v4l2bufferpool: Fix race condition between qbuf and pool streamoff

There is a chance that pool->buffers[index] sets BUFFER_STATE_QUEUED, but
it has not been queued yet which makes pool->buffers[index] still NULL.
At this time, if pool_streamff release all buffers with BUFFER_STATE_QUEUED
state regardless of whether the buffer is NULL or not, it will cause segfault.

To fix this, also check buffer when streamoff release buffer.

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/1842>

diff --git a/subprojects/gst-plugins-good/sys/v4l2/gstv4l2bufferpool.c b/subprojects/gst-plugins-good/sys/v4l2/gstv4l2bufferpool.c
index d687326..18fb61b 100644 (file)
--- a/subprojects/gst-plugins-good/sys/v4l2/gstv4l2bufferpool.c
+++ b/subprojects/gst-plugins-good/sys/v4l2/gstv4l2bufferpool.c
@@ -744,7 +744,7 @@ gst_v4l2_buffer_pool_streamoff (GstV4l2BufferPool * pool)
   for (i = 0; i < VIDEO_MAX_FRAME; i++) {
     gint old_buffer_state =
         g_atomic_int_and (&pool->buffer_state[i], ~BUFFER_STATE_QUEUED);
-    if (old_buffer_state & BUFFER_STATE_QUEUED) {
+    if ((old_buffer_state & BUFFER_STATE_QUEUED) && pool->buffers[i]) {
       GstBuffer *buffer = pool->buffers[i];
       GstBufferPool *bpool = GST_BUFFER_POOL (pool);