Closed
Bug 1400537
Opened 8 years ago
Closed 8 years ago
Crash in mozilla::MediaFormatReader::DecoderFactory::Wrapper::Init
Categories
(Core :: Audio/Video: Playback, defect, P2)
Tracking
()
RESOLVED
FIXED
mozilla57
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox55 | --- | unaffected |
| firefox56 | --- | unaffected |
| firefox57 | + | fixed |
People
(Reporter: jseward, Assigned: jya)
References
Details
(Keywords: crash)
Crash Data
Attachments
(2 files)
This bug was filed from the Socorro interface and is
report bp-e18c63ab-abc9-4654-b54c-71de60170915.
=============================================================
This is topcrash #12 in the Windows nightly of 20170914220209.
|
Reporter | |
Updated•8 years ago
|
Flags: needinfo?(jyavenard)
|
||
Comment 1•8 years ago
|
||
[Tracking Requested - why for this release]:
Per comment 0, topcrash#12 on 57.
|
|
||
Comment 2•8 years ago
|
||
It looks like bug 1400371 may have the same root cause as this one
See Also: → 1400371
|
Assignee | |
Comment 3•8 years ago
|
||
If it wasn't for the regression range provided earlier, I would have thought bug 1397307 was the culprit.
Flags: needinfo?(jyavenard)
|
|
Assignee | |
Updated•8 years ago
|
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
|
|
Assignee | |
Updated•8 years ago
|
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
|
|
Assignee | |
Updated•8 years ago
|
Crash Signature: [@ mozilla::MediaFormatReader::DecoderFactory::Wrapper::Init] → [@ mozilla::MediaFormatReader::DecoderFactory::Wrapper::Init]
[@ mozilla::EMEDecryptor::Init ]
| Comment hidden (mozreview-request) |
| Comment hidden (mozreview-request) |
Assignee: nobody → jyavenard
|
||
Comment 9•8 years ago
|
||
| mozreview-review | ||
Comment on attachment 8909130 [details]
Bug 1400537 - P2. Pass video framerate to decoder.
https://reviewboard.mozilla.org/r/180706/#review185776
Attachment #8909130 -
Flags: review?(gsquelart) → review+
|
||
Comment 10•8 years ago
|
||
| mozreview-review | ||
Comment on attachment 8909129 [details]
Bug 1400537 - P1. Don't assume that the PDM will properly report an error.
https://reviewboard.mozilla.org/r/180704/#review185814
Thanks!
Attachment #8909129 -
Flags: review?(alwu) → review+
|
||
Comment 11•8 years ago
|
||
(In reply to Alastor Wu [:alwu][please needinfo me][GMT+8] from comment #10)
> Comment on attachment 8909129 [details]
> Bug 1400537 - P1. Don't assume that the PDM will properly report an error.
>
> https://reviewboard.mozilla.org/r/180704/#review185814
>
> Thanks!
It would be nice to describe how this change fixes the crash.
|
||
Updated•8 years ago
|
Priority: P1 → P2
|
|
||
Comment 12•8 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/f59c34720c80
https://hg.mozilla.org/mozilla-central/rev/14eff5fba2f1
Status: REOPENED → RESOLVED
Closed: 8 years ago → 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
|
||
Updated•8 years ago
|
status-firefox55:
--- → unaffected
status-firefox56:
--- → unaffected
status-firefox-esr52:
--- → unaffected
|
|
Assignee | |
Comment 13•8 years ago
|
||
No crash since this change went in, so this is promising, though it may be too early to tell.
|
|
Assignee | |
Comment 14•8 years ago
|
||
Crashes even with the change :(
Status: RESOLVED → REOPENED
Flags: needinfo?(jwwang)
Resolution: FIXED → ---
|
|
Assignee | |
Comment 15•8 years ago
|
||
JW, youre the most familiar with this area of the code.
From when this bug started, the most likely problem was bug 1397141.
|
|
Assignee | |
Comment 16•8 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/57edd7246a04#l1.21
Seems wrong to me, doesn't handle the case was NS_ERROR_NOT_INITIALIZED
|
|
||
Comment 17•8 years ago
|
||
(In reply to JW Wang [:jwwang] [:jw_wang] from comment #11)
> (In reply to Alastor Wu [:alwu][please needinfo me][GMT+8] from comment #10)
> > Comment on attachment 8909129 [details]
> > Bug 1400537 - P1. Don't assume that the PDM will properly report an error.
> >
> > https://reviewboard.mozilla.org/r/180704/#review185814
> >
> > Thanks!
>
> It would be nice to describe how this change fixes the crash.
I still don't understand how this patch fixes the crash which seems to me a null-deref.
Flags: needinfo?(jwwang)
|
|
Assignee | |
Comment 18•8 years ago
|
||
(In reply to JW Wang [:jwwang] [:jw_wang] from comment #17)
> (In reply to JW Wang [:jwwang] [:jw_wang] from comment #11)
> > (In reply to Alastor Wu [:alwu][please needinfo me][GMT+8] from comment #10)
> > > Comment on attachment 8909129 [details]
> > > Bug 1400537 - P1. Don't assume that the PDM will properly report an error.
> > >
> > > https://reviewboard.mozilla.org/r/180704/#review185814
> > >
> > > Thanks!
> >
> > It would be nice to describe how this change fixes the crash.
>
> I still don't understand how this patch fixes the crash which seems to me a
> null-deref.
Sorry, I meant how this change likely caused the crash.it (it's the only change that occurred in the given regression range that could make sense)
Flags: needinfo?(jwwang)
|
|
||
Comment 19•8 years ago
|
||
set 57 back to affected per comment 14.
|
|
||
Comment 20•8 years ago
|
||
https://hg.mozilla.org/mozilla-central/annotate/a20de99fa3c1/dom/media/MediaFormatReader.cpp#l703
It looks like we pass null to new Wrapper(). Since aData.mDecoder comes from DoCreateDecoder(), the only possibility is:
1. aData.mTrack is bad so DoCreateDecoder() exits with aData.mDecoder==nullptr and result==NS_OK.
2. mOwner->mPlatform->CreateDecoder is bad which doesn't set the error when returning null.
Flags: needinfo?(jwwang)
|
|
||
Comment 21•8 years ago
|
||
(In reply to JW Wang [:jwwang] [:jw_wang] from comment #20)
> 2. mOwner->mPlatform->CreateDecoder is bad which doesn't set the error when
> returning null.
Maybe here[1]? Should set |ownerData.mError = result|.
[1] http://searchfox.org/mozilla-central/source/dom/media/MediaFormatReader.cpp#774
|
|
Assignee | |
Comment 22•8 years ago
|
||
I believe that's taking care of in http://searchfox.org/mozilla-central/source/dom/media/MediaFormatReader.cpp#699
result is returned, and then passed as error.
I think we just have to ensure that me mDecoder is null, we never use the return value and instead pass an error if result is NS_OK (which it can be)
|
|
||
Comment 23•8 years ago
|
||
Here we should also set the error when returning nullptr.
http://searchfox.org/mozilla-central/source/dom/media/platforms/PDMFactory.cpp#242
|
|
||
Comment 24•8 years ago
|
||
|
|
Assignee | |
Comment 25•8 years ago
|
||
The crash inidcates that the PDM factory didn't create a decoder, yet returned ns_ok This is something the patch in this bug fixed. But I guess I miss another possible case.
|
|
||
Comment 26•8 years ago
|
||
Might be worth considering to adopt Result<V, E> to fix such issues once and for all. http://searchfox.org/mozilla-central/rev/15ce5cb2db0c85abbabe39a962b0e697c9ef098f/mfbt/Result.h#272
|
|
Assignee | |
Comment 27•8 years ago
|
||
I don't see how Result would have provided a different outcome than using MediaResult, for our purpose they are better suited. The issue here is the silliness of having an optional output parameters.
|
|
||
Comment 28•8 years ago
|
||
Result<RefPtr<MediaDataDecoder>, MediaResult> CreateDecoder(...)
The result is either a success (so we get a RefPtr<MediaDataDecoder>), or a failure (so we check MediaResult for the error code and description).
In the worse case, we get a MediaResult with error code == NS_OK.
|
|
Assignee | |
Updated•8 years ago
|
Status: REOPENED → RESOLVED
Closed: 8 years ago → 8 years ago
Resolution: --- → FIXED
|
|
||
Updated•8 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•