File descriptor leak in Pidgin + GStreamer 1.x

[XRevan86]

As ​documentation says, in order to remove a bus watch, watch should return FALSE while bus_call in gtksound.c always returns TRUE thus keeps itself active.

And so every sound play creates a new instance of bus_call and two new sockets which causes a file descriptor leak and eventually a segmentation fault.

[XRevan86]

I have also tested this patch with GStreamer 0.10 and found no regressions at all.

[salinasv]

This looks good to me.

XRevan86, which name shall I use to give credit at applying the patch?

[XRevan86]

salinasv, I'm Sorokin Alexei :-).

[Jorge Villaseñor <salinasv@…>]

(In [70b6e5921fc1]):
Remove Gstreamer pipeline after playing a sound

When receiving an error or stream finished message, we can free the Gstreamer pipeline so we don't leak it for each sound.

Patch from Sorokin Alexei, modified by me because the mediamanager subsystem uses a different approach to watch the bus. Fixes #16752

[XRevan86]

But what about Pidgin 2.10.12?

[Jorge Villaseñor <salinasv@…>]

(In [902b1fd334bd]):
Remove Gstreamer pipeline after playing a sound

When receiving an error or stream finished message, we can free the Gstreamer pipeline so we don't leak it for each sound.

Patch from Sorokin Alexei, modified by me because the mediamanager subsystem uses a different approach to watch the bus. Fixes #16752

[salinasv]

There you go.

[dx]

eventually a segmentation fault

May I ask what the segmentation fault looked like?

Is it something like this?

#0  0x00007f0e72819b24 in g_source_attach (source=source@entry=0x0, context=0x0) at /build/glib2.0-ajuDY6/glib2.0-2.46.1/./glib/gmain.c:1163
#1  0x00007f0e74b848b8 in gst_bus_add_watch_full_unlocked (bus=<optimized out>, priority=<optimized out>, func=0x56004c7ceeb0 <bus_call>, user_data=0x56004e00aa40, notify=0x0) at gstbus.c:885
#2  0x00007f0e74b849e0 in gst_bus_add_watch_full (bus=0x7f0e14009260 [GstBus], priority=0, func=0x56004c7ceeb0 <bus_call>, user_data=0x56004e00aa40, notify=0x0) at gstbus.c:936
#3  0x000056004c7cfb3a in pidgin_sound_play_file (filename=<optimized out>)
    at /build/pidgin-hiYwOJ/pidgin-2.10.11/./pidgin/gtksound.c:543
#4  0x000056004c7cf927 in pidgin_sound_play_event (event=PURPLE_SOUND_SEND)
    at /build/pidgin-hiYwOJ/pidgin-2.10.11/./pidgin/gtksound.c:616

Asking because ubuntu applied a version of the gstreamer 1.0 patch that doesn't have this fix, and they are getting the above.

source is null because bus->priv->poll is null, which we believe is because gst_poll_new() failed, which we strongly suspect it's because of this. Confirming would be nice.

[XRevan86]

Replying to dx:

source is null because bus->priv->poll is null, which we believe is because gst_poll_new() failed, which we strongly suspect it's because of this. Confirming would be nice.

I don't remember how segfaults that I experienced looked like, but it really does seem to be this exact problem I solved.

[dx]

The user who was experiencing that issue confirmed that this patch fixes that crash, and also apparently distributed the fixed .deb to 50 users who also use ubuntu 15.10 and were also affected.

[dx]

For the sake of clarity, the commit with the fix for the 2.x.y branch is 902b1fd334bd, not the attached patch or the first linked commit.

Some distros were affected because they backported the original gstreamer 1.0 patch:

• Ubuntu bug report: ​https://bugs.launchpad.net/ubuntu/+source/pidgin/+bug/1479715 - Stable release update template filled in, waiting for ubuntu devs to do the rest of the work, may take a few weeks to get the fix in ubuntu wily

• Arch linux bug report: ​https://bugs.archlinux.org/task/46722 - Should be closed already

• Fedora bug report: ​https://bugzilla.redhat.com/show_bug.cgi?id=1206363

Test case, copied from the ubuntu SRU:

1. Set the file descriptor limit low enough to be able to login, plus a few extra. "ulimit -Sn 20" works for me
2. Start pidgin
3. Tools menu -> preferences -> sounds tab
4. Click "preview" 10 times or so
5. Acquire crash

[dx]

Ticket #16566 has been marked as a duplicate of this ticket.