The BluetoothChooser interface states: "The EventHandler won't be called after the chooser object is destroyed."[1] On Android, BluetoothChooserAndroid achieves this by closing the chooser[2]. BluetoothChooserDesktop on the other hand does not respect the interface and calls the handler even after the chooser has been deleted causing a null pointer exception. [1] https://cs.chromium.org/chromium/src/content/public/browser/bluetooth_chooser.h?sq=package:chromium&dr=C&rcl=1468855046&l=45 [2] https://cs.chromium.org/chromium/src/chrome/browser/ui/android/bluetooth_chooser_android.cc?sq=package:chromium&dr=CSs&l=56
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b583bbc88c44a1b90192110b071486cd953067e9 commit b583bbc88c44a1b90192110b071486cd953067e9 Author: juncai <juncai@chromium.org> Date: Tue Aug 09 15:58:58 2016 Reset Bluetooth EventHandler when it is invalid When BluetoothChooser object is destroyed, its associated Bluetooth EventHandler becomes invalid too and should not be used any more. This CL resets the Bluetooth EventHandler when it becomes invalid so that it can't be used any more. BUG= 629298 Review-Url: https://codereview.chromium.org/2203103003 Cr-Commit-Position: refs/heads/master@{#410690} [add] https://crrev.com/b583bbc88c44a1b90192110b071486cd953067e9/chrome/browser/ui/bluetooth/DEPS [modify] https://crrev.com/b583bbc88c44a1b90192110b071486cd953067e9/chrome/browser/ui/bluetooth/bluetooth_chooser_controller.cc [modify] https://crrev.com/b583bbc88c44a1b90192110b071486cd953067e9/chrome/browser/ui/bluetooth/bluetooth_chooser_controller.h [modify] https://crrev.com/b583bbc88c44a1b90192110b071486cd953067e9/chrome/browser/ui/bluetooth/bluetooth_chooser_desktop.cc [modify] https://crrev.com/b583bbc88c44a1b90192110b071486cd953067e9/content/browser/bluetooth/bluetooth_metrics.h [modify] https://crrev.com/b583bbc88c44a1b90192110b071486cd953067e9/tools/metrics/histograms/histograms.xml
Comment 1 by juncai@chromium.org
, Aug 2 2016