Last Comment Bug 753134 - B2G bluetooth interface crashes when trying to remove non-existent dbus watch sockets
: B2G bluetooth interface crashes when trying to remove non-existent dbus watch...
Status: RESOLVED FIXED
:
Product: Core
Classification: Components
Component: DOM: Device Interfaces (show other bugs)
: Trunk
: All Linux
: -- normal (vote)
: mozilla15
Assigned To: Kyle Machulis [:qdot]
:
: Andrew Overholt [:overholt]
Mentors:
Depends on:
Blocks: b2g-bluetooth
  Show dependency treegraph
 
Reported: 2012-05-08 14:59 PDT by Kyle Machulis [:qdot]
Modified: 2012-05-10 08:03 PDT (History)
1 user (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
Fix crash due to lack of index check on watch sockets (943 bytes, patch)
2012-05-08 15:11 PDT, Kyle Machulis [:qdot]
mwu.code: review+
Details | Diff | Splinter Review

Description Kyle Machulis [:qdot] 2012-05-08 14:59:52 PDT
If gecko with bluetooth enabled starts up after bluetooth has already come up, then turning bluetooth off causes a request that makes the watch manager try to remove a socket that doesn't exist, crashing the browser.
Comment 1 Kyle Machulis [:qdot] 2012-05-08 15:11:54 PDT
Created attachment 622166 [details] [diff] [review]
Fix crash due to lack of index check on watch sockets
Comment 2 Michael Wu [:mwu] 2012-05-09 14:22:53 PDT
Comment on attachment 622166 [details] [diff] [review]
Fix crash due to lack of index check on watch sockets

Review of attachment 622166 [details] [diff] [review]:
-----------------------------------------------------------------

::: ipc/dbus/DBusThread.cpp
@@ +311,5 @@
> +  // There are times where removes can be requested for watches that
> +  // haven't been added, so check to make sure we're using the watch
> +  // in the first place
> +  if(index >= 0)
> +  {

if (index < 0)
  return;

Also an example of when this might happen would be nice.
Comment 4 Ed Morley [:emorley] 2012-05-10 08:03:00 PDT
https://hg.mozilla.org/mozilla-central/rev/ab315de0070f

Note You need to log in before you can comment on or make changes to this bug.