pulseaudio crashed with SIGILL in pa_volume_memchunk()

Bug #418448 reported by Dave Stroud on 2009-08-25
182
This bug affects 30 people
Affects Status Importance Assigned to Milestone
pulseaudio (Ubuntu)
Medium
Daniel T Chen

Bug Description

Binary package hint: pulseaudio

Had just done a update. Rebooted and sound crashed. Sound restarted and crashed several times while sending bug report. Now there is no sound.

ProblemType: Crash
AplayDevices:
 **** List of PLAYBACK Hardware Devices ****
 card 0: rev50 [VIA 82C686A/B rev50], device 0: VIA 82C686A/B rev50 [VIA 82C686A/B rev50]
   Subdevices: 0/1
   Subdevice #0: subdevice #0
Architecture: i386
ArecordDevices:
 **** List of CAPTURE Hardware Devices ****
 card 0: rev50 [VIA 82C686A/B rev50], device 0: VIA 82C686A/B rev50 [VIA 82C686A/B rev50]
   Subdevices: 0/1
   Subdevice #0: subdevice #0
AudioDevicesInUse:
 USER PID ACCESS COMMAND
 /dev/snd/controlC0: bigdavesr 4068 F.... pulseaudio
 /dev/snd/pcmC0D0c: bigdavesr 4068 F...m pulseaudio
 /dev/snd/pcmC0D0p: bigdavesr 4068 F...m pulseaudio
Card0.Amixer.info:
 Card hw:0 'rev50'/'VIA 82C686A/B rev50 with VIA1612A at 0xdc00, irq 11'
   Mixer name : 'VIA Technologies VIA1612A'
   Components : 'AC97a:56494161'
   Controls : 32
   Simple ctrls : 21
CurrentDmesg:
 [ 38.505565] 0000:00:0a.0: tulip_stop_rxtx() failed (CSR5 0xfc664010 CSR6 0xff972113)
 [ 38.505582] eth0: Setting full-duplex based on MII#1 link partner capability of 45e1.
 [ 46.100013] eth0: no IPv6 routers present
Date: Tue Aug 25 01:09:42 2009
DistroRelease: Ubuntu 9.10
ExecutablePath: /usr/bin/pulseaudio
Package: pulseaudio 1:0.9.16~test6-3-g57e1-0ubuntu1
ProcCmdline: /usr/bin/pulseaudio --start
ProcEnviron:
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-7.27-generic
Signal: 4
SourcePackage: pulseaudio
StacktraceTop:
 ?? () from /usr/lib/libpulsecore-0.9.16.so
 pa_volume_memchunk () from /usr/lib/libpulsecore-0.9.16.so
 pa_sink_render_into () from /usr/lib/libpulsecore-0.9.16.so
 pa_sink_render_into_full ()
 ?? () from /usr/lib/pulse-0.9.16/modules/libalsa-util.so
Title: pulseaudio crashed with SIGILL in pa_volume_memchunk()
Uname: Linux 2.6.31-7-generic i686
UserGroups: adm admin audio cdrom clamav daemon dialout dip fax fuse gdm haldaemon lpadmin netdev plugdev polkituser root sambashare tape video

Dave Stroud (bigdavesr) wrote :

StacktraceTop:pa_volume_s16ne_sse (samples=0xb3784028,
pa_volume_memchunk (c=0xb7f751a0, spec=0x860c024,
pa_sink_render_into (s=0x860bfe8, target=0xb7f75214)
pa_sink_render_into_full (s=0x860bfe8, target=0xb7f752b4)
thread_func (userdata=0x8619f18)

Changed in pulseaudio (Ubuntu):
importance: Undecided → Medium
tags: removed: need-i386-retrace
Dave Stroud (bigdavesr) wrote :

We have had several pulseaudio updates and there is still no sound at all. Is there a work around?

Dave Stroud (bigdavesr) on 2009-08-27
visibility: private → public
Matthew Kennedy (lispnik) wrote :

Anyone *not* using an Athlon XP and encountering this bug?

Daniel T Chen (crimsun) wrote :

To help debug, please install gdb, valgrind, and libc6-dbg.

Here are instructions for valgrind and gdb:

16:34 < dtchen> just make you've set pulseaudio to not respawn:
16:34 < dtchen> echo autospawn = no|tee ~/.pulse/client.conf
16:34 < dtchen> killall pulseaudio
16:35 < dtchen> G_SLICE=always-malloc G_DEBUG=gc-friendly valgrind -v --tool=memcheck --leak-check=full --num-callers=40 --log-file=valgrind.log pulseaudio -vvvv
16:35 < dtchen> for GDB, it's a bit more complicated:
16:35 < dtchen> (you also need autospawn disabled for GDB)
16:36 < dtchen> gdb pulseaudio 2>&1 | tee ~/gdb-pulseaudio.txt
16:36 < dtchen> set args -vvvv
16:36 < dtchen> handle SIGXCPU SIGPWR SIG33 SIG34 SIG42 SIG43 SIG44 SIG45 SIG46 SIG47 SIG48 SIG49 SIG50 SIG51 SIG52 SIG53 SIG63 SIG62 SIG61 SIG60 SIG59 SIG58 nostop noprint
16:36 < dtchen> set pagination 0
16:36 < dtchen> run

Changed in pulseaudio (Ubuntu):
status: New → Triaged
Dave Stroud (bigdavesr) wrote :

Its odd but I am getting sound in some games through wine and some audio in flash on firefox. any other event it crashes. The icon notification goes out and back on as it crashes. daniel I dont understand your instructions. Is this a terminal command? Will be glad to do it if I can. Thanks

Florian Zeitz (florian-zeitz) wrote :

Valgrind result

Florian Zeitz (florian-zeitz) wrote :

gdb result. I hope I got this one right, otherwise just ask.

Matthew Kennedy (lispnik) wrote :

Work around:

Since it is because of the recently added SSE optimization code in http://git.0pointer.de/?p=pulseaudio.git;a=commitdiff;h=7086784573e9e6c92d4c34404f18891c2d19872a you can work around it by apt-getting the source, removing the SSE-related, 2-line if block at the end of src/pulsecore/cpu-x86.c and rebuilding with "dpkg-buildpackage -rfakeroot -b" Just install the pulseaudio and libpulse0 .debs afterwards. After doing this, sound started working for me again.

  Hello lispnik,

  Sunday, August 30, 2009, 7:01:05 PM, you wrote:

  l> Work around:

l> Since it is because of the recently added SSE optimization code in
l> http://git.0pointer.de/?p=pulseaudio.git;a=commitdiff;h=7086784573e9e6c92d4c34404f18891c2d19872a
l> you can work around it by apt-getting the source, removing the SSE-
l> related, 2-line if block at the end of src/pulsecore/cpu-x86.c and
l> rebuilding with "dpkg-buildpackage -rfakeroot -b" Just install the
l> pulseaudio and libpulse0 .debs afterwards. After doing this, sound
l> started working for me again.

  Thank you, I'll try this.

  Regards,
  Ruemere

Cedders (cedric-gn) wrote :

> Anyone *not* using an Athlon XP and encountering this bug?
Mobile Intel(R) Pentium(R) III CPU - M 1066MHz

...but I'm not sure it's the same bug although it has the same title. Recently upgraded to Karmic, and got this on login. Crashed when trying it with valgrind (attached). Please don't spend any time on this as the system has various other problems and I'm reinstalling Jaunty soon, but just in case it's related...

Florian Zeitz (florian-zeitz) wrote :

The new version (1:0.9.16~test6-55-g1200-0ubuntu1~ubuntuaudiodev1) in the ubuntu-audio-dev ppa fixes this for me.

I am also noticing that before pulseaudio crashes, it uses up to 65% of
the CPU. Haven't tried the new version as of yet though.

knarf (launchpad-ubuntu-f) wrote :

Attached is a scripted dump of gdb running pulseaudio through the crash. The salient bits are:

Program received signal SIGILL, Illegal instruction.
[Switching to Thread 0xb3d48b70 (LWP 19218)]
0x00163d2e in pa_volume_s16ne_sse (samples=0xb3d7e028, volumes=0xb3d45ca0,
    channels=2, length=4144) at pulsecore/svolume_sse.c:86
86 __asm__ __volatile__ (
...
...
0x00163d22 <pa_volume_s16ne_sse+402>: pmaddwd %xmm5,%xmm2
0x00163d26 <pa_volume_s16ne_sse+406>: paddd %xmm3,%xmm2
0x00163d2a <pa_volume_s16ne_sse+410>: packssdw %xmm2,%xmm2
0x00163d2e <pa_volume_s16ne_sse+414>: movq %xmm0,(%eax)
0x00163d32 <pa_volume_s16ne_sse+418>: movq %xmm2,0x8(%eax)
0x00163d37 <pa_volume_s16ne_sse+423>: add $0x10,%eax
...
...
#0 0x00163d2e in pa_volume_s16ne_sse (samples=0xb3d7e028, volumes=0xb3d45ca0,
    channels=2, length=4144) at pulsecore/svolume_sse.c:86
#1 0x00160fd0 in pa_volume_memchunk (c=0xb3d481a0, spec=0x808f1bc,
    volume=0xb3d4811c) at pulsecore/sample-util.c:762
#2 0x0017c0c0 in pa_sink_render_into (s=0x808f180, target=0xb3d48214)
    at pulsecore/sink.c:1018

In other words, this binary contains SSE2 instructions (PACKSSDW) and thus does not work on my Pentium III-m equipped IBM ThinkPad T23... that processor supports SSE but not SSE2.

knarf (launchpad-ubuntu-f) wrote :

...and the version in the ubuntu-audio-dev (pulseaudio-0.9.16~test7-14-g7ca81) does NOT fix the problem:

frank@ostrogoth:/usr/src/pulseaudio-0.9.16~test7-14-g7ca81/src$ pulseaudio -k;script -c 'gdb pulseaudio' ~/debug_pa_5
E: main.c: Failed to kill daemon: No such file or directory
Script started, file is /home/frank/debug_pa_5
...
(gdb) r
Starting program: /usr/bin/pulseaudio
[Thread debugging using libthread_db enabled]
Executing new program: /usr/bin/pulseaudio
[Thread debugging using libthread_db enabled]
W: pid.c: Stale PID file, overwriting.
[New Thread 0xb3d48b70 (LWP 21109)]
[New Thread 0xb3541b70 (LWP 21110)]

Program received signal SIGILL, Illegal instruction.
[Switching to Thread 0xb3d48b70 (LWP 21109)]
0x001473b4 in pa_volume_s16ne_sse (samples=0xb3d8e028, volumes=0xb3d45ca0,
    channels=2, length=8) at pulsecore/svolume_sse.c:86
86 __asm__ __volatile__ (

Same problem...

knarf (launchpad-ubuntu-f) wrote :

As the main problem of the current pulseaudio code lies in the fact that it claims to use 'SSE' optimised code while it actually uses SSE2 (or later) optimized code, the simplest solution is to change the activation threshold for these optimisations. The attached patch achieves this and works on my T23.

A better solution would be to try to SSE-optimise the code for those SSE2-challenged processors but that is something for a later hour...

Daniel T Chen (crimsun) on 2009-09-06
Changed in pulseaudio (Ubuntu):
status: Triaged → In Progress
assignee: nobody → Daniel T Chen (crimsun)
Daniel T Chen (crimsun) wrote :

Uploaded to ubuntu-audio-dev PPA, thanks "knarf"!

Changed in pulseaudio (Ubuntu):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pulseaudio - 1:0.9.16~test7-14-g7ca81-0ubuntu1

---------------
pulseaudio (1:0.9.16~test7-14-g7ca81-0ubuntu1) karmic; urgency=low

  * New git snapshot of origin/master (0.9.16~test7-14-g7ca81)
    fixes LP: #419658, #422451, #424127
  * debian/pulseaudio.install: add module-loopback
  * debian/control: remove liboil*-dev build-dependency thanks to
    included ASM optimisations
  * debian/copyright: update; we've added module-loopback
  * debian/patches/0052-disable-cpu-limit.patch: Disable cpu limit as
    per 812be327836c93492ad389333bcc037566141eb8
  * debian/patches/0053-add-input-sources.patch: Add internal mic and
    docking station as per 8cd635bc614834c13d0f1c586d472b4a52b98664
  * debian/patches/0054-use-sse2-volume.patch: Only use if SSE2 is
    available. This is a workaround for LP: #418448, thanks "knarf"!

 -- Daniel T Chen <email address hidden> Sun, 06 Sep 2009 14:23:15 -0400

Changed in pulseaudio (Ubuntu):
status: Fix Committed → Fix Released
Ruben Verweij (ruben-verweij) wrote :

I have upgraded to version 1:0.9.16~test7-14-g7ca81-0ubuntu1, and "top"
reports pulseaudio is still using 66.1% of my CPU sources... Is there
something I can do about this?

Ruben, that isn't the issue associated with this bug report.

On Sep 7, 2009 12:00 PM, "Ruben Verweij" <email address hidden> wrote:

I have upgraded to version 1:0.9.16~test7-14-g7ca81-0ubuntu1, and "top"
reports pulseaudio is still using 66.1% of my CPU sources... Is there
something I can do about this?

-- pulseaudio crashed with SIGILL in pa_volume_memchunk()
https://bugs.launchpad.net/bugs/418448 Y...

Daniel T Chen (crimsun) wrote :

I have reverted the workaround present (0054-use-sse2-volume.patch) in Karmic's source package and have used the existing fix in git HEAD. See the ubuntu-audio-dev PPA.

knarf (launchpad-ubuntu-f) wrote :

Unfortunately the latest version from the ubuntu-audio-dev (1:0.9.16~test7-14-g7ca81-0ubuntu2~ubuntuaudiodev1) exhibits the same bug again:

Program received signal SIGILL, Illegal instruction.
[Switching to Thread 0xb3d3cb70 (LWP 25096)]
0x001f03b4 in pa_volume_s16ne_sse (samples=0xb3d7e028, volumes=0xb3d39ca0,
    channels=2, length=22940) at pulsecore/svolume_sse.c:86
86 __asm__ __volatile__ (

...at exactly the same spot. This 'upstream fix' does not seem to work, which is strange as I checked the upstream GIT version of the patch which does seem to be effective. The sources in your PPA also don't seem to contain the patch, are you sure you applied it correctly? According to the upstream patch...

(http://git.0pointer.de/?p=pulseaudio.git;a=blobdiff;f=src/pulsecore/svolume_sse.c;h=d9dcf476103c2a136b4b3679247485e5565306c9;hp=54af4a57384c9d6cc21e4056235d790594119b14;hb=b5ac3839e18524524fa3e0da7ec68dbce16e8203;hpb=812be327836c93492ad389333bcc037566141eb8)

...the svolume_sse.c file should contain a conditional initialisation:

+ if (flags & PA_CPU_X86_SSE2) {
+ pa_set_volume_func (PA_SAMPLE_S16NE, (pa_do_volume_func_t) pa_volume_s16ne_sse2);
+ pa_set_volume_func (PA_SAMPLE_S16RE, (pa_do_volume_func_t) pa_volume_s16re_sse2);
+ }

The file in pulseaudio-0.9.16~test7-14-g7ca81 does not contain this sequence, nor the referenced <blah_sse2 functions. It looks like the patch was not applied...

I'll revert the reversion locally for now...

knarf (launchpad-ubuntu-f) wrote :

It seems like the patch did succeed this time around, version 1:0.9.16~test7-14-g7ca81-0ubuntu3~ubuntuaudiodev1 works on my T23... What went wrong last time?

knarf (launchpad-ubuntu-f) wrote :

...and stranger still, the source I get from the PPA does NOT contain the patch. How can that be?

  $ grep -c -i sse2 pulseaudio-0.9.16~test7-14-g7ca81/src/pulsecore/svolume_sse.c
  0

zero? And the binary also contains the 'original' function names:

  $ nm -D /usr/lib/libpulsecore-0.9.16.so |grep sse
  ...
  0003b810 T pa_convert_func_init_sse
  0002b8c0 T pa_remap_func_init_sse
  00037830 T pa_volume_func_init_sse

...but it works? Stranger and stranger...

Daniel T Chen (crimsun) wrote :

On Wed, Sep 9, 2009 at 6:29 AM, knarf<email address hidden> wrote:
> ...and stranger still, the source I get from the PPA does NOT contain
> the patch. How can that be?

See debian/patches/0054-volume-libpulse-backported-fixes.patch

knarf (launchpad-ubuntu-f) wrote :

OK, I see. I assumed that the upstream patch was integrated in the vanilla source, which it wasn't...

To post a comment you must log in.