Closed Bug 832232 Opened 13 years ago Closed 13 years ago

crash in nsGeolocationService::SetHigherAccuracy

Categories

(Firefox OS Graveyard :: General, defect)

Product:
Firefox OS Graveyard
Component:
General
Platform:
ARM
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(blocking-b2g:tef+, firefox20 wontfix, firefox21 wontfix, firefox22 fixed, b2g18 fixed, b2g18-v1.0.0 wontfix, b2g18-v1.0.1 fixed)

Status:
VERIFIED FIXED
Milestone:
B2G C4 (2jan on)
Project Flags:
blocking-b2g tef+
Tracking Flags:
Tracking Status
firefox20 --- wontfix
firefox21 --- wontfix
firefox22 --- fixed
b2g18 --- fixed
b2g18-v1.0.0 --- wontfix
b2g18-v1.0.1 --- fixed

People

(Reporter: scoobidiver, Assigned: jdm)

Details

(Keywords: crash, Whiteboard: [b2g-crash])

Crash Data

Attachments

(1 file, 1 obsolete file)

Protect against missing geolocation services during shutdown.
957 bytes, patch
dougt
: review+
Details | Diff | Splinter Review
It's #15 crasher in B2G 18.0. Frame Module Signature Source 0 libxul.so nsGeolocationService::SetHigherAccuracy nsGeolocation.cpp:1013 1 libxul.so mozilla::dom::ContentParent::RecvSetGeolocationHigherAccuracy ContentParent.cpp:2245 2 libxul.so mozilla::dom::PContentParent::OnMessageReceived PContentParent.cpp:1633 3 libxul.so mozilla::ipc::AsyncChannel::OnDispatchMessage AsyncChannel.cpp:473 4 libxul.so mozilla::ipc::RPCChannel::OnMaybeDequeueOne RPCChannel.cpp:402 5 libxul.so RunnableMethod<IPC::ChannelProxy::Context, void , Tuple0>::Run tuple.h:383 6 libxul.so mozilla::ipc::RPCChannel::DequeueTask::Run RPCChannel.h:425 7 libxul.so MessageLoop::RunTask message_loop.cc:333 8 libxul.so MessageLoop::DeferOrRunPendingTask message_loop.cc:341 9 libxul.so MessageLoop::DoWork message_loop.cc:441 10 libxul.so mozilla::ipc::DoWorkRunnable::Run MessagePump.cpp:42 11 libxul.so nsThread::ProcessNextEvent nsThread.cpp:620 12 libxul.so NS_ProcessPendingEvents_P nsThreadUtils.cpp:187 13 libxul.so mozilla::dom::indexedDB::TransactionThreadPool::Cleanup TransactionThreadPool.cpp:165 14 libxul.so mozilla::dom::indexedDB::TransactionThreadPool::Shutdown TransactionThreadPool.cpp:121 15 libxul.so mozilla::dom::indexedDB::IndexedDatabaseManager::Observe IndexedDatabaseManager.cpp:1646 16 libxul.so nsObserverList::NotifyObservers nsObserverList.cpp:99 17 libxul.so nsObserverService::NotifyObservers nsObserverService.cpp:149 18 libxul.so mozilla::dom::power::PowerManagerService::SyncProfile PowerManagerService.cpp:110 19 libxul.so mozilla::dom::power::PowerManagerService::Reboot PowerManagerService.cpp:119 20 libxul.so mozilla::dom::power::PowerManager::Reboot PowerManager.cpp:68 21 libxul.so NS_InvokeByIndex_P xptcinvoke_arm.cpp:160 22 libxul.so XPCWrappedNative::CallMethod XPCWrappedNative.cpp:3083 23 libxul.so XPC_WN_CallMethod XPCWrappedNativeJSOps.cpp:1469 24 libxul.so js::InvokeKernel jscntxtinlines.h:364 ... More reports at: https://crash-stats.mozilla.com/report/list?signature=nsGeolocationService%3A%3ASetHigherAccuracy
Let's re-nom for blocking if we can find a reliable STR.
blocking-b2g: tef? → -
Keywords: qawanted, steps-wanted
It still occurs in a recent build.
To whoever investigates this - I did end up seeing this after using the maps app and I think restarting the phone once. Might dig into this if I get more time.
My guess is : It looks like the phone was restarted or turned off during the time that there was some high accuracy calls to the geolocation ? I still can't seem to replicate though.
This crash is still occurring... looks like turning off or rebooting will make it occur. Need to figure out timing. https://crash-stats.mozilla.com/report/index/c2b2d205-fc54-4455-a8f2-062f62130213
http://mxr.mozilla.org/mozilla-b2g18/source/dom/ipc/ContentParent.cpp#2289 service is probably garbage because we are shutting down? jdm, you want to crack this?
Assignee: nobody → josh
Yeah, this should be a simple null-check.
not so sure. if the service was null, wouldn't the crash be on: ContentParent.cpp#2289 but it is really on nsGeolocation.cpp:1013 It is as if the service object is deleted and non-null, doesn't it?
It's a crash at 0x1c, at the first usage of a member variable in the function. That smells like a NPE to me.
Attachment #715753 - Flags: review?(doug.turner)
Comment on attachment 715753 [details] [diff] [review] Protect against missing geolocation services during shutdown. nice try. ;)
Attachment #715753 - Flags: review?(doug.turner) → review-
Attachment #715753 - Attachment is obsolete: true
Attachment #715871 - Flags: review?(doug.turner) → review+
https://hg.mozilla.org/mozilla-central/rev/c9840572966b
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Can we get an uplift for this? It's a null check.
blocking-b2g: - → shira?
I can't seem to get STRs to repro this. I even went so far as to try to do a adb reboot as soon as I tried to load maps.google.com...
Keywords: qawanted
naoki, if you can't get str, the way to verify this is to watch crash-stats and see if there is a significant change -- that is, we shouldn't see this crash any longer. +1 on the uplift request.
tef? is probably what you are looking for if it's an uplift
blocking-b2g: shira? → tef?
Let's get this uplifted asap and watch the crash stats since we don't have STR.
blocking-b2g: tef? → tef+
status-b2g18: --- → affected
status-b2g18-v1.0.0: --- → wontfix
status-b2g18-v1.0.1: --- → affected
tracking-b2g18: ? → ---
Keywords: steps-wanted
does not make sense to create a regression issue.
Flags: in-moztrap-
Verified fixed on Unagi Build ID: 20130403070201 Kernel Date: Dec 5 Gecko: http://hg.mozilla.org/releases/mozilla-b2g18_v1_0_1/rev/512258bc00a3 Gaia: daea430624ec02f8d36a12d581fc4a3278c27cb7 and Unagi Build ID: 20130403070204 Kernel Date: Dec 5 Gecko: http://hg.mozilla.org/releases/mozilla-b2g18/rev/d467369d1b0c Gaia: 06e0e5ce42bdfb62bdbe38271de6b5b2d9e40e75 No Crash occurs in nsGeolocationService. Does not Repro.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: