Crash in InvalidArrayIndex_CRASH | mozilla::FileBlockCache::PerformBlockIOs

RESOLVED FIXED in Firefox 57

Status

()

defect
P2
critical
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: philipp, Assigned: jwwang)

Tracking

({crash, regression})

57 Branch
mozilla57
Points:
---

Firefox Tracking Flags

(firefox-esr52 unaffected, firefox55 unaffected, firefox56 wontfix, firefox57 fixed)

Details

(crash signature)

Attachments

(2 attachments)

This bug was filed from the Socorro interface and is 
report bp-f0ad6c49-515c-4c34-bb58-b9db50170915.
=============================================================
Crashing Thread (41), Name: FileBlockCache
Frame 	Module 	Signature 	Source
0 	mozglue.dll 	MOZ_CrashPrintf 	mfbt/Assertions.cpp:50
1 	xul.dll 	InvalidArrayIndex_CRASH(unsigned int, unsigned int) 	xpcom/ds/nsTArray.cpp:26
2 	xul.dll 	mozilla::FileBlockCache::PerformBlockIOs() 	dom/media/FileBlockCache.cpp:408
3 	xul.dll 	mozilla::detail::RunnableMethodImpl<RefPtr<nsUrlClassifierDBServiceWorker>, void ( nsUrlClassifierDBServiceWorker::*)(void), 1, 0>::Run() 	obj-firefox/dist/include/nsThreadUtils.h:1172
4 	xul.dll 	nsThread::ProcessNextEvent(bool, bool*) 	xpcom/threads/nsThread.cpp:1446
5 	xul.dll 	NS_ProcessNextEvent(nsIThread*, bool) 	xpcom/threads/nsThreadUtils.cpp:480
6 	xul.dll 	mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) 	ipc/glue/MessagePump.cpp:369
7 	xul.dll 	MessageLoop::RunHandler() 	ipc/chromium/src/base/message_loop.cc:319
8 	xul.dll 	MessageLoop::Run() 	ipc/chromium/src/base/message_loop.cc:299
9 	xul.dll 	nsThread::ThreadFunc(void*) 	xpcom/threads/nsThread.cpp:506
10 	nss3.dll 	_PR_NativeRunThread 	nsprpub/pr/src/threads/combined/pruthr.c:397
11 	nss3.dll 	pr_root 	nsprpub/pr/src/md/windows/w95thred.c:95
12 	ucrtbase.dll 	_o__CIpow 	
13 	kernel32.dll 	BaseThreadInitThunk 	
14 	mozglue.dll 	patched_BaseThreadInitThunk 	mozglue/build/WindowsDllBlocklist.cpp:824
15 	ntdll.dll 	__RtlUserThreadStart 	
16 	ntdll.dll 	_RtlUserThreadStart

this cross-platform crash signature is newly showing up in firefox 56.
JW,
This is FileBlockCache related, Can you help check it?
Component: Audio/Video → Audio/Video: Playback
Flags: needinfo?(jwwang)
Priority: -- → P2
Checking.
Assignee: nobody → jwwang
Flags: needinfo?(jwwang)
See Also: → 1371882
Attachment #8909194 - Flags: review?(gsquelart)
Attachment #8909195 - Flags: review?(gsquelart)
Comment on attachment 8909194 [details]
Bug 1400166. P1 - move re-initialization code to Flush() for it is confusing to call Init() twice.

https://reviewboard.mozilla.org/r/180784/#review185944

Cleaner, thank you.
Attachment #8909194 - Flags: review?(gsquelart) → review+
Comment on attachment 8909195 [details]
Bug 1400166. P2 - Flush() should dispatch a task to clear arrays.

https://reviewboard.mozilla.org/r/180786/#review185946
Attachment #8909195 - Flags: review?(gsquelart) → review+
Thanks!
Pushed by jwwang@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/18b7334918f0
P1 - move re-initialization code to Flush() for it is confusing to call Init() twice. r=gerald
https://hg.mozilla.org/integration/autoland/rev/45461d47b376
P2 - Flush() should dispatch a task to clear arrays. r=gerald
This seems low-volume enough that we can let it ride the trains rather than landing it last-second for for the Fx56RC2 build. Feel free to set the status back to affected and request mozilla-release approval if you feel strongly otherwise, though.
You need to log in before you can comment on or make changes to this bug.