Closed
Bug 845990
Opened 12 years ago
Closed 12 years ago
Crash while manually turning BT on/off
Categories
(Firefox OS Graveyard :: General, defect)
Tracking
(blocking-b2g:-)
RESOLVED
DUPLICATE
of bug 845148
blocking-b2g | - |
People
(Reporter: ggrisco, Unassigned)
References
Details
(Keywords: crash, Whiteboard: [BTG-1213][b2g-crash])
Crash Data
Attachments
(1 file)
91.66 KB,
text/plain
|
Details |
Issue seen once:
1. Manually turn bluetooth setting on then off repeatedly
minidump attached
Reporter | ||
Comment 1•12 years ago
|
||
Top of stack trace from attached minidump for convenience:
Crash reason: SIGSEGV
Crash address: 0x666a5240
Thread 38 (crashed)
0 libxul.so!SearchTable [pldhash.cpp : 394 + 0x0]
r4 = 0x43448b48 r5 = 0x8a816330 r6 = 0x666a5240 r7 = 0x00000000
r8 = 0x8a816330 r9 = 0x00000000 r10 = 0x487ffde0 fp = 0x487ffd8c
sp = 0x487ffcf8 lr = 0x4117acfd pc = 0x4117ac06
Found by: given as instruction pointer in context
1 libxul.so!PL_DHashTableOperate [pldhash.cpp : 587 + 0xb]
r4 = 0x43448b48 r5 = 0x8a816330 r6 = 0x487ffd8c r7 = 0x00000000
r8 = 0x00000000 r9 = 0x00000001 r10 = 0x487ffde0 fp = 0x457b633c
sp = 0x487ffd28 pc = 0x4117acfd
Found by: call frame info
2 libxul.so!nsBaseHashtable<nsCStringHashKey, mozilla::storage::Connection::FunctionInfo, mozilla::storage::Connection::FunctionInfo>::Get [nsTHashtable.h : 148 + 0x5]
r4 = 0x43448b20 r5 = 0x487ffd8c r6 = 0x43448b48 r7 = 0x00000001
r8 = 0x00000000 r9 = 0x00000001 r10 = 0x487ffde0 fp = 0x457b633c
sp = 0x487ffd40 pc = 0x40d6e965
Found by: call frame info
3 libxul.so!mozilla::storage::Connection::RemoveFunction [mozStorageConnection.cpp : 1345 + 0x7]
r4 = 0x43448b20 r5 = 0x487ffd8c r6 = 0x43448b48 r7 = 0x00000001
r8 = 0x00000000 r9 = 0x00000001 r10 = 0x487ffde0 fp = 0x457b633c
sp = 0x487ffd48 pc = 0x40fbece1
Found by: call frame info
4 libxul.so!mozilla::dom::indexedDB::CommitHelper::Run [IDBTransaction.cpp : 948 + 0x1]
r4 = 0x4472b230 r5 = 0x487ffd8c r6 = 0x404cf058 r7 = 0x00000001
r8 = 0x00000000 r9 = 0x00000001 r10 = 0x487ffde0 fp = 0x457b633c
sp = 0x487ffd88 pc = 0x40d80cf5
Found by: call frame info
5 libxul.so!mozilla::dom::indexedDB::TransactionThreadPool::TransactionQueue::Run [TransactionThreadPool.cpp : 639 + 0x5]
r4 = 0x404cf040 r5 = 0x487ffdd4 r6 = 0x404cf058 r7 = 0x00000001
r8 = 0x00000000 r9 = 0x00000001 r10 = 0x487ffde0 fp = 0x457b633c
sp = 0x487ffdd0 pc = 0x40d8995d
Found by: call frame info
6 libxul.so!nsThreadPool::Run [nsThreadPool.cpp : 187 + 0x5]
r4 = 0x457b6330 r5 = 0x00000000 r6 = 0x00000000 r7 = 0x00000000
r8 = 0x487ffe3c r9 = 0x00169db5 r10 = 0x457b6340 fp = 0x457b633c
sp = 0x487ffe30 pc = 0x4119af83
Found by: call frame info
7 libxul.so!nsThread::ProcessNextEvent [nsThread.cpp : 620 + 0x5]
r4 = 0x44496880 r5 = 0x00000000 r6 = 0x00000001 r7 = 0x00000000
r8 = 0x487ffeb7 r9 = 0x444968ac r10 = 0x00100000 fp = 0x00000001
sp = 0x487ffe70 pc = 0x41199d9b
Found by: call frame info
8 libxul.so!NS_ProcessNextEvent_P [nsThreadUtils.cpp : 237 + 0xb]
r4 = 0x00000001 r5 = 0x487ffec4 r6 = 0x00000000 r7 = 0x444968ac
r8 = 0x4035e951 r9 = 0x4508beb0 r10 = 0x00100000 fp = 0x00000001
sp = 0x487ffeb0 pc = 0x4117a1bf
Found by: call frame info
9 libxul.so!nsThread::ThreadFunc [nsThread.cpp : 258 + 0x7]
r4 = 0x44496880 r5 = 0x487ffec4 r6 = 0x00000000 r7 = 0x444968ac
r8 = 0x4035e951 r9 = 0x4508beb0 r10 = 0x00100000 fp = 0x00000001
sp = 0x487ffec0 pc = 0x4119a1e5
Found by: call frame info
10 libnspr4.so!_pt_root [ptthread.c : 156 + 0x5]
r4 = 0x4508beb0 r5 = 0x40366bf4 r6 = 0x00000000 r7 = 0x00000078
r8 = 0x4035e951 r9 = 0x4508beb0 r10 = 0x00100000 fp = 0x00000001
sp = 0x487ffee0 pc = 0x4035e9b1
Found by: call frame info
11 libc.so!__thread_entry [pthread.c : 217 + 0x6]
r4 = 0x487fff00 r5 = 0x4035e951 r6 = 0x4508beb0 r7 = 0x00000078
r8 = 0x4035e951 r9 = 0x4508beb0 r10 = 0x00100000 fp = 0x00000001
sp = 0x487ffef0 pc = 0x4007e114
Found by: call frame info
12 libc.so!pthread_create [pthread.c : 357 + 0xe]
r4 = 0x487fff00 r5 = 0x007a4d40 r6 = 0xbeea6ebc r7 = 0x00000078
r8 = 0x4035e951 r9 = 0x4508beb0 r10 = 0x00100000 fp = 0x00000001
sp = 0x487fff00 pc = 0x4007dc68
Found by: call frame info
Thread 0
0 libc.so + 0xe430
r4 = 0xbeea76a8 r5 = 0x404ecbe0 r6 = 0xbeea76a8 r7 = 0x000000fc
r8 = 0x00000014 r9 = 0x00000000 r10 = 0x00000001 fp = 0x00000000
sp = 0xbeea7680 lr = 0x411b5e93 pc = 0x40079430
Found by: given as instruction pointer in context
1 libxul.so!nsAppShell::ProcessNextNativeEvent [nsAppShell.cpp : 717 + 0x5]
sp = 0xbeea76a8 pc = 0x40ffda61
Found by: stack scanning
2 libxul.so!nsBaseAppShell::DoProcessNextNativeEvent [nsBaseAppShell.cpp : 139 + 0x5]
r4 = 0x404ecbe0 r5 = 0x40407be0 r6 = 0x00000000 r7 = 0x00000000
r8 = 0x00000014 sp = 0xbeea77c8 pc = 0x4101a72b
Found by: call frame info
3 libxul.so!nsBaseAppShell::OnProcessNextEvent [nsBaseAppShell.cpp : 298 + 0x5]
r4 = 0x404ecbe0 r5 = 0x40407be0 r6 = 0x0016a735 r7 = 0x00000000
r8 = 0x00000014 sp = 0xbeea77e0 pc = 0x4101a809
Found by: call frame info
4 libxul.so!nsThread::ProcessNextEvent [nsThread.cpp : 593 + 0x5]
r4 = 0x40407be0 r5 = 0x00000001 r6 = 0x4101a74d r7 = 0x00000001
r8 = 0xbeea784f r9 = 0x40429000 r10 = 0x00000000 sp = 0xbeea7808
pc = 0x41199ce3
Found by: call frame info
5 libxul.so!NS_ProcessNextEvent_P [nsThreadUtils.cpp : 237 + 0xb]
r4 = 0x00000001 r5 = 0x404ee0c0 r6 = 0x404024d0 r7 = 0x00000000
r8 = 0x00000000 r9 = 0x40429000 r10 = 0x00000000 sp = 0xbeea7848
pc = 0x4117a1bf
Found by: call frame info
6 libxul.so!mozilla::ipc::MessagePump::Run [MessagePump.cpp : 117 + 0x7]
r4 = 0x404024c0 r5 = 0x404ee0c0 r6 = 0x404024d0 r7 = 0x00000000
r8 = 0x00000000 r9 = 0x40429000 r10 = 0x00000000 sp = 0xbeea7858
pc = 0x41093d2f
Found by: call frame info
Reporter | ||
Updated•12 years ago
|
blocking-b2g: --- → tef?
Whiteboard: [BTG-1213][b2g-crash]
This could be related to bug 845148.
Updated•12 years ago
|
Comment 3•12 years ago
|
||
Gregor and I debugged a crash exactly like this. PLDHashTable::hashShift is within 1 word of offset 48 in Connection. I'm pretty convinced the patch in bug 845148 will fix this.
Depends on: 845148
Updated•12 years ago
|
Status: NEW → RESOLVED
blocking-b2g: tef? → -
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•