Closed Bug 858176 Opened 12 years ago Closed 12 years ago

WebRTC calls crash in DeleteGlobalRef in release mode builds only

Categories

(Core :: WebRTC, defect)

Product:
Core
Component:
WebRTC
Platform:
ARM
Android
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla23

People

(Reporter: gcp, Assigned: gcp)

References

Details

(Keywords: crash, Whiteboard: [native-crash][webrtc][android-webrtc+][blocking-webrtc-][qa-])

Crash Data

Attachments

(1 file)

Patch 1. Delete the ref before detaching from the JVM
1.38 KB, patch
blassey
: review+
Details | Diff | Splinter Review
So, turns out the code is breaking when you do a release build, specifically compile without --enable-debug: I don't immediately see anything wrong here. Program received signal SIGSEGV, Segmentation fault. Loading libraries and symbols... [Switching to Thread 31656] 0x72ef9050 in ?? () (gdb) bt #0 0x72ef9050 in ?? () #1 0x7a16ddf4 in DeleteGlobalRef (globalRef=0x1d400332, this=<optimized out>) at /home/morbo/android-ndk-r8c/platforms/android-9/arch-arm/usr/include/jni.h:566 #2 webrtc::videocapturemodule::DeviceInfoAndroid::CreateCapabilityMap (this=0x78dc9af0, deviceUniqueIdUTF8=0x7dd380f8 "Camera 1, Facing front, Orientation 270") at /home/morbo/hg/mozilla-central/media/webrtc/trunk/webrtc/modules/video_capture/android/device_info_android.cc:262 #3 0x7a16c50a in webrtc::videocapturemodule::DeviceInfoImpl::NumberOfCapabilities ( this=0x78dc9af0, deviceUniqueIdUTF8=0x7dd380f8 "Camera 1, Facing front, Orientation 270") at /home/morbo/hg/mozilla-central/media/webrtc/trunk/webrtc/modules/video_capture/device_info_impl.cc:76 #4 0x7a1c12f6 in webrtc::ViEInputManager::NumberOfCaptureCapabilities (this=<optimized out>, device_unique_idUTF8=0x7dd380f8 "Camera 1, Facing front, Orientation 270") at /home/morbo/hg/mozilla-central/media/webrtc/trunk/webrtc/video_engine/vie_input_manager.cc:97 #5 0x7a1ab7d2 in webrtc::ViECaptureImpl::NumberOfCapabilities (this=0x78a97900, unique_idUTF8=0x7dd380f8 "Camera 1, Facing front, Orientation 270", unique_idUTF8Length=<optimized out>) at /home/morbo/hg/mozilla-central/media/webrtc/trunk/webrtc/video_engine/vie_capture_impl.cc:442 #6 0x79835bd8 in mozilla::MediaEngineWebRTCVideoSource::ChooseCapability (this=0x7dd38000, aPrefs=...) at /home/morbo/hg/mozilla-central/content/media/webrtc/MediaEngineWebRTCVideo.cpp:157 #7 0x79835cb8 in mozilla::MediaEngineWebRTCVideoSource::Allocate (this=0x7dd38000, aPrefs=...) at /home/morbo/hg/mozilla-central/content/media/webrtc/MediaEngineWebRTCVideo.cpp:224 #8 0x79715574 in ProcessGetUserMedia (aVideoSource=0x7dd38000, aAudioSource=0x0, this=0x786f5fb0) at /home/morbo/hg/mozilla-central/dom/media/MediaManager.cpp:697 #9 mozilla::GetUserMediaRunnable::Run (this=0x786f5fb0) at /home/morbo/hg/mozilla-central/dom/media/MediaManager.cpp:558 #10 0x79e0368c in nsThread::ProcessNextEvent (this=0x7842d640, mayWait=<optimized out>, result=0x805afea7) at /home/morbo/hg/mozilla-central/xpcom/threads/nsThread.cpp:627 #11 0x79ddc3a2 in NS_ProcessNextEvent (thread=<optimized out>, mayWait=<optimized out>) at /home/morbo/hg/mozilla-central/objdir-android/xpcom/build/nsThreadUtils.cpp:238 #12 0x79e037fa in nsThread::ThreadFunc (arg=0x7842d640) at /home/morbo/hg/mozilla-central/xpcom/threads/nsThread.cpp:265 #13 0x77033c32 in _pt_root (arg=0x7dd6fa80) at /home/morbo/hg/mozilla-central/nsprpub/pr/src/pthreads/ptthread.c:191 #14 0x401353dc in __thread_entry () from /home/morbo/jimdb/moz-gdb/lib/00658c727e962a43/system/lib/libc.so #15 0x40134ac8 in pthread_create () from /home/morbo/jimdb/moz-gdb/lib/00658c727e962a43/system/lib/libc.so #16 0x00000000 in ?? () (gdb) up #1 0x7a16ddf4 in DeleteGlobalRef (globalRef=0x1d400332, this=<optimized out>) at /home/morbo/android-ndk-r8c/platforms/android-9/arch-arm/usr/include/jni.h:566 566 { functions->DeleteGlobalRef(this, globalRef); } (gdb) up #2 webrtc::videocapturemodule::DeviceInfoAndroid::CreateCapabilityMap (this=0x78dc9af0, deviceUniqueIdUTF8=0x7dd380f8 "Camera 1, Facing front, Orientation 270") at /home/morbo/hg/mozilla-central/media/webrtc/trunk/webrtc/modules/video_capture/android/device_info_android.cc:262 262 env->DeleteGlobalRef(javaCapClass);
Whiteboard: [webrtc][android-webrtc+]
VideoCaptureAndroid::ReleaseAndroidDeviceInfoObjects(attached); WEBRTC_TRACE(webrtc::kTraceInfo, webrtc::kTraceVideoCapture, _id, "CreateCapabilityMap %d", _captureCapabilities.Size()); env->DeleteGlobalRef(javaCapClass); ReleaseAndroidDeviceInfoObjects does a g_jvm->DetachCurrentThread(), so I'm guessing you can't do env->WhatEverJNICall after that point.
Crash Signature: [@ webrtc::videocapturemodule::DeviceInfoAndroid::CreateCapabilityMap (deviceUniqueIdUTF8)]
Keywords: crash
Whiteboard: [webrtc][android-webrtc+] → [native-crash][webrtc][android-webrtc+]
That seems pretty plausible, and easy enough to test by hoisting that DeleteGlobalRef statement up a few lines too.
Whiteboard: [native-crash][webrtc][android-webrtc+] → [native-crash][webrtc][android-webrtc+][blocking-webrtc-]
Attachment #733833 - Flags: review?(blassey.bugs) → review+
https://hg.mozilla.org/mozilla-central/rev/0ce9544cbb8f
Assignee: nobody → gpascutto
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla23
Whiteboard: [native-crash][webrtc][android-webrtc+][blocking-webrtc-] → [native-crash][webrtc][android-webrtc+][blocking-webrtc-][qa-]
Flags: in-testsuite-
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: