Closed
Bug 1377681
Opened 8 years ago
Closed 8 years ago
Crash in mozilla::net::CacheFile::Truncate: MOZ_RELEASE_ASSERT(maxInputChunk <= newLastChunk + 1)
Categories
(Core :: Networking: Cache, defect)
Tracking
()
RESOLVED
FIXED
mozilla56
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox54 | --- | unaffected |
| firefox55 | --- | disabled |
| firefox56 | --- | fixed |
People
(Reporter: nbp, Assigned: michal)
References
Details
(Keywords: crash, Whiteboard: [necko-active])
Crash Data
Attachments
(1 file)
|
1.12 KB,
patch
|
jduell.mcbugs
:
review+
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is
report bp-4e1cdfeb-b979-4bf9-8682-1f98f0170701.
=============================================================
Based on the fact that this bug started spiking on the same time frame as the bytecode cache experiment, this might likely be related to Bug 900784.
Flags: needinfo?(valentin.gosu)
|
Assignee | |
Comment 1•8 years ago
|
||
It definitely is related because CacheFile::Truncate is used only by alternative streams.
Assignee: nobody → michal.novotny
Flags: needinfo?(valentin.gosu)
Whiteboard: [necko-active]
|
|
Assignee | |
Comment 2•8 years ago
|
||
If you could reproduce the crash, having log would help a lot.
|
Reporter | |
Comment 3•8 years ago
|
||
Could this bug be a duplicate of Bug 1372993?
|
|
Assignee | |
Comment 4•8 years ago
|
||
(In reply to Nicolas B. Pierron [:nbp] from comment #3)
> Could this bug be a duplicate of Bug 1372993?
No, AFAICS bug 1372993 is duplicate of other 2 bugs that were already fixed.
|
||
Comment 5•8 years ago
|
||
I just hit this crash today's build on windows scrolling a twitter page. I also have a dozen pinned tabs so maybe one of them refreshed or something. Sorry no clear steps to reproduce. Will keep trying.
|
|
||
Updated•8 years ago
|
OS: Windows 7 → Windows
|
|
Assignee | |
Comment 6•8 years ago
|
||
After doing some changes in the cache code to hit this code more often I was able to reproduce it. The problem is at http://searchfox.org/mozilla-central/rev/238406d4c1b3f147522ce0a45a4c6f84a8115781/netwerk/cache2/CacheFileInputStream.h#43 where -1 is casted to the same type as return value of CacheChunk::Index() which is uint32_t. So the method returns UINT32_MAX instead of -1.
|
|
Assignee | |
Comment 7•8 years ago
|
||
Attachment #8884461 -
Flags: review?(valentin.gosu)
|
||
Updated•8 years ago
|
Attachment #8884461 -
Flags: review?(valentin.gosu) → review+
Pushed by mnovotny@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/f97eaa4aadb2
Crash in mozilla::net::CacheFile::Truncate: MOZ_RELEASE_ASSERT(maxInputChunk <= newLastChunk + 1), r=jduell
|
||
Comment 9•8 years ago
|
||
Great catch!
|
||
Comment 10•8 years ago
|
||
| bugherder landing | ||
|
|
||
Comment 11•8 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox56:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla56
|
|
||
Comment 12•8 years ago
|
||
This is a topcrash in the Nightly 20170708030206 build, but is gone in the Nightly 20170709030204 build. Excellent!
|
||
Updated•8 years ago
|
status-firefox54:
--- → unaffected
status-firefox55:
--- → unaffected
status-firefox-esr52:
--- → unaffected
|
|
||
Updated•8 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•