Closed Bug 1429536 Opened 8 years ago Closed 8 years ago

Assertion failure: !(aWidth&1), at /home/worker/workspace/build/src/dom/media/webrtc/MediaEngineDefault.cpp:145

Categories

(Core :: WebRTC, defect, P2)

Product:
Core
Component:
WebRTC
Version:
59 Branch
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla59
Tracking Flags:
Tracking Status
firefox-esr52 --- wontfix
firefox57 --- wontfix
firefox58 --- wontfix
firefox59 --- fixed

People

(Reporter: jkratzer, Assigned: jib)

References

(Blocks 1 open bug)

Details

(Keywords: assertion, testcase)

Attachments

(3 files)

trigger.html
292 bytes, text/html
Details
simpler trigger.html
185 bytes, text/html
Details
Bug 1429536 - Assure even width and hight for fake:true camera, fixing debug crash.
59 bytes, text/x-review-board-request
ng
: review+
Details
Attached file trigger.html
Testcase found while fuzzing esr52 rev d61516b059c1. OS|Linux|0.0.0 Linux 4.4.0-104-generic #127-Ubuntu SMP Mon Dec 11 12:16:42 UTC 2017 x86_64 CPU|amd64|family 6 model 78 stepping 3|1 GPU||| Crash|SIGSEGV|0x0|24 24|0|libxul.so|mozilla::MediaEngineDefaultVideoSource::Notify|hg:hg.mozilla.org/releases/mozilla-esr52:dom/media/webrtc/MediaEngineDefault.cpp:d61516b059c1|145|0x0 24|1|libxul.so|nsTimerImpl::Fire|hg:hg.mozilla.org/releases/mozilla-esr52:xpcom/threads/nsTimerImpl.cpp:d61516b059c1|482|0x11 24|2|libxul.so|nsTimerEvent::Run|hg:hg.mozilla.org/releases/mozilla-esr52:xpcom/threads/TimerThread.cpp:d61516b059c1|285|0x17 24|3|libxul.so|nsThread::ProcessNextEvent|hg:hg.mozilla.org/releases/mozilla-esr52:xpcom/threads/nsThread.cpp:d61516b059c1|1216|0x11 24|4|libxul.so|NS_ProcessNextEvent|hg:hg.mozilla.org/releases/mozilla-esr52:xpcom/glue/nsThreadUtils.cpp:d61516b059c1|361|0xd 24|5|libxul.so|mozilla::ipc::MessagePumpForNonMainThreads::Run|hg:hg.mozilla.org/releases/mozilla-esr52:ipc/glue/MessagePump.cpp:d61516b059c1|368|0xd 24|6|libxul.so|MessageLoop::RunInternal|hg:hg.mozilla.org/releases/mozilla-esr52:ipc/chromium/src/base/message_loop.cc:d61516b059c1|232|0x17 24|7|libxul.so|MessageLoop::Run|hg:hg.mozilla.org/releases/mozilla-esr52:ipc/chromium/src/base/message_loop.cc:d61516b059c1|225|0x8 24|8|libxul.so|base::Thread::ThreadMain|hg:hg.mozilla.org/releases/mozilla-esr52:ipc/chromium/src/base/thread.cc:d61516b059c1|180|0x8 24|9|libxul.so|ThreadFunc|hg:hg.mozilla.org/releases/mozilla-esr52:ipc/chromium/src/base/platform_thread_posix.cc:d61516b059c1|38|0x3 24|10|libpthread-2.23.so||||0x76ba 24|11|libc-2.23.so||||0x1073dd
Flags: in-testsuite?
The test case uses 'fake: true'. That makes it less important. @jib: can you have a look or dispatch?
Rank: 15
Flags: needinfo?(jib)
Priority: -- → P2
Assignee: nobody → jib
status-firefox57: --- → wontfix
status-firefox58: --- → affected
status-firefox59: --- → affected
Flags: needinfo?(jib)
Attached file simpler trigger.html
Simpler STRs (other one didn't trigger in Nightly for me).
Comment on attachment 8941681 [details] Bug 1429536 - Assure even width and hight for fake:true camera, fixing debug crash. https://reviewboard.mozilla.org/r/211924/#review217706 ::: dom/media/webrtc/MediaEngineDefault.cpp:122 (Diff revision 1) > MediaEngine::DEFAULT_43_VIDEO_HEIGHT/2 > #else > MediaEngine::DEFAULT_43_VIDEO_HEIGHT > #endif > ); > - mOpts.mWidth = std::max(160, std::min(mOpts.mWidth, 4096)); > + mOpts.mWidth = std::max(160, std::min(mOpts.mWidth, 4096)) & ~1; (foo & -1) should be a no-op in 2s complement, perhaps you want (foo ^ 1).
Attachment #8941681 - Flags: review?(na-g) → review-
Comment on attachment 8941681 [details] Bug 1429536 - Assure even width and hight for fake:true camera, fixing debug crash. It's a tilde ~ i.e. bitwise NOT (one's complement), e.g. 0xfffffffe, not minus -
Attachment #8941681 - Flags: review- → review?(na-g)
Comment on attachment 8941681 [details] Bug 1429536 - Assure even width and hight for fake:true camera, fixing debug crash. https://reviewboard.mozilla.org/r/211924/#review217722
Attachment #8941681 - Flags: review?(na-g) → review+
Pushed by jbruaroey@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/172079108ce9 Assure even width and hight for fake:true camera, fixing debug crash. r=ng
https://hg.mozilla.org/mozilla-central/rev/172079108ce9
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox59: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla59
Since I believe we now properly support odd-width/height screencapture sources (and should support odd-sized camera sources, if they exist), we should support it here as well. AllocateSolidColorFrame needs to change to do rounding correctly (i.e. (N+1)/2 instead of N/2 or N>>1, and for buffer sizes do that for both width and height instead of >>2) Please file a followup bug.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: