Last Comment Bug 666931 - segfault when trying to play webm videos on ARM (armv7) when thumb2 is enabled
: segfault when trying to play webm videos on ARM (armv7) when thumb2 is enabled
Status: RESOLVED FIXED
[inbound]
: crash, mobile
Product: Core
Classification: Components
Component: Audio/Video (show other bugs)
: Trunk
: ARM Linux
: -- normal (vote)
: mozilla7
Assigned To: Timothy B. Terriberry (:derf)
:
: Maire Reavy [:mreavy]
Mentors:
https://crash-stats.mozilla.com/repor...
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-06-24 07:41 PDT by Ricardo Salveti
Modified: 2011-07-06 16:47 PDT (History)
7 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
affected


Attachments
Enforce alignment for ARM code in Thumb mode in libvpx (1.50 KB, patch)
2011-06-27 12:34 PDT, Timothy B. Terriberry (:derf)
cpearce: review-
Details | Diff | Splinter Review
Enforce alignment for ARM code in Thumb mode in libvpx v2 (2.45 KB, patch)
2011-07-03 21:00 PDT, Timothy B. Terriberry (:derf)
cpearce: review+
Details | Diff | Splinter Review

Description Ricardo Salveti 2011-06-24 07:41:16 PDT
User-Agent:       Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.24 (KHTML, like Gecko) Ubuntu/11.04 Chromium/11.0.696.68 Chrome/11.0.696.68 Safari/534.24
Build Identifier: Mozilla/5.0 (X11; Linux armv7l; rv:7.0a1) Gecko/20110624 Firefox/7.0a1

When building firefox (4, 5 and latest daily) for ARM (armv7) with thumb2 enabled libvpx crashes when decoding webm videos.

Reproducible: Always

Steps to Reproduce:
1. Build firefox for ARM (armv7) enabling thumb2 support
2. Go to youtube.com/html5 and enable trial
3. Try to play a webm video

Actual Results:  
Segfault at vp8dx_receive_compressed_data.

Expected Results:  
Video should play without crashing the browser.

Build platform:
target arm-unknown-linux-gnueabi
Build tools:
Compiler 	Version 	Compiler flags
gcc 	gcc version 4.5.2 (Ubuntu/Linaro 4.5.2-8ubuntu4) 	-Wall -W -Wno-unused -Wpointer-arith -Wdeclaration-after-statement -W -pedantic -Wno-long-long -g -fno-strict-aliasing -pthread -mthumb -pipe -DNDEBUG -DTRIMMED -g -Os -freorder-blocks -finline-limit=50 -fomit-frame-pointer
c++ 	gcc version 4.5.2 (Ubuntu/Linaro 4.5.2-8ubuntu4) 	-fno-rtti -fno-exceptions -Wall -Wpointer-arith -Woverloaded-virtual -Wsynth -Wno-ctor-dtor-privacy -Wno-non-virtual-dtor -Wno-invalid-offsetof -Wno-variadic-macros -Werror=return-type -pedantic -Wno-long-long -g -fno-strict-aliasing -std=gnu++0x -pthread -mthumb -pipe -DNDEBUG -DTRIMMED -g -Os -freorder-blocks -finline-limit=50 -fomit-frame-pointer
Configure arguments

--host=arm-linux-gnueabi --prefix=/usr --localstatedir=/var --libexecdir=/usr/lib/firefox-trunk-7.0a1 '--with-l10n-base=/build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/l10n' --disable-maintainer-mode --disable-dependency-tracking --disable-silent-rules '--srcdir=/build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla' --disable-elf-dynstr-gc --disable-install-strip --disable-strip --disable-updater --enable-application=browser --enable-default-toolkit=cairo-gtk2 --enable-startup-notification --enable-pango --enable-svg --enable-mathml --enable-safe-browsing --with-distribution-id=com.ubuntu --enable-thumb2 --without-system-jpeg --without-system-png --without-system-zlib --enable-optimize --enable-tests --enable-mochitest --enable-ipdl-tests --disable-system-cairo --without-system-nspr --without-system-nss --disable-system-sqlite --disable-system-hunspell --enable-crashreporter --with-branding=browser/branding/nightly --disable-gnomevfs --enable-gio --enable-update-channel=nightly --disable-debug --disable-elf-hack --enable-extensions=default,globalmenu --with-app-name=firefox-trunk

Crash report: http://crash-stats.mozilla.com/report/index/bp-9bd983ab-2bd2-45d2-a466-d7a832110624

GDB stack trace:

Breakpoint 1, vp8dx_receive_compressed_data (ptr=0x533dd020, size=637, source=0x531ae400 "pE", time_stamp=0)
    at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/media/libvpx/vp8/decoder/onyxd_if.c:318
warning: Source file is more recent than executable.
318	{
(gdb) n
330	    if (ptr == 0)
(gdb) 
335	    pbi->common.error.error_code = VPX_CODEC_OK;
(gdb) 
322	    VP8D_COMP *pbi = (VP8D_COMP *) ptr;
(gdb) 
335	    pbi->common.error.error_code = VPX_CODEC_OK;
(gdb) 
339	    if (cm->rtcd.flags & HAS_NEON)
(gdb) 
342	        vp8_push_neon(dx_store_reg);
(gdb) bt full
#0  vp8dx_receive_compressed_data (ptr=0x533dd020, size=637, source=0x531ae400 "pE", time_stamp=0) at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/media/libvpx/vp8/decoder/onyxd_if.c:342
        dx_store_reg = {139152645440798, 96048353650484, 46291157527873, 32920924327760, 4667030352823325135, 1396564432, 2032, 5998198907190763984}
        pbi = 0x533dd020
        cm = 0x533de1d0
        retcode = 0
        timer = {begin = {tv_sec = 0, tv_usec = 1086636637}, end = {tv_sec = 1396559904, tv_usec = 1377364708}}
#1  0x40c4e2aa in vp8_decode (ctx=0x47dd4500, data=0x531ae400 "pE", data_sz=637, user_priv=<value optimized out>, deadline=0)
    at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/media/libvpx/vp8/vp8_dx_iface.c:424
        ppflag = 0
        ppdeblocking = 0
        sd = {y_width = 640, y_height = 360, y_stride = 9, uv_width = 0, uv_height = 0, uv_stride = 0, y_buffer = 0x0, u_buffer = 0xfa00 <Address 0xfa00 out of bounds>, 
          v_buffer = 0x400d49e3 "\373\005\372H\352\001H\302E\006\331\001=\030\353\a\b\002\322\302E\210\277\001=E\352\tJ", buffer_alloc = 0x53165000 "\030\361SA", border = 1086594491, frame_size = 0, clrtype = 1393971200}
        time_stamp = 0
        time_end_stamp = 0
        ppnoise = 0
        res = <value optimized out>
#2  0x40c4e6c4 in vpx_codec_decode (ctx=0x531650c0, data=<value optimized out>, data_sz=<value optimized out>, user_priv=<value optimized out>, deadline=0)
    at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/media/libvpx/vpx/src/vpx_decoder.c:127
        res = <value optimized out>
#3  0x40c41f9a in nsWebMReader::DecodeVideoFrame (this=0x53165000, aKeyframeSkip=@0x5218ec44, aTimeThreshold=0)
    at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/content/media/webm/nsWebMReader.cpp:692
        data = 0x531ae400 "pE"
        length = 637
        si = {sz = 16, w = 640, h = 360, is_kf = 1}
        iter = 0x2
        img = <value optimized out>
        i = 0
        packet = 0x4cc7cc20
        next_tstamp = 42000000
        parsed = 0
        decoded = 0
        track = 0
        r = <value optimized out>
        count = 0
        tstamp_usecs = 0
        autoNotify = {mDecoder = 0x52f5ac80, mParsed = @0x5218ec14, mDecoded = @0x5218ec10}
        holder = {<nsAutoRefBase<NesteggPacketHolder>> = {<nsSimpleRef<NesteggPacketHolder>> = {<nsAutoRefTraits<NesteggPacketHolder>> = {<nsPointerRefTraits<NesteggPacketHolder>> = {<No data fields>}, <No data fields>}, 
              mRawRef = 0x47f756a0}, <No data fields>}, <No data fields>}
        tstamp = 0
#4  0x40c33a2e in nsBuiltinDecoderReader::DecodeVideoFrame (this=<value optimized out>) at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/content/media/nsBuiltinDecoderReader.h:496
        f = 0
#5  0x40c33b08 in nsBuiltinDecoderReader::DecodeToFirstData<VideoData> (this=0x53165000, aDecodeFn=(PRBool (nsBuiltinDecoderReader::*)(nsBuiltinDecoderReader *)) 0x40c33a1b <nsBuiltinDecoderReader::DecodeVideoFrame()>, aQueue=...)
    at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/content/media/nsBuiltinDecoderReader.cpp:277
        eof = <value optimized out>
#6  0x40c3357a in nsBuiltinDecoderReader::FindStartTime (this=0x53165000, aOutStartTime=@0x5218eca0)
    at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/content/media/nsBuiltinDecoderReader.cpp:244
        videoStartTime = 9223372036854775807
        audioStartTime = 9223372036854775807
        videoData = 0x0
        startTime = 30064771072
#7  0x40c31494 in nsBuiltinDecoderStateMachine::FindStartTime (this=<value optimized out>) at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/content/media/nsBuiltinDecoderStateMachine.cpp:1574
        startTime = 4666596270165248304
        v = 0x0
#8  0x40c3289e in nsBuiltinDecoderStateMachine::Run (this=0x4cb06a70) at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/content/media/nsBuiltinDecoderStateMachine.cpp:1078
        videoData = <value optimized out>
        metadataLoadedEvent = {<nsCOMPtr_base> = {mRawPtr = 0x417fa65f}, <No data fields>}
        stream = 0x533d4000
#9  0x40f8b426 in nsThread::ProcessNextEvent (this=0x4c72bd30, mayWait=<value optimized out>, result=0x5218eda4) at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/xpcom/threads/nsThread.cpp:618
        event = {<nsCOMPtr_base> = {mRawPtr = 0x4cb06a70}, <No data fields>}
        notifyGlobalObserver = 1
        obs = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}
        canary = {static sOutputFD = 0}
        rv = 0
#10 0x40f6b1da in NS_ProcessNextEvent_P (thread=<value optimized out>, mayWait=1) at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/obj-arm-linux-gnueabi/xpcom/build/nsThreadUtils.cpp:245
        val = <value optimized out>
#11 0x40f8b174 in nsThread::ThreadFunc (arg=0x4c72bd30) at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/xpcom/threads/nsThread.cpp:273
        self = 0x4c72bd30
        event = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}
#12 0x417fdbec in _pt_root (arg=0x47e995e0) at /build/firefox/daily/firefox-trunk-7.0~a1~hg20110622r71547+nobinonly/build-tree/mozilla/nsprpub/pr/src/pthreads/ptthread.c:187
        thred = 0x47e995e0
        detached = 0
#13 0x401933be in start_thread () from /lib/arm-linux-gnueabi/libpthread.so.0
No symbol table info available.
#14 0x402dd538 in clone () from /lib/arm-linux-gnueabi/libc.so.6
No symbol table info available.
#15 0x402dd538 in clone () from /lib/arm-linux-gnueabi/libc.so.6
No symbol table info available.
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
(gdb) p cm->rtcd
$1 = {idct = {idct1 = 0x40c5597e <vp8_short_idct4x4llm_1_neon>, idct16 = 0x40c559ce <vp8_short_idct4x4llm_neon>, idct1_scalar_add = 0x40c451b9 <vp8_dc_only_idct_add_c>, iwalsh1 = 0x40c54c7e <vp8_short_inv_walsh4x4_1_neon>, 
    iwalsh16 = 0x40c54bfa <vp8_short_inv_walsh4x4_neon>}, recon = {copy16x16 = 0x40c54b32 <vp8_copy_mem16x16_neon>, copy8x8 = 0x40c54aee <vp8_copy_mem8x8_neon>, copy8x4 = 0x40c54aca <vp8_copy_mem8x4_neon>, 
    recon = 0x40c5590e <vp8_recon_b_neon>, recon2 = 0x40c55822 <vp8_recon2b_neon>, recon4 = 0x40c5587a <vp8_recon4b_neon>, recon_mb = 0x40c51b5b <vp8_recon_mb_neon>, recon_mby = 0x40c4789f <vp8_recon_mby_c>, 
    build_intra_predictors_mby_s = 0x40c5145f <vp8_build_intra_predictors_mby_s_neon>, build_intra_predictors_mby = 0x40c51439 <vp8_build_intra_predictors_mby_neon>}, subpix = {sixtap16x16 = 0x40c56d16 <vp8_sixtap_predict16x16_neon>, 
    sixtap8x8 = 0x40c56662 <vp8_sixtap_predict8x8_neon>, sixtap8x4 = 0x40c5601e <vp8_sixtap_predict8x4_neon>, sixtap4x4 = 0x40c55aaa <vp8_sixtap_predict_neon>, bilinear16x16 = 0x40c546c6 <vp8_bilinear_predict16x16_neon>, 
    bilinear8x8 = 0x40c544ba <vp8_bilinear_predict8x8_neon>, bilinear8x4 = 0x40c5435a <vp8_bilinear_predict8x4_neon>, bilinear4x4 = 0x40c5421a <vp8_bilinear_predict4x4_neon>}, loopfilter = {
    normal_mb_v = 0x40c51225 <vp8_loop_filter_mbv_neon>, normal_b_v = 0x40c51369 <vp8_loop_filter_bv_neon>, normal_mb_h = 0x40c511c3 <vp8_loop_filter_mbh_neon>, normal_b_h = 0x40c51287 <vp8_loop_filter_bh_neon>, 
    simple_mb_v = 0x40c51269 <vp8_loop_filter_mbvs_neon>, simple_b_v = 0x40c513eb <vp8_loop_filter_bvs_neon>, simple_mb_h = 0x40c51207 <vp8_loop_filter_mbhs_neon>, simple_b_h = 0x40c51317 <vp8_loop_filter_bhs_neon>}, postproc = {
    down = 0, across = 0, downacross = 0, addnoise = 0, blend_mb = 0}, flags = 7}
(gdb) n

Program received signal SIGILL, Illegal instruction.
0x5218ea74 in ?? ()
(gdb) bt full
#0  0x5218ea74 in ?? ()
No symbol table info available.
Cannot access memory at address 0x0
#1  0x515bea48 in ?? ()
No symbol table info available.
Cannot access memory at address 0x0
#2  0x515bea48 in ?? ()
No symbol table info available.
Cannot access memory at address 0x0
Backtrace stopped: previous frame identical to this frame (corrupt stack?)

If I just disable THUMB2 support it works fine.
Comment 1 Ricardo Salveti 2011-06-26 16:59:11 PDT
As described by bug https://bugs.launchpad.net/bugs/789198, there's a workaround that get at least firefox 5 working even with thumb2 enabled.

Workaround: https://launchpadlibrarian.net/74043935/firefox-build-workaround.diff

I'm now building latest daily version from trunk to make sure it also fixes upstream and will update the bug again.
Comment 2 Timothy B. Terriberry (:derf) 2011-06-27 09:01:26 PDT
After discussion with upstream, we've produced
https://review.webmproject.org/2568

I'll backport that patch here and test.
Comment 3 Timothy B. Terriberry (:derf) 2011-06-27 12:34:26 PDT
Created attachment 542230 [details] [diff] [review]
Enforce alignment for ARM code in Thumb mode in libvpx

This patch doesn't break anything for me on both Maemo and Android. I still haven't been able to reproduce the original crash, so I'll wait for confirmation from downstream before requesting review, etc.
Comment 4 Siarhei Siamashka 2011-06-28 15:58:06 PDT
Interesting. The same .text section alignment issue may be responsible for the SIGILL part of the problems from bug 623161
Comment 5 Launchpad 2011-06-29 03:33:36 PDT
Dave Martin added the following comment to Launchpad bug report 789198:

On Mon, Jun 27, 2011 at 04:01:26PM -0000, Tterribe-o wrote:
> After discussion with upstream, we've produced
> https://review.webmproject.org/2568

I haven't had a chance to test that patch yet, but it looks reasonable.


-- 
http://launchpad.net/bugs/789198
Comment 6 Launchpad 2011-06-29 06:37:04 PDT
Dave Martin added the following comment to Launchpad bug report 789198:

On Tue, Jun 28, 2011 at 10:58:06PM -0000, Siarhei-siamashka wrote:
> Interesting. The same .text section alignment issue may be responsible
> for the SIGILL part of the problems from bug 623161

Can you check the bug number?  That one doesn't look relevant...

https://bugs.launchpad.net/dhis2/+bug/623161
DHIS 2 - District Health Information Software -
translation error in databrowser module 

---Dave


-- 
http://launchpad.net/bugs/789198
Comment 7 Launchpad 2011-06-29 06:37:08 PDT
Ricardo Salveti added the following comment to Launchpad bug report 789198:

He's probably talking about https://bugzilla.mozilla.org/show_bug.cgi?id=623161

-- 
http://launchpad.net/bugs/789198
Comment 8 Launchpad 2011-06-30 05:27:31 PDT
Dave Martin added the following comment to Launchpad bug report 789198:

On Wed, Jun 29, 2011 at 12:05:55PM -0000, Ricardo Salveti wrote:
> He's probably talking about
> https://bugzilla.mozilla.org/show_bug.cgi?id=623161

I guess that could be caused by the same issue...



-- 
http://launchpad.net/bugs/789198
Comment 9 Timothy B. Terriberry (:derf) 2011-07-03 12:35:58 PDT
Comment on attachment 542230 [details] [diff] [review]
Enforce alignment for ARM code in Thumb mode in libvpx

># HG changeset patch
># User Timothy B. Terriberry <tterribe@vt.edu>
># Date 1309201530 25200
># Node ID 1e745d4b39c8f8d7ffb3d4b8cdd7fafce68c5349
># Parent  e338daa71bc2fdb9c05a276ef1a477e1730f0aca
>Bug 666931 - Enforce alignment for ARM code in Thumb mode in libvpx
>
>diff --git a/media/libvpx/build/make/ads2gas.pl b/media/libvpx/build/make/ads2gas.pl
>--- a/media/libvpx/build/make/ads2gas.pl
>+++ b/media/libvpx/build/make/ads2gas.pl
>@@ -74,17 +74,20 @@ while (<STDIN>)
> 
>     # Convert INCLUDE to .INCLUDE "file"
>     s/INCLUDE(\s*)(.*)$/.include $1\"$2\"/;
> 
>     # Code directive (ARM vs Thumb)
>     s/CODE([0-9][0-9])/.code $1/;
> 
>     # No AREA required
>-    s/^\s*AREA.*$/.text/;
>+    # But ALIGNs in AREA must be obeyed
>+    s/^\s*AREA.*ALIGN=([0-9])$/.text\n.p2align $1/;
>+    # If no ALIGN, strip the AREA and align to 4 bytes
>+    s/^\s*AREA.*$/.text\n.p2align 2/;
> 
>     # DCD to .word
>     # This one is for incoming symbols
>     s/DCD\s+\|(\w*)\|/.long $1/;
> 
>     # DCW to .short
>     s/DCW\s+\|(\w*)\|/.short $1/;
>     s/DCW(.*)/.short $1/;
>diff --git a/media/libvpx/update.sh b/media/libvpx/update.sh
>--- a/media/libvpx/update.sh
>+++ b/media/libvpx/update.sh
>@@ -321,8 +321,11 @@ patch -p3 < solaris.patch
> # Patch to fix link with xcode4
> patch -p1 < xcode4.patch
> 
> # Patch to fix data race on global function pointers
> patch -p3 < bug640935.patch
> 
> # Patch to avoid text relocations on ARM
> patch -p3 < bug646815.patch
>+
>+# Patch to fix alignment problems with using ARM asm in Thumb mode.
>+patch -p3 < bug666931.patch
Comment 10 Timothy B. Terriberry (:derf) 2011-07-03 12:39:08 PDT
Hmm, was comment 9 tool failure, our PEBKAC? Here is what I actually tried to type in the comment field (and is still in that field if I go back in my browser history):

Since downstream isn't chomping at the bit to test this, I'm going to go ahead and ask for review now. I've at least confirmed with objdump that the .text sections are now marked with 4-byte alignment. Since it doesn't change the generated code at all, this is relatively low-risk, and it'd be nice to get it in before the next train leaves.
Comment 11 Chris Pearce (:cpearce) 2011-07-03 20:24:50 PDT
Comment on attachment 542230 [details] [diff] [review]
Enforce alignment for ARM code in Thumb mode in libvpx

Ooops, looks like the file bug666931.patch was supposed to be included in this patch but wasn't?
Comment 12 Timothy B. Terriberry (:derf) 2011-07-03 21:00:52 PDT
Created attachment 543715 [details] [diff] [review]
Enforce alignment for ARM code in Thumb mode in libvpx v2

Sigh, I always forget to hg add. Good catch.
Comment 14 Marco Bonardo [::mak] 2011-07-04 05:08:37 PDT
http://hg.mozilla.org/mozilla-central/rev/938c253f031c
Comment 15 Launchpad 2011-07-05 13:02:22 PDT
Gregory Hilt added the following comment to Launchpad bug report 789198:

T
Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: derf <789198@bugs.launchpad.net>
Sender: bounces@canonical.com
Date: Sun, 03 Jul 2011 19:35:58 
To: <ghilt@snet.net>
Reply-To: Bug 789198 <789198@bugs.launchpad.net>
Subject: [Bug 789198] 

Comment on attachment 542230 [details] [diff] [review]
Enforce alignment for ARM code in Thumb mode in libvpx

># HG changeset patch
># User Timothy B. Terriberry <tterribe@vt.edu>
># Date 1309201530 25200
># Node ID 1e745d4b39c8f8d7ffb3d4b8cdd7fafce68c5349
># Parent  e338daa71bc2fdb9c05a276ef1a477e1730f0aca
>Bug 666931 - Enforce alignment for ARM code in Thumb mode in libvpx
>
>diff --git a/media/libvpx/build/make/ads2gas.pl b/media/libvpx/build/make/ads2gas.pl
>--- a/media/libvpx/build/make/ads2gas.pl
>+++ b/media/libvpx/build/make/ads2gas.pl
>@@ -74,17 +74,20 @@ while (<STDIN>)
> 
>     # Convert INCLUDE to .INCLUDE "file"
>     s/INCLUDE(\s*)(.*)$/.include $1\"$2\"/;
> 
>     # Code directive (ARM vs Thumb)
>     s/CODE([0-9][0-9])/.code $1/;
> 
>     # No AREA required
>-    s/^\s*AREA.*$/.text/;
>+    # But ALIGNs in AREA must be obeyed
>+    s/^\s*AREA.*ALIGN=([0-9])$/.text\n.p2align $1/;
>+    # If no ALIGN, strip the AREA and align to 4 bytes
>+    s/^\s*AREA.*$/.text\n.p2align 2/;
> 
>     # DCD to .word
>     # This one is for incoming symbols
>     s/DCD\s+\|(\w*)\|/.long $1/;
> 
>     # DCW to .short
>     s/DCW\s+\|(\w*)\|/.short $1/;
>     s/DCW(.*)/.short $1/;
>diff --git a/media/libvpx/update.sh b/media/libvpx/update.sh
>--- a/media/libvpx/update.sh
>+++ b/media/libvpx/update.sh
>@@ -321,8 +321,11 @@ patch -p3 < solaris.patch
> # Patch to fix link with xcode4
> patch -p1 < xcode4.patch
> 
> # Patch to fix data race on global function pointers
> patch -p3 < bug640935.patch
> 
> # Patch to avoid text relocations on ARM
> patch -p3 < bug646815.patch
>+
>+# Patch to fix alignment problems with using ARM asm in Thumb mode.
>+patch -p3 < bug666931.patch

-- 
You received this bug notification because you are subscribed to firefox
in Ubuntu.
https://bugs.launchpad.net/bugs/789198

Title:
  Firefox crashes when attempting to play webm video on ARM with Thumb2
  enabled

Status in binutils:
  Fix Released
Status in The Mozilla Firefox Browser:
  Fix Released
Status in Linaro Ubuntu Evaluation Builds:
  Fix Released
Status in “binutils” package in Ubuntu:
  New
Status in “firefox” package in Ubuntu:
  Triaged

Bug description:
  Binary package hint: firefox

  This bug was discovered on Linaro 11.05 LEB image "ubuntu-desktop"
  with "panda" hwpack.

  ProblemType: Bug
  DistroRelease: Ubuntu 11.04
  Package: firefox 4.0.1+build1+nobinonly-0ubuntu0.11.04.2
  ProcVersionSignature: Ubuntu 2.6.38-1003.4~ppa5-hostname-omap 2.6.38.7
  Uname: Linux 2.6.38-1003-linaro-omap armv7l
  Architecture: armel
  Date: Fri May 27 15:56:39 2011
  DistributionChannelDescriptor:
   # This is a distribution channel descriptor
   # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor
   canonical-oem-linaro-n-ubuntu-desktop-20110526-0
  FirefoxPackages:
   firefox 4.0.1+build1+nobinonly-0ubuntu0.11.04.2
   flashplugin-installer N/A
   adobe-flashplugin N/A
   icedtea-plugin N/A
  ProcEnviron:
   LANGUAGE=C:en
   LANG=C
   SHELL=/bin/bash
  SourcePackage: firefox
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/binutils/+bug/789198/+subscriptions


-- 
http://launchpad.net/bugs/789198
Comment 16 Launchpad 2011-07-05 13:02:25 PDT
Gregory Hilt added the following comment to Launchpad bug report 789198:

H
Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: derf <789198@bugs.launchpad.net>
Sender: bounces@canonical.com
Date: Sun, 03 Jul 2011 19:35:58 
To: <ghilt@snet.net>
Reply-To: Bug 789198 <789198@bugs.launchpad.net>
Subject: [Bug 789198] 

Comment on attachment 542230 [details] [diff] [review]
Enforce alignment for ARM code in Thumb mode in libvpx

># HG changeset patch
># User Timothy B. Terriberry <tterribe@vt.edu>
># Date 1309201530 25200
># Node ID 1e745d4b39c8f8d7ffb3d4b8cdd7fafce68c5349
># Parent  e338daa71bc2fdb9c05a276ef1a477e1730f0aca
>Bug 666931 - Enforce alignment for ARM code in Thumb mode in libvpx
>
>diff --git a/media/libvpx/build/make/ads2gas.pl b/media/libvpx/build/make/ads2gas.pl
>--- a/media/libvpx/build/make/ads2gas.pl
>+++ b/media/libvpx/build/make/ads2gas.pl
>@@ -74,17 +74,20 @@ while (<STDIN>)
> 
>     # Convert INCLUDE to .INCLUDE "file"
>     s/INCLUDE(\s*)(.*)$/.include $1\"$2\"/;
> 
>     # Code directive (ARM vs Thumb)
>     s/CODE([0-9][0-9])/.code $1/;
> 
>     # No AREA required
>-    s/^\s*AREA.*$/.text/;
>+    # But ALIGNs in AREA must be obeyed
>+    s/^\s*AREA.*ALIGN=([0-9])$/.text\n.p2align $1/;
>+    # If no ALIGN, strip the AREA and align to 4 bytes
>+    s/^\s*AREA.*$/.text\n.p2align 2/;
> 
>     # DCD to .word
>     # This one is for incoming symbols
>     s/DCD\s+\|(\w*)\|/.long $1/;
> 
>     # DCW to .short
>     s/DCW\s+\|(\w*)\|/.short $1/;
>     s/DCW(.*)/.short $1/;
>diff --git a/media/libvpx/update.sh b/media/libvpx/update.sh
>--- a/media/libvpx/update.sh
>+++ b/media/libvpx/update.sh
>@@ -321,8 +321,11 @@ patch -p3 < solaris.patch
> # Patch to fix link with xcode4
> patch -p1 < xcode4.patch
> 
> # Patch to fix data race on global function pointers
> patch -p3 < bug640935.patch
> 
> # Patch to avoid text relocations on ARM
> patch -p3 < bug646815.patch
>+
>+# Patch to fix alignment problems with using ARM asm in Thumb mode.
>+patch -p3 < bug666931.patch

-- 
You received this bug notification because you are subscribed to firefox
in Ubuntu.
https://bugs.launchpad.net/bugs/789198

Title:
  Firefox crashes when attempting to play webm video on ARM with Thumb2
  enabled

Status in binutils:
  Fix Released
Status in The Mozilla Firefox Browser:
  Fix Released
Status in Linaro Ubuntu Evaluation Builds:
  Fix Released
Status in “binutils” package in Ubuntu:
  New
Status in “firefox” package in Ubuntu:
  Triaged

Bug description:
  Binary package hint: firefox

  This bug was discovered on Linaro 11.05 LEB image "ubuntu-desktop"
  with "panda" hwpack.

  ProblemType: Bug
  DistroRelease: Ubuntu 11.04
  Package: firefox 4.0.1+build1+nobinonly-0ubuntu0.11.04.2
  ProcVersionSignature: Ubuntu 2.6.38-1003.4~ppa5-hostname-omap 2.6.38.7
  Uname: Linux 2.6.38-1003-linaro-omap armv7l
  Architecture: armel
  Date: Fri May 27 15:56:39 2011
  DistributionChannelDescriptor:
   # This is a distribution channel descriptor
   # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor
   canonical-oem-linaro-n-ubuntu-desktop-20110526-0
  FirefoxPackages:
   firefox 4.0.1+build1+nobinonly-0ubuntu0.11.04.2
   flashplugin-installer N/A
   adobe-flashplugin N/A
   icedtea-plugin N/A
  ProcEnviron:
   LANGUAGE=C:en
   LANG=C
   SHELL=/bin/bash
  SourcePackage: firefox
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/binutils/+bug/789198/+subscriptions


-- 
http://launchpad.net/bugs/789198
Comment 17 Ricardo Salveti 2011-07-06 16:47:44 PDT
Sorry for taking so long to test, my hardware wasn't available and it takes more than 20 hours to build it.

Tested with patch provided by comment 14 and it worked fine, without any visual regression or issue.

Note You need to log in before you can comment on or make changes to this bug.