Closed
Bug 1069681
Opened 10 years ago
Closed 10 years ago
[MADAI] When modify the BluetoothServiceBluedroid, unlimited reboot issue is occurred
Categories
(Firefox OS Graveyard :: Bluetooth, defect, P1)
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: rapbong, Assigned: shawnjohnjr)
Details
(Whiteboard: [LibGLA, B])
Attachments
(2 files)
User Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36
Steps to reproduce:
1. Apply the bug1059136 patch
2. Modify the bluetoothserviceblued file
3. Download the system image
Actual results:
MADAI is repeated reboot.
Expected results:
Phone should normally boot.
|
Reporter | |
Updated•10 years ago
|
Severity: normal → major
Depends on: 1059136
OS: All → Gonk (Firefox OS)
Priority: -- → P1
Hardware: All → ARM
Whiteboard: [LibGLA, B]
|
|
Reporter | |
Comment 1•10 years ago
|
||
|
|
Reporter | |
Comment 2•10 years ago
|
||
Dear Mozilla Engineer.
I removed the below codes and confirmed the normally boot.
int uuidListLength = p.len / MAX_UUID_SIZE;
for (size_t i = 0; i < uuidListLength; i++) {
uint16_t uuidServiceClass = UuidToServiceClassInt(
(bt_uuid_t*)(p.val +(i * MAX_UUID_SIZE)));
BluetoothServiceClass serviceClass =
BluetoothUuidHelper::GetBluetoothServiceClass(uuidServiceClass);
// Get Uuid string from BluetoothServiceClass
nsString uuid;
BluetoothUuidHelper::GetString(serviceClass, uuid);
sAdapterUuidsArray.AppendElement(uuid);
}
propertyValue = sAdapterUuidsArray;
props.AppendElement(BluetoothNamedValue(NS_LITERAL_STRING("UUIDs"),
propertyValue));
}
Could you check this issue?
If this patch has been applied, we cannot modify the BluetoothServiceBluedroid.cpp.
Best regrads.
|
Assignee | |
Updated•10 years ago
|
Assignee: nobody → shuang
|
|
Assignee | |
Comment 3•10 years ago
|
||
Thanks for report this. I will check and update tomorrow.
|
|
Assignee | |
Comment 5•10 years ago
|
||
I just tried v2.0 on Nexus 5 and I did not see any crash. I will try flame-kk with branch v2.0 later.
|
|
Reporter | |
Comment 6•10 years ago
|
||
In my case added the new function or task in the BluetoothServiceBluedroid.cpp.
|
|
Assignee | |
Comment 7•10 years ago
|
||
(In reply to ILBEOM KIM from comment #6)
> In my case added the new function or task in the
> BluetoothServiceBluedroid.cpp.
I'm sorry, I'm a little confused here. Do you mind providing minidump or use gdb to get backtrace?
|
|
Assignee | |
Updated•10 years ago
|
Flags: needinfo?(rapbong)
|
|
Reporter | |
Comment 8•10 years ago
|
||
I attached the minidump result.
Thread 63 (crashed)
0 libxul.so!AdapterPropertiesCallback [BluetoothServiceBluedroid.cpp : 362 + 0x0]
r0 = 0x00000000 r1 = 0x00000001 r2 = 0xa1d1bd2e r3 = 0x00000001
r4 = 0xa1d1bd2e r5 = 0x00000000 r6 = 0x00000000 r7 = 0xa1d1bd2e
r8 = 0xb6421f28 r9 = 0xb5ec678f r10 = 0xb5ec90e6 fp = 0xae8fec40
sp = 0xa1603560 lr = 0xae870f4f pc = 0xb54008ac
Found by: given as instruction pointer in context
1 bluetooth.default.so!execute_storage_request [btif_core.c : 1135 + 0xb]
r4 = 0xae92fa1c r5 = 0xae92f9c8 r6 = 0x00000000 r7 = 0xa1d1bd2e
r8 = 0xb6efc394 r9 = 0xae8feb7b r10 = 0xae8fec56 fp = 0xae8fec40
sp = 0xa1603680 pc = 0xae870f4f
Found by: call frame info
2 bluetooth.default.so!btif_task [btif_core.c : 198 + 0x7]
r4 = 0xae92f9c8 r5 = 0xa1d1bd18 r6 = 0xae92fa1c r7 = 0xae92ed7c
r8 = 0xae8fec25 r9 = 0xae8feb7b r10 = 0xae8fec56 fp = 0xae8fec40
sp = 0xa1603d60 pc = 0xae8719a1
Found by: call frame info
3 bluetooth.default.so!gki_task_entry [gki_ulinux.c : 157 + 0x5]
r4 = 0xaea07ecc r5 = 0xaea06b28 r6 = 0x00000000 r7 = 0xae929495
r8 = 0xae90cef7 r9 = 0xa1506000 r10 = 0xaea06b30 fp = 0xb6efa2ec
sp = 0xa1603d98 pc = 0xae89ab0f
Found by: call frame info
4 libc.so!__thread_entry [pthread_create.cpp : 105 + 0x6]
r0 = 0x00000001 r1 = 0xae8fecc5 r4 = 0xa1603dd0 r5 = 0x00c07b10
r6 = 0xae89aab1 r7 = 0xaea07ecc r8 = 0xae89aab1 r9 = 0xa1506000
r10 = 0xaea06b30 fp = 0xb6efa2ec sp = 0xa1603db8 pc = 0xb6ebb234
Found by: call frame info
5 libc.so!pthread_create [pthread_create.cpp : 224 + 0x16]
r3 = 0xaea07ecc r4 = 0x00c07b10 r5 = 0xa1603dd0 r6 = 0x0000000b
r7 = 0x00000078 r8 = 0xae89aab1 r9 = 0xa1506000 r10 = 0xaea06b30
fp = 0xb6efa2ec sp = 0xa1603dd0 pc = 0xb6ebb3cc
Found by: call frame info
This crash is occurred in the BluetoothServiceBluedroid.cpp.
I also attached the BluetoothServiceBluedroid.cpp.
Please check this case.
Thanks.
Flags: needinfo?(rapbong)
|
|
Reporter | |
Comment 9•10 years ago
|
||
|
|
Assignee | |
Comment 10•10 years ago
|
||
Hi,
It looks like bug 989976. However, we only saw it happened on specific platform.
Can you try this patch?
https://hg.mozilla.org/mozilla-central/rev/05377e8cffbe
Flags: needinfo?(shuang)
|
|
Assignee | |
Updated•10 years ago
|
Flags: needinfo?(rapbong)
|
|
Assignee | |
Comment 11•10 years ago
|
||
From Comment 8, I cannot tell it's SIGBUS error or SIGSEGV, but the backtrace looks like address unalignment issue. If the patch works for you, I think you can request bug 989976 as 2.0 blocker to be uplifted for v2.0.
|
|
Reporter | |
Comment 12•10 years ago
|
||
Dear Shawn.
I applied your patch, and rebooting haven't occurred.
As you mentioned this issue seems like the address alignment issue.
Best regards.
Flags: needinfo?(rapbong)
|
|
Assignee | |
Comment 13•10 years ago
|
||
I feel a little dangerous if we don't take patch into v2.0, if this happened on your platform. Does this happen consistently?
|
|
Assignee | |
Updated•10 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•