Issue 652324 link

Starred by 2 users

Issue metadata

Status:	Fixed
Owner:	scottmg@chromium.org
Closed:	Oct 2016
Cc:	jam@chromium.org █ roc...@chromium.org dpranke@chromium.org
Components:	UI>Browser>Navigation
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	1
Type:	Bug

browser_side_navigation_browser_tests has flakey tests

Project Member Reported by wjmaclean@chromium.org, Oct 3 2016

Issue description

browser_side_navigation_browser_tests, which seem to have been turned on here:

https://codereview.chromium.org/2380893002

seem to have a lot of flake. E.g.

https://uberchromegw.corp.google.com/i/chromium.linux/builders/Linux%20Tests%20%28dbg%29%281%29/builds/57645

A lot of stack traces similar to:

BrowserTestBase received signal: Segmentation fault. Backtrace:
#0 0x7f6471747d2e base::debug::StackTrace::StackTrace()
#1 0x000003ea6147 content::(anonymous namespace)::DumpStackTraceSignalHandler()
#2 0x7f645aa500b0 <unknown>
#3 0x000005381886 shell::InterfaceRegistry::CanBindRequestForInterface()
#4 0x000005380da3 shell::InterfaceRegistry::SetInterfaceBinderForName()
#5 0x000001d88b7b shell::InterfaceRegistry::AddInterface<>()
#6 0x000001d88793 extensions::RegisterServicesForFrame()
#7 0x000004ec2731 extensions::ChromeExtensionsBrowserClient::RegisterMojoServices()
#8 0x00000198e734 extensions::ExtensionWebContentsObserver::InitializeRenderFrame()
#9 0x000004ec1597 extensions::ChromeExtensionWebContentsObserver::InitializeRenderFrame()
#10 0x00000198ed62 extensions::ExtensionWebContentsObserver::RenderFrameCreated()
#11 0x7f646a6ff7a8 content::WebContentsImpl::RenderFrameCreated()
#12 0x7f6469e57e96 content::RenderFrameHostImpl::SetRenderFrameCreated()
#13 0x7f646a3ccef0 content::RenderViewHostImpl::CreateRenderView()
#14 0x7f646a703abe content::WebContentsImpl::CreateRenderViewForRenderManager()
#15 0x7f6469e968c7 content::RenderFrameHostManager::InitRenderView()
#16 0x7f6469e8df0b content::RenderFrameHostManager::ReinitializeRenderFrame()
#17 0x7f6469e921c4 content::RenderFrameHostManager::GetFrameHostForNavigation()
#18 0x7f6469e42176 content::NavigationRequest::OnResponseStarted()
#19 0x7f646a09f728 content::NavigationURLLoaderImpl::NotifyResponseStarted()
#20 0x7f646a0a4d1e _ZN4base8internal13FunctorTraitsIMN7content23NavigationURLLoaderImplEFvRK13scoped_refptrINS2_16ResourceResponseEESt10unique_ptrINS2_12StreamHandleESt14default_deleteISA_EERKNS2_9SSLStatusES9_INS2_14NavigationDataESB_ISH_EEEvE6InvokeIRKNS_7WeakPtrIS3_EEJS8_SD_SG_SJ_EEEvSL_OT_DpOT0_
#21 0x7f646a0a4b32 _ZN4base8internal12InvokeHelperILb1EvE8MakeItSoIRKMN7content23NavigationURLLoaderImplEFvRK13scoped_refptrINS4_16ResourceResponseEESt10unique_ptrINS4_12StreamHandleESt14default_deleteISC_EERKNS4_9SSLStatusESB_INS4_14NavigationDataESD_ISJ_EEERKNS_7WeakPtrIS5_EEJSA_SF_SI_SL_EEEvOT_OT0_DpOT1_
#22 0x7f646a0a4a4b _ZN4base8internal7InvokerINS0_9BindStateIMN7content23NavigationURLLoaderImplEFvRK13scoped_refptrINS3_16ResourceResponseEESt10unique_ptrINS3_12StreamHandleESt14default_deleteISB_EERKNS3_9SSLStatusESA_INS3_14NavigationDataESC_ISI_EEEJNS_7WeakPtrIS4_EES7_NS0_13PassedWrapperISE_EESF_NSP_ISK_EEEEEFvvEE7RunImplIRKSM_RKSt5tupleIJSO_S7_SQ_SF_SR_EEJLm0ELm1ELm2ELm3ELm4EEEEvOT_OT0_NS_13IndexSequenceIJXspT1_EEEE
#23 0x7f646a0a489c _ZN4base8internal7InvokerINS0_9BindStateIMN7content23NavigationURLLoaderImplEFvRK13scoped_refptrINS3_16ResourceResponseEESt10unique_ptrINS3_12StreamHandleESt14default_deleteISB_EERKNS3_9SSLStatusESA_INS3_14NavigationDataESC_ISI_EEEJNS_7WeakPtrIS4_EES7_NS0_13PassedWrapperISE_EESF_NSP_ISK_EEEEEFvvEE3RunEPNS0_13BindStateBaseE
#24 0x7f647171817b base::internal::RunMixin<>::Run()
#25 0x7f647174d691 base::debug::TaskAnnotator::RunTask()
#26 0x7f64717dd6ef base::MessageLoop::RunTask()
#27 0x7f64717dd934 base::MessageLoop::DeferOrRunPendingTask()
#28 0x7f64717ddbfe base::MessageLoop::DoWork()
#29 0x7f64717f53dc base::MessagePumpGlib::HandleDispatch()
#30 0x7f64717f5ba1 base::(anonymous namespace)::WorkSourceDispatch()
#31 0x7f645d7a6d13 g_main_context_dispatch
#32 0x7f645d7a7060 <unknown>
#33 0x7f645d7a7124 g_main_context_iteration
#34 0x7f64717f54df base::MessagePumpGlib::Run()
#35 0x7f64717dd2a6 base::MessageLoop::RunHandler()
#36 0x7f64718823a4 base::RunLoop::Run()
#37 0x000003f36eb3 content::RunThisRunLoop()
#38 0x000003f36e3a content::RunMessageLoop()
#39 0x000002df1682 InProcessBrowserTest::QuitBrowsers()
#40 0x000002df1521 InProcessBrowserTest::RunTestOnMainThreadLoop()
#41 0x000003ea5e63 content::BrowserTestBase::ProxyRunTestOnMainThreadLoop()
#42 0x000000839689 _ZN4base8internal13FunctorTraitsIM25RenderViewContextMenuBaseFvvEvE6InvokeIP21RenderViewContextMenuJEEEvS4_OT_DpOT0_
#43 0x0000008395b1 _ZN4base8internal12InvokeHelperILb0EvE8MakeItSoIRKM25RenderViewContextMenuBaseFvvEJP21RenderViewContextMenuEEEvOT_DpOT0_
#44 0x000003ea6f57 _ZN4base8internal7InvokerINS0_9BindStateIMN7content15BrowserTestBaseEFvvEJNS0_17UnretainedWrapperIS4_EEEEEFvvEE7RunImplIRKS6_RKSt5tupleIJS8_EEJLm0EEEEvOT_OT0_NS_13IndexSequenceIJXspT1_EEEE
#45 0x000003ea6e9c _ZN4base8internal7InvokerINS0_9BindStateIMN7content15BrowserTestBaseEFvvEJNS0_17UnretainedWrapperIS4_EEEEEFvvEE3RunEPNS0_13BindStateBaseE
#46 0x00000081e52b base::internal::RunMixin<>::Run()
#47 0x000003a01049 ChromeBrowserMainParts::PreMainMessageLoopRunImpl()
#48 0x0000039ffad0 ChromeBrowserMainParts::PreMainMessageLoopRun()
#49 0x7f6469b2c6c1 content::BrowserMainLoop::PreMainMessageLoopRun()
#50 0x7f64691d90b9 _ZN4base8internal13FunctorTraitsIMN7content12ChildProcessEFvvEvE6InvokeIPS3_JEEEvS5_OT_DpOT0_
#51 0x7f6469b34601 _ZN4base8internal12InvokeHelperILb0EiE8MakeItSoIRKMN7content15BrowserMainLoopEFivEJPS5_EEEiOT_DpOT0_
#52 0x7f6469b345a7 _ZN4base8internal7InvokerINS0_9BindStateIMN7content15BrowserMainLoopEFivEJNS0_17UnretainedWrapperIS4_EEEEEFivEE7RunImplIRKS6_RKSt5tupleIJS8_EEJLm0EEEEiOT_OT0_NS_13IndexSequenceIJXspT1_EEEE
#53 0x7f6469b344ec _ZN4base8internal7InvokerINS0_9BindStateIMN7content15BrowserMainLoopEFivEJNS0_17UnretainedWrapperIS4_EEEEEFivEE3RunEPNS0_13BindStateBaseE
#54 0x7f64690497bb base::internal::RunMixin<>::Run()
#55 0x7f646a66fd0b content::StartupTaskRunner::RunAllTasksNow()
#56 0x7f6469b2a4f4 content::BrowserMainLoop::CreateStartupTasks()
#57 0x7f6469b375bd content::BrowserMainRunnerImpl::Initialize()
#58 0x7f6469b267af content::BrowserMain()
#59 0x7f646b90e676 content::RunNamedProcessTypeMain()
#60 0x7f646b910b02 content::ContentMainRunnerImpl::Run()
#61 0x7f646b90d712 content::ContentMain()
[1:1:0100/000000:ERROR:broker_posix.cc(41)] Invalid node channel message

Please feel free to re-assign if I've got the wrong CL.

Comment 1 by wjmaclean@chromium.org, Oct 3 2016

From sadrul@: "looks like RenderFrameHostImpl::SetUpMojoIfNeeded() is not getting called correctly. but could be something else."

Comment 2 by nasko@chromium.org, Oct 3 2016

Cc: jam@chromium.org

Adding jam@, who can help look at the Mojo parts.

Comment 3 by scottmg@chromium.org, Oct 3 2016

Cc: roc...@chromium.org

Ken, does this stack look familiar?

Comment 4 by roc...@chromium.org, Oct 3 2016

This would have to be a UAF or nullptr deref on the InterfaceRegistry, which means RegisterServicesForFrame() is being called on an RFHI after RenderProcessGone(). The result of GetInterfaceRegistry() is only ever null after that point.

Comment 5 by scottmg@chromium.org, Oct 3 2016

(Oh, I actually disabled the 4 tests list in the run linked to in comment #0. Let me look through more recent runs and filter those for this bot. I don't particularly know what's wrong with how ChromeExtensionsBrowserClient is registering for now.)

Comment 6 by scottmg@chromium.org, Oct 3 2016

https://codereview.chromium.org/2392603002/

Project Member

Comment 7 by bugdroid1@chromium.org, Oct 3 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ae42d222056071e75ac83644554f784f31c58346

commit ae42d222056071e75ac83644554f784f31c58346
Author: scottmg <scottmg@chromium.org>
Date: Mon Oct 03 18:33:59 2016

PlzNav: filter out a couple more browser_tests that are flaky on the debug bot

TBR=jam@chromium.org
BUG= 504347 , 652324 

Review-Url: https://codereview.chromium.org/2392603002
Cr-Commit-Position: refs/heads/master@{#422465}

[modify] https://crrev.com/ae42d222056071e75ac83644554f784f31c58346/testing/buildbot/filters/browser-side-navigation.linux.browser_tests.filter

Comment 8 by wjmaclean@chromium.org, Oct 3 2016

 Issue 652402  has been merged into this issue.

Comment 9 by scottmg@chromium.org, Oct 4 2016

Status: Fixed (was: Untriaged)

I mistyped a bug tag, but also https://codereview.chromium.org/2390843002/.

And with that it seems to have been not-flaky for 8 runs now, so going to mark fixed. I'll check again tomorrow to confirm.

►

Issue 652324 link

Issue metadata

browser_side_navigation_browser_tests has flakey tests

Issue description

Comment 1 by wjmaclean@chromium.org, Oct 3 2016

Comment 1 Deleted

Comment 2 by nasko@chromium.org, Oct 3 2016

Comment 2 Deleted

Comment 3 by scottmg@chromium.org, Oct 3 2016

Comment 3 Deleted

Comment 4 by roc...@chromium.org, Oct 3 2016

Comment 4 Deleted

Comment 5 by scottmg@chromium.org, Oct 3 2016

Comment 5 Deleted

Comment 6 by scottmg@chromium.org, Oct 3 2016

Comment 6 Deleted

Comment 7 by bugdroid1@chromium.org, Oct 3 2016

Comment 7 Deleted

Comment 8 by wjmaclean@chromium.org, Oct 3 2016

Comment 8 Deleted

Comment 9 by scottmg@chromium.org, Oct 4 2016

Comment 9 Deleted

Sign in to add a comment