call_func()
>>>>>  ucrtbased.dll!register_onexit_function() + 0x4A8 bytes
>>>>>  ucrtbased.dll!register_onexit_function() + 0xE1 bytes
>>>>>  KERNEL32.DLL!BaseThreadInitThunk() + 0x14 bytes
>>>>>  ntdll.dll!RtlUserThreadStart() + 0x21 bytes
>>>>> Data:
>>>>>  CD CD CD CD    CD CD CD CD    CD CD CD CD    CD CD CD CD     ........ ........
>>>>>  CD CD CD CD    CD CD CD CD    CD CD CD CD    CD CD CD CD     ........ ........
>>>>>  10 2E 24 74    46 02 00 00    ED ED ED ED    ED ED ED ED     ..$tF... ........
>>>>>  36 DE C8 49    F7 7F 00 00    68 F0 CA 49    F7 7F 00 00     6..I.... h..I....
>>>>>  8D 99 CA 49    F7 7F 00 00    1F D6 C9 49    F7 7F 00 00     ...I.... ...I....
>>>>>  C9 9E CA 49    F7 7F 00 00    B7 FD C8 49    F7 7F 00 00     ...I.... ...I....
>>>>>  22 EC C9 49    F7 7F 00 00    7E E1 C8 49    F7 7F 00 00     "..I.... ~..I....
>>>>>  3B 82 CA 49    F7 7F 00 00    CD CD CD CD    CD CD CD CD     ;..I.... ........
>>>>>  CD CD CD CD    CD CD CD CD    CD CD CD CD    CD CD CD CD     ........ ........
>>>>>  CD CD CD CD    CD CD CD                                      ........ ........
>>>>
>>>> Does the attached (untested) patch fix these two for you?
>>>
>>> Yes it does, thank you.
>>>
>>> I've worked through the others, and here is a patch that fixes them.
>>>
>>> ======
>>>
>>> diff --git a/libavdevice/dshow.c b/libavdevice/dshow.c
>>> index 25481580af..ac05ab6cdb 100644
>>> --- a/libavdevice/dshow.c
>>> +++ b/libavdevice/dshow.c
>>> @@ -278,12 +278,12 @@ dshow_cycle_devices(AVFormatContext *avctx, ICreateDevEnum *devenum,
>>>                    goto fail1;
>>>                }
>>>                *device_unique_name = unique_name;
>>> +                unique_name = NULL;
>>>                // success, loop will end now
>>>            }
>>>        } else {
>>>            av_log(avctx, AV_LOG_INFO, " \"%s\"\n", friendly_name);
>>>            av_log(avctx, AV_LOG_INFO, "    Alternative name \"%s\"\n", unique_name);
>>> -            av_free(unique_name);
>>>        }
>>>
>>> fail1:
>>> @@ -291,8 +291,9 @@ fail1:
>>>            IMalloc_Free(co_malloc, olestr);
>>>        if (bind_ctx)
>>>            IBindCtx_Release(bind_ctx);
>>> -        av_free(friendly_name);
>>> -        if (bag)
>>> +        av_freep(&friendly_name);
>>> +        av_freep(&unique_name);
>>> +        if (bag)
>>>            IPropertyBag_Release(bag);
>>>        IMoniker_Release(m);
>>>    }
>>> @@ -941,6 +942,8 @@ dshow_add_device(AVFormatContext *avctx,
>>>    AVStream *st;
>>>    int ret = AVERROR(EIO);
>>>
>>> +    type.pbFormat = NULL;
>>> +
>>>    st = avformat_new_stream(avctx, NULL);
>>>    if (!st) {
>>>        ret = AVERROR(ENOMEM);
>>> @@ -989,7 +992,8 @@ dshow_add_device(AVFormatContext *avctx,
>>>            if (par->codec_id == AV_CODEC_ID_NONE) {
>>>                av_log(avctx, AV_LOG_ERROR, "Unknown compression type. "
>>>                                 "Please report type 0x%X.\n", (int) bih->biCompression);
>>> -                return AVERROR_PATCHWELCOME;
>>> +                ret = AVERROR_PATCHWELCOME;
>>> +                goto error;
>>>            }
>>>            par->bits_per_coded_sample = bih->biBitCount;
>>>        } else {
>>> @@ -1030,6 +1034,8 @@ dshow_add_device(AVFormatContext *avctx,
>>>    ret = 0;
>>>
>>> error:
>>> +.   if (type.pbFormat)
>>> +.       CoTaskMemFree(type.pbFormat);
>>>    return ret;
>>> }
>>>
>>> diff --git a/libavdevice/dshow_pin.c b/libavdevice/dshow_pin.c
>>> index 664246da92..12e508bf01 100644
>>> --- a/libavdevice/dshow_pin.c
>>> +++ b/libavdevice/dshow_pin.c
>>> @@ -249,8 +249,20 @@ libAVPin_Setup(libAVPin *this, libAVFilter *filter)
>>>
>>>    return 1;
>>> }
>>> +
>>> +static void
>>> +libAVPin_Free(libAVPin *this)
>>> +{
>>> +    if (!this)
>>> +        return;
>>> +    av_freep(&this->imemvtbl);
>>> +    if (this->type.pbFormat) {
>>> +        CoTaskMemFree(this->type.pbFormat);
>>> +        this->type.pbFormat = NULL;
>>> +    }
>>> +}
>>> DECLARE_CREATE(libAVPin, libAVPin_Setup(this, filter), libAVFilter *filter)
>>> -DECLARE_DESTROY(libAVPin, nothing)
>>> +DECLARE_DESTROY(libAVPin, libAVPin_Free)
>>>
>>> /*****************************************************************************
>>> * libAVMemInputPin
>>
>> Here is an updated version with the formatting fixed.
>>
> 
> Version created using git format-patch.

It seems to be a git diff output only. Or did you mean to attach a git
format-patch version that didn't go through?


More information about the ffmpeg-devel mailing list