Suspicious crash after GStreamer upgrade to 1.22.9 on M3

tomaszmi · February 2, 2024, 12:37pm

Recently I upgraded GStreamer on an M3 macbook to the recent 1.22.9 version and the my app running simple pipeline started to crash. While investigating the issue I noticed that even the basic tutorial app (gst-docs/examples/tutorials/basic-tutorial-2.c at master · GStreamer/gst-docs · GitHub) crashes as well. I’m running out of ideas what can cause that problem. Could someone be able to help here? TIA.

pkg-config --libs --cflags gstreamer-1.0
-I/opt/homebrew/Cellar/gstreamer/1.22.9/include/gstreamer-1.0 -I/opt/homebrew/Cellar/glib/2.78.4/include -I/opt/homebrew/Cellar/glib/2.78.4/include/glib-2.0 -I/opt/homebrew/Cellar/glib/2.78.4/lib/glib-2.0/include -I/opt/homebrew/opt/gettext/include -I/opt/homebrew/Cellar/pcre2/10.42/include -I/Library/Developer/CommandLineTools/SDKs/MacOSX14.sdk/usr/include/ffi -L/opt/homebrew/Cellar/gstreamer/1.22.9/lib -L/opt/homebrew/Cellar/glib/2.78.4/lib -L/opt/homebrew/opt/gettext/lib -lgstreamer-1.0 -Wl,-rpath,/opt/homebrew/Cellar/gstreamer/1.22.9/lib -lgobject-2.0 -lglib-2.0 -lintl

clang basic-tutorial-2.c $(pkg-config --libs --cflags gstreamer-1.0) --debug  -g0 -glldb -fsanitize=address
./a.out
AddressSanitizer:DEADLYSIGNAL
=================================================================
==20579==ERROR: AddressSanitizer: BUS on unknown address (pc 0x000103a2e6d4 bp 0x00016d479db0 sp 0x00016d479560 T7)
==20579==The signal is caused by a WRITE memory access.
==20579==Hint: this fault was caused by a dereference of a high value address (see register values below).  Disassemble the provided pc to learn which register was used.
    #0 0x103a2e6d4 in __sanitizer::internal_memmove(void*, void const*, unsigned long)+0x134 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x6a6d4)
    #1 0x10817ff28 in orc_program_compile_full+0x105c (liborc-0.4.0.dylib:arm64+0x3f28)
    #2 0x102f045e0 in video_test_src_orc_splat_u32+0xb8 (libgstvideotestsrc.dylib:arm64+0x45e0)
    #3 0x102f06b04 in gst_video_test_src_smpte+0xec (libgstvideotestsrc.dylib:arm64+0x6b04)
    #4 0x102f0691c in fill_image+0x6c (libgstvideotestsrc.dylib:arm64+0x691c)
    #5 0x102f063fc in gst_video_test_src_fill+0x9c (libgstvideotestsrc.dylib:arm64+0x63fc)
    #6 0x108133bfc in gst_base_src_default_create+0x7c (libgstbase-1.0.0.dylib:arm64+0x33bfc)
    #7 0x1081353e8 in gst_base_src_get_range+0x104 (libgstbase-1.0.0.dylib:arm64+0x353e8)
    #8 0x108134cb8 in gst_base_src_loop+0x428 (libgstbase-1.0.0.dylib:arm64+0x34cb8)
    #9 0x1032d3474 in gst_task_func+0x118 (libgstreamer-1.0.0.dylib:arm64+0x8b474)
    #10 0x1034f8e74 in g_thread_pool_thread_proxy+0xcc (libglib-2.0.0.dylib:arm64+0x60e74)
    #11 0x1034f7dd0 in g_thread_proxy+0x40 (libglib-2.0.0.dylib:arm64+0x5fdd0)
    #12 0x184312030 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x7030)
    #13 0x18430ce38 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1e38)

==20579==Register values:
 x[0] = 0x000000010c1b8000   x[1] = 0x0000000107614800   x[2] = 0x00000000000000c3   x[3] = 0x0000000000000018
 x[4] = 0x00000001060e03b8   x[5] = 0x0000000000000000   x[6] = 0x000000016d3f8000   x[7] = 0x0000000000000001
 x[8] = 0x00000000000000c0   x[9] = 0x00000000000000a3  x[10] = 0x000000010c1b80a3  x[11] = 0x0000000107614800
x[12] = 0x00000000000000c0  x[13] = 0x00000001076148a3  x[14] = 0x0000000000007e01  x[15] = 0x0000000000000006
x[16] = 0x00000001039dec7c  x[17] = 0x0000000103a68750  x[18] = 0x0000000000000000  x[19] = 0x00000000000000c3
x[20] = 0x0000000107614800  x[21] = 0x000000010c1b8000  x[22] = 0x000000010820d5ac  x[23] = 0x0000000000000060
x[24] = 0x0000000104491aa8  x[25] = 0x0000000000000082  x[26] = 0x000000010870c250  x[27] = 0x0000000108706200
x[28] = 0x000000010870d100     fp = 0x000000016d479db0     lr = 0x00000001039ded5c     sp = 0x000000016d479560
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: BUS (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x6a6d4) in __sanitizer::internal_memmove(void*, void const*, unsigned long)+0x134
Thread T7 created by T6 here:
    #0 0x103a101b0 in wrap_pthread_create+0x54 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x4c1b0)
    #1 0x10351dc28 in g_system_thread_new+0x120 (libglib-2.0.0.dylib:arm64+0x85c28)
    #2 0x1034f82b8 in g_thread_pool_spawn_thread+0x90 (libglib-2.0.0.dylib:arm64+0x602b8)
    #3 0x1034f7dd0 in g_thread_proxy+0x40 (libglib-2.0.0.dylib:arm64+0x5fdd0)
    #4 0x184312030 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x7030)
    #5 0x18430ce38 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1e38)

Thread T6 created by T0 here:
    #0 0x103a101b0 in wrap_pthread_create+0x54 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x4c1b0)
    #1 0x10351dc28 in g_system_thread_new+0x120 (libglib-2.0.0.dylib:arm64+0x85c28)
    #2 0x1034f7e50 in g_thread_new+0x30 (libglib-2.0.0.dylib:arm64+0x5fe50)
    #3 0x1034f8158 in g_thread_pool_new_full+0xe0 (libglib-2.0.0.dylib:arm64+0x60158)
    #4 0x1032d3e48 in default_prepare+0x3c (libgstreamer-1.0.0.dylib:arm64+0x8be48)
    #5 0x1032d31e4 in gst_task_init+0x90 (libgstreamer-1.0.0.dylib:arm64+0x8b1e4)
    #6 0x10319f6cc in g_type_create_instance+0x16c (libgobject-2.0.0.dylib:arm64+0x236cc)
    #7 0x10318c20c in g_object_new_internal+0x40 (libgobject-2.0.0.dylib:arm64+0x1020c)
    #8 0x10318bab8 in g_object_new_with_properties+0x1c8 (libgobject-2.0.0.dylib:arm64+0xfab8)
    #9 0x1032d2640 in gst_task_new+0x2c (libgstreamer-1.0.0.dylib:arm64+0x8a640)
    #10 0x1032a6528 in gst_pad_start_task+0xdc (libgstreamer-1.0.0.dylib:arm64+0x5e528)
    #11 0x10813166c in gst_base_src_perform_seek+0x2fc (libgstbase-1.0.0.dylib:arm64+0x3166c)
    #12 0x1081310a8 in gst_base_src_start_complete+0x198 (libgstbase-1.0.0.dylib:arm64+0x310a8)
    #13 0x10813703c in gst_base_src_start+0x1e4 (libgstbase-1.0.0.dylib:arm64+0x3703c)
    #14 0x1081342f8 in gst_base_src_activate_mode+0xc8 (libgstbase-1.0.0.dylib:arm64+0x342f8)
    #15 0x10329bb6c in activate_mode_internal+0x2dc (libgstreamer-1.0.0.dylib:arm64+0x53b6c)
    #16 0x10329b66c in gst_pad_set_active+0x14c (libgstreamer-1.0.0.dylib:arm64+0x5366c)
    #17 0x103283de0 in activate_pads+0x24 (libgstreamer-1.0.0.dylib:arm64+0x3bde0)
    #18 0x103292ba8 in gst_iterator_fold+0x6c (libgstreamer-1.0.0.dylib:arm64+0x4aba8)
    #19 0x103283d6c in iterator_activate_fold_with_resync+0x54 (libgstreamer-1.0.0.dylib:arm64+0x3bd6c)
    #20 0x103283b70 in gst_element_pads_activate+0x40 (libgstreamer-1.0.0.dylib:arm64+0x3bb70)
    #21 0x103282c20 in gst_element_change_state_func+0x184 (libgstreamer-1.0.0.dylib:arm64+0x3ac20)
    #22 0x1081320d8 in gst_base_src_change_state+0x7c (libgstbase-1.0.0.dylib:arm64+0x320d8)
    #23 0x103281740 in gst_element_change_state+0xd8 (libgstreamer-1.0.0.dylib:arm64+0x39740)
    #24 0x103282e8c in gst_element_set_state_func+0x168 (libgstreamer-1.0.0.dylib:arm64+0x3ae8c)
    #25 0x10325cb88 in gst_bin_change_state_func+0x3f4 (libgstreamer-1.0.0.dylib:arm64+0x14b88)
    #26 0x1032aafbc in gst_pipeline_change_state+0x160 (libgstreamer-1.0.0.dylib:arm64+0x62fbc)
    #27 0x103281740 in gst_element_change_state+0xd8 (libgstreamer-1.0.0.dylib:arm64+0x39740)
    #28 0x1032818ec in gst_element_change_state+0x284 (libgstreamer-1.0.0.dylib:arm64+0x398ec)
    #29 0x103282e8c in gst_element_set_state_func+0x168 (libgstreamer-1.0.0.dylib:arm64+0x3ae8c)
    #30 0x102ccb408 in main basic-tutorial-2.c:38
    #31 0x183f910dc  (<unknown module>)

==20579==ABORTING
zsh: abort      ./a.out

macOS Sonoma, Version 14.3 (23D56)

GStreamer version:

brew info gstreamer
==> gstreamer: stable 1.22.9 (bottled), HEAD
Development framework for multimedia applications
https://gstreamer.freedesktop.org/
/opt/homebrew/Cellar/gstreamer/1.22.9 (1,269 files, 122.1MB) *
  Poured from bottle using the formulae.brew.sh API on 2024-02-02 at 06:47:37
From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/g/gstreamer.rb
License: LGPL-2.0-or-later and LGPL-2.1-or-later and MIT
==> Dependencies
Build: bison ✘, cargo-c ✘, gobject-introspection ✔, meson ✘, nasm ✘, ninja ✔, pkg-config ✔, rust ✘, yasm ✘
Required: cairo ✔, dav1d ✔, faac ✔, faad2 ✔, fdk-aac ✔, ffmpeg ✔, flac ✔, gettext ✔, glib ✔, glib-networking ✔, graphene ✔, gtk+3 ✔, gtk4 ✔, jpeg-turbo ✔, json-glib ✔, lame ✔, libogg ✔, libpng ✔, libpthread-stubs ✔, libshout ✔, libsodium ✔, libsoup ✔, libusrsctp ✔, libvorbis ✔, libvpx ✔, openexr ✔, openssl@3 ✔, opus ✔, orc ✔, pango ✔, pygobject3 ✔, python@3.12 ✔, rav1e ✔, rtmpdump ✔, speex ✔, srtp ✔, taglib ✔, theora ✔, x264 ✔, xz ✔, musepack ✔
==> Options
--HEAD

orc:

brew info orc
==> orc: stable 0.4.36 (bottled)
Oil Runtime Compiler (ORC)
https://gstreamer.freedesktop.org/projects/orc.html
/opt/homebrew/Cellar/orc/0.4.36 (51 files, 1.1MB) *
  Poured from bottle using the formulae.brew.sh API on 2024-02-02 at 06:47:36
From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/o/orc.rb
License: BSD-2-Clause and BSD-3-Clause

tomaszmi · February 3, 2024, 12:29am

I just checked that all is working fine when using binary release (Download GStreamer). I will notify brew maintainers about this problem just in case.

slomo · February 3, 2024, 9:11am

Can you create an issue against orc here: Sign in · GitLab ?

Also, does this still happen for you with latest git main, if you can test that?

amyspark · February 4, 2024, 5:23pm

Hey! When filing the issue, please get an execution trace by setting the environment variable ORC_DEBUG to 5, and attach the output.

tomaszmi · February 7, 2024, 12:30am

I’ve created a ticket against the ORC repo: Suspicious crash after GStreamer upgrade to 1.22.9 on M3 (#63) · Issues · GStreamer / orc · GitLab

tomaszmi · February 12, 2024, 9:54pm

Summarizing, as stated in that ORC repo ticket the issue has been fixed in orc 0.4.37 and gstreamer 1.22.9 (revision 1).