Closed
Bug 979761
Opened 10 years ago
Closed 10 years ago
[RTSP] Crash when playing RTSP streaming with MPEG AAC Audio codec (regression caused by bug 970271)
Categories
(Core :: Networking, defect)
Tracking
()
People
(Reporter: ethan, Assigned: ethan)
Details
(Keywords: crash, Whiteboard: [b2g-crash])
Attachments
(2 files)
When we play an RTSP media which uses codec "MPEG AAC Audio (mp4a)", the system crash would crash immediately. The gdb backtrace log is attached. This is a regression caused by the changeset b5d404be0b1e from bug 970271. The changeset fixed GCC warnings by removing some unused variables, and the root cause is the removal of this line of code: unsigned frameLengthFlag = bits->getBits(1); ABitReader::getBits() has side effect. It would change the values of its internal data members related to bit positions. Thus it causes parsing mistake by removing that line of code.
Assignee | ||
Updated•10 years ago
|
Assignee: nobody → ettseng
Assignee | ||
Updated•10 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 1•10 years ago
|
||
Nominate this bug as a 1.4 blocker since the impact is critical.
blocking-b2g: --- → 1.4?
Assignee | ||
Comment 2•10 years ago
|
||
Attachment #8385939 -
Flags: review?(vchang)
Comment 3•10 years ago
|
||
Comment on attachment 8385939 [details] [diff] [review] bug-979761-fix.patch Review of attachment 8385939 [details] [diff] [review]: ----------------------------------------------------------------- This can be done with #include <mozilla/unused.h> unused << bits->getBit(1); like in the patch at https://bug970271.bugzilla.mozilla.org/attachment.cgi?id=8380729 That should fix the bug, but not produce a warning from gcc.
Attachment #8385939 -
Flags: feedback+
Comment 4•10 years ago
|
||
(In reply to Thomas Zimmermann [:tzimmermann] [:tdz] from comment #3) > Comment on attachment 8385939 [details] [diff] [review] > bug-979761-fix.patch > > Review of attachment 8385939 [details] [diff] [review]: > ----------------------------------------------------------------- > > This can be done with > > #include <mozilla/unused.h> > > unused << bits->getBit(1); > > like in the patch at > https://bug970271.bugzilla.mozilla.org/attachment.cgi?id=8380729 > > That should fix the bug, but not produce a warning from gcc. Sorry, forget about that comment. I was somehow thinking of a different warning.
Assignee | ||
Comment 5•10 years ago
|
||
(In reply to Thomas Zimmermann [:tzimmermann] [:tdz] from comment #4) > Sorry, forget about that comment. I was somehow thinking of a different > warning. Never mind. Thanks for sharing the unused tool. Actually I tried to fix that warning (ignoring return value) few days ago, but didn't have a good idea. Glad to learn this trick from your patch. :)
Assignee | ||
Comment 6•10 years ago
|
||
The result of try server: https://tbpl.mozilla.org/?tree=Try&rev=5ccf598ca226
Updated•10 years ago
|
Comment 7•10 years ago
|
||
Comment on attachment 8385939 [details] [diff] [review] bug-979761-fix.patch Review of attachment 8385939 [details] [diff] [review]: ----------------------------------------------------------------- To prevent confusing people on what getBits() is doing, I think we should add more comments to explain in more detail. Crash is really critical, so let's clean this file up in the follow up.
Attachment #8385939 -
Flags: review?(vchang) → review+
Assignee | ||
Updated•10 years ago
|
Keywords: checkin-needed
Comment 8•10 years ago
|
||
(In reply to Vincent Chang[:vchang] from comment #7) > Comment on attachment 8385939 [details] [diff] [review] > bug-979761-fix.patch > > Review of attachment 8385939 [details] [diff] [review]: > ----------------------------------------------------------------- > > To prevent confusing people on what getBits() is doing, I think we should > add more comments to explain in more detail. > Crash is really critical, so let's clean this file up in the follow up. I totally agree. I suggest to rename |getBits| to indicate that it has side effects.
Comment 9•10 years ago
|
||
https://hg.mozilla.org/integration/b2g-inbound/rev/c057f546b7af
Keywords: checkin-needed
Assignee | ||
Comment 10•10 years ago
|
||
(In reply to Thomas Zimmermann [:tzimmermann] [:tdz] from comment #8) > I totally agree. I suggest to rename |getBits| to indicate that it has side > effects. Yes, we also thought of renaming this function to reflect its side effects in the first place. Unfortunately, this source file is in AOSP's foundation, not in our repository. They are in: B2G/frameworks/base/media/libstagefright/foundation/ABitReader.cpp B2G/frameworks/base/include/media/stagefright/foundation/ABitReader.h That's why we couldn't simply refine the method name. I filed bug 980226 to follow up this issue according to Vincent's advice. We will refactor some codes which invoke getBits() to avoid future misuse.
Comment 11•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/c057f546b7af
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla30
Updated•10 years ago
|
status-b2g-v1.4:
--- → fixed
status-firefox28:
--- → wontfix
status-firefox29:
--- → wontfix
status-firefox30:
--- → fixed
You need to log in
before you can comment on or make changes to this bug.
Description
•