Closed Bug 1093150 Opened 8 years ago Closed 7 years ago

crash in memmove | mozilla::AudioStream::Write(float const*, unsigned int, mozilla::TimeStamp*)

Categories

(Core :: Audio/Video, defect)

36 Branch
All
Windows NT
defect
Not set
critical

Tracking

()

RESOLVED DUPLICATE of bug 1175396
Tracking Status
firefox36 --- affected

People

(Reporter: jbecerra, Unassigned)

References

Details

(Keywords: crash)

Crash Data

This bug was filed from the Socorro interface and is 
report bp-af8e678b-15e8-44fa-8b5e-b877f2141027.
=============================================================

This is a new signature in nightly Fx 36 starting on 10/24. Most reports are from Windows 7 installations. There is no correlation data for add-ons. There was only one comment saying the person visited truthdig.com and the browser crashed. I wasn't able to reproduce this on a VM. This is in the list of top crashers at #28.

More reports at: https://crash-stats.mozilla.com/report/list?product=Firefox&signature=memmove+%7C+mozilla%3A%3AAudioStream%3A%3AWrite%28float+const%2A%2C+unsigned+int%2C+mozilla%3A%3ATimeStamp%2A%29

0 	msvcr120.dll 	memmove 	f:\dd\vctools\crt\crtw32\string\amd64\memcpy.asm:356
1 	xul.dll 	mozilla::AudioStream::Write(float const*, unsigned int, mozilla::TimeStamp*) 	content/media/AudioStream.cpp
2 	xul.dll 	mozilla::AudioSink::PlayFromAudioQueue() 	content/media/AudioSink.cpp
3 	xul.dll 	mozilla::AudioSink::AudioLoop() 	content/media/AudioSink.cpp
4 	xul.dll 	nsRunnableMethodImpl<tag_nsresult ( nsIUrlClassifierDBServiceWorker::*)(void), void, 1>::Run() 	xpcom/glue/nsThreadUtils.h
5 	xul.dll 	nsThread::ProcessNextEvent(bool, bool*) 	xpcom/threads/nsThread.cpp
6 	xul.dll 	NS_ProcessNextEvent(nsIThread*, bool) 	xpcom/glue/nsThreadUtils.cpp
7 	xul.dll 	mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) 	ipc/glue/MessagePump.cpp
8 	xul.dll 	MessageLoop::RunHandler() 	ipc/chromium/src/base/message_loop.cc
9 	xul.dll 	MessageLoop::Run() 	ipc/chromium/src/base/message_loop.cc
10 	xul.dll 	nsThread::ThreadFunc(void*) 	xpcom/threads/nsThread.cpp
11 	nss3.dll 	PR_NativeRunThread 	nsprpub/pr/src/threads/combined/pruthr.c
12 	nss3.dll 	pr_root 	nsprpub/pr/src/md/windows/w95thred.c
13 	msvcr120.dll 	_callthreadstartex 	f:\dd\vctools\crt\crtw32\startup\threadex.c:376
14 	msvcr120.dll 	_threadstartex 	f:\dd\vctools\crt\crtw32\startup\threadex.c:354
15 	kernel32.dll 	BaseThreadInitThunk 	
16 	ntdll.dll 	RtlUserThreadStart 	
17 	kernel32.dll 	BasepReportFault 	
18 	kernel32.dll 	BasepReportFault
This may be related to bug 1091704. All of these are win64 but I suspect that's just due to inlining differences.
Fixed by bug 1175396.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: CVE-2015-4475
You need to log in before you can comment on or make changes to this bug.