[FATAL:form_autofill_util.cc(809)] Check failed: false. |
|||||
Issue descriptionChrome Version: 57.0.2974.0 OS: Android 5.1.1 What steps will reproduce the problem? Not sure if these steps will reproduce the problem. In fact, in previous trials I hit the stack trace filed in https://bugs.chromium.org/p/chromium/issues/detail?id=679117#c1. (1) Enable credit-card-assist in chrome://flags (2) Add a credit card in Chrome Settings (3) Visit https://dump-truck.appspot.com/usecase-address_then_cc/cc.html (4) Accept the auto fill prompt at the bottom to fill in the credit card fields. (5) Enter the CVC What is the expected result? Form should be filled. What happens instead? Chrome crashes here. Please use labels and text to provide additional information. For graphics-related bugs, please copy/paste the contents of the about:gpu page at the end of this report.
,
Jan 12 2017
+mathp for triage.
,
Jan 12 2017
This stack looks different (closer to stack filed in https://bugs.chromium.org/p/chromium/issues/detail?id=679117) 01-12 13:24:56.246 F/libc (25030): Fatal signal 11 (SIGSEGV), code 1, fault addr 0x80 in tid 25057 (CrRendererMain) 01-12 13:24:56.348 I/DEBUG ( 188): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** 01-12 13:24:56.348 I/DEBUG ( 188): Build fingerprint: 'google/hammerhead/hammerhead:5.1.1/LMY49S/3276206:userdebug/dev-keys' 01-12 13:24:56.348 I/DEBUG ( 188): Revision: '11' 01-12 13:24:56.348 I/DEBUG ( 188): ABI: 'arm' 01-12 13:24:56.348 I/DEBUG ( 188): pid: 25030, tid: 25057, name: CrRendererMain >>> org.chromium.chrome:sandboxed_process1 <<< 01-12 13:24:56.348 I/DEBUG ( 188): signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x80 01-12 13:24:56.372 I/DEBUG ( 188): r0 00000000 r1 00000000 r2 b350b240 r3 00000000 01-12 13:24:56.372 I/DEBUG ( 188): r4 aec65540 r5 aec65558 r6 aec6567c r7 b350b170 01-12 13:24:56.372 I/DEBUG ( 188): r8 b350b240 r9 b350b240 sl b350b220 fp 00000000 01-12 13:24:56.372 I/DEBUG ( 188): ip 9b0f6bec sp b350b170 lr 9ca33c61 pc 9ca33c60 cpsr 88010030 01-12 13:24:56.373 I/DEBUG ( 188): 01-12 13:24:56.373 I/DEBUG ( 188): backtrace: 01-12 13:24:56.373 I/DEBUG ( 188): #00 pc 000cdc60 /data/app/org.chromium.chrome-1/lib/arm/libblink_web.cr.so (_ZNK5blink21WebFormControlElement12isAutofilledEv+9) 01-12 13:24:56.373 I/DEBUG ( 188): #01 pc 00bcbcf5 /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so 01-12 13:24:56.373 I/DEBUG ( 188): #02 pc 003128bb /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so
,
Jan 12 2017
I believe the crash in WebFormControlElement::isAutofilled is from autofill_agent.cc FillForm, where |id| parameter is -1.
,
Jan 12 2017
The code comment appears to be relevant.
// This case should be reachable only for pathological websites, which
// rename form fields while the user is interacting with the Autofill
// popup
I bypassed the null element_ in FillForm and hit this case for field CCNo:
element->nameForAutofill() was address
The CCNo field is rendered as follows:
<script type="text/javascript">
$(function() {
$('#fill').click(function() {
$(':input[name="name"]').val('John Smith');
$(':input[name="CCNo"]').val('5454545454545454');
$(':input[name="CCExpiresMonth"]').val('12');
$(':input[name="CCExpiresYear"]').val('2023');
$(':input[name="cvc"]').val('123');
});
});
</script>
,
Jan 12 2017
The assistant filling appears to work for https://rsolomakhin.github.io/autofill
,
Jan 25 2017
,
May 1 2018
,
Aug 3
This bug has an owner, thus, it's been triaged. Changing status to "assigned". |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by isherman@chromium.org
, Jan 12 2017