Closed
Bug 1807696
Opened 3 years ago
Closed 2 years ago
Assertion failure: !Exists(), at /builds/worker/workspace/obj-build/dist/include/mozilla/MozPromise.h:1485
Categories
(Core :: Audio/Video: Playback, defect)
Core
Audio/Video: Playback
Tracking
()
RESOLVED
FIXED
113 Branch
People
(Reporter: tsmith, Assigned: alwu)
References
(Blocks 1 open bug)
Details
(Keywords: assertion)
Found while fuzzing 20221225-d039318db151 (--enable-address-sanitizer --enable-fuzzing)
A reliable test case is not available but I did manage to get a Pernosco session (it will be attached when available).
Assertion failure: !Exists(), at /builds/worker/workspace/obj-build/dist/include/mozilla/MozPromise.h:1485
==117113==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000001 (pc 0x7f460590636e bp 0x7f45d96fea10 sp 0x7f45d96fe960 T23)
==117113==The signal is caused by a WRITE memory access.
==117113==Hint: address points to the zero page.
#0 0x7f460590636e in Track /builds/worker/workspace/obj-build/dist/include/mozilla/MozPromise.h:1485:5
#1 0x7f460590636e in mozilla::MozPromise<mozilla::media::TimeUnit, mozilla::MediaResult, true>::ThenCommand<mozilla::MozPromise<mozilla::media::TimeUnit, mozilla::MediaResult, true>::ThenValue<mozilla::MediaFormatReader*, void (mozilla::MediaFormatReader::*)(mozilla::media::TimeUnit), void (mozilla::MediaFormatReader::*)(mozilla::MediaResult const&)>>::Track(mozilla::MozPromiseRequestHolder<mozilla::MozPromise<mozilla::media::TimeUnit, mozilla::MediaResult, true>>&) /builds/worker/workspace/obj-build/dist/include/mozilla/MozPromise.h:1016:22
#2 0x7f4605903c5f in mozilla::MediaFormatReader::DoAudioSeek() /gecko/dom/media/MediaFormatReader.cpp:3048:9
#3 0x7f4605905c9c in mozilla::MediaFormatReader::OnVideoSeekCompleted(mozilla::media::TimeUnit) /gecko/dom/media/MediaFormatReader.cpp:2987:5
#4 0x7f4605a8fa4b in mozilla::MozPromise<mozilla::media::TimeUnit, mozilla::MediaResult, true>::ThenValue<mozilla::MediaFormatReader*, void (mozilla::MediaFormatReader::*)(mozilla::media::TimeUnit), void (mozilla::MediaFormatReader::*)(mozilla::MediaResult const&)>::DoResolveOrRejectInternal(mozilla::MozPromise<mozilla::media::TimeUnit, mozilla::MediaResult, true>::ResolveOrRejectValue&) /builds/worker/workspace/obj-build/dist/include/mozilla/MozPromise.h:717:9
#5 0x7f4605754a07 in mozilla::MozPromise<mozilla::media::TimeUnit, mozilla::MediaResult, true>::ThenValueBase::ResolveOrRejectRunnable::Run() /builds/worker/workspace/obj-build/dist/include/mozilla/MozPromise.h:489:21
#6 0x7f45ff4e6216 in mozilla::TaskQueue::Runner::Run() /gecko/xpcom/threads/TaskQueue.cpp:259:20
#7 0x7f45ff5120e6 in nsThreadPool::Run() /gecko/xpcom/threads/nsThreadPool.cpp:310:14
#8 0x7f45ff504b8b in nsThread::ProcessNextEvent(bool, bool*) /gecko/xpcom/threads/nsThread.cpp:1191:16
#9 0x7f45ff50e754 in NS_ProcessNextEvent(nsIThread*, bool) /gecko/xpcom/threads/nsThreadUtils.cpp:476:10
#10 0x7f4600c72f04 in mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) /gecko/ipc/glue/MessagePump.cpp:300:20
#11 0x7f4600af4717 in RunInternal /gecko/ipc/chromium/src/base/message_loop.cc:381:10
#12 0x7f4600af4717 in RunHandler /gecko/ipc/chromium/src/base/message_loop.cc:374:3
#13 0x7f4600af4717 in MessageLoop::Run() /gecko/ipc/chromium/src/base/message_loop.cc:356:3
#14 0x7f45ff4fc665 in nsThread::ThreadFunc(void*) /gecko/xpcom/threads/nsThread.cpp:383:10
#15 0x7f46215d4628 in _pt_root /gecko/nsprpub/pr/src/pthreads/ptthread.c:201:5
#16 0x7f4622019608 in start_thread /build/glibc-SzIz7B/glibc-2.31/nptl/pthread_create.c:477:8
#17 0x7f4621bc4132 in __clone /build/glibc-SzIz7B/glibc-2.31/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
Flags: in-testsuite?
|
Reporter | |
Comment 1•3 years ago
|
||
A Pernosco session is available here: https://pernos.co/debug/hDxdyMKpSdc5qjcLsZ-8IQ/index.html
|
||
Comment 2•3 years ago
|
||
The severity field is not set for this bug.
:jimm, could you have a look please?
For more information, please visit auto_nag documentation.
Flags: needinfo?(jmathies)
|
||
Updated•2 years ago
|
Flags: needinfo?(jmathies) → needinfo?(alwu)
|
|
||
Updated•2 years ago
|
Flags: needinfo?(alwu) → needinfo?(padenot)
|
||
Comment 3•2 years ago
|
||
This area has seen significant change recently, I'ved asked for the pernosco link to be rebuilded, and I'll have a look.
Assignee: nobody → padenot
Flags: needinfo?(padenot)
|
|
||
Comment 4•2 years ago
|
||
Alastor, I think this is related to your looping work, but I'm not sure.
Flags: needinfo?(alwu)
|
Assignee | |
Comment 5•2 years ago
|
||
This looks like the multiple seeking issues, which should be fixed in bug 1815798 already.
Assignee: padenot → alwu
Status: NEW → RESOLVED
Closed: 2 years ago
Flags: needinfo?(alwu)
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•