Bug 509016

Summary:

Impress random (but reproduce able) crashes when dealing with embedded mp4 media

Product:

[Fedora] Fedora

Reporter:

drago01

Component:

openoffice.org

Assignee:

Caolan McNamara <caolanm>

Status:

CLOSED CANTFIX

QA Contact:

Fedora Extras Quality Assurance <extras-qa>

Severity:

medium

Docs Contact:

Priority:

low

Version:

CC:

caolanm, dtardon

Target Milestone:

---

Target Release:

---

Hardware:

All

OS:

Linux

Whiteboard:

Fixed In Version:

Doc Type:

Bug Fix

Doc Text:

Story Points:

---

Clone Of:

Environment:

Last Closed:

2009-07-01 13:46:48 UTC

Type:

---

Regression:

---

Mount Type:

---

Documentation:

---

CRM:

Verified Versions:

Category:

---

oVirt Team:

---

RHEL 7.3 requirements from Atomic Host:

Cloudforms Team:

---

Target Upstream Version:

Embargoed:

Attachments:

Description	Flags
sample video	none

Description drago01 2009-06-30 21:17:08 UTC

Description of problem:

When adding embed video to a presentation I experience some random crashes while dealing with the video (re size or move it around).

Sometimes nothing happens but most of the time I just get a crash report.

This also happens when playing videos during a presentation (sometimes it works fine sometimes it does not, if you have multiple videos in the presentation the probability of it to just crash when opening the slide with the video is high).

This happened today during a "real world" presentation which well wasn't very well received by the audience. 

Small note: Videos are just displayed as a grey box with a question mark starting with F11 (in F10 there was a preview of the video), but this is not really the issue.

Version-Release number of selected component (if applicable):
openoffice.org-impress-3.1.0-11.3.fc11.x86_64

How reproducible:
Very often

Steps to Reproduce:
1. Insert a video
2. Try to move or resize it / play it during the presentation
  
Actual results:

crash

Expected results:

I should be able to work with the video just fine and I shouldn't experience crashes during the presentation when using videos,

Additional info:

Crash output:
------------------------------------------
(I)    x.org loaded video driver of...
(II) Loading /usr/lib64/xorg/modules/drivers//nvidia_drv.so
(--) Depth 24 pixmap format is 32 bpp
(III)  Desktop is: GNOME
(IV)   openoffice.org-kde version is: Das Paket openoffice.org-kde ist nicht installiert
(V)    libgcj version is: libgcj-4.4.0-4-x86_64
(VI)   kernel is: Linux 2.6.29.5-191.fc11.x86_64 #1 SMP Tue Jun 16 23:23:21 EDT 2009 x86_64 x86_64 x86_64
(VII)  OpenOffice.org core rpm version is: openoffice.org-core-3.1.0-11.3.fc11-x86_64
(VIII) accessibility is: false
(IX)   gtk theme is: Nodoka
(X)    icon theme is: Fedora
(XI)   metacity theme is: Nodoka
(XII)  fedora release is: Fedora release 11 (Leonidas)
(XIII) LANG is: de_DE.UTF-8
...start free space details ...
Dateisystem          1K‐Blöcke   Benutzt Verfügbar Ben% Eingehängt auf
/dev/sda2            954735564  72531284 833706456   9% /
tmpfs                  3029952     55912   2974040   2% /tmp
...end free space details ...
...start (default) java details ...
java version "1.6.0_0"
OpenJDK Runtime Environment (IcedTea6 1.5) (fedora-22.b16.fc11-x86_64)
OpenJDK 64-Bit Server VM (build 14.0-b15, mixed mode)
...end (default) java details ...
...start sestatus details ...
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
...end sestatus details ...
...start stackreport details ...
0x7fc4ef633d8c: 0x1eb288: /usr/lib64/openoffice.org3/program/../basis-link/ure-link/lib/libuno_sal.so.3 + 0x37d8c
0x7fc4ef6348ae: 0x1eb288: /usr/lib64/openoffice.org3/program/../basis-link/ure-link/lib/libuno_sal.so.3 + 0x388ae
0x7fc4efa25370: 0x167b40: /lib64/libc.so.6 + 0x33370
...end stackreport details ...
...start sample ldd details ...
	linux-vdso.so.1 =>  (0x00007fffd03ff000)
	libgtk-x11-2.0.so.0 => /usr/lib64/libgtk-x11-2.0.so.0 (0x00007fb6ae6bb000)
	libgdk-x11-2.0.so.0 => /usr/lib64/libgdk-x11-2.0.so.0 (0x00007fb6ae41c000)
	libatk-1.0.so.0 => /usr/lib64/libatk-1.0.so.0 (0x00007fb6ae1fd000)
	libgio-2.0.so.0 => /lib64/libgio-2.0.so.0 (0x00007fb6adf85000)
	libpangoft2-1.0.so.0 => /usr/lib64/libpangoft2-1.0.so.0 (0x00007fb6add57000)
	libgdk_pixbuf-2.0.so.0 => /usr/lib64/libgdk_pixbuf-2.0.so.0 (0x00007fb6adb3a000)
	libpangocairo-1.0.so.0 => /usr/lib64/libpangocairo-1.0.so.0 (0x00007fb6ad92f000)
	libcairo.so.2 => /usr/lib64/libcairo.so.2 (0x00007fb6ad6b7000)
	libpango-1.0.so.0 => /usr/lib64/libpango-1.0.so.0 (0x00007fb6ad46f000)
	libfreetype.so.6 => /usr/lib64/libfreetype.so.6 (0x00007fb6ad1d7000)
	libfontconfig.so.1 => /usr/lib64/libfontconfig.so.1 (0x00007fb6acfa1000)
	libgmodule-2.0.so.0 => /lib64/libgmodule-2.0.so.0 (0x00007fb6acd9e000)
	libgthread-2.0.so.0 => /lib64/libgthread-2.0.so.0 (0x00007fb6acb9a000)
	librt.so.1 => /lib64/librt.so.1 (0x00007fb6ac991000)
	libdbus-glib-1.so.2 => /usr/lib64/libdbus-glib-1.so.2 (0x00007fb6ac770000)
	libdbus-1.so.3 => /lib64/libdbus-1.so.3 (0x00007fb6ac532000)
	libgobject-2.0.so.0 => /lib64/libgobject-2.0.so.0 (0x00007fb6ac2ee000)
	libglib-2.0.so.0 => /lib64/libglib-2.0.so.0 (0x00007fb6ac010000)
	libvclplug_genlx.so => /usr/lib64/openoffice.org/basis3.1/program/libvclplug_genlx.so (0x00007fb6abd7a000)
	libvcllx.so => /usr/lib64/openoffice.org/basis3.1/program/libvcllx.so (0x00007fb6ab78a000)
	libpsplx.so => /usr/lib64/openoffice.org/basis3.1/program/libpsplx.so (0x00007fb6ab498000)
	libsotlx.so => /usr/lib64/openoffice.org/basis3.1/program/libsotlx.so (0x00007fb6ab233000)
	libutllx.so => /usr/lib64/openoffice.org/basis3.1/program/libutllx.so (0x00007fb6aaf95000)
	libtllx.so => /usr/lib64/openoffice.org/basis3.1/program/libtllx.so (0x00007fb6aace8000)
	libcomphelp4gcc3.so => /usr/lib64/openoffice.org/basis3.1/program/libcomphelp4gcc3.so (0x00007fb6aa988000)
	libucbhelper4gcc3.so => /usr/lib64/openoffice.org/basis3.1/program/libucbhelper4gcc3.so (0x00007fb6aa706000)
	libuno_cppuhelpergcc3.so.3 => /usr/lib64/openoffice.org/basis3.1/program/../ure-link/lib/libuno_cppuhelpergcc3.so.3 (0x00007fb6aa45e000)
	libuno_cppu.so.3 => /usr/lib64/openoffice.org/basis3.1/program/../ure-link/lib/libuno_cppu.so.3 (0x00007fb6aa231000)
	libvos3gcc3.so => /usr/lib64/openoffice.org/basis3.1/program/libvos3gcc3.so (0x00007fb6aa00a000)
	libuno_sal.so.3 => /usr/lib64/openoffice.org/basis3.1/program/../ure-link/lib/libuno_sal.so.3 (0x00007fb6a9c14000)
	libXrandr.so.2 => /usr/lib64/libXrandr.so.2 (0x00007fb6a9a0c000)
	libX11.so.6 => /usr/lib64/libX11.so.6 (0x00007fb6a96d2000)
	libXext.so.6 => /usr/lib64/libXext.so.6 (0x00007fb6a94c0000)
	libdl.so.2 => /lib64/libdl.so.2 (0x00007fb6a92bc000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fb6a909f000)
	libstdc++.so.6 => /usr/lib64/libstdc++.so.6 (0x00007fb6a8d94000)
	libm.so.6 => /lib64/libm.so.6 (0x00007fb6a8b10000)
	libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007fb6a88f5000)
	libc.so.6 => /lib64/libc.so.6 (0x00007fb6a8587000)
	libXfixes.so.3 => /usr/lib64/libXfixes.so.3 (0x00007fb6a8382000)
	libXrender.so.1 => /usr/lib64/libXrender.so.1 (0x00007fb6a8178000)
	libXinerama.so.1 => /usr/lib64/libXinerama.so.1 (0x00007fb6a7f76000)
	libXi.so.6 => /usr/lib64/libXi.so.6 (0x00007fb6a7d6c000)
	libXcursor.so.1 => /usr/lib64/libXcursor.so.1 (0x00007fb6a7b61000)
	libXcomposite.so.1 => /usr/lib64/libXcomposite.so.1 (0x00007fb6a795f000)
	libXdamage.so.1 => /usr/lib64/libXdamage.so.1 (0x00007fb6a775d000)
	libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fb6a753e000)
	libpng12.so.0 => /usr/lib64/libpng12.so.0 (0x00007fb6a7319000)
	libpixman-1.so.0 => /usr/lib64/libpixman-1.so.0 (0x00007fb6a70d3000)
	libz.so.1 => /lib64/libz.so.1 (0x00007fb6a6ebe000)
	libexpat.so.1 => /lib64/libexpat.so.1 (0x00007fb6a6c96000)
	/lib64/ld-linux-x86-64.so.2 (0x00007fb6aef1f000)
	libcap.so.2 => /lib64/libcap.so.2 (0x00007fb6a6a91000)
	libbasegfxlx.so => /usr/lib64/openoffice.org/basis3.1/program/libbasegfxlx.so (0x00007fb6a67eb000)
	libSM.so.6 => /usr/lib64/libSM.so.6 (0x00007fb6a65e2000)
	libICE.so.6 => /usr/lib64/libICE.so.6 (0x00007fb6a63c6000)
	libi18nisolang1gcc3.so => /usr/lib64/openoffice.org/basis3.1/program/libi18nisolang1gcc3.so (0x00007fb6a61bf000)
	libi18nutilgcc3.so => /usr/lib64/openoffice.org/basis3.1/program/libi18nutilgcc3.so (0x00007fb6a5fac000)
	libicuuc.so.40 => /usr/lib64/libicuuc.so.40 (0x00007fb6a5c67000)
	libicudata.so.40 => /usr/lib64/libicudata.so.40 (0x00007fb6a4d21000)
	libicule.so.40 => /usr/lib64/libicule.so.40 (0x00007fb6a4aec000)
	libjvmaccessgcc3.so.3 => /usr/lib64/openoffice.org/basis3.1/program/../ure-link/lib/libjvmaccessgcc3.so.3 (0x00007fb6a48e5000)
	libuno_salhelpergcc3.so.3 => /usr/lib64/openoffice.org/basis3.1/program/../ure-link/lib/libuno_salhelpergcc3.so.3 (0x00007fb6a46e0000)
	libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007fb6a44a8000)
	libxcb.so.1 => /usr/lib64/libxcb.so.1 (0x00007fb6a428d000)
	libXau.so.6 => /usr/lib64/libXau.so.6 (0x00007fb6a408b000)
	libattr.so.1 => /lib64/libattr.so.1 (0x00007fb6a3e86000)
	libuuid.so.1 => /lib64/libuuid.so.1 (0x00007fb6a3c82000)
	libfreebl3.so => /lib64/libfreebl3.so (0x00007fb6a3a23000)
...end sample ldd details ...
--------------------

Comment 1 David Tardon 2009-07-01 06:22:39 UTC

I'm not able to reproduce it with 3.1.0-11.3.fc11.x86_64 with video(s) in Theora format. I was moving video objects around, resizing them, copying them and so on, but no crash. Could you attach a sample presentation or a sample video here?

Comment 2 drago01 2009-07-01 06:40:48 UTC

(In reply to comment #1)
> I'm not able to reproduce it with 3.1.0-11.3.fc11.x86_64 with video(s) in
> Theora format. I was moving video objects around, resizing them, copying them
> and so on, but no crash. Could you attach a sample presentation or a sample
> video here?  

I can confirm that this does not happen with theora encoded videos. 
The videos in questions are ones downloaded from youtube and converted from flv to mp4 (just changing the container not the audio/video codecs).

As for the presentation an empty one with one slide is enough to reproduce it.

I will attach an example.

Comment 3 drago01 2009-07-01 06:41:34 UTC

Created attachment 350060 [details]
sample video

Comment 4 Caolan McNamara 2009-07-01 08:23:22 UTC

Seeing as fedora itself doesn't come with codecs for mp4 then presumably you have extra ones installed, maybe from rpmfusion or something, out-of-the-box the video doesn't play in totem, so...

what's the output of

yum repolist enabled
rpm -q gstreamer-plugins-bad gstreamer-plugins-good gstreamer-plugins-base

(playing in totem and resizing the totem window is fine right ?)

Comment 5 drago01 2009-07-01 08:47:15 UTC

(In reply to comment #4)
> Seeing as fedora itself doesn't come with codecs for mp4 then presumably you
> have extra ones installed, maybe from rpmfusion or something, out-of-the-box
> the video doesn't play in totem, so...

Yes the codecs where installed from rpmfusion.

> what's the output of
> 
> yum repolist enabled
> rpm -q gstreamer-plugins-bad gstreamer-plugins-good gstreamer-plugins-base

rpm -q gstreamer-plugins-bad gstreamer-plugins-good gstreamer-plugins-base gstreamer-ffmpeg
gstreamer-plugins-bad-0.10.12-2.fc11.x86_64
gstreamer-plugins-good-0.10.15-1.fc11.x86_64
gstreamer-plugins-base-0.10.23-1.fc11.x86_64
gstreamer-ffmpeg-0.10.7-2.fc11.1.x86_64

> (playing in totem and resizing the totem window is fine right ?)  

It works just fine in totem, I can resize, fullscreen it etc without any problems.
Also editing with pitivi (which uses gstreamer) works fine.

Comment 6 Caolan McNamara 2009-07-01 10:06:53 UTC

Hmm, I can get it to crash sometimes as well with that configuration. 

The most meaningful trace is

0x2cae1e: 0x1c04c0: /usr/lib/openoffice.org3/program/../basis-link/ure-link/lib/libuno_sal.so.3 + 0x20e1e
0x2cb765: 0x1c04c0: /usr/lib/openoffice.org3/program/../basis-link/ure-link/lib/libuno_sal.so.3 + 0x21765
0x981400: 0x0:  + 0x400 (__kernel_sigreturn + 0x0)
0xb12b51e0: 0x54605c: /usr/lib/i686/libavcodec.so.52 + 0x2a41e0
0xb10fcf76: 0x54605c: /usr/lib/i686/libavcodec.so.52 + 0xebf76 (avcodec_decode_video + 0x66)
0x42950a8: 0x32ef4: /usr/lib/gstreamer-0.10/libgstffmpeg.so + 0x150a8
0x4298ca3: 0x32ef4: /usr/lib/gstreamer-0.10/libgstffmpeg.so + 0x18ca3
0x429bcf8: 0x32ef4: /usr/lib/gstreamer-0.10/libgstffmpeg.so + 0x1bcf8
0x7c84a8b: 0xc3eb8: /usr/lib/libgstreamer-0.10.so.0 + 0x4fa8b
0x7c85d92: 0xc3eb8: /usr/lib/libgstreamer-0.10.so.0 + 0x50d92 (gst_pad_push + 0x2c2)
0x426abe8: 0x2c2a8: /usr/lib/gstreamer-0.10/libgstcoreelements.so + 0x17be8
0x7ca90dd: 0xc3eb8: /usr/lib/libgstreamer-0.10.so.0 + 0x740dd
0x7a7c79f: 0xdd050: /lib/libglib-2.0.so.0 + 0x6079f
0x7a7b16f: 0xdd050: /lib/libglib-2.0.so.0 + 0x5f16f
0x657935: 0x16eb4: /lib/libpthread.so.0 + 0x5935
0x21682e: 0x16cd7c: /lib/libc.so.6 + 0xde82e (clone + 0x5e)

i.e. from ffmpeg-libs

Comment 7 Caolan McNamara 2009-07-01 13:46:48 UTC

Seems to be a lot of things not quite right about that entire stack of libs, but taking the most common crash, we have...

Program terminated with signal 11, Segmentation fault.
b#0  0xb1a2cff8 in decode_frame (avctx=0xb31c0da0, data=0xb4c88600, data_size=0xae3fdeac, buf=0xaee4f6e0 "", buf_size=851)
    at /usr/src/debug/ffmpeg-0.5/libavcodec/h264.c:7844
7844	            for(i=1; h->delayed_pic[i] && (h->delayed_pic[i]->poc && !h->delayed_pic[i]->key_frame); i++)
Missing separate debuginfos, use: debuginfo-install openoffice.org-brand-3.1.1-12.3.fc11.i586
(gdb) bt
#0  0xb1a2cff8 in decode_frame (avctx=0xb31c0da0, data=0xb4c88600, data_size=0xae3fdeac, buf=0xaee4f6e0 "", buf_size=851)
    at /usr/src/debug/ffmpeg-0.5/libavcodec/h264.c:7844
#1  0xb1874f96 in avcodec_decode_video (avctx=0xb31c0da0, picture=0xb4c88600, got_picture_ptr=0xae3fdeac, buf=0xaee4f6e0 "", buf_size=851)
    at /usr/src/debug/ffmpeg-0.5/libavcodec/utils.c:529
#2  0x026340c8 in gst_ffmpegdec_video_frame (ffmpegdec=0x0, data=<value optimized out>, size=851, in_timestamp=633966666, in_duration=33366667, 
    outbuf=0xae3fdf9c, ret=0xae3fe060) at gstffmpegdec.c:1516
#3  0x02637cc3 in gst_ffmpegdec_frame (ffmpegdec=<value optimized out>, data=0xaee4f6e0 "", size=851, got_data=0xae3fe064, in_timestamp=633966666, 
    in_duration=33366667, ret=0xae3fe060) at gstffmpegdec.c:1927
#4  0x0263ad18 in gst_ffmpegdec_chain (pad=0xb4cb5290, inbuf=0xaee3db48) at gstffmpegdec.c:2332
#5  0x0294fa8b in ?? () from /usr/lib/libgstreamer-0.10.so.0
#6  0x02950d92 in gst_pad_push () from /usr/lib/libgstreamer-0.10.so.0
#7  0x025fabe8 in gst_pad_peer_accept_caps () from /usr/lib/gstreamer-0.10/libgstcoreelements.so
#8  0x029740dd in ?? () from /usr/lib/libgstreamer-0.10.so.0
#9  0x02d5379f in ?? () from /lib/libglib-2.0.so.0
#10 0x02d5216f in ?? () from /lib/libglib-2.0.so.0
#11 0x00c5d935 in start_thread () from /lib/libpthread.so.0
#12 0x00b9182e in clone () from /lib/libc.so.6
Current language:  auto; currently minimal
(gdb) print i
$1 = 18
(gdb) print sizeof(h->delayed_pic)/sizeof(void*)
$2 = 18

i.e. apparently ffmpeg has a block of delayed_pic and is reading past the end of that buffer

So this needs to be re-reported to the rpmfusion maintainer of ffmpeg-libs with this extra info in this comment (might be similar to https://roundup.ffmpeg.org/roundup/ffmpeg/issue1231)