238007 – Crash on OGG video loading

Bug 238007 - Crash on OGG video loading

Summary: Crash on OGG video loading

Status:	RESOLVED DOWNSTREAM

Alias:	None

Product:	kdelibs
Classification:	Frameworks and Libraries
Component:	kdewebkit (show other bugs)
Version:	unspecified
Platform:	Debian testing Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	webkit-devel

URL:
Keywords:

Depends on:
Blocks:

Reported:	2010-05-18 09:21 UTC by m2j
Modified:	2010-06-09 04:49 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
New crash information added by DrKonqi (12.99 KB, text/plain) 2010-05-26 10:50 UTC, Rohan Garg	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description m2j 2010-05-18 09:21:22 UTC

Application: konqueror (4.4.3 (KDE 4.4.3))
KDE Platform Version: 4.4.3 (KDE 4.4.3)
Qt Version: 4.6.2
Operating System: Linux 2.6.32-5-amd64 x86_64
Distribution: Debian GNU/Linux testing (squeeze)

-- Information about the crash:
Hello,
Konqueror (as well as Akregator) crashes any time I call http://www.omat.nl/2010/05/17/accountwizard-demo/ and click on "Direct Link to the OGV".

The crash can be reproduced every time.

 -- Backtrace:
Application: Konqueror (konqueror), signal: Illegal instruction
The current source language is "auto; currently c".
[Current thread is 1 (Thread 0x7fcf4b456750 (LWP 2831))]

Thread 11 (Thread 0x7fcf2bfff910 (LWP 2852)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:261
#1  0x00007fcf351af606 in WTF::TCMalloc_PageHeap::scavengerThread (this=0x7fcf36173220) at ../JavaScriptCore/wtf/FastMalloc.cpp:2299
#2  0x00007fcf351af649 in WTF::TCMalloc_PageHeap::runScavengerThread (context=0x7fcf361812ec) at ../JavaScriptCore/wtf/FastMalloc.cpp:1433
#3  0x00007fcf444dd73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#4  0x00007fcf4acfa69d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#5  0x0000000000000000 in ?? ()

Thread 10 (Thread 0x7fcf171f5910 (LWP 2865)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:220
#1  0x00007fcf1db69f41 in metronom_sync_loop (this=0x2e7f7d0) at metronom.c:870
#2  0x00007fcf444dd73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#3  0x00007fcf4acfa69d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#4  0x0000000000000000 in ?? ()
The current source language is "auto; currently asm".

Thread 9 (Thread 0x7fcf161de910 (LWP 2866)):
#0  0x00007fcf4acef743 in *__GI___poll (fds=<value optimized out>, nfds=<value optimized out>, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007fcf46c358ca in ?? () from /usr/lib/libxcb.so.1
#2  0x00007fcf46c35ec9 in ?? () from /usr/lib/libxcb.so.1
#3  0x00007fcf46c35fe9 in ?? () from /usr/lib/libxcb.so.1
#4  0x00007fcf46c360fa in xcb_flush () from /usr/lib/libxcb.so.1
#5  0x00007fcf167f076e in xv_display_frame (this_gen=0x2e99270, frame_gen=<value optimized out>) at video_out_xcbxv.c:757
#6  0x00007fcf1db773fa in overlay_and_display_frame (this=0x2e319a0, img=0x2e36fc0, vpts=<value optimized out>) at video_out.c:1036
#7  0x00007fcf1db77803 in video_out_loop (this_gen=<value optimized out>) at video_out.c:1172
#8  0x00007fcf444dd73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#9  0x00007fcf4acfa69d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#10 0x0000000000000000 in ?? ()

Thread 8 (Thread 0x7fcf159dd910 (LWP 2867)):
#0  0x00007fcf444de99d in pthread_join (threadid=140527406016784, thread_return=0x7fcf159dc558) at pthread_join.c:89
#1  0x00007fcf1db75d30 in vo_exit (this_gen=<value optimized out>) at video_out.c:1613
#2  0x00007fcf1de038a6 in ?? () from /usr/lib/qt4/plugins/phonon_backend/phonon_xine.so
#3  0x00007fcf1ddc38bf in ?? () from /usr/lib/qt4/plugins/phonon_backend/phonon_xine.so
#4  0x00007fcf1dddb92d in ?? () from /usr/lib/qt4/plugins/phonon_backend/phonon_xine.so
#5  0x00007fcf48aedb7d in QObject::event (this=0x1a8bd20, e=0x2fe7c70) at kernel/qobject.cpp:1231
#6  0x00007fcf47c018fc in QApplicationPrivate::notify_helper (this=0x151ab10, receiver=0x1a8bd20, e=0x2fe7c70) at kernel/qapplication.cpp:4300
#7  0x00007fcf47c07ddb in QApplication::notify (this=0x7fff06d5c910, receiver=0x1a8bd20, e=0x2fe7c70) at kernel/qapplication.cpp:4183
#8  0x00007fcf494c5366 in KApplication::notify (this=0x7fff06d5c910, receiver=0x1a8bd20, event=0x2fe7c70) at ../../kdeui/kernel/kapplication.cpp:302
#9  0x00007fcf48addf1c in QCoreApplication::notifyInternal (this=0x7fff06d5c910, receiver=0x1a8bd20, event=0x2fe7c70) at kernel/qcoreapplication.cpp:704
#10 0x00007fcf48ae0697 in QCoreApplication::sendEvent (receiver=0x0, event_type=<value optimized out>, data=0x2f519b0) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#11 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=<value optimized out>, data=0x2f519b0) at kernel/qcoreapplication.cpp:1345
#12 0x00007fcf48b07833 in QCoreApplication::sendPostedEvents (s=<value optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:220
#13 postEventSourceDispatch (s=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:276
#14 0x00007fcf43e2d6c2 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#15 0x00007fcf43e31538 in ?? () from /lib/libglib-2.0.so.0
#16 0x00007fcf43e316ec in g_main_context_iteration () from /lib/libglib-2.0.so.0
#17 0x00007fcf48b07373 in QEventDispatcherGlib::processEvents (this=0x1aaeae0, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:412
#18 0x00007fcf48adc842 in QEventLoop::processEvents (this=<value optimized out>, flags=) at kernel/qeventloop.cpp:149
#19 0x00007fcf48adcc1c in QEventLoop::exec (this=0x7fcf159dcfe0, flags=) at kernel/qeventloop.cpp:201
#20 0x00007fcf489e6bc9 in QThread::exec (this=<value optimized out>) at thread/qthread.cpp:487
#21 0x00007fcf1ddc5400 in ?? () from /usr/lib/qt4/plugins/phonon_backend/phonon_xine.so
#22 0x00007fcf489e95c5 in QThreadPrivate::start (arg=0x2e95e00) at thread/qthread_unix.cpp:248
#23 0x00007fcf444dd73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#24 0x00007fcf4acfa69d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#25 0x0000000000000000 in ?? ()
The current source language is "auto; currently c".

Thread 7 (Thread 0x7fcf14fd8910 (LWP 2868)):
#0  0x00007fcf4acef743 in *__GI___poll (fds=<value optimized out>, nfds=<value optimized out>, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007fcf3a43dd0d in ?? () from /usr/lib/libpulse.so.0
#2  0x00007fcf3a42dcc3 in pa_mainloop_poll () from /usr/lib/libpulse.so.0
#3  0x00007fcf3a42f088 in pa_mainloop_iterate () from /usr/lib/libpulse.so.0
#4  0x00007fcf3a42f140 in pa_mainloop_run () from /usr/lib/libpulse.so.0
#5  0x00007fcf3a43db1d in ?? () from /usr/lib/libpulse.so.0
#6  0x00007fcf39ff7a00 in ?? () from /usr/lib/libpulsecommon-0.9.21.so
#7  0x00007fcf444dd73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#8  0x00007fcf4acfa69d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#9  0x0000000000000000 in ?? ()

Thread 6 (Thread 0x7fcf107d6910 (LWP 2869)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:261
#1  0x00007fcf1db7aa3b in fifo_peek_int (this_gen=<value optimized out>) at audio_out.c:348
#2  fifo_peek (this_gen=<value optimized out>) at audio_out.c:388
#3  ao_loop (this_gen=<value optimized out>) at audio_out.c:1015
#4  0x00007fcf444dd73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#5  0x00007fcf4acfa69d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#6  0x0000000000000000 in ?? ()

Thread 5 (Thread 0x7fcf07ee2910 (LWP 2875)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:220
#1  0x00007fcf1db69f41 in metronom_sync_loop (this=0x3180300) at metronom.c:870
#2  0x00007fcf444dd73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#3  0x00007fcf4acfa69d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#4  0x0000000000000000 in ?? ()
The current source language is "auto; currently asm".

Thread 4 (Thread 0x7fcf076e1910 (LWP 2876)):
#0  0x00007fcf4acf3f82 in select () from /lib/libc.so.6
#1  0x00007fcf1db92a15 in xine_usec_sleep (usec=<value optimized out>) at utils.c:481
#2  0x00007fcf1db778e9 in video_out_loop (this_gen=<value optimized out>) at video_out.c:1246
#3  0x00007fcf444dd73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#4  0x00007fcf4acfa69d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#5  0x0000000000000000 in ?? ()

Thread 3 (Thread 0x7fcf06ee0910 (LWP 2877)):
#0  0x00007fcf4acef743 in *__GI___poll (fds=<value optimized out>, nfds=<value optimized out>, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007fcf3a43dd0d in ?? () from /usr/lib/libpulse.so.0
#2  0x00007fcf3a42dcc3 in pa_mainloop_poll () from /usr/lib/libpulse.so.0
#3  0x00007fcf3a42f088 in pa_mainloop_iterate () from /usr/lib/libpulse.so.0
#4  0x00007fcf3a42f140 in pa_mainloop_run () from /usr/lib/libpulse.so.0
#5  0x00007fcf3a43db1d in ?? () from /usr/lib/libpulse.so.0
#6  0x00007fcf39ff7a00 in ?? () from /usr/lib/libpulsecommon-0.9.21.so
#7  0x00007fcf444dd73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#8  0x00007fcf4acfa69d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#9  0x0000000000000000 in ?? ()
The current source language is "auto; currently c".

Thread 2 (Thread 0x7fcf026de910 (LWP 2878)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:261
#1  0x00007fcf1db7aa3b in fifo_peek_int (this_gen=<value optimized out>) at audio_out.c:348
#2  fifo_peek (this_gen=<value optimized out>) at audio_out.c:388
#3  ao_loop (this_gen=<value optimized out>) at audio_out.c:1015
#4  0x00007fcf444dd73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#5  0x00007fcf4acfa69d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#6  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7fcf4b456750 (LWP 2831)):
[KCrash Handler]
#5  0x00007fcf35b40190 in typeinfo name for WebCore::QtPluginWidget () from /usr/lib/libQtWebKit.so.4
#6  0x00007fcf3564d9ff in WebCore::FrameLoaderClientQt::committedLoad (this=0x3167620, loader=0x7fcf30198700, data=0x2f1fc18 "OggS", length=15)
    at ../WebKit/qt/WebCoreSupport/FrameLoaderClientQt.cpp:697
#7  0x00007fcf35452c69 in WebCore::DocumentLoader::commitLoad (this=0x7fcf30198700, data=0x2f1fc18 "OggS", length=15) at loader/DocumentLoader.cpp:342
#8  0x00007fcf3548f561 in WebCore::ResourceLoader::didReceiveData (this=0x7fcf301be480, data=0x2f1fc18 "OggS", length=15, lengthReceived=15, allAtOnce=120) at loader/ResourceLoader.cpp:248
#9  0x00007fcf35480fcc in WebCore::MainResourceLoader::didReceiveData (this=0x7fcf301be480, data=0x2f1fc18 "OggS", length=15, lengthReceived=15, allAtOnce=<value optimized out>)
    at loader/MainResourceLoader.cpp:374
#10 0x00007fcf3562dbf3 in WebCore::QNetworkReplyHandler::forwardData (this=0x2e91640) at platform/network/qt/QNetworkReplyHandler.cpp:364
#11 0x00007fcf3562f324 in WebCore::QNetworkReplyHandler::qt_metacall (this=0x2e91640, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=<value optimized out>)
    at .moc/release-shared/moc_QNetworkReplyHandler.cpp:84
#12 0x00007fcf48aedb59 in QObject::event (this=0x2e91640, e=0x2d19090) at kernel/qobject.cpp:1248
#13 0x00007fcf47c018fc in QApplicationPrivate::notify_helper (this=0x151ab10, receiver=0x2e91640, e=0x2d19090) at kernel/qapplication.cpp:4300
#14 0x00007fcf47c07ddb in QApplication::notify (this=0x7fff06d5c910, receiver=0x2e91640, e=0x2d19090) at kernel/qapplication.cpp:4183
#15 0x00007fcf494c5366 in KApplication::notify (this=0x7fff06d5c910, receiver=0x2e91640, event=0x2d19090) at ../../kdeui/kernel/kapplication.cpp:302
#16 0x00007fcf48addf1c in QCoreApplication::notifyInternal (this=0x7fff06d5c910, receiver=0x2e91640, event=0x2d19090) at kernel/qcoreapplication.cpp:704
#17 0x00007fcf48ae0697 in QCoreApplication::sendEvent (receiver=0x0, event_type=<value optimized out>, data=0x14fe470) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#18 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=<value optimized out>, data=0x14fe470) at kernel/qcoreapplication.cpp:1345
#19 0x00007fcf48b07833 in QCoreApplication::sendPostedEvents (s=<value optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:220
#20 postEventSourceDispatch (s=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:276
#21 0x00007fcf43e2d6c2 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#22 0x00007fcf43e31538 in ?? () from /lib/libglib-2.0.so.0
#23 0x00007fcf43e316ec in g_main_context_iteration () from /lib/libglib-2.0.so.0
#24 0x00007fcf48b07373 in QEventDispatcherGlib::processEvents (this=0x14fdf80, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:412
#25 0x00007fcf47cb13de in QGuiEventDispatcherGlib::processEvents (this=0x7fcf301b8070, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:204
#26 0x00007fcf48adc842 in QEventLoop::processEvents (this=<value optimized out>, flags=) at kernel/qeventloop.cpp:149
#27 0x00007fcf48adcc1c in QEventLoop::exec (this=0x7fff06d5c700, flags=) at kernel/qeventloop.cpp:201
#28 0x00007fcf48ae095b in QCoreApplication::exec () at kernel/qcoreapplication.cpp:981
#29 0x00007fcf4b0466bb in kdemain (argc=<value optimized out>, argv=<value optimized out>) at ../../../../apps/konqueror/src/konqmain.cpp:257
#30 0x00007fcf4ac4dabd in __libc_start_main (main=<value optimized out>, argc=<value optimized out>, ubp_av=<value optimized out>, init=<value optimized out>, fini=<value optimized out>, 
    rtld_fini=<value optimized out>, stack_end=0x7fff06d5d2e8) at libc-start.c:222
#31 0x0000000000400699 in _start ()
The current source language is "auto; currently asm".
The current source language is "auto; currently c".

Reported using DrKonqi

Comment 1 Tommi Tervo 2010-05-18 11:43:36 UTC

Maybe a phonon/xine bug, but not a konqueror one.

Comment 2 m2j 2010-05-18 13:06:49 UTC

It happens in Konqueror, Akregator and Rekonq (reported). In contrast Arora and Chromium are working fine.
So it might be in the KDE-Phonon bindings. I didn't knew how to assign it to a specific program, so I used Konqueror.

Comment 3 m2j 2010-05-18 13:13:08 UTC

one more thing: Dragon Player also plays the video without any problem. Is there maybe any http-streaming in phonon, which don't depands on KIO?

Comment 4 Christoph Feck 2010-05-20 19:01:14 UTC

Crash happens at "typeinfo name for WebCore::QtPluginWidget", which looks like there are parts of your system compiled with -rtti enabled, parts of it with -no-rtti (RTTI disabled). I am not sure this is a supported combination.

Comment 5 m2j 2010-05-21 08:23:24 UTC

I reported another bug: https://bugs.kde.org/show_bug.cgi?id=238165
I'm not the only one, who think this one is related to. The other was marked as resolved. Can someone check, if this one is resolved as well? Currently I have no chance to compile current sources to check this.

Comment 6 Dawit Alemayehu 2010-05-22 16:14:17 UTC

(In reply to comment #5)
> I reported another bug: https://bugs.kde.org/show_bug.cgi?id=238165
> I'm not the only one, who think this one is related to. The other was marked as
> resolved. Can someone check, if this one is resolved as well? Currently I have
> no chance to compile current sources to check this.

First 238165 and this bug are not realted though they happen in the same QtWebKit module, the plugin loader. Secondly do you get prompted to "Open/Save" the OGG file when you click on the link ?

Comment 7 Rohan Garg 2010-05-26 10:50:37 UTC

Created attachment 43904 [details]
New crash information added by DrKonqi

Hi
I experience the same crash in rekonq,i have kde 4.4.3,im guessing the problem is with kdelibs and not rekonq

Comment 8 Dawit Alemayehu 2010-05-27 20:54:00 UTC

(In reply to comment #7)
> Created an attachment (id=43904) [details]
> New crash information added by DrKonqi
> 
> Hi
> I experience the same crash in rekonq,i have kde 4.4.3,im guessing the problem
> is with kdelibs and not rekonq

No, this is not a kdelibs issue. See the link below for reasons why

http://mail.kde.org/pipermail/webkit-devel/2010-March/000752.html

Any distribuition that does not disable phonon support when compiling Qt, but rather opts for creating own hack to address the conflict between Qt and KDE versions of phonon are taking their own risks. There is nothing that kdelibs/kdewebkit developers can do to resolve this issue. Now I have no clue whether or not Debian does the hack in their distributed binary packages, but it simply cannot be a coincidence all such reports received so far are from Debian and/or Debian based distros...

For what it is worth, I cannot duplicate this crash in my distribution (Arch Linux) which compiles Qt with the -no-phonon option (which means not HTML 5 video tag support in QtWebKit).

Comment 9 Dawit Alemayehu 2010-06-09 04:49:06 UTC

This is a downstream issue. Specifically you should inquiry with your distro what the following commit message means for the Qt package:

"Add patch to update Qt Phonon from kdesupport Phonon 4.3.80."

See http://lists.alioth.debian.org/pipermail/pkg-kde-commits/2010-March/018030.html

If they are doing what I think they are doing, namely replacing the Qt's phonon package with the one from kdesupport, then they are responsible for the side effects that result from that action. If that is not what the commit message meant, then you need to open a ticket upstream:

https://trac.webkit.org/wiki/QtWebKitBugs