New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 615847 link

Starred by 8 users
Status: Fixed
Owner:
dbeam@chromium.org
Closed: Jun 2016
Cc:
ajha@chromium.org
kavvaru@chromium.org
nyerramilli@chromium.org
groby@chromium.org
brajkumar@chromium.org
dbeam@chromium.org
creis@chromium.org
tkonch...@chromium.org
durga.behera@chromium.org
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 2
Type: Bug-Regression



Sign in to add a comment

Regression : Browser Crash is seen on hitting Enter button while adding source map

Project Member Reported by mm00333...@techmahindra.com, May 30 2016 
Version: 53.0.2751.0
OS: Ubuntu 14.04,Windows

What steps will reproduce the problem?
(1)Launch chrome -> Go to chrome://settings page
(2)Now Press F12 to open Dev tools -> Go to "Sources" tab and click "Ctrl _P" to open files  -> select ".js" file
(3)Now right click to open context menu -> Select "Add source map" option ->Enter text and hit on "Enter" button from keyboard

Expected: Source map should get added
Actual: Instead Browser Crash is seen 

This is Regression Issue broken in M-53
will provide bisect info soon

Below are the Crash IDs: 
Crash ID dc90a25c00000000 (Chrome)
Actual_sourcemap crash.ogv
2.0 MB Download

Comment 1 by brajkumar@chromium.org, May 30 2016

Labels: -Needs-Bisect ReleaseBlock-Beta
Owner: creis@chromium.org
Status: Assigned (was: Unconfirmed)
Stack Trace:
=============
Thread 17 CRASHED [SIGABRT @ 0x000003e800007df3 ] MAGIC SIGNATURE THREAD
0x00007fa9d5b08cc9	(libc-2.19.so -raise.c:56 )	raise
0x00007fa9d5b0c0d7	(libc-2.19.so -abort.c:89 )	abort
0x00007fa9d610d534	(libstdc++.so.6.0.19 + 0x00060534 )	
0x00007fa9d611f8af	(libstdc++.so.6.0.19 + 0x000728af )	
0x00007fa9d610b6d5	(libstdc++.so.6.0.19 + 0x0005e6d5 )	
0x00007fa9d5ea7b1f	(libgcc_s.so.1 + 0x00010b1f )	
0x00007fa9d610b702	(libstdc++.so.6.0.19 + 0x0005e702 )	
0x00007fa9d610b921	(libstdc++.so.6.0.19 + 0x0005e921 )	
0x00007fa9d615d446	(libstdc++.so.6.0.19 + 0x000b0446 )	
0x00007fa9e0c58519	(chrome -./out/Release/../../build/linux/debian_wheezy_amd64-sysroot/usr/lib/gcc/x86_64-linux-gnu/4.6/../../../../include/c++/4.6/bits/basic_string.h:244 )	<name omitted>
0x00007fa9e0c57176	(chrome -./out/Release/../../base/files/file_path.cc:180 )	<name omitted>
0x00007fa9de36b21b	(chrome -./out/Release/../../build/linux/debian_wheezy_amd64-sysroot/usr/lib/gcc/x86_64-linux-gnu/4.6/../../../../include/c++/4.6/bits/basic_string.h:319 )	content::SharedResourcesDataSource::GetMimeType
0x00007fa9e17de44a	(chrome + 0x0573544a )	_fini
0x00007fa9d61689bd	(libstdc++.so.6.0.19 + 0x000bb9bd )	
0x00007fa9e17de44a	(chrome + 0x0573544a )	_fini
0x00007fa9e1a7fb8a	(chrome + 0x059d6b8a )	_fini
0x00007fa9de36c9e6	(chrome -./out/Release/../../content/browser/webui/url_data_manager_backend.cc:614 )	<name omitted>
0x00007fa9dcfac18c	(chrome -./out/Release/../../third_party/tcmalloc/chromium/src/thread_cache.h:201 )	do_free_with_callback
0x00007fa9ddcd9823	(chrome -./out/Release/../../build/linux/debian_wheezy_amd64-sysroot/usr/lib/gcc/x86_64-linux-gnu/4.6/../../../../include/c++/4.6/bits/stl_tree.h:639 )	<name omitted>
0x00007fa9e19b98cd	(chrome + 0x059108cd )	_fini
0x00007fa9e17fdad5	(chrome + 0x05754ad5 )	_fini
0x00007fa9de36c49f	(chrome + 0x022c349f )	
0x00007fa9de36c4be	(chrome -./out/Release/../../content/browser/webui/url_data_manager_backend.cc:381 )	<name omitted>
0x00007fa9dcb94e2b	(chrome -./out/Release/../../base/bind_internal.h:186 )	base::internal::Invoker<base::IndexSequence<0>, base::internal::BindState<base::internal::RunnableAdapter<bool (HotwordService::*)()>, void (HotwordService *), base::WeakPtr<HotwordService> >, base::internal::InvokeHelper<true, void, base::internal::RunnableAdapter<bool (HotwordService::*)()> >, void ()>::Run
0x00007fa9e19b98cd	(chrome + 0x059108cd )	_fini
0x00007fa9e0c545a5	(chrome -./out/Release/../../base/callback.h:397 )	<name omitted>
0x00007fa9de36bc7d	(chrome -./out/Release/../../content/browser/webui/url_data_manager_backend.cc:263 )	<name omitted>
0x00007fa9e17fdad5	(chrome + 0x05754ad5 )	_fini
0x00007fa9e0c69e5a	(chrome -./out/Release/../../base/message_loop/message_loop.cc:475 )	<name omitted>
0x00007fa9e0c69a2b	(chrome -./out/Release/../../base/message_loop/message_loop.cc:626 )	<name omitted>
0x00007fa9e0c6bd52	(chrome -./out/Release/../../base/message_loop/message_pump_libevent.cc:95 )	<name omitted>
0x00007fa9de10c30f	(chrome + 0x0206330f )	
0x00007fa9e17e77c5	(chrome + 0x0573e7c5 )	_fini
0x00007fa9e0c6a147	(chrome -./out/Release/../../base/message_loop/message_loop.cc:484 )	<name omitted>
0x00007fa9e0c6992a	(chrome -./out/Release/../../base/message_loop/message_loop.cc:601 )	<name omitted>
0x00007fa9dcb94dbf	(chrome + 0x00aebdbf )	
0x00007fa9e170e17c	(chrome + 0x0566517c )	_fini
0x00007fa9e17fdad5	(chrome + 0x05754ad5 )	_fini
0x00007fa9de36bc7d	(chrome -./out/Release/../../content/browser/webui/url_data_manager_backend.cc:263 )	<name omitted>
0x00007fa9e0c6bb07	(chrome -./out/Release/../../base/message_loop/message_pump_libevent.cc:217 )	<name omitted>
0x00007fa9e0c83d7d	(chrome -./out/Release/../../base/run_loop.cc:35 )	<name omitted>
0x00007fa9e0c6a939	(chrome -./out/Release/../../base/message_loop/message_loop.cc:294 )	<name omitted>
0x00007fa9de0ae35d	(chrome -./out/Release/../../content/browser/browser_thread_impl.cc:215 )	<name omitted>
0x00007fa9de0ae0e5	(chrome -./out/Release/../../content/browser/browser_thread_impl.cc:251 )	<name omitted>
0x00007fa9e0ca04c6	(chrome -./out/Release/../../base/threading/thread.cc:254 )	<name omitted>
0x00007fa9e0c9d3f2	(chrome -./out/Release/../../base/threading/platform_thread_posix.cc:70 )	ThreadFunc
0x00007fa9d89e0181	(libpthread-2.19.so + 0x00008181 )	

Used code search for the file "url_data_manager_backend.cc" and suspecting the below change
Review URL: https://codereview.chromium.org/2007223003

creis@: Observed some recent changes on this file from your end. Could you please check if this is caused with respect to your change, if not please help us in reassign the issue to the right owner. Adding ReleaseBlock-Beta label, Please feel free to edit or remove if it's required.

Thanks!
Project Member

Comment 2 by sheriffbot@chromium.org, May 30 2016

Labels: Fracas OS-Mac
Users experienced this crash on the following builds:

Mac Canary 53.0.2751.0 -  0.13 CPM, 1 reports, 1 clients (signature content::SharedResourcesDataSource::GetMimeType)

If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates.

- Go/Fracas

Comment 3 by creis@chromium.org, May 31 2016

Cc: creis@chromium.org
Owner: dbeam@chromium.org
Couldn't be my CL, since these crashes predate it.  Here's a Windows one from 52.0.2739.0, for example: a761c36a00000000.  (The Windows crashes also have the advantage that the call stack is more legible, and you can open them in a debugger.)

@dbeam, can you take a look?  The crash is happening on a line you added in r390843.

That's also consistent with the first crash of this type apparently being in 52.0.2729.3, which was cut from 392278.  (There were some earlier crashes in M50 and before with the same magic signature, but they have a different stack so I'm guessing they're unrelated.)

Comment 4 by dbeam@chromium.org, May 31 2016

Labels: -Pri-1 -ReleaseBlock-Beta -M-53 Pri-3
adding a source map to the settings page is not P1

Comment 5 by dbeam@chromium.org, May 31 2016

Cc: groby@chromium.org
Status: Started (was: Assigned)
so, the only issue worth fixing from this report is that we attempt to access std::string().substr(1) which throws (in some configurations, but may not in others).

instead: I'll just make the code crash earlier!

generally: don't expect to throw random things into chrome:// URLs without issue.

Comment 6 by creis@chromium.org, May 31 2016

Labels: -Pri-3 Pri-2
That's not a reason to crash the browser process.  Can we detect this case and ignore it instead?

Comment 7 by dbeam@chromium.org, May 31 2016 

yep, doing that here: https://codereview.chromium.org/2020393002/

Comment 8 by groby@chromium.org, May 31 2016 

Apologies for suggesting the CHECK statement in the first place. (I misunderstood and thought GetMimeType is only invoked on *existing* resources)
Project Member

Comment 9 by bugdroid1@chromium.org, Jun 1 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e3081ca02d004b57750869a2425fc8bf6c19e1e4

commit e3081ca02d004b57750869a2425fc8bf6c19e1e4
Author: dbeam <dbeam@chromium.org>
Date: Wed Jun 01 02:28:05 2016

WebUI: only crash Chrome for invalid chrome:// URLs in debug

R=groby@chromium.org
BUG= 615847 

Review-Url: https://codereview.chromium.org/2020393002
Cr-Commit-Position: refs/heads/master@{#397027}

[modify] https://crrev.com/e3081ca02d004b57750869a2425fc8bf6c19e1e4/content/browser/webui/shared_resources_data_source.cc
Project Member

Comment 10 by sheriffbot@chromium.org, Jun 1 2016

Labels: M-52
Users experienced this crash on the following builds:

Mac Canary 53.0.2753.0 -  0.61 CPM, 2 reports, 2 clients (signature content::SharedResourcesDataSource::GetMimeType)
Linux Dev 52.0.2743.19 -  15.21 CPM, 1 reports, 1 clients (signature content::SharedResourcesDataSource::GetMimeType)

If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates.

- Go/Fracas

Comment 11 by dbeam@chromium.org, Jun 1 2016

Status: Fixed (was: Started)

Comment 12 by dbeam@chromium.org, Jun 3 2016

Cc: nyerramilli@chromium.org tkonch...@chromium.org dbeam@chromium.org
 Issue 616689  has been merged into this issue.

Comment 13 by ajha@chromium.org, Aug 9 2016 

 Issue 635524  has been merged into this issue.

Comment 14 by dbeam@chromium.org, Sep 2 2016 

Issue 643413 has been merged into this issue.

Sign in to add a comment