[Mono-bugs] [Bug 690056] New: CMSampleBuffer.Dispose causes SIGSEGV
bugzilla_noreply at novell.com
bugzilla_noreply at novell.com
Tue Apr 26 16:48:54 EDT 2011
https://bugzilla.novell.com/show_bug.cgi?id=690056
https://bugzilla.novell.com/show_bug.cgi?id=690056#c0
Summary: CMSampleBuffer.Dispose causes SIGSEGV
Classification: Mono
Product: MonoTouch
Version: unspecified
Platform: Other
OS/Version: Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Class Libraries
AssignedTo: mono-bugs at lists.ximian.com
ReportedBy: fak at kruegersystems.com
QAContact: mono-bugs at lists.ximian.com
Found By: ---
Blocker: ---
Created an attachment (id=426722)
--> (http://bugzilla.novell.com/attachment.cgi?id=426722)
Project file demoing bug
Description of Problem:
This code causes a "double free" of sorts that results in a SIGSEGV:
var trackOutput = new AVAssetReaderTrackOutput(track, outputSettings);
reader.AddOutput(trackOutput);
var r = reader.StartReading();
while (r && reader.Status == AVAssetReaderStatus.Reading) {
using (var buffer = trackOutput.CopyNextSampleBuffer()) {
using (var block = buffer.GetDataBuffer()) {
}
}
}
When the CMSampleBuffer is Disposed, it CFReleases itself which in turn
CFReleases something else. That "something else" I believe is the CMBlockBuffer
returned from GetDataBuffer.
If you comment out the inner "using (... GetDataBuffer())", then the code
works. So I think the double-free involves a reference to the returned
CMBlockBuffer.
Run attached project on a Device (required). Hit the "+". Choose a song. Hit
"Done", then the reader loop begins.
Actual Results:
Stacktrace:
at MonoTouch.CoreMedia.CMSampleBuffer.Dispose (bool) <0x00047>
at MonoTouch.CoreMedia.CMSampleBuffer.Dispose () <0x00023>
at CMSampleBufferBug.AudioController.HandleItemsPicked
(object,MonoTouch.MediaPlayer.ItemsPickedEventArgs) [0x0018e] in
/Users/fak/Projects/Junk/CMSampleBufferBug/AudioController.cs:90
at
MonoTouch.MediaPlayer.MPMediaPickerController/_MPMediaPickerControllerDelegate.MediaItemsPicked
(MonoTouch.MediaPlayer.MPMediaPickerController,MonoTouch.MediaPlayer.MPMediaItemCollection)
<0x0006b>
at (wrapper runtime-invoke) object.runtime_invoke_dynamic
(intptr,intptr,intptr,intptr) <0xffffffff>
at MonoTouch.UIKit.UIApplication.Main (string[],string,string) <0x000cf>
at MonoTouch.UIKit.UIApplication.Main (string[]) <0x00023>
at CMSampleBufferBug.Application.Main (string[]) [0x00000] in
/Users/fak/Projects/Junk/CMSampleBufferBug/Main.cs:13
at (wrapper runtime-invoke) object.runtime_invoke_dynamic
(intptr,intptr,intptr,intptr) <0xffffffff>
Native stacktrace:
0 CMSampleBufferBug 0x0020d2ac
mono_handle_native_sigsegv + 412
1 CMSampleBufferBug 0x001f326c
mono_sigsegv_signal_handler + 360
2 libsystem_c.dylib 0x343ed72f _sigtramp + 42
3 CoreFoundation 0x33a271a1 CFRelease + 68
4 CoreMedia 0x3437adcf sBufFinalize + 14
5 CoreFoundation 0x33a2728f _CFRelease + 166
6 CoreFoundation 0x33a271b5 CFRelease + 88
7 CMSampleBufferBug 0x00025abc
wrapper_managed_to_native_MonoTouch_CoreFoundation_CFObject_CFRelease_intptr +
60
8 CMSampleBufferBug 0x00006c90
MonoTouch_CoreMedia_CMSampleBuffer_Dispose + 36
9 CMSampleBufferBug 0x00004410
CMSampleBufferBug_AudioController_HandleItemsPicked_object_MonoTouch_MediaPlayer_ItemsPickedEventArgs
+ 3336
10 CMSampleBufferBug 0x0000cb8c
MonoTouch_MediaPlayer_MPMediaPickerController__MPMediaPickerControllerDelegate_MediaItemsPicked_MonoTouch_MediaPlayer_MPMediaPickerController_MonoTouch_MediaPlayer_MPMediaItemCollection
+ 108
11 CMSampleBufferBug 0x0016b52c
wrapper_runtime_invoke_object_runtime_invoke_dynamic_intptr_intptr_intptr_intptr
+ 200
12 CMSampleBufferBug 0x001f2ed4 mono_jit_runtime_invoke
+ 2800
13 CMSampleBufferBug 0x002e2584 mono_runtime_invoke +
140
14 CMSampleBufferBug 0x003681d8 monotouch_trampoline +
2840
15 MediaPlayer 0x33c4ab6b
-[MPMediaPickerController _pickerDidPickItems:] + 94
16 MediaPlayer 0x33c4aac7
_MPSMediaPickerClientDidPickItems + 122
17 MediaPlayer 0x33c4e873 _XDidPickItems + 98
18 AppSupport 0x3400dde7
migHelperRecievePortCallout + 154
19 CoreFoundation 0x33a99a97
__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 26
20 CoreFoundation 0x33a9b83f __CFRunLoopDoSource1 +
166
21 CoreFoundation 0x33a9c60d __CFRunLoopRun + 520
22 CoreFoundation 0x33a2cec3 CFRunLoopRunSpecific +
230
23 CoreFoundation 0x33a2cdcb CFRunLoopRunInMode + 58
24 GraphicsServices 0x3362d41f GSEventRunModal + 114
25 GraphicsServices 0x3362d4cb GSEventRun + 62
26 UIKit 0x35afdd69 -[UIApplication _run] +
404
27 UIKit 0x35afb807 UIApplicationMain + 670
28 CMSampleBufferBug 0x000283dc
wrapper_managed_to_native_MonoTouch_UIKit_UIApplication_UIApplicationMain_int_string___intptr_intptr
+ 240
29 CMSampleBufferBug 0x00011c2c
MonoTouch_UIKit_UIApplication_Main_string__ + 36
30 CMSampleBufferBug 0x000031e8
CMSampleBufferBug_Application_Main_string__ + 128
31 CMSampleBufferBug 0x0016b52c
wrapper_runtime_invoke_object_runtime_invoke_dynamic_intptr_intptr_intptr_intptr
+ 200
32 CMSampleBufferBug 0x001f2ed4 mono_jit_runtime_invoke
+ 2800
33 CMSampleBufferBug 0x002e2584 mono_runtime_invoke +
140
34 CMSampleBufferBug 0x002e5534 mono_runtime_exec_main +
784
35 CMSampleBufferBug 0x002e4598 mono_runtime_run_main +
1048
36 CMSampleBufferBug 0x001fa6c4 mono_jit_exec + 216
37 CMSampleBufferBug 0x001ed538 main + 3432
38 CMSampleBufferBug 0x00002a54 start + 52
Debug info from gdb:
=================================================================
Got a SIGSEGV while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries
used by your application.
=================================================================
Error connecting stdout and stderr (192.168.1.209:10001)
Expected Results:
How often does this happen?
Additional Information:
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.
More information about the mono-bugs
mailing list