GNOME Bugzilla – Bug 162704
Rhythmbox crashes second time trying to play (64bit system)
Last modified: 2005-01-03 17:51:25 UTC
Distribution: Fedora Core release 3 (Heidelberg) Package: rhythmbox Severity: major Version: GNOME2.8.0 0.8.8 Gnome-Distributor: Red Hat, Inc Synopsis: Rhythmbox crashes second time trying to play Bugzilla-Product: rhythmbox Bugzilla-Component: playback Bugzilla-Version: 0.8.8 BugBuddy-GnomeVersion: 2.0 (2.8.0) Description: Description of the crash: Steps to reproduce the crash: 1. Choose artsd as sink 2. Play 3. Pause 4. Play again Expected Results: no crash How often does this happen? always Additional information: GLib-ERROR **: gmem.c:140: failed to allocate 4294967284 bytes aborting... Debugging Information: Backtrace was generated from '/usr/bin/rhythmbox' (no debugging symbols found)...Using host libthread_db library "/lib64/tls/libthread_db.so.1". (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...[Thread debugging using libthread_db enabled] [New Thread 182894206528 (LWP 2713)] [New Thread 1117804896 (LWP 2739)] [Thread debugging using libthread_db enabled] [New Thread 182894206528 (LWP 2713)] [New Thread 1117804896 (LWP 2739)] [Thread debugging using libthread_db enabled] [New Thread 182894206528 (LWP 2713)] [New Thread 1117804896 (LWP 2739)] [New Thread 1107310944 (LWP 2717)] [New Thread 1098918240 (LWP 2716)] [New Thread 1090525536 (LWP 2715)] [New Thread 1082132832 (LWP 2714)] (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...0x000000376d5bc6d2 in poll () from /lib64/tls/libc.so.6
+ Trace 54058
Thread 2 (Thread 1117804896 (LWP 2739))
------- Bug moved to this database by unknown@bugzilla.gnome.org 2005-01-01 22:49 ------- Unknown platform unknown. Setting to default platform "Other". Unknown milestone "unknown" in product "rhythmbox". Setting to default milestone for this product, '---' The original reporter of this bug does not have an account here. Reassigning to the person who moved it here, unknown@bugzilla.gnome.org. Previous reporter was bug@niftybox.net. Setting to default status "UNCONFIRMED". Setting qa contact to the default for this product. This bug either had no qa contact or an invalid one.
This may be a GStreamer bug. The function where this happens is audioscale_get_type. It happens only with the artsd backend.
Yeah, probably a gstreamer bug. Could you get a backtrace with symbols ? (from rhythmbox/gstreamer and gst-plugins) ?
Okay, here is the relevant thread with debug info: (gdb) bt
+ Trace 54067
I think the problem is that r->o_samples is negative. See: (gdb) p audioscale->gst_resample[0] $12 = {method = GST_RESAMPLE_SINC, channels = 1, verbose = 0, format = GST_RESAMPLE_S16, filter_length = 16, i_rate = 1.3458251953125, o_rate = 1, priv = 0x9157f0, get_buffer = 0x2a999cee30 <gst_audioscale_get_buffer>, halftaps = 7.5, buffer = 0x0, buffer_len = 0, i_start = 0, o_start = 0, i_start_buf = -11.888616780045352, i_end_buf = 0, i_inc = 0.74303854875283448, o_inc = 1.3458251953125, i_end = 0, o_end = 0, i_samples = 0, o_samples = -6, i_buf = 0x0, o_buf = 0x0, acc = {0, 0}, hack_union = {s = {out_tmp = 0x0, out_tmp_len = 0}, padding = {0, 0, 0, 0, 0, 0, 0, 0}}, scale = 0x2a99ad3fd0 <gst_resample_sinc_ft_s16>, ack = 0}
Definitly looks like a gstreamer bug, reassigning.
After poking around a bit in unfamiliar code: Looks like it's trying to resample an empty buffer, and it decides that it needs a negative length buffer. So either the gstreamer resampler should be more defensive or the empty buffer shouldn't have been passed in from Rhythmbox. Or both...
Miron, Rhythmbox doesn't pass buffers to gstreamer, the dataflow is totally handle by gstreamer. What rhythmbox does is to link various gstreamer elements, the flow of buffers is totally internal to gstreamer. So the empty buffer comes from the element before audioscale in the pipeline. If you need some help to debug that problem, you can drop by #gstreamer on irc.freenode.net, you'll probably find someone to help. Are you using the latest gst-plugins version (0.8.6) btw ?
failed to allocate 4294967284 (2^32) bytes on a 64 bit system, looks like 64bit unsafe
No, it's reproduceable on 32-bit machines as well. Integers are still 32-bit on x86-64. *** This bug has been marked as a duplicate of 161179 ***