Closed
Bug 759677
Opened 12 years ago
Closed 12 years ago
Crash when playing some HTML5 videos with cubeb
Categories
(Core :: Audio/Video, defect)
Tracking
()
RESOLVED
FIXED
mozilla15
People
(Reporter: gooyozh, Assigned: kinetik)
References
Details
(Keywords: crash)
Crash Data
Attachments
(1 file)
1.17 KB,
patch
|
cajbir
:
review+
|
Details | Diff | Splinter Review |
User Agent: Mozilla/5.0 (X11; Linux i686; rv:15.0) Gecko/15.0 Firefox/15.0a1 Build ID: 20120529052711 Steps to reproduce: Open page with video, for example: http://www.mozilla.org/projects/firefox/prerelease.html http://www.youtube.com/watch?v=3T1c7GkzRQQ http://www.youtube.com/watch?v=fHC05_9b0gw Start playing video if it's not started automatically. Actual results: Firefox shuts down. This started to happen about 2-4 weeks ago, before that Nightly was OK. Expected results: No crash. If I go to http://www.youtube.com/html5?hl=en and click "Leave the HTML5 Trial" then videos that previously crashed are being played OK. Also the weird thing is that Firefox does not crash when playing the last video within the playlist: http://www.youtube.com/watch?v=fHC05_9b0gw&list=PL9120FAB23501BFF9&index=1&feature=plpp_video Does not crash: http://vimeo.com/22918371 http://www.dailymotion.com/video/xctwtv_radiohead-no-surprises_music http://www.funnyordie.com/videos/d7ef733b1d/radiohead-no-surprises-literal-video-version-from-kfk
Comment 1•12 years ago
|
||
For me, Firefox doesn't crash on these videos. Make sure you use the latest Flash version: http://www.mozilla.org/plugincheck/ Can you provide the crash ID (bp-...) from about:crashes?
Reporter | ||
Comment 2•12 years ago
|
||
The latest version of flash installed but this problem happens also when no flash plugin installed at all. And about:crashes contains none of these crashes, only a couple of other ones. If Firefox is started from command line I can see "Segmentation fault" message thrown on crash and that's all.
Comment 3•12 years ago
|
||
Please provide a stacktrace using a debugger. See https://developer.mozilla.org/en/How_to_get_a_stacktrace_for_a_bug_report#Alternative_ways_to_get_a_stacktrace
Reporter | ||
Comment 4•12 years ago
|
||
#0 0xab516bf5 in ?? () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #1 0xab5178dd in alsa_lib_resampler_process_int () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #2 0xab517af4 in alsa_lib_resampler_process_interleaved_int () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #3 0xab515f6e in ?? () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #4 0xb5e66392 in ?? () from /usr/lib/libasound.so.2 #5 0xb5e667d1 in ?? () from /usr/lib/libasound.so.2 #6 0xb5e668c7 in ?? () from /usr/lib/libasound.so.2 #7 0xb5e669a4 in ?? () from /usr/lib/libasound.so.2 #8 0xb5e4b988 in snd_pcm_mmap_commit () from /usr/lib/libasound.so.2 #9 0xb5e5a5ec in ?? () from /usr/lib/libasound.so.2 #10 0xb5e4bfd1 in ?? () from /usr/lib/libasound.so.2 #11 0xb5e5b059 in ?? () from /usr/lib/libasound.so.2 #12 0xb5e44bf4 in snd_pcm_writei () from /usr/lib/libasound.so.2 #13 0xb7181e6b in cubeb_run_thread () from /home/yozh/apps/firefox-13/libxul.so #14 0x00000000 in ?? () I've also tried debug version of Nightly and it triggered a slightly different result: #0 0xa8abdbb3 in ?? () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #1 0xa8abe8dd in alsa_lib_resampler_process_int () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #2 0xa8abeaf4 in alsa_lib_resampler_process_interleaved_int () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #3 0xa8abcf6e in ?? () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #4 0xb56df392 in ?? () from /usr/lib/libasound.so.2 #5 0xb56df7d1 in ?? () from /usr/lib/libasound.so.2 #6 0xb56df8c7 in ?? () from /usr/lib/libasound.so.2 #7 0xb56df9a4 in ?? () from /usr/lib/libasound.so.2 #8 0xb56c4988 in snd_pcm_mmap_commit () from /usr/lib/libasound.so.2 #9 0xb56d35ec in ?? () from /usr/lib/libasound.so.2 #10 0xb56c4fd1 in ?? () from /usr/lib/libasound.so.2 #11 0xb56d4059 in ?? () from /usr/lib/libasound.so.2 #12 0xb56bdbf4 in snd_pcm_writei () from /usr/lib/libasound.so.2 #13 0xb6bd337f in vp8_idct_dequant_dc_full_2x_sse2 () from /home/yozh/apps/firefox-nightly-debug/libxul.so #14 0xb7fabb25 in start_thread () from /lib/libpthread.so.0 #15 0xb7dc646e in clone () from /lib/libc.so.6
Comment 5•12 years ago
|
||
Debug symbols are missing in the above stacktraces.
Reporter | ||
Comment 6•12 years ago
|
||
Yes, they are. Debug version does not contain them, as I understand. Do you know where to get version with debug symbols? I tried downloading them as described here https://developer.mozilla.org/en/Using_the_Mozilla_symbol_server with the following output: yozh@linux-yozh:~/pro/mozilla/symbols-script> ./fetch-symbols.py /home/yozh/apps/firefox-nightly-debug/ http://symbols.mozilla.org/firefox nightly-symbols Fetching symbol index http://symbols.mozilla.org/firefox/firefox-15.0a1-Linux-20120530012752-symbols.txt HTTP error 404 retrieving http://symbols.mozilla.org/firefox/firefox-15.0a1-Linux-20120530012752-symbols.txt
Comment 7•12 years ago
|
||
(In reply to Artem Karpenko from comment #6) > Yes, they are. Debug version does not contain them, as I understand. Do you > know where to get version with debug symbols? Maybe there: ftp://ftp.mozilla.org/pub/firefox/nightly/2012-05-30-mozilla-central-debug/
Reporter | ||
Comment 8•12 years ago
|
||
Nope, this is the one I already tried. Anyway, I've built Firefox manually using central mercurial repository with debug symbols enabled and reproduced error. Here is backtrace: #0 0xae5318c0 in alsa_lib_resampler_process_int () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #1 0xae531af4 in alsa_lib_resampler_process_interleaved_int () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #2 0xae52ff6e in ?? () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #3 0xb44ac392 in ?? () from /usr/lib/libasound.so.2 #4 0xb44ac7d1 in ?? () from /usr/lib/libasound.so.2 #5 0xb44ac8c7 in ?? () from /usr/lib/libasound.so.2 #6 0xb44ac9a4 in ?? () from /usr/lib/libasound.so.2 #7 0xb4491988 in snd_pcm_mmap_commit () from /usr/lib/libasound.so.2 #8 0xb44a05ec in ?? () from /usr/lib/libasound.so.2 #9 0xb4491fd1 in ?? () from /usr/lib/libasound.so.2 #10 0xb44a1059 in ?? () from /usr/lib/libasound.so.2 #11 0xb448abf4 in snd_pcm_writei () from /usr/lib/libasound.so.2 #12 0xb67ab9e1 in cubeb_refill_stream (stm=0xa6765980) at /home/yozh/pro/mozilla/central/media/libcubeb/src/cubeb_alsa.c:300 #13 0xb67abd24 in cubeb_run (ctx=0xa40ff000) at /home/yozh/pro/mozilla/central/media/libcubeb/src/cubeb_alsa.c:374 #14 0xb67abe71 in cubeb_run_thread (context=0xa40ff000) at /home/yozh/pro/mozilla/central/media/libcubeb/src/cubeb_alsa.c:406 #15 0xb7fabb25 in start_thread () from /lib/libpthread.so.0 #16 0xb7dc646e in clone () from /lib/libc.so.6
Reporter | ||
Comment 9•12 years ago
|
||
And after updating ALSA from 1.0.23 to 1.0.25: #0 0xaf5058c0 in alsa_lib_resampler_process_int () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #1 0xaf505af4 in alsa_lib_resampler_process_interleaved_int () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #2 0xaf503f6e in ?? () from /usr/lib/alsa-lib/libasound_module_rate_speexrate.so #3 0xb44a3d92 in do_convert (dst_areas=0xa6bf6500, dst_offset=0, dst_frames=1024, src_areas=0xa6bf6720, src_offset=0, src_frames=940, channels=2, rate=0xa30218e0) at pcm_rate.c:528 #4 0xb44a41d1 in snd_pcm_rate_write_areas1 (pcm=0xa3248cf0, rate=0xa30218e0, appl_offset=0, size=940, slave_size=1024) at pcm_rate.c:546 #5 snd_pcm_rate_commit_area (pcm=0xa3248cf0, rate=0xa30218e0, appl_offset=0, size=940, slave_size=1024) at pcm_rate.c:745 #6 0xb44a42c7 in snd_pcm_rate_commit_next_period (pcm=0xa3248cf0, appl_ptr=<value optimized out>) at pcm_rate.c:835 #7 snd_pcm_rate_sync_playback_area (pcm=0xa3248cf0, appl_ptr=<value optimized out>) at pcm_rate.c:961 #8 0xb44a43a4 in snd_pcm_rate_mmap_commit (pcm=0xa3248cf0, offset=0, size=4704) at pcm_rate.c:985 #9 0xb4488f98 in snd_pcm_mmap_commit (pcm=0xa3248cf0, offset=0, frames=4704) at pcm.c:6584 #10 0xb4497cdc in snd_pcm_plugin_write_areas (pcm=0xa3248e00, areas=0xa6c6b220, offset=<value optimized out>, size=4704) at pcm_plugin.c:284 #11 0xb44895e1 in snd1_pcm_write_areas (pcm=0xa3248e00, areas=0xa6c6b220, offset=<value optimized out>, size=<value optimized out>, func= 0xb4497c40 <snd_pcm_plugin_write_areas>) at pcm.c:6759 #12 0xb44986f9 in snd_pcm_plugin_writei (pcm=0xa3248e00, buffer=0xa36f2000, size=4704) at pcm_plugin.c:355 #13 0xb4481f44 in _snd_pcm_writei (pcm=0xa3248be0, buffer=0xa36f2000, size=4704) at pcm_local.h:521 #14 snd_pcm_writei (pcm=0xa3248be0, buffer=0xa36f2000, size=4704) at pcm.c:1255 #15 0xb67ab9e1 in cubeb_refill_stream (stm=0xa31eae20) at /home/yozh/pro/mozilla/central/media/libcubeb/src/cubeb_alsa.c:300 #16 0xb67abd24 in cubeb_run (ctx=0xa3513800) at /home/yozh/pro/mozilla/central/media/libcubeb/src/cubeb_alsa.c:374 #17 0xb67abe71 in cubeb_run_thread (context=0xa3513800) at /home/yozh/pro/mozilla/central/media/libcubeb/src/cubeb_alsa.c:406 #18 0xb7fabb25 in start_thread () from /lib/libpthread.so.0 #19 0xb7dc646e in clone () from /lib/libc.so.6 Also, I found a somewhat similar bug: https://bugs.launchpad.net/alsa-plugins/+bug/367279. That one also was found using Firefox but addressed to ALSA devs.
Updated•12 years ago
|
Severity: normal → critical
Crash Signature: [@ cubeb_refill_stream]
Component: Untriaged → Video/Audio
Keywords: crash
Product: Firefox → Core
QA Contact: untriaged → video.audio
See Also: → https://launchpad.net/bugs/367279
Assignee | ||
Comment 10•12 years ago
|
||
What Linux distribution and version are you running? Please also supply your kernel and ALSA version, and the output of aplay -l -L. Can you also try the old audio backend by opening about:config, creating a boolean pref called "media.use_cubeb", setting it to false, and reproducing the crash? Once you've finished testing, please reset the pref by right clicking on it and selecting "reset".
Blocks: cubeb
Reporter | ||
Comment 11•12 years ago
|
||
Distribution: OpenSUSE 11.3 i586. From alsa-info.sh: !!ALSA Version !!------------ Driver version: 1.0.22.1 Library version: 1.0.25 Utilities version: 1.0.25 All ALSA packages are updated to 1.0.25. yozh@linux-yozh:~> uname -a Linux linux-yozh 2.6.34-12-default #1 SMP 2010-06-29 02:39:08 +0200 i686 i686 i386 GNU/Linux yozh@linux-yozh:~> aplay -l -L null Discard all samples (playback) or generate zero samples (capture) pulse PulseAudio Sound Server default:CARD=Intel HDA Intel, ALC662 rev1 Analog Default Audio Device sysdefault:CARD=Intel HDA Intel, ALC662 rev1 Analog Default Audio Device front:CARD=Intel,DEV=0 HDA Intel, ALC662 rev1 Analog Front speakers surround40:CARD=Intel,DEV=0 HDA Intel, ALC662 rev1 Analog 4.0 Surround output to Front and Rear speakers surround41:CARD=Intel,DEV=0 HDA Intel, ALC662 rev1 Analog 4.1 Surround output to Front, Rear and Subwoofer speakers surround50:CARD=Intel,DEV=0 HDA Intel, ALC662 rev1 Analog 5.0 Surround output to Front, Center and Rear speakers surround51:CARD=Intel,DEV=0 HDA Intel, ALC662 rev1 Analog 5.1 Surround output to Front, Center, Rear and Subwoofer speakers surround71:CARD=Intel,DEV=0 HDA Intel, ALC662 rev1 Analog 7.1 Surround output to Front, Center, Side, Rear and Woofer speakers iec958:CARD=Intel,DEV=0 HDA Intel, ALC662 rev1 Digital IEC958 (S/PDIF) Digital Audio Output hdmi:CARD=HDMI,DEV=0 HDA ATI HDMI, ATI HDMI HDMI Audio Output **** List of PLAYBACK Hardware Devices **** card 0: Intel [HDA Intel], device 0: ALC662 rev1 Analog [ALC662 rev1 Analog] Subdevices: 1/1 Subdevice #0: subdevice #0 card 0: Intel [HDA Intel], device 1: ALC662 rev1 Digital [ALC662 rev1 Digital] Subdevices: 1/1 Subdevice #0: subdevice #0 card 1: HDMI [HDA ATI HDMI], device 3: ATI HDMI [ATI HDMI] Subdevices: 1/1 Subdevice #0: subdevice #0 When "media.use_cubeb" is set to false crash is not reproduced and playback is OK.
Updated•12 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Crash when playing some (HTML5?) videos → Crash when playing some HTML5 videos with cubeb
Assignee | ||
Comment 12•12 years ago
|
||
Thanks, I'll set that environment up in a VM and see if I can reproduce and debug.
Assignee | ||
Comment 13•12 years ago
|
||
I can easily reproduce this in an openSUSE 11.3 i586 VM by running cubeb's testsuite--test_sanity crashes while running test_stream_position with a very similar stack to comment 9. I crash in speex_resampler_process_native: Dump of assembler code for function speex_resampler_process_native: 0xb7d11b9d <+13>: mov 0x1c(%edi),%esi 0xb7d11ba0 <+16>: movl $0x0,0x5c(%esp) 0xb7d11ba8 <+24>: mov 0x74(%esp),%ebp 0xb7d11bac <+28>: movl $0x1,0x34(%edi) => 0xb7d11bb3 <+35>: mov %eax,0x3c(%esp) 0xb7d11bb7 <+39>: mov 0x40(%edi),%eax 0xb7d11bba <+42>: shl $0x2,%esi 0xb7d11bbd <+45>: imul %edx,%esi 0xb7d11bc0 <+48>: lea 0x0(,%edx,4),%edx Note that it's crashing while trying to write to the stack. cubeb's cubeb_run_thread runs with a very small stack (PTHREAD_STACK_MIN, which is 16kB in this case), and this call path requires more stack than has been allocated. I've pushed a fix to cubeb that increases the thread's stack size to 256kB: https://github.com/kinetiknz/cubeb/commit/6a6ed2607e3c457768659495532c58480df1e40d
Assignee: nobody → kinetik
Status: NEW → ASSIGNED
Assignee | ||
Comment 14•12 years ago
|
||
Attachment #629424 -
Flags: review?(chris.double)
Updated•12 years ago
|
Attachment #629424 -
Flags: review?(chris.double) → review+
Assignee | ||
Comment 15•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/766d3249625b
Target Milestone: --- → mozilla15
Reporter | ||
Comment 16•12 years ago
|
||
Latest inbound build fixes problem for me. Thanks!
Assignee | ||
Comment 17•12 years ago
|
||
Thanks for reporting the bug, and confirming that the patch solved the issue. Much appreciated!
Comment 18•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/766d3249625b
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•