Closed
Bug 838499
Opened 11 years ago
Closed 11 years ago
[b2g-bluetooth] Assertion failed in function SetJsObject()
Categories
(Core :: DOM: Device Interfaces, defect)
Tracking
()
RESOLVED
FIXED
mozilla21
People
(Reporter: gyeh, Assigned: gyeh)
Details
Attachments
(1 file, 1 obsolete file)
In BluetoothUtils::SetJsObject(), the following assertion was failed due to the null value of mJsUuids/mJsDeviceAddresses/mJsServices in BluetoothAdapter/BluetoothDevice.
SetJsObject(JSContext* aContext,
const BluetoothValue& aValue,
JSObject* aObj)
{
MOZ_ASSERT(aContext && aObj);
...
}
|
||
Comment 1•11 years ago
|
||
Crash stack on debug build:
> Program received signal SIGSEGV, Segmentation fault.
> 0x411efd5e in mozilla::dom::bluetooth::SetJsObject (aContext=0x47194100, aValue=..., aObj=<value optimized out>) at dom/bluetooth/BluetoothUtils.cpp:28
> 28 MOZ_ASSERT(aContext && aObj);
> (gdb) bt
> #0 0x411efd5e in mozilla::dom::bluetooth::SetJsObject (aContext=0x47194100, aValue=..., aObj=<value optimized out>) at dom/bluetooth/BluetoothUtils.cpp:28
> #1 0x411ee1d8 in mozilla::dom::bluetooth::BluetoothAdapter::SetPropertyByValue (this=0x481ac080, aValue=...) at dom/bluetooth/BluetoothAdapter.cpp:240
> #2 0x411ee3be in BluetoothAdapter (this=0x481ac080, aWindow=<value optimized out>, aValue=...) at dom/bluetooth/BluetoothAdapter.cpp:162
> #3 0x411ee48c in mozilla::dom::bluetooth::BluetoothAdapter::Create (aWindow=0x404eea50, aValue=...) at dom/bluetooth/BluetoothAdapter.cpp:265
> #4 0x411eb092 in GetAdapterTask::ParseSuccessfulReply (this=0x4779e640, aValue=0xbefe8690) at dom/bluetooth/BluetoothManager.cpp:63
> #5 0x411ef486 in mozilla::dom::bluetooth::BluetoothReplyRunnable::Run (this=0x4779e640) at dom/bluetooth/BluetoothReplyRunnable.cpp:68
> #6 0x4189ad5e in nsThread::ProcessNextEvent (this=0x40404390, mayWait=<value optimized out>, result=0xbefe870f) at xpcom/threads/nsThread.cpp:627
> #7 0x41862614 in NS_ProcessNextEvent_P (thread=0x7c, mayWait=false) at /home/cervantes/git/b2g-device2/B2G/objdir-gecko-dbg/xpcom/build/nsThreadUtils.cpp:238
> #8 0x41629dfe in mozilla::ipc::MessagePump::Run (this=0x40402430, aDelegate=0x4042b0c0) at ipc/glue/MessagePump.cpp:82
> #9 0x418d04b2 in MessageLoop::RunInternal (this=0x4042b0c0) at ipc/chromium/src/base/message_loop.cc:215
> #10 0x418d0512 in MessageLoop::RunHandler (this=0x4042b0c0) at ipc/chromium/src/base/message_loop.cc:208
> #11 MessageLoop::Run (this=0x4042b0c0) at ipc/chromium/src/base/message_loop.cc:182
> #12 0x4156c7aa in nsBaseAppShell::Run (this=0x43726700) at widget/xpwidgets/nsBaseAppShell.cpp:163
> #13 0x41458f00 in nsAppStartup::Run (this=0x438a2d60) at toolkit/components/startup/nsAppStartup.cpp:288
> #14 0x40a4073e in XREMain::XRE_mainRun (this=0xbefe89a4) at toolkit/xre/nsAppRunner.cpp:3826
> #15 0x40a43340 in XREMain::XRE_main (this=0xbefe89a4, argc=<value optimized out>, argv=0xbefeaba4, aAppData=<value optimized out>) at toolkit/xre/nsAppRunner.cpp:3893
> #16 0x40a434f2 in XRE_main (argc=1, argv=0xbefeaba4, aAppData=0x21164, aFlags=<value optimized out>) at toolkit/xre/nsAppRunner.cpp:4096
> #17 0x00009a38 in do_main (argc=1, argv=0xbefeaba4) at b2g/app/nsBrowserApp.cpp:164
> #18 main (argc=1, argv=0xbefeaba4) at b2g/app/nsBrowserApp.cpp:249
> (gdb)
|
Assignee | |
Comment 2•11 years ago
|
||
Two problems here. First, assertion failed in function SetJsObject(). Second, when the second parameter of SetJsObject is an array of nsString, we will use nsTArrayToJsArray to convert the array into a JSObject and keep the result in the third parameter. However, we shouldn't pass the address of the parameter into function nsTArrayToJsArray, resulting in invalid memory address for nsTArrayToJsArray.
Attachment #710553 -
Flags: review?(echou)
|
||
Comment 3•11 years ago
|
||
Comment on attachment 710553 [details] [diff] [review] Patch 1(v1): Use nsTArrayToJsArray in SetPropertyByValue Review of attachment 710553 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/bluetooth/BluetoothUtils.cpp @@ +36,5 @@ > + > + for (uint32_t i = 0; i < arr.Length(); i++) { > + jsval val; > + const BluetoothValue& v = arr[i].value(); > + JSString* JsData; super-nit: please uncapitalize the first letter of the variable
Attachment #710553 -
Flags: review?(echou) → review+
|
|
Assignee | |
Comment 4•11 years ago
|
||
Attachment #710553 -
Attachment is obsolete: true
|
||
Comment 5•11 years ago
|
||
Try run for 155120ce0951 is complete.
Detailed breakdown of the results available here:
https://tbpl.mozilla.org/?tree=Try&rev=155120ce0951
Results (out of 19 total builds):
success: 17
warnings: 2
Builds (or logs if builds failed) available at:
http://ftp.mozilla.org/pub/mozilla.org/firefox/try-builds/gyeh@mozilla.com-155120ce0951|
|
||
Comment 6•11 years ago
|
||
Try run for 981e8c12d218 is complete.
Detailed breakdown of the results available here:
https://tbpl.mozilla.org/?tree=Try&rev=981e8c12d218
Results (out of 14 total builds):
success: 14
Builds (or logs if builds failed) available at:
http://ftp.mozilla.org/pub/mozilla.org/firefox/try-builds/gyeh@mozilla.com-981e8c12d218|
|
Assignee | |
Comment 7•11 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/02822f5df3c8
|
||
Comment 8•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/02822f5df3c8
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla21
You need to log in
before you can comment on or make changes to this bug.
Description
•