Crash in InvalidArrayIndex_CRASH | mozilla::FileBlockCache::PerformBlockIOs


(Core :: Audio/Video: Playback, defect, P2)

57 Branch



firefox-esr52 --- unaffected
firefox55 --- unaffected
firefox56 --- wontfix
firefox57 --- fixed


(Reporter: philipp, Assigned: jwwang)



(Keywords: crash, regression)

This bug was filed from the Socorro interface and is 
report bp-f0ad6c49-515c-4c34-bb58-b9db50170915.
Crashing Thread (41), Name: FileBlockCache
0 	mozglue.dll 	MOZ_CrashPrintf 	mfbt/Assertions.cpp:50
1 	xul.dll 	InvalidArrayIndex_CRASH(unsigned int, unsigned int) 	xpcom/ds/nsTArray.cpp:26
2 	xul.dll 	mozilla::FileBlockCache::PerformBlockIOs() 	dom/media/FileBlockCache.cpp:408
3 	xul.dll 	mozilla::detail::RunnableMethodImpl<RefPtr<nsUrlClassifierDBServiceWorker>, void ( nsUrlClassifierDBServiceWorker::*)(void), 1, 0>::Run() 	obj-firefox/dist/include/nsThreadUtils.h:1172
4 	xul.dll 	nsThread::ProcessNextEvent(bool, bool*) 	xpcom/threads/nsThread.cpp:1446
5 	xul.dll 	NS_ProcessNextEvent(nsIThread*, bool) 	xpcom/threads/nsThreadUtils.cpp:480
6 	xul.dll 	mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) 	ipc/glue/MessagePump.cpp:369
7 	xul.dll 	MessageLoop::RunHandler() 	ipc/chromium/src/base/
8 	xul.dll 	MessageLoop::Run() 	ipc/chromium/src/base/
9 	xul.dll 	nsThread::ThreadFunc(void*) 	xpcom/threads/nsThread.cpp:506
10 	nss3.dll 	_PR_NativeRunThread 	nsprpub/pr/src/threads/combined/pruthr.c:397
11 	nss3.dll 	pr_root 	nsprpub/pr/src/md/windows/w95thred.c:95
12 	ucrtbase.dll 	_o__CIpow 	
13 	kernel32.dll 	BaseThreadInitThunk 	
14 	mozglue.dll 	patched_BaseThreadInitThunk 	mozglue/build/WindowsDllBlocklist.cpp:824
15 	ntdll.dll 	__RtlUserThreadStart 	
16 	ntdll.dll 	_RtlUserThreadStart

this cross-platform crash signature is newly showing up in firefox 56.
This is FileBlockCache related, Can you help check it?
Component: Audio/Video → Audio/Video: Playback
Flags: needinfo?(jwwang)
Priority: -- → P2
Assignee: nobody → jwwang
Flags: needinfo?(jwwang)
See Also: → 1371882
Attachment #8909194 - Flags: review?(gsquelart)
Attachment #8909195 - Flags: review?(gsquelart)
Comment on attachment 8909194 [details]
Bug 1400166. P1 - move re-initialization code to Flush() for it is confusing to call Init() twice.

Cleaner, thank you.
Attachment #8909194 - Flags: review?(gsquelart) → review+
Comment on attachment 8909195 [details]
Bug 1400166. P2 - Flush() should dispatch a task to clear arrays.
Attachment #8909195 - Flags: review?(gsquelart) → review+
Pushed by
P1 - move re-initialization code to Flush() for it is confusing to call Init() twice. r=gerald
P2 - Flush() should dispatch a task to clear arrays. r=gerald
This seems low-volume enough that we can let it ride the trains rather than landing it last-second for for the Fx56RC2 build. Feel free to set the status back to affected and request mozilla-release approval if you feel strongly otherwise, though.
