Project: chromium Issues People Development process History Sign in
New issue
Advanced search Search tips
Issue 231095 Chrome crash in GetAvailableLocales on ChromeOS
Starred by 1 user Project Member Reported by vapier@chromium.org, Apr 14 2013 Back to list
Status: Duplicate
Owner: js...@chromium.org
Closed: Apr 2013
Cc: mtomasz@chromium.org, mpcomplete@chromium.org, h...@chromium.org, js...@chromium.org, groby@chromium.org, pneubeck@chromium.org, yoz@chromium.org, sschmitz@chromium.org
Components:
OS: Chrome
Pri: 0
Type: Bug


Sign in to add a comment
Version: 
OS: ChromeOS

snippet below.  full log attached.

Operating system: Linux
                  0.0.0 Linux 3.4.0 #1 SMP Sat Apr 13 10:48:30 PDT 2013 i686
CPU: x86
     AuthenticAMD family 6 model 2 stepping 3
     4 CPUs

Crash reason:  SIGSEGV
Crash address: 0x0

Thread 0 (crashed)
 0  libstdc++.so.6.0.17 + 0xb8e34
    eip = 0x716aae34   esp = 0x6c423830   ebp = 0x6c423868   ebx = 0x716daf9c
    esi = 0xfffc6f2d   edi = 0x79a09e84   eax = 0xfffc6f21   ecx = 0x79cbcad0
    edx = 0x79a09e84   efl = 0x00010286
    Found by: given as instruction pointer in context
 1  chrome!std::vector<std::string, std::allocator<std::string> >::_M_insert_aux(__gnu_cxx::__normal_iterator<std::string*, std::vector<std::string, std::allocator<std::string> > >, std::string const&) [stl_construct.h : 85 + 0xb]
    eip = 0x75504768   esp = 0x6c423870   ebp = 0x6c4238c8
    Found by: previous frame's frame pointer
 2  chrome!l10n_util::GetAvailableLocales() [stl_vector.h : 989 + 0x12]
    eip = 0x7576916c   esp = 0x6c4238d0   ebp = 0x6c423938   ebx = 0x779f0a0c
    esi = 0x79cbcad0   edi = 0x777eb000
    Found by: call frame info
 3  chrome!extension_l10n_util::GetAllLocales(std::set<std::string, std::less<std::string>, std::allocator<std::string> >*) [extension_l10n_util.cc : 263 + 0x4]
    eip = 0x75768c9b   esp = 0x6c423940   ebp = 0x6c4239a8   ebx = 0x779f0a0c
    esi = 0x6c423aec   edi = 0x6c423a24
    Found by: call frame info
 4  chrome!extension_l10n_util::GetValidLocales(base::FilePath const&, std::set<std::string, std::less<std::string>, std::allocator<std::string> >*, std::string*) [extension_l10n_util.cc : 286 + 0x4]
    eip = 0x74c335b3   esp = 0x6c4239b0   ebp = 0x6c423a88   ebx = 0x779f0a0c
    esi = 0x6c423aec   edi = 0x6c423a24
    Found by: call frame info
 5  chrome!extension_file_util::LoadMessageBundle(base::FilePath const&, std::string const&, std::string*) [extension_file_util.cc : 370 + 0x4]
    eip = 0x74c30e95   esp = 0x6c423a90   ebp = 0x6c423b28   ebx = 0x779f0a0c
    esi = 0x6c423ba4   edi = 0x6c423af8
    Found by: call frame info
 6  chrome!extension_file_util::LoadMessageBundleSubstitutionMap(base::FilePath const&, std::string const&, std::string const&) [extension_file_util.cc : 400 + 0x7]
    eip = 0x74c31561   esp = 0x6c423b30   ebp = 0x6c423bc8   ebx = 0x779f0a0c
    esi = 0x79cc4698   edi = 0x79cc4694
    Found by: call frame info
 7  chrome!extensions::UserScriptMaster::ScriptReloader::GetLocalizationMessages(std::string) [user_script_master.cc : 250 + 0x1b]
    eip = 0x75768b4c   esp = 0x6c423bd0   ebp = 0x6c423c48   ebx = 0x779f0a0c
    esi = 0x00000020   edi = 0x00000000
    Found by: call frame info
 
chrome.20130413.122027.26684.dmp.txt
108 KB View Download
Comment 1 by mukai@chromium.org, Apr 18 2013
This crash is still happening.
Comment 2 by vapier@chromium.org, Apr 18 2013
Labels: Cr-UI-Internationalization
Comment 3 by vapier@chromium.org, Apr 18 2013
Cc: pneubeck@chromium.org mtomasz@chromium.org groby@chromium.org yoz@chromium.org
let's add a few random people to CC and see if they can find a good owner
Comment 4 by spang@chromium.org, Apr 26 2013
Labels: -Pri-2 Pri-1 Hotlist-TreeCloser
Ping! Failed VMTest

http://chromegw/i/chromeos/builders/lumpy%20canary/builds/2524

Comment 5 by rcui@chromium.org, Apr 26 2013
Labels: -Pri-1 Pri-0
Owner: sschmitz@chromium.org
Two in a row - http://chromegw.corp.google.com/i/chromeos/builders/lumpy%20canary/builds/2525.  Can we get an owner for this?
Cc: mpcomplete@chromium.org
+ mpcomplete
Any ideas who might be good to look at this?
Comment 7 by miket@chromium.org, Apr 26 2013
Cc: sschmitz@chromium.org
Owner: cira@chromium.org
Status: Assigned
Hi Nebojša, this issue is threatening to hold up the next canary. Would you please have a look?
Comment 8 by cira@chromium.org, Apr 26 2013
Cc: js...@chromium.org
Jungshik, was there a recent change wrt. locales in l10n_util?
Comment 9 by js...@chromium.org, Apr 26 2013
The code in question appears rather benign and hasn't been changed for a while.

What led to this crash is push_back() a string to a stl vector. If what's pushed back (obtained from uloc_getAvailable(i) and copied to std::string) is somehow invalid, I wonder why it didn't fail in | std::replace(locale_name.begin(), locale_name.end(), '_', '-');| that's before |push_back|.

hshi made a change very remotely related, but his change got landed on April 16 (3 days after the initial report). 

 
Comment 10 by js...@chromium.org, Apr 26 2013
Could this be reproduced somewhere? What extension is being loaded when this happens? 

Comment 11 by js...@chromium.org, Apr 26 2013
Cc: h...@chromium.org
Comment 12 by cira@chromium.org, Apr 26 2013
Owner: ----
Status: Available
It's ok to call ICU from renderer process (extension code) so we shouldn't have issues from that side.

The only point where GetAvailableLocales could fail (the function is fairly simple) is junk being returned (and later used) by uloc_getAvailableLocales. Is there anything special in ChromeOS wrt. how it loads ICU and its data?
Comment 14 by h...@chromium.org, Apr 29 2013
Owner: js...@chromium.org
jshin@ - I don't see any related CL under l10n_util immediately before 4/12/2013.

However I do see an ICU roll on 4/9/2013 (r193140). Can you check if it is related? Thanks.
Comment 15 by js...@chromium.org, Apr 29 2013
Mergedinto: 233241
Status: Duplicate
As I suspected briefly (not noted here), it's due to a race condition in GetAvailableLocale (which is not thread safe, but called from both UI thread and File thread). See bug 233241. nona@ began to work on it. (he already landed a work-around and will make GetAvailableLocale thread-safe). 

Sign in to add a comment