Closed Bug 1057274 Opened 10 years ago Closed 10 years ago

SourceMediaStream::SourceMediaStream does not initialise mNeedsMixing

Categories

(Core :: Audio/Video, defect)

Product:
Core
Component:
Audio/Video
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla35

People

(Reporter: jseward, Assigned: jseward)

References

Details

Attachments

(1 file)

bug1057274-1.diff
748 bytes, patch
karlt
: review+
Details | Diff | Splinter Review 
For the test content/media/test/test_mediarecorder_avoid_recursion.html
and various others too.

As a result, a SourceMediaStream constructed here ..

MediaStreamGraph.cpp

2977 MediaStreamGraph::CreateSourceStream(DOMMediaStream* aWrapper)
2978 {
2979   SourceMediaStream* stream = new SourceMediaStream(aWrapper);

eventually appears here

MediaStreamGraph.cpp

551  MediaStreamGraphImpl::UpdateStreamOrder()
...
559    for (uint32_t i = 0; i < mStreams.Length(); ++i) {
560      MediaStream* stream = mStreams[i];
561      stream->mIsConsumed = false;
562      stream->mInBlockingSet = false;
563      if (stream->AsSourceStream() &&
564          stream->AsSourceStream()->NeedsMixing()) {
565        shouldMix = true;
566      }
567    }
568
569    if (!mMixer && shouldMix) {
...
576    } else if (mMixer && !shouldMix) {

The call to NeedsMixing() at 564 simply returns mNeedsMixing, which causes
shouldMix to become undefined, and hence complaints at 569 and 576.
Resulting V complaint.  There's a second, otherwise identical one, for 
MediaStreamGraph.cpp:576 as well (not shown).

Thread 43 MediaStreamGrph:
Conditional jump or move depends on uninitialised value(s)
   at 0x6C14707: mozilla::MediaStreamGraphImpl::UpdateStreamOrder() (content/media/MediaStreamGraph.cpp:569)
   by 0x6C17B8C: mozilla::MediaStreamGraphImpl::RunThread() (content/media/MediaStreamGraph.cpp:1391)
   by 0x6C181AE: mozilla::(anonymous namespace)::MediaStreamGraphInitThreadRunnable::Run() (content/media/MediaStreamGraph.cpp:1604)
   by 0x583D957: nsThread::ProcessNextEvent(bool, bool*) (xpcom/threads/nsThread.cpp:770)
   by 0x585D1AF: NS_ProcessNextEvent(nsIThread*, bool) (xpcom/glue/nsThreadUtils.cpp:265)
   by 0x5ABC2BB: mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) (ipc/glue/MessagePump.cpp:326)
   by 0x5A98209: MessageLoop::RunInternal() (ipc/chromium/src/base/message_loop.cc:229)
   by 0x5A98214: MessageLoop::RunHandler() (ipc/chromium/src/base/message_loop.cc:222)
   by 0x5A984D9: MessageLoop::Run() (ipc/chromium/src/base/message_loop.cc:196)
   by 0x5840BF3: nsThread::ThreadFunc(void*) (xpcom/threads/nsThread.cpp:347)
   by 0x4C666F7: _pt_root (nsprpub/pr/src/pthreads/ptthread.c:212)
   by 0x349F407D13: start_thread (/usr/src/debug/glibc-2.15-a316c1f/nptl/pthread_create.c:309)
   by 0x349F0F168C: clone (/usr/src/debug////////glibc-2.15-a316c1f/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:115)

 Uninitialised value was created by a heap allocation
   at 0x4809064: malloc (/home/sewardj/VgTRUNK/mozhx/coregrind/m_replacemalloc/vg_replace_malloc.c:298)
   by 0x481D86B: moz_xmalloc (memory/mozalloc/mozalloc.cpp:52)
   by 0x6C0F181: operator new (ff-O-linux64/content/media/../../dist/include/mozilla/mozalloc.h:201)
   by 0x6C0F181: mozilla::MediaStreamGraph::CreateSourceStream(mozilla::DOMMediaStream*) (content/media/MediaStreamGraph.cpp:2979)
   by 0x684EE8F: mozilla::GetUserMediaStreamRunnable::Run() (dom/media/MediaManager.cpp:726)
   by 0x583D957: nsThread::ProcessNextEvent(bool, bool*) (xpcom/threads/nsThread.cpp:770)
   by 0x585D1AF: NS_ProcessNextEvent(nsIThread*, bool) (xpcom/glue/nsThreadUtils.cpp:265)
   by 0x5ABC3AB: mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) (ipc/glue/MessagePump.cpp:99)
   by 0x5A98209: MessageLoop::RunInternal() (ipc/chromium/src/base/message_loop.cc:229)
   by 0x5A98214: MessageLoop::RunHandler() (ipc/chromium/src/base/message_loop.cc:222)
   by 0x5A984D9: MessageLoop::Run() (ipc/chromium/src/base/message_loop.cc:196)
   by 0x6A19D6F: nsBaseAppShell::Run() (widget/xpwidgets/nsBaseAppShell.cpp:164)
   by 0x73D0D23: nsAppStartup::Run() (toolkit/components/startup/nsAppStartup.cpp:278)
   by 0x741108C: XREMain::XRE_mainRun() (toolkit/xre/nsAppRunner.cpp:4021)
   by 0x7411353: XREMain::XRE_main(int, char**, nsXREAppData const*) (toolkit/xre/nsAppRunner.cpp:4092)
   by 0x74115B2: XRE_main (toolkit/xre/nsAppRunner.cpp:4306)
   by 0x40379B: do_main(int, char**, nsIFile*) (browser/app/nsBrowserApp.cpp:282)
The obvious fix.
Blocks: 982490
Comment on attachment 8477282 [details] [diff] [review]
bug1057274-1.diff

Yes, this would provide the intended behavior.
Attachment #8477282 - Flags: review+
https://hg.mozilla.org/mozilla-central/rev/f1e58e5b8cdc
Assignee: nobody → jseward
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla35
Flags: qe-verify-
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: