Closed Bug 842171 Opened 11 years ago Closed 11 years ago

vcmCreateTransportFlow() can error out due mMedia becoming NULL and cause wrong-thread releases

Tracking

()

Status:

RESOLVED DUPLICATE of bug 835283

People

(Reporter: jesup, Assigned: ekr)

References

Details

(Keywords: crash, Whiteboard: [webrtc][blocking-webrtc+])

Attachments

(1 file)

gdb logs 11 years ago Randell Jesup [:jesup] (needinfo me) 37.82 KB, text/plain		Details

Randell Jesup [:jesup] (needinfo me)

Reporter

Description

•

11 years ago

Attached file gdb logs — Details

When calling VcmRxStartICE_m(), vcmCreateTransportFlow() can error out due mMedia becoming NULL and cause wrong-thread releases in VcmRxStartICE_m().  

This is likely due to the patch for bug 820538, and that we're still using DISPATCH_SYNC.

Since pc->mMedia became NULL, we can't store the flow in it, and we release it on mainthread, which due to bug 830100 can cause a thread-safety assertion.  (Note that this crashes on purpose even in an opt/release build, which limits any security implications).

Found when trying to reproduce bug 835238

Randell Jesup [:jesup] (needinfo me)

Reporter

Updated

•

11 years ago

Status: NEW → RESOLVED

Closed: 11 years ago

Resolution: --- → DUPLICATE

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

vcmCreateTransportFlow() can error out due mMedia becoming NULL and cause wrong-thread releases

Categories

(Core :: WebRTC: Networking, defect)

Tracking

()

People

(Reporter: jesup, Assigned: ekr)

References

Details

(Keywords: crash, Whiteboard: [webrtc][blocking-webrtc+])

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Updated

Attachment

General

Description

File Name

Content Type