Bug#799632: Bug#788708: Bug#799632: iceweasel: SIGSEGV when playing videos via gstreamer
Soeren D. Schulze
soeren.d.schulze at gmx.de
Sun Dec 6 11:17:42 UTC 2015
Am 06.12.2015 um 08:50 schrieb Sebastian Dröge:
>> Hello,
>>
>> it is not fixed, alas. The following SIGSEGV backtrace is with
>> gstreamer1.0-plugins-bad 1.6.1-1+b1 and iceweasel 38.4.0esr-1. Such
>> crashes are rarer, but they do occur:
>
> Hi,
>
> this is a different bug than the stack corruption related to the faad
> plugin though. It looks like broken error handling in iceweasel:
> https://github.com/mozilla/gecko-dev/blob/GECKO3840esr_2015102720_RELBRANCH/dom/media/gstreamer/GStreamerReader.cpp#L1464
>
> This line here should check if mapping actually succeeds. Apparently it
> doesn't (for whatever reason which might be another bug), as in the
> next stack frame all field in frame are 0.
Right after sending the last message, I could reproduce the crash
without frames #0--#2, so the crash looks very similar to the one that I
reported initially (see below).
> Do you have, by any chance, gstreamer1.0-vaapi installed?
No, I don't.
Latest SIGSEGV backtrace with gstreamer1.0-plugins-bad 1.6.1-1+b1 and
iceweasel 38.4.0esr-1:
#0 0x00007ffff3a11a76 in
mozilla::GStreamerReader::ImageDataFromVideoFrame
(this=this at entry=0x7fffd6ec9000, aFrame=aFrame at entry=0x7fffc964a850,
aData=aData at entry=0x7fffc964a800) at
/tmp/buildd/iceweasel-38.4.0esr/dom/media/gstreamer/GStreamerReader.cpp:1440
No locals.
#1 0x00007ffff3a11fdf in mozilla::GStreamerReader::GetImageFromBuffer
(this=this at entry=0x7fffd6ec9000, aBuffer=aBuffer at entry=0x7fffb4418160)
at
/tmp/buildd/iceweasel-38.4.0esr/dom/media/gstreamer/GStreamerReader.cpp:1466
frame = {info = {finfo = 0x0, interlace_mode =
GST_VIDEO_INTERLACE_MODE_PROGRESSIVE, flags = GST_VIDEO_FLAG_NONE, width
= 0, height = 0, size = 0, views = 0, chroma_site =
GST_VIDEO_CHROMA_SITE_UNKNOWN, colorimetry = {range =
GST_VIDEO_COLOR_RANGE_UNKNOWN, matrix = GST_VIDEO_COLOR_MATRIX_UNKNOWN,
transfer = GST_VIDEO_TRANSFER_UNKNOWN, primaries =
GST_VIDEO_COLOR_PRIMARIES_UNKNOWN}, par_n = 0, par_d = 0, fps_n = 0,
fps_d = 0, offset = {0, 0, 0, 0}, stride = {0, 0, 0, 0}, ABI = {abi =
{multiview_mode = GST_VIDEO_MULTIVIEW_MODE_MONO, multiview_flags =
GST_VIDEO_MULTIVIEW_FLAGS_NONE}, _gst_reserved = {0x0, 0x0, 0x0, 0x0}}},
flags = GST_VIDEO_FRAME_FLAG_NONE, buffer = 0x0, meta = 0x0, id = 0,
data = {0x0, 0x0, 0x0, 0x0}, map = {{memory = 0x0, flags = (unknown: 0),
data = 0x0, size = 0, maxsize = 0, user_data = {0x0, 0x0, 0x0, 0x0},
_gst_reserved = {0x0, 0x0, 0x0, 0x0}}, {memory = 0x0, flags = (unknown:
0), data = 0x0, size = 0, maxsize = 0, user_data = {0x0, 0x0, 0x0, 0x0},
_gst_reserved = {0x0, 0x0, 0x0, 0x0}}, {memory = 0x0, flags = (unknown:
0), data = 0x0, size = 0, maxsize = 0, user_data = {0x0, 0x0, 0x0, 0x0},
_gst_reserved = {0x0, 0x0, 0x0, 0x0}}, {memory = 0x0, flags = (unknown:
0), data = 0x0, size = 0, maxsize = 0, user_data = {0x0, 0x0, 0x0, 0x0},
_gst_reserved = {0x0, 0x0, 0x0, 0x0}}}, _gst_reserved = {0x0, 0x0, 0x0,
0x0}}
data = {mYChannel = 0x0, mYStride = 0, mYSize =
{<mozilla::gfx::BaseSize<int,
mozilla::gfx::IntSizeTyped<mozilla::gfx::UnknownUnits> >> = {width = 0,
height = 0}, <mozilla::gfx::UnknownUnits> = {<No data fields>}, <No data
fields>}, mYSkip = 0, mCbChannel = 0x0, mCrChannel = 0x0, mCbCrStride =
0, mCbCrSize = {<mozilla::gfx::BaseSize<int,
mozilla::gfx::IntSizeTyped<mozilla::gfx::UnknownUnits> >> = {width = 0,
height = 0}, <mozilla::gfx::UnknownUnits> = {<No data fields>}, <No data
fields>}, mCbSkip = 0, mCrSkip = 0, mPicX = 0, mPicY = 0, mPicSize =
{<mozilla::gfx::BaseSize<int,
mozilla::gfx::IntSizeTyped<mozilla::gfx::UnknownUnits> >> = {width = 0,
height = 0}, <mozilla::gfx::UnknownUnits> = {<No data fields>}, <No data
fields>}, mStereoMode = mozilla::StereoMode::MONO}
mem = <optimized out>
image = {mRawPtr = 0x7fff9b1fae50}
#2 0x00007ffff3a1243f in mozilla::GStreamerReader::DecodeVideoFrame
(this=0x7fffd6ec9000, aKeyFrameSkip=<optimized out>,
aTimeThreshold=<optimized out>) at
/tmp/buildd/iceweasel-38.4.0esr/dom/media/gstreamer/GStreamerReader.cpp:824
buffer = 0x7fffb4418160
isKeyframe = <optimized out>
timestamp = 41000
duration = 41708
image = {mRawPtr = 0x7fff9b1fae50}
offset = <optimized out>
#3 0x00007ffff3998ae1 in mozilla::MediaDecoderReader::RequestVideoData
(this=0x7fffd6ec9000, aSkipToNextKeyframe=<optimized out>,
aTimeThreshold=0) at
/tmp/buildd/iceweasel-38.4.0esr/dom/media/MediaDecoderReader.cpp:245
p = {mRawPtr = 0x7fff814bb150}
__func__ = "RequestVideoData"
skip = false
#4 0x00007ffff3974a23 in
mozilla::detail::MethodCallWithTwoArgs<mozilla::MediaPromise<nsRefPtr<mozilla::VideoData>,
mozilla::MediaDecoderReader::NotDecodedReason, true>,
mozilla::MediaDecoderReader, bool, long>::Invoke (this=<optimized out>)
at /tmp/buildd/iceweasel-38.4.0esr/dom/media/MediaPromise.h:603
No locals.
#5 0x00007ffff3996b56 in
mozilla::detail::ProxyRunnable<mozilla::MediaPromise<nsRefPtr<mozilla::VideoData>,
mozilla::MediaDecoderReader::NotDecodedReason, true> >::Run
(this=0x7fffd928f960) at
/tmp/buildd/iceweasel-38.4.0esr/dom/media/MediaPromise.h:620
p = {mRawPtr = 0x7fff814bb150}
#6 0x00007ffff3997637 in mozilla::MediaTaskQueue::Runner::Run
(this=0x7fffb1da1240) at
/tmp/buildd/iceweasel-38.4.0esr/dom/media/MediaTaskQueue.cpp:230
event = {mPtr = 0x7fffd928f960}
__func__ = "Run"
#7 0x00007ffff2cedeaf in nsThreadPool::Run (this=0x7fffb1ff0a00) at
/tmp/buildd/iceweasel-38.4.0esr/xpcom/threads/nsThreadPool.cpp:225
event = {<nsCOMPtr_base> = {mRawPtr = 0x7fffb1da1240}, <No data
fields>}
current = {<nsCOMPtr_base> = {mRawPtr = 0x7fffaedf68a0}, <No
data fields>}
shutdownThreadOnExit = false
exitThread = false
wasIdle = false
idleSince = 314764527
listener = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}
#8 0x00007ffff2ceed11 in nsThread::ProcessNextEvent
(this=0x7fffaedf68a0, aMayWait=<optimized out>, aResult=0x7fffc964adf7)
at /tmp/buildd/iceweasel-38.4.0esr/xpcom/threads/nsThread.cpp:855
event = {<nsCOMPtr_base> = {mRawPtr = 0x7fffb1ff0a08}, <No data
fields>}
notifyMainThreadObserver = <optimized out>
obs = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}
rv = nsresult::NS_OK
#9 0x00007ffff2d02c35 in NS_ProcessNextEvent (aThread=<optimized out>,
aMayWait=aMayWait at entry=true) at
/tmp/buildd/iceweasel-38.4.0esr/xpcom/glue/nsThreadUtils.cpp:265
val = true
#10 0x00007ffff2eb9629 in
mozilla::ipc::MessagePumpForNonMainThreads::Run (this=0x7fffbce84280,
aDelegate=0x7fffcd546420) at
/tmp/buildd/iceweasel-38.4.0esr/ipc/glue/MessagePump.cpp:368
didWork = <optimized out>
#11 0x00007ffff2eae0d2 in MessageLoop::RunHandler (this=<optimized out>)
at /tmp/buildd/iceweasel-38.4.0esr/ipc/chromium/src/base/message_loop.cc:226
No locals.
#12 MessageLoop::Run (this=this at entry=0x7fffcd546420) at
/tmp/buildd/iceweasel-38.4.0esr/ipc/chromium/src/base/message_loop.cc:200
save_state = {<MessageLoop::RunState> = {run_depth = 1,
quit_received = false}, loop_ = 0x7fffcd546420, previous_state_ = 0x0}
#13 0x00007ffff2cf0cc3 in nsThread::ThreadFunc (aArg=0x7fffaedf68a0) at
/tmp/buildd/iceweasel-38.4.0esr/xpcom/threads/nsThread.cpp:356
self = 0x7fffaedf68a0
event = {<nsCOMPtr_base> = {mRawPtr = 0x0}, <No data fields>}
#14 0x00007ffff1bb4678 in _pt_root (arg=0x7fffbd429fa0) at ptthread.c:212
rv = <optimized out>
thred = 0x7fffbd429fa0
detached = 0
id = 140736572208896
tid = 24069
#15 0x00007ffff7bc70a4 in start_thread (arg=0x7fffc964b700) at
pthread_create.c:309
__res = <optimized out>
pd = 0x7fffc964b700
now = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140736572208896,
-7150833058279440229, 0, 140736805024416, 23, 140736572208896,
7150785958066143387, 7150814885788008603}, mask_was_saved = 0}}, priv =
{pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0,
canceltype = 0}}}
not_first_call = <optimized out>
pagesize_m1 = <optimized out>
sp = <optimized out>
freesize = <optimized out>
__PRETTY_FUNCTION__ = "start_thread"
#16 0x00007ffff707c06d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:111
No locals.
More information about the pkg-mozilla-maintainers
mailing list