crash in mozilla::dom::bluetooth::BluetoothReply::MaybeDestroy

RESOLVED WONTFIX

Status

--
critical
RESOLVED WONTFIX
3 years ago
2 years ago

People

(Reporter: nhirata, Assigned: shawnjohnjr)

Tracking

({crash})

Firefox Tracking Flags

(Not tracked)

Details

(crash signature)

This bug was filed from the Socorro interface and is 
report bp-8dd41c9f-822f-4d49-a4fc-64b162151223.
=============================================================

Frame 	Module 	Signature 	Source
0 	libxul.so 	mozilla::dom::bluetooth::BluetoothReply::MaybeDestroy(mozilla::dom::bluetooth::BluetoothReply::Type) 	/home/worker/objdir-gecko/objdir/ipc/ipdl/BluetoothTypes.cpp:965
1 	libxul.so 	mozilla::dom::bluetooth::BluetoothReply::~BluetoothReply() 	/home/worker/objdir-gecko/objdir/ipc/ipdl/BluetoothTypes.cpp:1032
2 	libxul.so 	mozilla::dom::bluetooth::BluetoothReplyRunnable::SetReply(mozilla::dom::bluetooth::BluetoothReply*) 	/home/worker/objdir-gecko/objdir/dist/include/nsAutoPtr.h:41
3 	libxul.so 	mozilla::dom::bluetooth::DispatchReplyError(mozilla::dom::bluetooth::BluetoothReplyRunnable*, mozilla::dom::bluetooth::BluetoothStatus) 	dom/bluetooth/common/BluetoothUtils.cpp
4 	libxul.so 	mozilla::ipc::DaemonResultRunnable1<mozilla::dom::bluetooth::BluetoothA2dpResultHandler, void, mozilla::dom::bluetooth::BluetoothStatus, mozilla::dom::bluetooth::BluetoothStatus>::Run() 	/home/worker/objdir-gecko/objdir/dist/include/mozilla/ipc/DaemonRunnables.h:121
5 	libxul.so 	nsThread::ProcessNextEvent(bool, bool*) 	xpcom/threads/nsThread.cpp
6 	libxul.so 	NS_ProcessNextEvent(nsIThread*, bool) 	xpcom/glue/nsThreadUtils.cpp
7 	libxul.so 	mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) 	ipc/glue/MessagePump.cpp
8 	libxul.so 	MessageLoop::RunInternal() 	ipc/chromium/src/base/message_loop.cc
9 	libxul.so 	MessageLoop::Run() 	ipc/chromium/src/base/message_loop.cc
10 	libxul.so 	nsBaseAppShell::Run() 	widget/nsBaseAppShell.cpp
11 	libxul.so 	nsAppStartup::Run() 	toolkit/components/startup/nsAppStartup.cpp
12 	libxul.so 	XREMain::XRE_mainRun() 	toolkit/xre/nsAppRunner.cpp
13 	libxul.so 	XREMain::XRE_main(int, char**, nsXREAppData const*) 	toolkit/xre/nsAppRunner.cpp
14 	libxul.so 	XRE_main 	toolkit/xre/nsAppRunner.cpp
15 	b2g 	do_main 	b2g/app/nsBrowserApp.cpp
16 	b2g 	b2g_main(int, char const**) 	b2g/app/nsBrowserApp.cpp
17 	b2g 	main 	b2g/app/B2GLoader.cpp
18 	libc.so 	__libc_init 	/builds/slave/b2g_m-b37_22_flm-kk_ntly-00000/build/bionic/libc/bionic/libc_init_dynamic.cpp:112
19 	b2g 	b2g@0xc1da 	
20 	linker 	set_soinfo_pool_protection 	/builds/slave/b2g_m-b37_22_flm-kk_eng_ntly-0/build/bionic/linker/linker.cpp:291
21 		@0xbe9dba6a

Note: Crash when trying to pair with one device, refresh the list and passed over a NFC bluetooth speaker.

Build ID               20151023103433
Gaia Revision          410e91ddabc7ba82a9b43b3711a3fdf2cb8de309
Gaia Date              2015-10-23 05:57:04
Gecko Revision         https://hg.mozilla.org/mozilla-central/rev/13f32d98ff20718496bd08eb610950429a343f42
Gecko Version          44.0a1
Device Name            aries
Firmware(Release)      4.4.2
Firmware(Incremental)  eng.worker.20151023.095408
Firmware Date          Fri Oct 23 09:54:16 UTC 2015
Bootloader             s1
(In reply to Naoki Hirata :nhirata (please use needinfo instead of cc) from comment #0)
> This bug was filed from the Socorro interface and is 
> report bp-8dd41c9f-822f-4d49-a4fc-64b162151223.
> =============================================================
> 
> Frame 	Module 	Signature 	Source
> 0 	libxul.so 
> mozilla::dom::bluetooth::BluetoothReply::MaybeDestroy(mozilla::dom::
> bluetooth::BluetoothReply::Type) 
> /home/worker/objdir-gecko/objdir/ipc/ipdl/BluetoothTypes.cpp:965
> 1 	libxul.so 	mozilla::dom::bluetooth::BluetoothReply::~BluetoothReply() 
> /home/worker/objdir-gecko/objdir/ipc/ipdl/BluetoothTypes.cpp:1032
> 2 	libxul.so 
> mozilla::dom::bluetooth::BluetoothReplyRunnable::SetReply(mozilla::dom::
> bluetooth::BluetoothReply*) 
> /home/worker/objdir-gecko/objdir/dist/include/nsAutoPtr.h:41
> 3 	libxul.so 
> mozilla::dom::bluetooth::DispatchReplyError(mozilla::dom::bluetooth::
> BluetoothReplyRunnable*, mozilla::dom::bluetooth::BluetoothStatus) 
> dom/bluetooth/common/BluetoothUtils.cpp
> 4 	libxul.so 
> mozilla::ipc::DaemonResultRunnable1<mozilla::dom::bluetooth::
> BluetoothA2dpResultHandler, void, mozilla::dom::bluetooth::BluetoothStatus,
> mozilla::dom::bluetooth::BluetoothStatus>::Run() 
> /home/worker/objdir-gecko/objdir/dist/include/mozilla/ipc/DaemonRunnables.h:
> 121
Hi
Do you have any STR or more information?
Flags: needinfo?(nhirata.bugzilla)
1. setup NFC
2. try connecting BT to a computer.
3. while trying to connecting to a computer, pass over a NFC/BT speaker and connect to speaker

I think connection at the same time causes a race condition and crashing.  Even though it's a low chance that someone hits this, we should not cause the whole OS to reboot.
Flags: needinfo?(nhirata.bugzilla) → needinfo?(shuang)
Assignee: nobody → shuang
Flags: needinfo?(shuang)
OS: Android → Gonk (Firefox OS)
(In reply to Naoki Hirata :nhirata (please use needinfo instead of cc) from comment #2)
> 1. setup NFC
> 2. try connecting BT to a computer.
> 3. while trying to connecting to a computer, pass over a NFC/BT speaker and
> connect to speaker
> 
> I think connection at the same time causes a race condition and crashing. 
> Even though it's a low chance that someone hits this, we should not cause
> the whole OS to reboot.

The step 2, you mentioned 'try connecting BT to a computer', can you explain a bit more how you connect BT to a computer? Do you mean transferring a file?
Flags: needinfo?(nhirata.bugzilla)
Connecting the bluetooth of the phone and pair it with the computer.

ie basically trying to get the bluetooth to be in a connection phase with a computer at the same time trigger bluetooth connection with the speaker with NFC.
Flags: needinfo?(nhirata.bugzilla)
Flags: needinfo?(shuang)
Flags: needinfo?(shuang)
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.