Closed
Bug 882589
Opened 11 years ago
Closed 11 years ago
crash in mozilla::BufferMediaResource::Read
Categories
(Core :: Web Audio, defect)
Tracking
()
RESOLVED
WORKSFORME
Tracking | Status | |
---|---|---|
firefox23 | --- | unaffected |
firefox24 | --- | unaffected |
firefox25 | --- | unaffected |
People
(Reporter: scoobidiver, Assigned: rillian)
References
()
Details
(Keywords: crash, regression, reproducible)
Crash Data
Bug 862709 has been back at a high volume in Aurora and Nightly since June 12, 17:30 UTC, likely for an external cause. Signature _VEC_memcpy | mozilla::BufferMediaResource::Read(char*, unsigned int, unsigned int*) More Reports Search UUID b49305b7-75c3-42d0-87a6-7cf1e2130613 Date Processed 2013-06-13 03:20:02 Uptime 1290 Last Crash 21.8 minutes before submission Install Age 21.5 minutes since version was first installed. Install Time 2013-06-13 02:58:26 Product Firefox Version 24.0a1 Build ID 20130612031138 Release Channel nightly OS Windows NT OS Version 6.1.7601 Service Pack 1 Build Architecture x86 Build Architecture Info GenuineIntel family 6 model 42 stepping 7 Crash Reason EXCEPTION_ACCESS_VIOLATION_READ Crash Address 0x5c380010 App Notes AdapterVendorID: 0x8086, AdapterDeviceID: 0x0126, AdapterSubsysID: 21da17aa, AdapterDriverVersion: 8.15.10.2778 D2D? D2D+ DWrite? DWrite+ D3D10 Layers? D3D10 Layers+ WebGL? EGL? EGL+ GL Context? GL Context+ WebGL+ Processor Notes sp-processor03_phx1_mozilla_com_4359:2012 EMCheckCompatibility True Adapter Vendor ID 0x8086 Adapter Device ID 0x0126 Total Virtual Memory 2147352576 Available Virtual Memory 324030464 System Memory Use Percentage 69 Available Page File 4722184192 Available Physical Memory 1115496448 Frame Module Signature Source 0 msvcr100.dll _VEC_memcpy 1 xul.dll mozilla::BufferMediaResource::Read obj-firefox/dist/include/BufferMediaResource.h:63 2 xul.dll mozilla::OggReader::ReadOggPage content/media/ogg/OggReader.cpp:882 3 xul.dll mozilla::OggReader::ReadMetadata content/media/ogg/OggReader.cpp:187 4 xul.dll mozilla::MediaDecodeTask::Decode content/media/webaudio/MediaBufferDecoder.cpp:484 5 xul.dll mozilla::MediaDecodeTask::Run content/media/webaudio/MediaBufferDecoder.cpp:381 6 xul.dll nsThreadPool::Run xpcom/threads/nsThreadPool.cpp:194 7 xul.dll nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:626 8 xul.dll nsThread::ThreadFunc xpcom/threads/nsThread.cpp:264 9 nss3.dll _PR_NativeRunThread nsprpub/pr/src/threads/combined/pruthr.c:397 10 nss3.dll pr_root nsprpub/pr/src/md/windows/w95thred.c:90 11 msvcr100.dll _callthreadstartex f:\dd\vctools\crt_bld\self_x86\crt\src\threadex.c:314 12 msvcr100.dll _threadstartex f:\dd\vctools\crt_bld\self_x86\crt\src\threadex.c:292 13 kernel32.dll BaseThreadInitThunk 14 ntdll.dll __RtlUserThreadStart 15 ntdll.dll _RtlUserThreadStart More reports at: https://crash-stats.mozilla.com/report/list?signature=_VEC_memcpy+|+mozilla%3A%3ABufferMediaResource%3A%3ARead%28char*%2C+unsigned+int%2C+unsigned+int*%29 https://crash-stats.mozilla.com/report/list?signature=memcpy+|+mozilla%3A%3ABufferMediaResource%3A%3ARead%28char*%2C+unsigned+int%2C+unsigned+int*%29
Comment 1•11 years ago
|
||
That's a WebAudio call stack. Ehsan, any ideas?
Component: Video/Audio → Web Audio
Flags: needinfo?(ehsan)
Comment 2•11 years ago
|
||
This is easily reproducible in Cubeslam on Windows. It doesn't happen on Mac...
URL: http://cubeslam.com/
Flags: needinfo?(ehsan)
Reporter | ||
Updated•11 years ago
|
Keywords: needURLs → reproducible
Assignee | ||
Comment 5•11 years ago
|
||
I can reproduce by visiting cubeslam.com in nightly and aurora on my windows vm. Sometimes it takes a few minutes of clicking, sometimes it's instant. I can't reproduce on Linux of Mac.
Assignee | ||
Comment 6•11 years ago
|
||
I've now managed to step through the crash in the debugger, using the official nightly build, debug symbols from our symbol server, and source from a local checkout. OggReader::DecodeAudioData() or ::ReadMetadata() is being called with a null or invalid 'this' pointer. Stepping up there's a MediaDecodeTask on the decode thread with an invalid mDecoderReader. This is after the OggReader dtor is called for a bunch of objects, but I only see MediaDecodeTask::Cleanup in the call stack when the dtor is called.
Is there some progress on this bug? Because there is another issue with cubeslam.com not loading (see bug 889270) but it's hard to bisect due to this crash.
Flags: needinfo?(giles)
Assignee | ||
Comment 8•11 years ago
|
||
I haven't made any progress on this bug in the last two weeks.
Flags: needinfo?(giles)
Assignee | ||
Comment 9•11 years ago
|
||
FWIW this crash is hard to reproduce on Linux and Mac; you could try bisecting there?
Reporter | ||
Comment 10•11 years ago
|
||
I can reproduce on Windows by loading http://hildr.luminance.org/bugs/886787/Lumberjack/Lumberjack.html.
status-firefox25:
--- → affected
Comment 11•11 years ago
|
||
I think this should be a dupe of bug 891986, which merged to mozilla-central today. Can you please retest on tonight's Nigthly?
Depends on: 891986
Reporter | ||
Updated•11 years ago
|
Flags: needinfo?(scoobidiver)
Assignee | ||
Comment 12•11 years ago
|
||
I cannot reproduce on my win7 vm with cubeslam or Lumberjack and 25.0a1 (2013-07-15) or (2013-07-17) or today's Aurora (24.0a2 2013-07-17). I can still reproduce with cubeslam and 24.0a1 (2013-06-13) from comment 6. So I can neither confirm nor deny that bug 891986 fixed this as well.
Reporter | ||
Comment 13•11 years ago
|
||
(In reply to :Ehsan Akhgari (needinfo? me!) from comment #11) > I think this should be a dupe of bug 891986, which merged to mozilla-central > today. Can you please retest on tonight's Nigthly? Neither Nightly nor Aurora crash for me on Lumberjack so it's not fixed by bug 891986's patch which hasn't landed in Aurora. Based on mozregression, the working range is: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=18467a85acf6&tochange=ff0a372e3170 I think it's fixed by bug 886653's patch.
Flags: needinfo?(scoobidiver)
Reporter | ||
Updated•11 years ago
|
status-firefox22:
unaffected → ---
Version: 23 Branch → 24 Branch
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 14•11 years ago
|
||
Without a known patch, it can't be marked as fixed.
Resolution: FIXED → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•