Professional Web Applications Themes

Flash 9.0.115.0 - Crash with Pentium II - Macromedia Flash Player

On my Pentium II, at http://www.webbalert.com/ , Flash 9.0.115.0 crashes as soon as I click the video to play it. It crashes everytime in IE, Firefox, Safari and Opera. It's definitely the plugin itself crashing and taking the browser with it. Even tried on a fresh install of XP etc. I can avoid the crash by making sure the embed element that loads the video has a width that's less than 411. Something about the width being greater than 410 causes the plugin itself to crash. Now, if I load the URI to the swf file that loads the video ...

Sponsored Links
  1. #1

    Default Flash 9.0.115.0 - Crash with Pentium II

    On my Pentium II, at http://www.webbalert.com/ , Flash 9.0.115.0 crashes as
    soon as I click the video to play it. It crashes everytime in IE, Firefox,
    Safari and Opera. It's definitely the plugin itself crashing and taking the
    browser with it. Even tried on a fresh install of XP etc.

    I can avoid the crash by making sure the embed element that loads the video
    has a width that's less than 411. Something about the width being greater than
    410 causes the plugin itself to crash.

    Now, if I load the URI to the swf file that loads the video directly in the
    address field, the plugin doesn't crash. It's just when it's embedded in the
    page via markup.

    I also see this same problem at http://break.com/

    I do not get this problem with previous versions of the plugin (like r47 and
    r48).

    I also do not get this problem with 115 *if* I use a PIII instead of a PII.

    Is this a known problem?
    If so, is there a plan to fix it?
    Has support for processors without SSE been dropped in certain instances?

    Thanks

    Sponsored Links
    ShadowBurn426 Guest

  2. #2

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    I can also make the flash plugin crash with any youtube video by adding &fmt=18 to the video URI.
    ShadowBurn426 Guest

  3. #3

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    Judging by
    http://www.omgili.com/newsgroups/alt/os/development/fkkavfmbl1aioeorg.html and
    http://sdc.shockwave.com/cfusion/webforums/forum/messageview.cfm?forumid=44&cati
    d=184&threadid=1321876#4850099 , 9.0.115.0 uses the PSHUFW SSE1 instruction
    without checking the SSE feature bit or the MMXEXT feature bit to see if the
    instruction is supported.

    Looks like that's my problem and looks like a whole bunch of people are having
    a problem with this.

    ShadowBurn426 Guest

  4. #4

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    I notcied 9,0,124,0 is out. Tried with it and the problem is still there. A lot of sites are starting to require 115 or newer, so this is getting even worse.
    ShadowBurn426 Guest

  5. #5

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    Replace all instances of
    PSHUFW x,y,0xE4
    by
    MOVQ x,y
    NOP

    (0F 70 xy E4 -> 0F 6F xy 90)

    According to
    http://softwarecommunity.intel.com/articles/eng/3395.htm
    PSHUFW is faster than a simple MOVQ on some badly designed new cpus.
    Some Adobe programmer might have thought it would be clever to use it without
    checking cpuid.

    I had to change 45 instances in flash player 9,0,124,0 for Linux.

    wj89zgh Guest

  6. #6

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    Thanks for the info, wj89zgh. Would that be the same for the windows dll?
    ShadowBurn426 Guest

  7. #7

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    I don't know, I don't use Windows.
    Try it.
    wj89zgh Guest

  8. #8

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    Found 43 instances of 0x0F 0x70 0xE4 and replaced each of them with 0x0F 0x6F
    0x90. Tried the plugin on a youtube video first. The plugin plays videos, but
    as soon as you hover over a touch a control on the player, the plugin crashes.

    ShadowBurn426 Guest

  9. #9

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    Did you replace "0x0F 0x70 0xE4" or "0x0F 0x70 anyByte 0xE4" ?

    At which instruction does it crash?

    I don't have crashes on youtube with my Pentium II 333.
    It's just horribly slow (2~3 fps, same flv plays in Xine at 10% CPU).
    Can you post the link so I can test?


    wj89zgh Guest

  10. #10

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    [q]Originally posted by: wj89zgh
    Did you replace "0x0F 0x70 0xE4" or "0x0F 0x70 anyByte 0xE4" ?
    [/q]
    \x0F\x70\xE4 -> \x0F\x6F\x90 = crash
    \x0F\x70(.)\xE4 -> \x0F\x6F$1\x90 = no crash

    I was doing the former (crashed on any youtube video). Since the latter works,
    I assume that's what you meant?

    ShadowBurn426 Guest

  11. #11

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    yes
    wj89zgh Guest

  12. #12

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    Cool. Thanks
    ShadowBurn426 Guest

  13. #13

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    I had another illegal instruction crash when I tried to play the H.264 video on

    http://www.tomshardware.com//2008/04/03/people_probably_won_t_need_discrete_grap
    hics_cards_anymore_intel/

    There is a bunch of MOVNTQ instruction (14 in Flash for Linux, very close
    together). They can be replaced with MOVQ instructions.

    0F E7 -> 0F 7F

    Don't replace every 0F E7. I found a CALL instruction that contains this
    pattern. Use a disassembler to find the instructions. Objdump from MinGW's
    Binutils should do the trick.


    wj89zgh Guest

  14. #14

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    And while you are at it, replace all PREFETCH* instructions by NOPs.
    Strange it didn't die at the one that has been placed directly before the MOVNTQs...
    wj89zgh Guest

  15. #15

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    [q]Originally posted by: wj89zgh
    I had another illegal instruction crash when I tried to play the H.264 video on

    http://www.tomshardware.com//2008/04/03/people_probably_won_t_need_discrete_grap
    hics_cards_anymore_intel/

    There is a bunch of MOVNTQ instruction (14 in Flash for Linux, very close
    together). They can be replaced with MOVQ instructions.

    0F E7 -> 0F 7F

    Don't replace every 0F E7. I found a CALL instruction that contains this
    pattern. Use a disassembler to find the instructions. Objdump from MinGW's
    Binutils should do the trick.
    [/q]

    Doing:
    objdump -d file > dis.txt
    , I see movntq instructions that come *right* after prefetchnta. The movntq
    instructions will be one right after the other.

    I also see movntq instructions that are after a prefetchnta, but NOT *right*
    after and not all om a row.

    I don't see any movntq near any call instructions (for the windows version at
    least) or near any addresses a call points to.

    So, it's not clear (to me) which ones I need to replace.

    I do see lots of prefetchnta though. You're saying to replace all of them?

    ShadowBurn426 Guest

  16. #16

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    You can replace all movntq that appear in the disassembly.
    What I wanted to say was that you should not replace 0F E7 in something like
    this:
    2ae617: e8 24 0f e7 ff call 11f540

    Lots of prefetchnta?
    I had about four of them. And a handfull of prefetcht0.
    Here the prefetcht0 are followed by SSE instruction. No need to replace them
    as it will die on the following SSE one if they are reached.


    wj89zgh Guest

  17. #17

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    O.K. I see. I'll mess with it and see what happens. Will let you know. Thanks.
    ShadowBurn426 Guest

  18. #18

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    [q]Originally posted by: wj89zgh
    And while you are at it, replace all PREFETCH* instructions by NOPs.
    Strange it didn't die at the one that has been placed directly before the
    MOVNTQs...[/q]

    So, for a prefetchnta that's 7 bytes like 0f 18 86 38 02 00 00, replace all
    the bytes with just 1 0x90 byte?

    Is there a way to automate the movntq and prefetchnta replacement? With the
    PSHUFW part, I can just use boost regex (or the cygwin version of sed 4.1.5 in
    binary mode). But, with this, I'm not sure what pattern to look for (if there
    even is a non-complicated one).

    I did the movntq replacements with a hex editor, but ended up missing half of
    them.



    ShadowBurn426 Guest

  19. #19

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    [q]Originally posted by: ShadowBurn426
    So, for a prefetchnta that's 7 bytes like 0f 18 86 38 02 00 00, replace all
    the bytes with just 1 0x90 byte?[/q]
    No, 7 0x90 bytes.
    Or multibyte nops if you want to save some cycles.

    [q]Is there a way to automate the movntq and prefetchnta replacement?[/q]
    You could use grep on the output of objdump and write a small program to
    substract the ImageBase from the address of the instruction. It should then
    count the hex bytes in the disassembly to determine the correct number of nops.


    wj89zgh Guest

  20. #20

    Default Re: Flash 9.0.115.0 - Crash with Pentium II

    Thanks very much!

    1. Did the PSHUFW fix with the *cygwin* version of sed 4.1.5 in binary mode.
    (46 instances)
    sed -b -r "s/\x0F\x70(.)\xE4/\x0F\x6F\1\x90/g" infile > outfile
    (This seems to fix a lot of the crashes.)
    (double checked sed's output with a boost regex c++ program that uses the same
    pattern and a c program that manually replaces the pattern.)

    2. Used objdump (mingw version) to see the instructions.
    objdump -d file > file.txt

    3. Used grep (cygwin version) to print a list of the movntq and prefetchnta
    instructions.
    grep -i movntq file > movntq.txt
    grep -i prefetchnta file > prefetchnta.txt

    4. Just used a hexeditor (used xvi32) to replace the 22 movntq and the 22
    prefetchnta while making sure to get the right number of nops (0x90) for *each*
    prefetchnta replacement (as not all were the same number of bytes).

    5. Double checked with objectdump and grep on the modified file that I got
    them all.

    6. Checked the modified file to see that it was the same size as the original.

    7. Checked that it actually worked and didn't crash etc.

    So, afaict, it works. (If there are more things to fix, please post for
    everyone's info. I'm probably done messing with it though myself.)

    Adobe, how bout an official fix now? If you have to, at the least, always
    provide an npswf32legacy.dll for the latest version of flash. The most recent
    version of the flash plugin that works right with a PII has security
    vulnerbilities.

    ShadowBurn426 Guest

Page 1 of 2 12 LastLast

Similar Threads

  1. Flash crash
    By initaly in forum Macromedia Flash Player
    Replies: 3
    Last Post: November 27th, 03:09 AM
  2. InDesign CS CE non-stop CRASH, CRASH, CRASH, CRASH, CRASH, CRASH
    By kajzica@adobeforums.com in forum Adobe Indesign Windows
    Replies: 15
    Last Post: July 2nd, 07:57 PM
  3. FLASH CRASH
    By SPEED95 in forum Macromedia Flash Sitedesign
    Replies: 4
    Last Post: June 23rd, 04:42 PM
  4. OAS 4.0.8.1 and Pentium 4
    By Erno in forum Oracle Server
    Replies: 4
    Last Post: November 15th, 07:50 PM
  5. Project fast in Pentium 3. Slow in Pentium 4. How?
    By Carlos Gonçalves in forum Macromedia Director Basics
    Replies: 3
    Last Post: September 25th, 11:49 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139