Closed
Bug 1494073
Opened 6 years ago
Closed 6 years ago
Crash in mozilla::AudioStream::GetPosition
Categories
(Core :: Audio/Video: Playback, defect, P1)
Tracking
()
RESOLVED
FIXED
mozilla65
People
(Reporter: attekett, Assigned: jya)
Details
(Keywords: crash, testcase)
Crash Data
Attachments
(2 files)
For me, this issue is a fuzzblocker. This bug was filed from the Socorro interface and is report bp-d2980114-9f7d-4f9b-bacb-59cac0180925. ============================================================= Top 10 frames of crashing thread: 0 libxul.so mozilla::AudioStream::GetPosition /build/firefox-LCnNpq/firefox-62.0+build2/dom/media/AudioStream.cpp:54 1 libxul.so mozilla::media::AudioSink::GetPosition /build/firefox-LCnNpq/firefox-62.0+build2/dom/media/mediasink/AudioSink.cpp:101 2 libxul.so mozilla::media::AudioSinkWrapper::GetPosition const /build/firefox-LCnNpq/firefox-62.0+build2/dom/media/mediasink/AudioSinkWrapper.cpp:90 3 libxul.so mozilla::media::AudioSinkWrapper::OnAudioEnded /build/firefox-LCnNpq/firefox-62.0+build2/dom/media/mediasink/AudioSinkWrapper.cpp:242 4 libxul.so mozilla::MozPromise<bool, nsresult, false>::ThenValue<mozilla::media::AudioSinkWrapper*, void /build/firefox-LCnNpq/firefox-62.0+build2/xpcom/threads/MozPromise.h:538 5 libxul.so mozilla::MozPromise<bool, nsresult, false>::ThenValueBase::ResolveOrRejectRunnable::Run /build/firefox-LCnNpq/firefox-62.0+build2/xpcom/threads/MozPromise.h:506 6 libxul.so mozilla::TaskQueue::Runner::Run /build/firefox-LCnNpq/firefox-62.0+build2/xpcom/threads/TaskQueue.cpp:243 7 libpthread-2.27.so libpthread-2.27.so@0xb7de 8 firefox mozilla::detail::ConditionVariableImpl::wait_for /build/firefox-LCnNpq/firefox-62.0+build2/mozglue/misc/ConditionVariable_posix.cpp:59 9 libxul.so nsThreadPool::Run /build/firefox-LCnNpq/firefox-62.0+build2/xpcom/threads/nsThreadPool.cpp:231 ============================================================= ASAN-report: [62687, MediaPlayback #2] ###!!! ABORT: Divide by zero: file /builds/worker/workspace/build/src/toolkit/xre/nsSigHandlers.cpp, line 155 AddressSanitizer:DEADLYSIGNAL ==62687==ERROR: AddressSanitizer: ILL on unknown address 0x55ea40bbca56 (pc 0x55ea40bbca56 bp 0x7fa2b77da350 sp 0x7fa2b77da340 T128) #0 0x55ea40bbca55 in mozalloc_abort /builds/worker/workspace/build/src/memory/mozalloc/mozalloc_abort.cpp:35:5 #1 0x7fa2e9d3f9f5 in Abort(char const*) /builds/worker/workspace/build/src/xpcom/base/nsDebugImpl.cpp:471:3 #2 0x7fa2e9d3f579 in NS_DebugBreak /builds/worker/workspace/build/src/xpcom/base/nsDebugImpl.cpp #3 0x7fa2f82646e7 in fpehandler(int, siginfo*, void*) /builds/worker/workspace/build/src/toolkit/xre/nsSigHandlers.cpp:155:5 #4 0x7fa30d00788f (/lib/x86_64-linux-gnu/libpthread.so.0+0x1288f) #5 0x7fa2f1fcdab2 in FramesToUs<long> /builds/worker/workspace/build/src/dom/media/AudioStream.cpp:54:49 #6 0x7fa2f1fcdab2 in mozilla::FrameHistory::GetPosition(long) /builds/worker/workspace/build/src/dom/media/AudioStream.cpp:101 #7 0x7fa2f1fc9beb in GetPosition /builds/worker/workspace/build/src/dom/media/AudioStream.cpp:725:25 #8 0x7fa2f1fc9beb in mozilla::AudioStream::GetPosition() /builds/worker/workspace/build/src/dom/media/AudioStream.cpp:511 #9 0x7fa2f267d5c3 in mozilla::media::AudioSink::GetPosition() /builds/worker/workspace/build/src/dom/media/mediasink/AudioSink.cpp:102:28 #10 0x7fa2f2681c4a in mozilla::media::AudioSinkWrapper::GetPosition(mozilla::TimeStamp*) const /builds/worker/workspace/build/src/dom/media/mediasink/AudioSinkWrapper.cpp:90:23 #11 0x7fa2f268227a in mozilla::media::AudioSinkWrapper::SetPlaying(bool) /builds/worker/workspace/build/src/dom/media/mediasink/AudioSinkWrapper.cpp:174:21 #12 0x7fa2f268fefb in mozilla::media::VideoSink::SetPlaying(bool) /builds/worker/workspace/build/src/dom/media/mediasink/VideoSink.cpp:196:15 #13 0x7fa2f210dde2 in mozilla::MediaDecoderStateMachine::StopPlayback() /builds/worker/workspace/build/src/dom/media/MediaDecoderStateMachine.cpp:2934:17 #14 0x7fa2f21acfa0 in mozilla::MediaDecoderStateMachine::CompletedState::Step() /builds/worker/workspace/build/src/dom/media/MediaDecoderStateMachine.cpp:1926:16 #15 0x7fa2f21df897 in RunStateMachine /builds/worker/workspace/build/src/dom/media/MediaDecoderStateMachine.cpp:3492:14 #16 0x7fa2f21df897 in operator() /builds/worker/workspace/build/src/dom/media/MediaDecoderStateMachine.cpp:3622 #17 0x7fa2f21df897 in InvokeMethod<(lambda at /builds/worker/workspace/build/src/dom/media/MediaDecoderStateMachine.cpp:3620:36), void ((lambda at /builds/worker/workspace/build/src/dom/media/MediaDecoderStateMachine.cpp:3620:36)::*)() const, bool> /builds/worker/workspace/build/src/obj-firefox/dist/include/mozilla/MozPromise.h:538 . . .
|
||
Comment 1•6 years ago
|
||
Jya, thoughts on who should look at this?
Rank: 12
Flags: needinfo?(jyavenard)
Priority: -- → P1
|
Assignee | |
Updated•6 years ago
|
Assignee: nobody → jyavenard
|
||
Updated•6 years ago
|
status-firefox64:
--- → affected
|
|
Assignee | |
Comment 2•6 years ago
|
||
We were clamping the playback rate properly if the decoder had been setup already, but not if setting it before playback started.
Pushed by jyavenard@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/c4e0c395c954 Always clamp playbackrate when setting decoder. r=padenot
|
||
Comment 5•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/c4e0c395c954
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox65:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla65
|
||
Comment 6•6 years ago
|
||
Not really seeing this crash in the wild, so I think this can just ride the trains. Feel free to nominate for Beta approval if you feel strongly otherwise, though.
You need to log in
before you can comment on or make changes to this bug.
Description
•