Playing around, it appears they are related to whether or not I have my USB mic plugged in.
This leads to a crash. I recompiled obs-studio with address sanitizer to get a stack trace, and it looks like a use after free bug in the function _alsa_open in alsa-input.c. I'll attach the full asan log below, I hope this helps analyzing the issue.
Steps to Reproduce
Start obs-studio without USB mic plugged in.
Create a new Scene Collection.
Switch to that new Scene Collection and wait a few seconds.
Anything else we should know?
Full asan log:
=================================================================
==11548==ERROR: AddressSanitizer: heap-use-after-free on address 0x6060004f3c60 at pc 0x7f46d7f54bc2 bp 0x7f469a5b1810 sp 0x7f469a5b0fb8
READ of size 6 at 0x6060004f3c60 thread T25
#0 0x7f46d7f54bc1 (/usr/lib/gcc/x86_64-pc-linux-gnu/13/libasan.so.8+0x6cbc1)
#1 0x7f469f1b38f9 in snd_config_search_definition (/usr/lib64/libasound.so.2+0x378f9)
#2 0x7f469f1ce815 (/usr/lib64/libasound.so.2+0x52815)
#3 0x7f469f1d0787 in snd_pcm_open (/usr/lib64/libasound.so.2+0x54787)
#4 0x7f469f26f8f9 in _alsa_open /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/plugins/linux-alsa/alsa-input.c:356
#5 0x7f469f26fbc7 in _alsa_reopen /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/plugins/linux-alsa/alsa-input.c:611
#6 0x7f46d4cd4698 in start_thread /var/tmp/portage/sys-libs/glibc-2.37-r3/work/glibc-2.37/nptl/pthread_create.c:444
#7 0x7f46d4d5581b in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
0x6060004f3c60 is located 32 bytes inside of 55-byte region [0x6060004f3c40,0x6060004f3c77)
freed by thread T11 here:
#0 0x7f46d7fc2aa0 (/usr/lib/gcc/x86_64-pc-linux-gnu/13/libasan.so.8+0xdaaa0)
#1 0x7f469f270230 in alsa_destroy /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/plugins/linux-alsa/alsa-input.c:160
#2 0x7f46d5d854e8 in obs_source_destroy_defer /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/obs-source.c:691
#3 0x7f46d5e50ec0 in tiny_tubular_task_thread /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/util/task.c:161
#4 0x7f46d4cd4698 in start_thread /var/tmp/portage/sys-libs/glibc-2.37-r3/work/glibc-2.37/nptl/pthread_create.c:444
#5 0x7f46d4d5581b in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
previously allocated by thread T0 here:
#0 0x7f46d7fc3f4f in malloc (/usr/lib/gcc/x86_64-pc-linux-gnu/13/libasan.so.8+0xdbf4f)
#1 0x7f46d5e283b1 in a_malloc /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/util/bmem.c:55
#2 0x7f46d5e283b1 in bmalloc /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/util/bmem.c:111
#3 0x7f46d5e285e3 in bmemdup /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/util/bmem.c:167
#4 0x7f469f2708be in bstrdup_n /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/util/bmem.h:60
#5 0x7f469f2708be in bstrdup /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/util/bmem.h:83
#6 0x7f469f2708be in alsa_create /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/plugins/linux-alsa/alsa-input.c:131
#7 0x7f46d5d9312e in obs_source_create_internal /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/obs-source.c:402
#8 0x7f46d5cda458 in obs_load_source_type /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/obs.c:2324
#9 0x7f46d5ce3e9f in obs_load_sources /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/obs.c:2458
#10 0x55a0807c4f06 in OBSBasic::LoadData(obs_data*, char const*) /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/UI/window-basic-main.cpp:1143
#11 0x55a080802a53 in OBSBasic::OBSInit() /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/UI/window-basic-main.cpp:2033
#12 0x55a080533bf1 in OBSApp::OBSInit() /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/UI/obs-app.cpp:1731
#13 0x55a0804d306e in run_program /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/UI/obs-app.cpp:2519
#14 0x55a0804d306e in main /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/UI/obs-app.cpp:3435
#15 0x7f46d4c7398b in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
#16 0x7f46d4c73a44 in __libc_start_main_impl ../csu/libc-start.c:360
#17 0x55a0804d79e0 in _start (/usr/bin/obs+0x1639e0)
Thread T25 created by T0 here:
#0 0x7f46d7f2fe81 in pthread_create (/usr/lib/gcc/x86_64-pc-linux-gnu/13/libasan.so.8+0x47e81)
#1 0x7f469f270402 in _alsa_start_reopen /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/plugins/linux-alsa/alsa-input.c:531
#2 0x7f469f270402 in _alsa_try_open /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/plugins/linux-alsa/alsa-input.c:346
Thread T11 created by T0 here:
#0 0x7f46d7f2fe81 in pthread_create (/usr/lib/gcc/x86_64-pc-linux-gnu/13/libasan.so.8+0x47e81)
#1 0x7f46d5e51a81 in os_task_queue_create /var/tmp/portage/media-video/obs-studio-29.1.3/work/obs-studio-29.1.3/libobs/util/task.c:41
SUMMARY: AddressSanitizer: heap-use-after-free (/usr/lib/gcc/x86_64-pc-linux-gnu/13/libasan.so.8+0x6cbc1)
Shadow bytes around the buggy address:
0x6060004f3980: fa fa fa fa fd fd fd fd fd fd fd fd fa fa fa fa
0x6060004f3a00: fd fd fd fd fd fd fd fd fa fa fa fa fd fd fd fd
0x6060004f3a80: fd fd fd fa fa fa fa fa fd fd fd fd fd fd fd fa
0x6060004f3b00: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
0x6060004f3b80: fd fd fd fd fd fd fd fd fa fa fa fa fd fd fd fd
=>0x6060004f3c00: fd fd fd fa fa fa fa fa fd fd fd fd[fd]fd fd fa
0x6060004f3c80: fa fa fa fa fd fd fd fd fd fd fd fd fa fa fa fa
0x6060004f3d00: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd
0x6060004f3d80: fd fd fd fa fa fa fa fa 00 00 00 00 00 00 04 fa
0x6060004f3e00: fa fa fa fa fd fd fd fd fd fd fd fa fa fa fa fa
0x6060004f3e80: 00 00 00 00 00 00 00 01 fa fa fa fa 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==11548==ABORTING
Operating System Info
Other
Other OS
Gentoo Linux
OBS Studio Version
29.1.3
OBS Studio Version (Other)
No response
OBS Studio Log URL
https://obsproject.com/logs/PLkykBUTVKSQlqU6
OBS Studio Crash Log URL
No response
Expected Behavior
obs-studio should not crash.
Current Behavior
I am seeing regular crashes in obs.
Playing around, it appears they are related to whether or not I have my USB mic plugged in.
This leads to a crash. I recompiled obs-studio with address sanitizer to get a stack trace, and it looks like a use after free bug in the function _alsa_open in alsa-input.c. I'll attach the full asan log below, I hope this helps analyzing the issue.
Steps to Reproduce
Anything else we should know?
Full asan log: