Closed Bug 1283935 Opened 4 years ago Closed 3 years ago
Flash plugin crashes in atiumd6a
.dll | Malloc Aligned, starting around nightly 2016-06-21
This bug was filed from the Socorro interface and is report bp-32dd5707-5843-4757-afdb-55fbc2160701. ============================================================= These crashes started showing up in crash-stats with nightly 2016-06-21. So far they've almost all been on nightly, although there was one on beta. They've all been with Flash version 126.96.36.199, which is current, and I presume that's not surprising since we probably block older versions. The build distribution on nightly channel is: 1 20160621030208 6 35.29 % 3 20160623030210 3 17.65 % 4 20160624030212 2 11.76 % 5 20160629030209 2 11.76 % 2 20160630030207 4 23.53 % The top of the stack is always: 0 atiumd6a.dll atiumd6a.dll@0xbf08 1 d3d9.dll MallocAligned(void**, unsigned __int64, int) 2 d3d9.dll operator new(unsigned __int64) Ø 3 atiumd6a.dll atiumd6a.dll@0x95d0 4 dxva2.dll CVideoAccelerationService::InitService(IDirect3DDevice9*) Ø 5 atiumd64.dll atiumd64.dll@0x13bb 6 dxva2.dll CDxva2SoftwareContainer::GetVideoProcessorDeviceGuidCount(_DXVA2_VideoDesc const*, unsigned int*) 7 d3d9.dll GetDecodeGuidCountLH 8 dxva2.dll GetVideoProcessorSubStreamFormatCount(_DXVA2_VideoDesc const*, _D3DFORMAT, unsigned int*) 9 dxva2.dll GetVideoProcessorSubStreamFormats(_DXVA2_VideoDesc const*, _D3DFORMAT, unsigned int, _D3DFORMAT*) 10 dxva2.dll GetVideoProcessorSubStreamFormats(_DXVA2_VideoDesc const*, _D3DFORMAT, unsigned int, _D3DFORMAT*) 11 d3d9.dll CDxva2Container::GetDecodeGuidCount(unsigned int*) 12 dxva2.dll CVideoAccelerationService::NonDelegatingQueryInterface(_GUID const&, void**) 13 dxva2.dll CVideoAccelerationService::GetDecoderDeviceGuids(unsigned int*, _GUID**) 14 npswf64_22_0_0_192.dll F_2051344396________________________________________________________________ F1272954511___________________________________________:217 15 ntdll.dll RtlAllocateMemoryBlockLookaside 16 ntdll.dll LdrpHashUnicodeString 17 ntdll.dll ?? ?? ::FNODOBFM::`string' 18 ntdll.dll LdrpFindLoadedDll 19 ntdll.dll LdrGetDllHandleEx 20 ntdll.dll LdrGetDllHandle 21 kernelbase.dll GetModuleHandleForUnicodeString 22 kernelbase.dll BasepGetModuleHandleExW 23 @0x7fe0000ffff 24 ntdll.dll RtlAllocateMemoryBlockLookaside 25 ntdll.dll RtlAllocateHeap 26 npswf64_22_0_0_192.dll F1426734732_________________________________________________
Actually, given that this is nightly only, I'm going to call it our bug for now.
Component: Flash (Adobe) → Plug-ins
Product: External Software Affecting Firefox → Core
Version: unspecified → Trunk
A 3-day window prior to the 6-21 nightly is: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=3ce53bd1e25b93140484d3933c9339a829e0c1eb&tochange=0ffa18cfc8b4e9970275ab6dd94686792a5c8ae1 I don't see anything that sticks out.
Is it possible that our DXVA stuff could be interacting with Flash's in some way?
Summary: Crash in atiumd6a.dll | MallocAligned → Flash plugin crashes in atiumd6a.dll | MallocAligned, starting around nightly 2016-06-21
It's possible that this is all a single user, though. There's only a single unique install time per nightly build ID.
Looks like we have some similar yet different signatures showing up at the same time in the Explosiveness Report: https://crash-analysis.mozilla.com/rkaiser/2016-07-19/2016-07-19.firefox.50.explosiveness.html Specifically: https://crash-stats.mozilla.com/report/list?signature=atiumd6a.dll | atiu9p64.dll%400x7728 https://crash-stats.mozilla.com/report/list?signature=atiumd6a.dll I don't know if these are related or if they should be filed separately.
Crash volume for signature 'atiumd6a.dll | MallocAligned': - nightly(version 50):68 crashes from 2016-06-06. - aurora (version 49):0 crashes from 2016-06-07. - beta (version 48):2 crashes from 2016-06-06. - release(version 47):1 crash from 2016-05-31. - esr (version 45):0 crashes from 2016-04-07. Crash volume on the last weeks: W. N-1 W. N-2 W. N-3 W. N-4 W. N-5 W. N-6 W. N-7 - nightly 11 37 3 0 6 11 0 - aurora 0 0 0 0 0 0 0 - beta 0 0 1 0 1 0 0 - release 0 0 1 0 0 0 0 - esr 0 0 0 0 0 0 0 Affected platform: Windows
(In reply to David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) from comment #3) > Is it possible that our DXVA stuff could be interacting with Flash's in some > way? It's possible, but I'd have thought it unlikely. Mattwoodrow might have some ideas...
Flags: needinfo?(cpearce) → needinfo?(matt.woodrow)
Crash volume for signature 'atiumd6a.dll | MallocAligned': - nightly (version 51): 26 crashes from 2016-08-01. - aurora (version 50): 0 crashes from 2016-08-01. - beta (version 49): 1 crash from 2016-08-02. - release (version 48): 0 crashes from 2016-07-25. - esr (version 45): 0 crashes from 2016-05-02. Crash volume on the last weeks (Week N is from 08-22 to 08-28): W. N-1 W. N-2 W. N-3 - nightly 8 15 3 - aurora 0 0 0 - beta 1 0 0 - release 0 0 0 - esr 0 0 0 Affected platform: Windows Crash rank on the last 7 days: Browser Content Plugin - nightly #28 - aurora - beta #787 - release - esr
I can't think of anything, sorry. Each process should be entirely separate as far as DXVA/D3D go.
If this were Flash 23, I might try pointing at the async drawing work. But that's only on for Flash beta, not Flash release. I cannot explain what this is, other than perhaps a single nightly user or some driver testers? I'm going to mark this INCOMPLETE because I don't think it's worth tracking as it stands.
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.