Can you get a gdb backtrace of such a crash?

(In reply to Michel Dänzer from comment #1)
> Can you get a gdb backtrace of such a crash?

Yea - should have thought to enable core dumps.

So it seems it's flash (even though I have an apparently functioning flashblock enabled in seamonkey)

Core was generated by `/usr/lib/seamonkey-2.33.1/plugin-container /usr/lib/mozilla/plugins/libflashpla'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  list_del (item=0x5a5a5a5a5a5a5a5a) at ../util_double_list.h:79
79          item->prev->next = item->next;
(gdb) bt
#0  list_del (item=0x5a5a5a5a5a5a5a5a) at ../util_double_list.h:79
#1  amdgpu_vamgr_deinit (mgr=0x7fa26ec0b4c0 <vamgr>) at amdgpu_vamgr.c:47
#2  amdgpu_vamgr_reference (dst=0x7fa274e19ea0, src=0x0) at amdgpu_vamgr.c:67
#3  0x00007fa26ea07d82 in amdgpu_device_free_internal (dev=0x7fa274e19c00) at amdgpu_device.c:228
#4  0x00007fa26ea07e09 in amdgpu_device_reference (dst=dst@entry=0x7ffd04cca7a8, src=src@entry=0x0) at amdgpu_device.c:246
#5  0x00007fa26ea08125 in amdgpu_device_deinitialize (dev=0x7fa274e19c00) at amdgpu_device.c:238
#6  0x00007fa26f54fa1f in amdgpu_winsys_destroy (rws=0x7fa274e91800) at amdgpu_winsys.c:296
#7  0x00007fa26f553f5f in r600_destroy_common_screen (rscreen=0x7fa274e1a000) at r600_pipe_common.c:963
#8  0x00007fa26f46a7a1 in vl_screen_destroy (vscreen=0x7fa274e2cb00) at vl/vl_winsys_dri.c:431
#9  0x00007fa26f464776 in vlVdpDeviceFree (dev=dev@entry=0x7fa274eb3140) at device.c:230
#10 0x00007fa26f464874 in DeviceReference (dev=0x0, ptr=<synthetic pointer>) at vdpau_private.h:553
#11 vlVdpDeviceDestroy (device=1) at device.c:215
#12 0x00007fa273ea8df8 in ?? () from /usr/lib/mozilla/plugins/libflashplayer.so
#13 0x00007fa273b08475 in ?? () from /usr/lib/mozilla/plugins/libflashplayer.so

Should add - I've been playing around quite a bit with vdpau/uvd with mplayer, mpv and ffmpeg - AFAICT I haven't managed to trigger this using them.

(In reply to Andy Furniss from comment #2)
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0  list_del (item=0x5a5a5a5a5a5a5a5a) at ../util_double_list.h:79

Looks like memory corruption. I don't suppose you can run this thing in valgrind?

(In reply to Michel Dänzer from comment #4)
> (In reply to Andy Furniss from comment #2)
> > Program terminated with signal SIGSEGV, Segmentation fault.
> > #0  list_del (item=0x5a5a5a5a5a5a5a5a) at ../util_double_list.h:79
> 
> Looks like memory corruption. I don't suppose you can run this thing in
> valgrind?

Seems I can't provoke this when running under valgrind.

There are thousands of other errors.

The version of flash I first reported with got marked as insecure, but the new version still has the issue - well maybe it's seamonkey that has the issue as plugin-containe is mentioned in the trap. 

Flash does still function OK and use vdpau after the trap.

When I get time I'll try Hg seamonkey and maybe firefox and see if it's still there.

Can you attach the valgrind errors?

Created attachment 117107 [details]
valgrind errors seamonkey.

After seeing these initially I updates a whole host of seamonkey dependencies as listed in Beyond linux from scratch - glib, gtk, cairo and many more dependencies of dependencies. Seamonkey is current release and rebuilt.

This trace is just starting the browser with a blank home page and closing.

I can't seem to build current Hg to test that.

Created attachment 117115 [details]
vdpau trace including ff output

Testing with firefox now and seeing the same valgrind noise + flash behavior.

I ran with VDPAU_TRACE=1 and got a matching core as well. The timing of the appearance of the core + the output indicate it crashes on

vdp_device_destroy

Created attachment 117116 [details]
backtrace from core matching vdpau trace.

I can only see possible use-after-free bugs in seamonkey itself or the GTK libraries in the valgrind output, nothing about libdrm_amdgpu.so.1.0.0 or even the flash plugin. Maybe you need to pass --trace-children=yes to valgrind?

(In reply to Michel Dänzer from comment #10)
> I can only see possible use-after-free bugs in seamonkey itself or the GTK
> libraries in the valgrind output, nothing about libdrm_amdgpu.so.1.0.0 or
> even the flash plugin. Maybe you need to pass --trace-children=yes to
> valgrind?

What I uploaded was as an example of the "other errors" I didn't even try to crash that one.

I can't get a valgrind with the crash because (I think) it's so slow.

firefox will before playing anything decide the plugin has crashed - there is no evidence that it has and not sign of amd grepping the near half a million lines of output. I think it just has a timer on flash and I way too slow running with valgrind.

I'll try harder tomorrow with seamonkey - it just seems to sit there not starting the vid.

Without valgrind both will just play the vid without issue until I quit.

I haven't been using flash for a while.

Tried latest flash + seamonkey to test this, and I am not seeing it anymore.

It could be that seamonkey is now preventing it - with flash installed when I go on a page with flash content seamonkey outputs -

Vector smash protection is enabled.