New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 598253 link

Starred by 1 user
Status: Fixed
Owner:
treib@chromium.org
Closed: Mar 2016
Cc:
ajha@chromium.org
kavvaru@chromium.org
brajkumar@chromium.org
durga.behera@chromium.org
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 1
Type: Bug-Regression



Sign in to add a comment

[Regression]: Browser crash is seen on navigating to chrome://suggestions in guest mode

Project Member Reported by sc00335...@techmahindra.com, Mar 28 2016 
Version: 51.0.2692.0 dev
OS: Ubuntu 12.04,14.04,windows

What steps will reproduce the problem?
(1) Launch chrome and browse as Guest >> Navigate to chrome://suggestions and wait

Expected: No crash should be seen on navigating to chrome://suggestions
Actual: Instead Browser crashes on navigating

This is a regression issue broken in M51. Will provide bisect info soon.

Crash Ids:  cff08fb800000000 , 8b5e80e400000000

Comment 1 by ajha@chromium.org, Mar 28 2016

Labels: ReleaseBlock-Beta OS-Mac
Status: Untriaged (was: Unconfirmed)
This is reproducible on the latest canary(51.0.2692.0) on Mac OS 10.11.3 as well. Crash id: 6304900c00000000.

@Sindhu: Please update the bisect here.

Stack trace of 6304900c00000000:
================================
Thread 0 CRASHED [EXC_BAD_ACCESS / KERN_INVALID_ADDRESS @ 0x00000050 ] MAGIC SIGNATURE THREAD
0x000000010784b5c2	(Google Chrome Framework -memory:2729 )	<name omitted>
0x00000001033acc3f	(Google Chrome Framework -suggestions_source.cc:124 )	suggestions::SuggestionsSource::StartDataRequest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, int, base::Callback<void (scoped_refptr<base::RefCountedMemory>), (base::internal::CopyMode)1> const&)
0x0000000106dbbd6b	(Google Chrome Framework -url_data_manager_backend.cc:723 )	content::URLDataManagerBackend::CallStartRequest(scoped_refptr<content::URLDataSourceImpl>, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, int, int)
0x0000000106dbcdb4	(Google Chrome Framework -bind_internal.h:159 )	base::internal::Invoker<base::IndexSequence<0ul, 1ul, 2ul, 3ul, 4ul>, base::internal::BindState<base::internal::RunnableAdapter<void (*)(scoped_refptr<content::URLDataSourceImpl>, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, int, int)>, void (scoped_refptr<content::URLDataSourceImpl>, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, int, int), base::internal::RetainedRefWrapper<content::URLDataSourceImpl>, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&, int&, int&, int&>, base::internal::InvokeHelper<false, void, base::internal::RunnableAdapter<void (*)(scoped_refptr<content::URLDataSourceImpl>, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int, int, int)> >, void ()>::Run(base::internal::BindStateBase*)
0x00000001037cd23a	(Google Chrome Framework -callback.h:397 )	base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&)
0x00000001037ef652	(Google Chrome Framework -message_loop.cc:476 )	base::MessageLoop::RunTask(base::PendingTask const&)
0x00000001037ef92b	(Google Chrome Framework -message_loop.cc:485 )	base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&)
0x00000001037efb1a	(Google Chrome Framework -message_loop.cc:597 )	base::MessageLoop::DoWork()
0x00000001037c2710	(Google Chrome Framework -message_pump_mac.mm:330 )	base::MessagePumpCFRunLoopBase::RunWork()
0x00000001037e4fb9	(Google Chrome Framework + 0x00565fb9 )	base::mac::CallWithEHFrame(void () block_pointer)
0x00000001037c2113	(Google Chrome Framework -message_pump_mac.mm:306 )	base::MessagePumpCFRunLoopBase::RunWorkSource(void*)
0x00007fff90f475c0	(CoreFoundation + 0x0007e5c0 )	__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__
0x00007fff90f3941b	(CoreFoundation + 0x0007041b )	__CFRunLoopDoSources0
0x00007fff90f3893e	(CoreFoundation + 0x0006f93e )	__CFRunLoopRun
0x00007fff90f38337	(CoreFoundation + 0x0006f337 )	CFRunLoopRunSpecific
0x00007fff9252b934	(HIToolbox + 0x00030934 )	RunCurrentEventLoopInMode
0x00007fff9252b76e	(HIToolbox + 0x0003076e )	ReceiveNextEventCommon
0x00007fff9252b5ae	(HIToolbox + 0x000305ae )	_BlockUntilNextEventMatchingListInModeWithFilter
0x00007fff8faf00ed	(AppKit + 0x0008a0ed )	_DPSNextEvent
0x00007fff8febc942	(AppKit + 0x00456942 )	-[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:]
0x00007fff8fae5fc7	(AppKit + 0x0007ffc7 )	-[NSApplication run]
0x00000001037c2f25	(Google Chrome Framework -message_pump_mac.mm:665 )	base::MessagePumpNSApplication::DoRun(base::MessagePump::Delegate*)
0x00000001037c2563	(Google Chrome Framework -message_pump_mac.mm:238 )	base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*)
0x00000001038057f2	(Google Chrome Framework -run_loop.cc:35 )	base::RunLoop::Run()
0x0000000103316917	(Google Chrome Framework -chrome_browser_main.cc:1857 )	ChromeBrowserMainParts::MainMessageLoopRun(int*)
0x0000000106ac4766	(Google Chrome Framework -browser_main_loop.cc:944 )	content::BrowserMainLoop::RunMainMessageLoopParts()
0x0000000106ac6d31	(Google Chrome Framework -browser_main_runner.cc:150 )	content::BrowserMainRunnerImpl::Run()
0x0000000106ac04dc	(Google Chrome Framework -browser_main.cc:44 )	content::BrowserMain(content::MainFunctionParams const&)
0x0000000103784993	(Google Chrome Framework -content_main_runner.cc:754 )	content::ContentMainRunnerImpl::Run()
0x0000000103783f05	(Google Chrome Framework -content_main.cc:19 )	content::ContentMain(content::ContentMainParams const&)
0x0000000103282491	(Google Chrome Framework -chrome_main.cc:84 )	ChromeMain
0x0000000103018d41	(Google Chrome Canary -chrome_exe_main_mac.c:87 )	main
0x0000000103018b23	(Google Chrome Canary + 0x00000b23 )	start
Project Member

Comment 2 by sheriffbot@chromium.org, Mar 28 2016

Labels: Fracas
Users experienced this crash on the following builds:

Mac Canary 51.0.2692.0 - 2 reports, 2 clients (signature suggestions::SuggestionsSource::StartDataRequest)

If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates.

- Go/Fracas

Comment 3 by sc00335...@techmahindra.com, Mar 28 2016

Labels: -Needs-Bisect hasbisect
Owner: treib@chromium.org
Status: Assigned (was: Untriaged)
Good Build: 51.0.2674.0 dev
Bad Build: 51.0.2675.0 dev

CHANGELOG URL:
 https://chromium.googlesource.com/chromium/src/+log/801186267c23a3e727f2aac27712bf7d3a620370..1bd05dea011e4b63d2cbca323c414d3f29507b57

Suspecting  https://codereview.chromium.org/1770843002 from changelog

@treib: Please help in re-assigning if it is not related to your change.

Comment 4 by treib@chromium.org, Mar 29 2016

Status: Started (was: Assigned)
Yup, this is probably mine. Looking.
Project Member

Comment 5 by bugdroid1@chromium.org, Mar 29 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1992d036cbc12e6e0131fafd7a5e7d62d5105098

commit 1992d036cbc12e6e0131fafd7a5e7d62d5105098
Author: treib <treib@chromium.org>
Date: Tue Mar 29 13:02:00 2016

Handle null SuggestionsService in chrome://suggestions

SuggestionsService can be null in guest profiles, so we return the fallback value in that case.

BUG= 598253 

Review URL: https://codereview.chromium.org/1842733002

Cr-Commit-Position: refs/heads/master@{#383707}

[modify] https://crrev.com/1992d036cbc12e6e0131fafd7a5e7d62d5105098/chrome/browser/search/suggestions/suggestions_source.cc

Comment 6 by treib@chromium.org, Mar 29 2016

Status: Fixed (was: Started)

Sign in to add a comment