Bug#797227: segfault - gst_memory_unmap, libgstreamer

Sat Aug 29 15:31:40 UTC 2015

On Sat, 29 Aug 2015 10:03:42 +0200 Vincent Lefevre <vincent at vinc17.net>
wrote:
> On 2015-08-29 08:41:21 +0900, Mike Hommey wrote:
> > On Sat, Aug 29, 2015 at 12:27:02AM +0200, Vincent Lefevre wrote:
> > > On 2015-08-29 00:17:06 +0200, Vincent Lefevre wrote:
> > > > On 2015-08-28 19:34:53 +0100, jnqnfe wrote:
> > > > > Package: iceweasel
> > > > > Version: 38.2.1esr-1
> > > > > Severity: grave
> > > > >
> > > > > The latest iceweasel update causes it to segfault shortly
after loading
> > > > > it.
> > > >
> > > > I don't have any problem on my side (also an x86_64 machine).
> > >
> > > I can reproduce the segmentation fault after installing
> > > gstreamer1.0-plugins-bad and opening:
> > >
> > > https://vimeo.com/55640554
> > >
> > > I would say that's a plugin bug, not an iceweasel bug.
> >
> > Can't reproduce here under those conditions, what version of gstreamer
> > are you using?
>
> gstreamer1.0-plugins-bad 1.4.5-2+b2
>
> I forgot, to make Iceweasel crash, I also need to play the video.
> As soon as I click on the play button, it crashes.
>
> With valgrind, it crashes before the video is played. After thousands
> of errors (due to GTK?):
>
> ==24014== Invalid free() / delete / delete[] / realloc()
> ==24014== at 0x4C2A360: operator delete(void*) (vg_replace_malloc.c:507)
> ==24014== by 0x8687D44: ??? (in /usr/lib/iceweasel/libxul.so)
> ==24014== by 0xFFEFF4277: ???
> ==24014== by 0x47D8A39F: ???
> ==24014== by 0xF00000044: ???
> ==24014== by 0xDFFFFFFFF: ???
> ==24014== by 0x1DC0000002E: ???
> ==24014== by 0x157: ???
> ==24014== by 0x46C264DF: ???
> ==24014== by 0x1DB: ???
> ==24014== by 0x47D8A35F: ???
> ==24014== by 0x700000006: ???
> ==24014== Address 0x47d8a3c0 is not stack'd, malloc'd or (recently) free'd
> ==24014==
> ==24014==
> ==24014== HEAP SUMMARY:
> ==24014== in use at exit: 167,383 bytes in 1,809 blocks
> ==24014== total heap usage: 2,206 allocs, 398 frees, 199,671 bytes
allocated
> ==24014==
> ==24014== LEAK SUMMARY:
> ==24014== definitely lost: 0 bytes in 0 blocks
> ==24014== indirectly lost: 0 bytes in 0 blocks
> ==24014== possibly lost: 0 bytes in 0 blocks
> ==24014== still reachable: 167,383 bytes in 1,809 blocks
> ==24014== suppressed: 0 bytes in 0 blocks
> ==24014== Rerun with --leak-check=full to see details of leaked memory
> ==24014==
> ==24014== For counts of detected and suppressed errors, rerun with: -v

What happens on my machine in fact, is that I can open almost all web
pages, watching movies with Java and Flash, except as Facebook pages i.e.
Facebook actually open until I do not fly over a post containing a video
for example ... If there is a post with a video, or if I go to someone's
profile in the album photo as another example, the browser crashes ...

Second example with the link "vimeo" that you give (small precision
AdBlock and NoScript I), if I allow only the execution of the video on
vimeo link (ie allowing Java in the video window), I get to play the video.
But if I click on the NoScript icon and I temporary authorize the page,
it obviously makes appear all that was previously hidden on the "vimeo"
page, including images over the video, and then it crashes.

Aside from that, the rest works ...

One more thing, I can't remove "gstreamer1.0-plugins-bad" to do the test
as it is a dependency of "gnome-video-effects" which is a dependency of
cheese.

-- 
*Goran LAZAREVIC*

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20150829/dc880003/attachment.html>