New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 50567 link

Starred by 1 user

Issue metadata

Status: Verified
Owner:
Email to this user bounced
Closed: Jul 2010
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 1
Type: Bug
M-6

Restricted
  • Only users with EditIssue permission may comment.



Sign in to add a comment

Sync: Extensions manipulations crash

Reported by annapop@chromium.org, Jul 28 2010

Issue description

ENVIRONMENT
Google Chrome	6.0.472.11 (Official Build 53709) unknown
WebKit	534.3
V8	2.2.24.4
User Agent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.11 Safari/534.3
Command Line	... --user-data-dir=C:\datadirs\6.0.472.11_A5 --enable-log --log-level=0

REPRO STEPS
0. Clients A and B, both signed into sync with the same account;
1. On client A: Install an extension and check the 'Run in incognito' checkbox;
2. On client B: When the extension is synced, uncheck the 'Run in incognito' and click on 'Disable'.

ACTUAL RESULTS
Client A crashes.

EXPECTED RESULTS
Did not expect a crash.
 
Labels: Feature-Sync
Do you have a crash stack/ report?

Comment 3 by akalin@chromium.org, Jul 28 2010

Labels: -Pri-2 Pri-1
Status: Assigned
I've repro'ed this and am looking into it

Comment 4 by akalin@chromium.org, Jul 28 2010

stack:


[29817:29827:686095275140:FATAL:chrome/browser/net/chrome_url_request_context.cc(844)] Check failed: iter != extension_info_.end(). 
Backtrace:
        StackTrace::StackTrace() [0x1a50d02]
        logging::LogMessage::~LogMessage() [0x1a67fcf]
        ChromeURLRequestContext::OnUnloadedExtension() [0x121566c]
        ChromeURLRequestContextGetter::OnUnloadedExtension() [0x1214339]
        DispatchToMethod<>() [0x121dcac]
        RunnableMethod<>::Run() [0x121dad8]
        MessageLoop::RunTask() [0x1a6a9a9]
        MessageLoop::DeferOrRunPendingTask() [0x1a6aa8c]
        MessageLoop::DoWork() [0x1a6b080]
        base::MessagePumpLibevent::Run() [0x1acd5a7]
        MessageLoop::RunInternal() [0x1a6a174]
        MessageLoop::RunHandler() [0x1a6a020]
        MessageLoop::Run() [0x1a69fb1]
        base::Thread::Run() [0x1a9c6c0]
        base::Thread::ThreadMain() [0x1a9c81f]
        ThreadFunc() [0x1a7d7b7]
        start_thread [0x7f2ee8b9d9ca]
        0x7f2ee686d6fd

Comment 5 by akalin@chromium.org, Jul 28 2010

This is actually a DCHECK, but the iterator is immediately erased after that line, so that probably crashes on a release build, too

Comment 6 by akalin@chromium.org, Jul 28 2010

So it boils down to this: the sync code does DisableExtension() first, then SetIsIncognitoEnabled(false) second.  DisableExtension() calls NotifyExtensionUnloaded(), but SetIsIncognitoEnabled() calls NotifyExtensionUnloaded() and then NotifyExtensionLoaded() to refresh browser state, which assumes that the extension is already loaded (which is valid, given that the UI doesn't let you change incognito state for a disabled extension).

So basically, ChromeURLRequestContext needs to handle receiving notifications for disabled extensions.

Comment 7 by akalin@chromium.org, Jul 29 2010

Status: Fixed
fixed by 54100, merged as 54105

Comment 8 by bugdro...@gmail.com, Jul 29 2010

The following revision refers to this bug:
    http://src.chromium.org/viewvc/chrome?view=rev&revision=54100 

------------------------------------------------------------------------
r54100 | akalin@chromium.org | 2010-07-28 23:02:19 -0700 (Wed, 28 Jul 2010) | 9 lines
Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/net/chrome_url_request_context.cc?r1=54100&r2=54099

Fixed extension sync-related crash in ChromeUrlRequestContext

Made ChromeUrlRequestContext handle multiple extension unloaded
notifications gracefully.

BUG= 50567 
TEST=manual (see repro in bug)

Review URL: http://codereview.chromium.org/2819072
------------------------------------------------------------------------

Comment 9 by bugdro...@gmail.com, Jul 29 2010

The following revision refers to this bug:
    http://src.chromium.org/viewvc/chrome?view=rev&revision=54105 

------------------------------------------------------------------------
r54105 | akalin@chromium.org | 2010-07-29 00:57:45 -0700 (Thu, 29 Jul 2010) | 11 lines
Changed paths:
   M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/browser/net/chrome_url_request_context.cc?r1=54105&r2=54104

Merge 54100 - Fixed extension sync-related crash in ChromeUrlRequestContext

Made ChromeUrlRequestContext handle multiple extension unloaded
notifications gracefully.

BUG= 50567 
TEST=manual (see repro in bug)

Review URL: http://codereview.chromium.org/2819072

TBR=akalin@chromium.org
------------------------------------------------------------------------

Status: Verified
Verified fix, build 6.0.495.0.
Closing.
Project Member

Comment 11 by bugdroid1@chromium.org, Oct 12 2012

Labels: Restrict-AddIssueComment-Commit
This issue has been closed for some time. No one will pay attention to new comments.
If you are seeing this bug or have new data, please click New Issue to start a new bug.
Project Member

Comment 12 by bugdroid1@chromium.org, Mar 10 2013

Labels: -Area-UI -Mstone-6 -Feature-Sync M-6 Cr-Services-Sync Cr-UI
Project Member

Comment 13 by bugdroid1@chromium.org, Mar 13 2013

Labels: -Restrict-AddIssueComment-Commit Restrict-AddIssueComment-EditIssue
Labels: hasTestcase

Sign in to add a comment