[pulseaudio-discuss] PA 7.0 crash with KDE

Sat Oct 17 01:41:51 PDT 2015

On Fri, 16 Oct 2015 22:23:30 +0200,
David Henningsson wrote:
> 
> 
> 
> On 2015-10-16 17:58, Takashi Iwai wrote:
> > On Fri, 16 Oct 2015 14:59:38 +0200,
> > Takashi Iwai wrote:
> >>
> >> On Fri, 16 Oct 2015 13:50:58 +0200,
> >> David Henningsson wrote:
> >>>
> >>>
> >>>
> >>> On 2015-10-16 10:35, Takashi Iwai wrote:
> >>>> On Fri, 16 Oct 2015 09:16:04 +0200,
> >>>> David Henningsson wrote:
> >>>>>
> >>>>> (Adding pulseaudio-discuss to CC)
> >>>>>
> >>>>> On 2015-10-15 16:26, Takashi Iwai wrote:
> >>>>>> Hi David,
> >>>>>>
> >>>>>> we got bug reports with PA 7.0 where the recent KDE crashes.
> >>>>>> It seems that srbchannel=no works around it, so there is still
> >>>>>> something fishy there.
> >>>>>>
> >>>>>> The bug report is found at
> >>>>>>      http://bugzilla.opensuse.org/show_bug.cgi?id=950487
> >>>>>
> >>>>> Hi Takashi and thanks for reporting.
> >>>>>
> >>>>> I've tried running PA 7.0's pactl under valgrind, and it reports no
> >>>>> errors here. Still, looking at the one of the backtraces the value of f
> >>>>> is something interesting:
> >>>>>
> >>>>> #6  flush (f=f at entry=0x4545454545454545) at pulsecore/fdsem.c:143
> >>>>> #7  0x00007fe30f378fc2 in pa_fdsem_before_poll (f=0x4545454545454545) at
> >>>>> pulsecore/fdsem.c:295
> >>>>> #8  0x00007fe30f38f697 in srbchannel_rwloop (sr=0x25bdd40) at
> >>>>> pulsecore/srbchannel.c:203
> >>>>>
> >>>>> Does 0x4545454545454545 mean anything specific on OpenSUSE? (Like, a
> >>>>> magic clear value or something?)
> >>>>
> >>>> I don't think it's openSUSE specific.  It's likely the guard put by
> >>>> either gcc or glibc.
> >>>> FWIW, we pass the default optimization flags like:
> >>>>     CFLAGS=-fmessage-length=0 -grecord-gcc-switches -O2 -Wall \
> >>>>       -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables \
> >>>>       -fasynchronous-unwind-tables -g -fPIE
> >>>>
> >>>> The problem was reported from both gcc-4.8 and gcc-5.x systems, so the
> >>>> gcc version is likely irrelevant.
> >>>>
> >>>>> Also, are there any distro patches to OpenSUSE and if so, where can I
> >>>>> find them?
> >>>>
> >>>> No, there is no patches apparently relevant with this.  Actually there are
> >>>> three patches, one is to check an additional environment check in
> >>>> start-pulseaudio-x11, another is to suppress an error log at
> >>>> sockaddr_prepare(), and the last is a fix in memset() size in
> >>>> echo-cancel/adrian-aec.c.  But all these should be safe.
> >>>>
> >>>> All sources, patches, build log and binaries are found in OBS, e.g. at
> >>>>     https://build.opensuse.org/package/show/multimedia:libs/pulseaudio
> >>>
> >>> Ok, thanks.
> >>>
> >>> I've been trying to analyze the backtrace.
> >>>
> >>> My guess is that the srbchannel is being destroyed somehow, but I don't
> >>> see how. Any chance we can get more info from this, e g, build
> >>> pulseaudio's client library with -DDEBUG_SRBCHANNEL=1 and then get a log
> >>> like this:
> >>>
> >>> PULSE_LOG=99 pactl info
> >>>
> >>> ...which includes the crash?
> >>
> >> OK, I'm building a package with the debug enabled and will ask
> >> reporters to test with it.
> >
> > Attached below.
> 
> Thanks.
> 
> > Freeing srbchannel
> > In rw loop from srbchannel, after callback, count = -1680245669
> > Errore di segmentazione
> 
> That's the culprit, after freeing srbchannel it should say "Aborting 
> read loop from srbchannel" instead of "In rw loop from srbchannel".
> 
> I believe that I've fixed it - could you try the attached patch and 
> verify that it fixes the problem?
> 
> (I think when I'm running it under valgrind the timing changes somehow 
> so that the bug does not occur, that's why I didn't find it myself...)

The patch was confirmed to work.  Thanks!

Takashi