1336009 - Crash in mozilla::java::CodecProxy::Release

Status: RESOLVED FIXED

(Firefox for Android Graveyard :: Audio/Video, defect, P1)

Description

[(inactive) Jim Chen [:jchen] [:darchons]]

This bug was filed from the Socorro interface and is 
report bp-a84219cd-f256-4976-9c00-628c72170201.
=============================================================

Low volume crash that's been happening over the last month. In the crash logs, this exception always appear before the crash:

> I OMXClient: Using client-side OMX mux.
> I ACodec  : DRC Mode: Dynamic Buffer Mode
> E ACodec  : [OMX.qcom.video.decoder.vp8] configureCodec returning error -1010
> E MediaCodec: Codec reported an error. (omx error 0x80001001, internalError -1010)
> E GeckoRemoteCodec: FAIL: cannot create codec -- OMX.qcom.video.decoder.vp8
> W System.err: java.lang.IllegalStateException
> W System.err: 	at android.media.MediaCodec.native_configure(Native Method)
> W System.err: 	at android.media.MediaCodec.configure(MediaCodec.java:262)
> W System.err: 	at org.mozilla.gecko.media.JellyBeanAsyncCodec.configure(JellyBeanAsyncCodec.java:302)
> W System.err: 	at org.mozilla.gecko.media.Codec.configure(Codec.java:352)
> W System.err: 	at org.mozilla.gecko.media.ICodec$Stub.onTransact(ICodec.java:75)
> W System.err: 	at android.os.Binder.execTransact(Binder.java:404)
> W System.err: 	at dalvik.system.NativeStart.run(Native Method)

But the crash itself seems to happen inside libdvm, when calling CodecProxy::Release. Any ideas, John?

Comment 1

[John Lin [:jhlin][:jolin]]

Looks like Shutdown() will be called when Init() promise is rejected. RemoteDataDecoder::Shutdown() fails to handle it gracefully and access null mJavaDecoder/mJavaCallbacks.

Comment 2

[John Lin [:jhlin][:jolin]]

Attachment: Bug 1336009 - null Java object check before accessing.

Review commit: https://reviewboard.mozilla.org/r/109076/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/109076/

Comment 3

[(inactive) Jim Chen [:jchen] [:darchons]]

Comment on attachment 8832822 [details]
Bug 1336009 - null Java object check before accessing.

https://reviewboard.mozilla.org/r/109076/#review110374

Comment 4

[Pulsebot]

Pushed by jolin@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/1deef84b3663
null Java object check before accessing. r=jchen

Comment 5

[Carsten Book [:Tomcat]]

https://hg.mozilla.org/mozilla-central/rev/1deef84b3663

Comment 6

[Ryan VanderMeulen [:RyanVM]]

AFAICT, this crash only affects 53+ (going by crash-stats anyway). Please request Aurora approval on the patch when you get a chance (and Beta if it actually is affected too).

Comment 7

[John Lin [:jhlin][:jolin]]

(In reply to Ryan VanderMeulen [:RyanVM] from comment #6)
> AFAICT, this crash only affects 53+ (going by crash-stats anyway). Please
> request Aurora approval on the patch when you get a chance (and Beta if it
> actually is affected too).

 Will do. Ryan, thanks for your reminder. :)

Comment 8

[John Lin [:jhlin][:jolin]]

Comment on attachment 8832822 [details]
Bug 1336009 - null Java object check before accessing.

Approval Request Comment
[Feature/Bug causing the regression]: Bug 1333323
[User impact if declined]: browser crash once in a while 
[Is this code covered by automated tests?]:no
[Has the fix been verified in Nightly?]:yes
[Needs manual test from QE? If yes, steps to reproduce]: no
[List of other uplifts needed for the feature/fix]:none
[Is the change risky?]:low risk
[Why is the change risky/not risky?]: more null checkings 
[String changes made/needed]:none

Comment 9

[Gerry Chang [:gchang]]

Comment on attachment 8832822 [details]
Bug 1336009 - null Java object check before accessing.

Fix a crash. Aurora53+.

Comment 10

[Carsten Book [:Tomcat]]

https://hg.mozilla.org/releases/mozilla-aurora/rev/0c836d66d8ab