Closed
Bug 932820
Opened 11 years ago
Closed 10 years ago
crash in mozilla::MediaPluginReader::DecodeVideoFrame(bool&, long long) HTC One/Adreno 320
Categories
(Core :: Audio/Video, defect)
Tracking
()
VERIFIED
FIXED
mozilla29
People
(Reporter: kbrosnan, Assigned: eflores)
References
Details
(4 keywords, Whiteboard: [native-crash])
Crash Data
Attachments
(1 file)
|
2.27 KB,
patch
|
cajbir
:
review+
bajaj
:
approval-mozilla-aurora+
bajaj
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
This bug was filed from the Socorro interface and is report bp-cd5ff84d-754b-4e0f-9927-45d8b2131030. ============================================================= 0 libxul.so mozilla::MediaPluginReader::DecodeVideoFrame(bool&, long long) obj-firefox/dist/include/AbstractMediaDecoder.h 1 libxul.so mozilla::MediaDecoderReader::DecodeToTarget(long long) content/media/MediaDecoderReader.cpp 2 libxul.so mozilla::MediaPluginReader::Seek(long long, long long, long long, long long) content/media/plugins/MediaPluginReader.cpp 3 libxul.so mozilla::MediaDecoderStateMachine::DecodeSeek() content/media/MediaDecoderStateMachine.cpp 4 libxul.so mozilla::MediaDecoderStateMachine::DecodeThreadRun() content/media/MediaDecoderStateMachine.cpp 5 libxul.so nsRunnableMethodImpl<tag_nsresult (mozilla::dom::NotificationPermissionRequest::*)(), true>::Run() obj-firefox/dist/include/nsThreadUtils.h 6 libxul.so nsThread::ProcessNextEvent(bool, bool*) xpcom/threads/nsThread.cpp 7 libxul.so NS_ProcessNextEvent(nsIThread*, bool) obj-firefox/xpcom/build/nsThreadUtils.cpp 8 libxul.so nsThread::ThreadFunc(void*) xpcom/threads/nsThread.cpp 9 libnss3.so _pt_root nsprpub/pr/src/pthreads/ptthread.c 10 libc.so libc.so@0xcbe2 11 libc.so libc.so@0xcd5e Aaron can you repo on the HTC One, if you need URLs just ask.
Flags: needinfo?(aaron.train)
|
||
Comment 1•11 years ago
|
||
Nightly, blocked on video playback on my HTC One, I am hitting bug crasher 933325. On release, I haven't hit this yet but am still trying.
Flags: needinfo?(aaron.train)
|
||
Comment 3•11 years ago
|
||
(In reply to Brad Lassey [:blassey] (use needinfo?) from comment #2) > Maire, assignee? This is in media playback. Anthony, I know everyone is super busy right now, but can you find someone to look at this?
Flags: needinfo?(mreavy) → needinfo?(ajones)
|
||
Updated•11 years ago
|
Assignee: nobody → edwin
Flags: needinfo?(ajones)
|
||
Updated•11 years ago
|
tracking-fennec: ? → +
|
Reporter | |
Comment 4•11 years ago
|
||
This is a top 10 crash for Firefox for Android 26. Any chance this could be looked into?
Flags: needinfo?(edwin)
Keywords: topcrash-android-armv7
|
Assignee | |
Comment 5•11 years ago
|
||
Has this been observed recently on FF27+? I was seeing a similar crash which I fixed in bug 934412. Might just have to uplift those to release.
Flags: needinfo?(edwin) → needinfo?(kbrosnan)
|
|
Reporter | |
Comment 6•11 years ago
|
||
Crash stats has crashes on 29a1, 28a2, 27b1 and 26, 25, 24 release. I don't think 934412 is related given that 26 is unaffected for that bug.
Flags: needinfo?(kbrosnan)
|
||
Comment 7•11 years ago
|
||
I can't really dogfood nightly on my HTC One - after the break, can we please bump this up in priority?
Keywords: dogfood
|
|
||
Updated•11 years ago
|
status-firefox26:
--- → affected
status-firefox27:
--- → affected
status-firefox28:
--- → affected
status-firefox29:
--- → affected
|
||
Comment 8•10 years ago
|
||
Any news on this?
|
|
||
Comment 9•10 years ago
|
||
If this is still a top-crash this should be tracking 27. Kevin, re-nominate if so.
Flags: needinfo?(kbrosnan)
Flags: needinfo?(edwin)
|
|
Assignee | |
Comment 10•10 years ago
|
||
Can still repro on latest nightly. On it soon.
Flags: needinfo?(edwin)
|
|
Reporter | |
Comment 11•10 years ago
|
||
Yes this is a topcrash. It is on release. Not much to do till there is a patch. Once that appears it can be evaluated for uplift.
Flags: needinfo?(kbrosnan)
|
|
Assignee | |
Comment 13•10 years ago
|
||
The issue here is that HTC extends OMXCodec with their own HTCOMXCodec, whose read() method modifies the ReadOptions object passed into it. That in itself wouldn't be too bad, but they have also extended ReadOptions with extra fields. So when we pass ReadOptions (allocated on the stack) by address into [HTC]OMXCodec::read(), it writes over our stack since ReadOptions isn't as long as it expects.
Attachment #8362755 -
Flags: review?(chris.double)
|
||
Updated•10 years ago
|
Attachment #8362755 -
Flags: review?(chris.double) → review+
|
||
Comment 14•10 years ago
|
||
How safe is this patch to uplift? This is currently #6 crash on Fx26. I don't think we can uplift to release, but beta would be nice. We might have just missed that too.
|
|
Assignee | |
Comment 15•10 years ago
|
||
(In reply to Mark Finkle (:mfinkle) from comment #14) > How safe is this patch to uplift? This is currently #6 crash on Fx26. I > don't think we can uplift to release, but beta would be nice. We might have > just missed that too. Bustage risk is zero. Go ahead.
|
|
Assignee | |
Comment 16•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/156dd7431c8e
https://hg.mozilla.org/mozilla-central/rev/156dd7431c8e
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla29
|
||
Comment 18•10 years ago
|
||
(In reply to Mark Finkle (:mfinkle) from comment #14) > How safe is this patch to uplift? This is currently #6 crash on Fx26. I > don't think we can uplift to release, but beta would be nice. We might have > just missed that too. We have our final beta for mobile going to build on Monday(1/27). Would recommend to nominate for uplift with risk evaluation. If low risk, I am in favor of landing if we can mitigate the risk by some extra testing or bake time on aurora ? Nevertheless, lets uplift to aurora asap.
|
|
||
Comment 19•10 years ago
|
||
Comment on attachment 8362755 [details] [diff] [review] 932820.patch [Approval Request Comment] Bug caused by (feature/regressing bug #): User impact if declined: Top crash Testing completed (on m-c, etc.): Just landed on m-c Risk to taking this patch (and alternatives if risky): "Bustage risk is zero" String or IDL/UUID changes made by this patch: none
Attachment #8362755 -
Flags: approval-mozilla-aurora?
|
|
||
Updated•10 years ago
|
Attachment #8362755 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
|
|
||
Comment 21•10 years ago
|
||
Comment on attachment 8362755 [details] [diff] [review] 932820.patch [Approval Request Comment] Same as for Aurora. This is the #6 crash on Fx26, so getting this fixed in Fx27 would be great.
Attachment #8362755 -
Flags: approval-mozilla-beta?
|
|
||
Updated•10 years ago
|
Attachment #8362755 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
|
|
Assignee | |
Comment 22•10 years ago
|
||
For verification, it should be noted that this crash happened on *seeking* an h264 video.
|
|
||
Comment 24•10 years ago
|
||
WFM on my HTC One (Android 4.3, Sense 5.5), tested against Nightly.
|
|
||
Updated•10 years ago
|
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•