Closed Bug 483912 Opened 15 years ago Closed 15 years ago

Crash [@ auto_theora] on windows ce

Categories

(Core :: Audio/Video, defect)

Product:
Core
Component:
Audio/Video
Platform:
ARM
Windows CE
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED FIXED
Tracking Flags:
Tracking Status
fennec 1.0-wm+ ---

People

(Reporter: blassey, Assigned: cajbir)

References

Details

(Keywords: crash, mobile)

Crash Data

Its a data type misalignment error

console:
.... 
###!!! ASSERTION: Another IMC was associated: '!mOldIMC', file c:/hg/mc-min/widget/src/windows/nsWindow.cpp, line 1498
[K] Time[2009/03/17  20:32:00]
DEX_CMD_STATUS_COMPLETE
DEXCORE:loop=76
[K] Get RTC 0x36f16338 from ARM9 ok
WARNING: NS_ENSURE_SUCCESS(rv, rv) failed with result 0x80040154: file c:/hg/mc-min/toolkit/components/places/src/nsNavHistory.cpp, line 5211
Data Abort: Thread=873c2640 Proc=80458570 'xulrunner.exe'
AKY=00080001 PC=7ad43f08(xul.dll+0x00ba3f08) RA=7ad44fd0(xul.dll+0x00ba4fd0) BVA=60fda08e FSR=00000001
Unhandled exception at 0x7ad43f08 in xulrunner.exe: 0x80000002: Datatype misalignment.


stack trace:
>	xul.dll!auto_theora(_OGGZ* oggz = 0x610b1400, long int serialno = 1457257550, unsigned char* data = 0x60fda078, long int length = 42, void* user_data = 0x00000000) Line: 153, Byte Offsets: 0x28	C
 	xul.dll!oggz_auto_read_bos_page(_OGGZ* oggz = 0x610b1400, ogg_page* og = 0x56dbfc4e, long int serialno = 1627234424, void* user_data = 0x0000002a) Line: 1143, Byte Offsets: 0x90	C
 	xul.dll!oggz_read_sync(_OGGZ* oggz = 0x610b1400) Line: 520, Byte Offsets: 0x4b4	C
 	xul.dll!oggz_read(_OGGZ* oggz = 0x610b1400, long int n = 1457257550) Line: 597, Byte Offsets: 0xf8	C
 	xul.dll!oggplay_initialise(_OggPlay* me = 0x610b1400, int block = 1457257550) Line: 122, Byte Offsets: 0xb0	C
 	xul.dll!oggplay_open_with_reader(_OggPlayReader* reader = 0x610b1400) Line: 159, Byte Offsets: 0x8c	C
 	xul.dll!nsOggDecodeStateMachine::LoadOggHeaders(nsChannelReader* aReader = 0x56dbfc4e) Line: 1170, Byte Offsets: 0x40	C++
 	xul.dll!nsOggDecodeStateMachine::Run(void) Line: 907, Byte Offsets: 0x27c	C++
 	xul.dll!nsThread::ProcessNextEvent(int mayWait = 1457257550, int* result = 0x60fda078) Line: 511, Byte Offsets: 0x24c	C++
 	xul.dll!NS_ProcessNextEvent_P(nsIThread* thread = 0x610b1400, int mayWait = 1457257550) Line: 230, Byte Offsets: 0x64	C++
 	xul.dll!nsThread::ThreadFunc(void* arg = 0x610b1400) Line: 254, Byte Offsets: 0x1b4	C++
 	nspr4.dll!_PR_NativeRunThread(void* arg = 0x5f814c00) Line: 445, Byte Offsets: 0x104	C
 	nspr4.dll!pr_root(void* arg = 0x5f814c00) Line: 123, Byte Offsets: 0x30	C
 	0x03f6732c
tracking-fennec: --- → 1.0a1-wm+
Flags: blocking1.9.1?
Oh, I guess this is an Oggz bug
Flags: blocking1.9.1? → blocking1.9.1+
tracking-fennec: 1.0a1-wm+ → 1.0a2-wm+
Conrad: I saw your message on ogg-dev. It's been about 2 years since I worked on ARM, but I ran into this type of crash previously. IIRC, on ARM you can't deference a non-divisible-by-4 address as a 32bit int. If you look at that call stack, INT32_BE_AT is dereferencing 0x60fda078 + 22, which isn't evenly divisible by 4.  

INT32_BE_AT(x) is defined as _be_32((*(ogg_int32_t *)(x))). I think you need to extract bytes individually and shift/add them as appropriate instead.
Severity: normal → critical
Keywords: crash
Thanks, this should now be fixed in liboggz upstream (commit 351a85 of git://git.xiph.org/liboggz.git)

See http://lists.xiph.org/pipermail/ogg-dev/2009-May/001394.html
Not going to block 1.9.1 on this, but we should get the fix from upstream at some point.
Assignee: nobody → chris.double
Flags: blocking1.9.1+ → wanted1.9.1+
tracking-fennec: 1.0a2-wm+ → 1.0-wm+
liboggz commit to fix this mentioned in comment 3 has landed with bug 480063
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Depends on: 480063
Crash Signature: [@ auto_theora]
You need to log in before you can comment on or make changes to this bug.