New issue
Advanced search Search tips

Issue 686367 link

Starred by 3 users
Status: Fixed
Owner:
ryansturm@chromium.org
Closed: Jan 2017
Cc:
ryansturm@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Chromium crashed in [FATAL:data_reduction_proxy_metrics_observer.cc(147)]

Project Member Reported by csashi@google.com, Jan 28 2017 
Chrome Version: 58.0.2995.0

OS: Android 5.1.1

What steps will reproduce the problem?
Not sure if this is reproducible.
(1) I only visited https://dump-truck.appspot.com

What is the expected result?

Page should load.

What happens instead?

01-27 18:35:04.125 I/chromium(16970): [INFO:SkFontMgr_android.cpp(163)] Requested font file /system/fonts/NanumGothic.ttf does not exist or cannot be opened.
01-27 18:35:04.125 I/chromium(16970): 
01-27 18:35:04.125 I/chromium(16970): [INFO:SkFontMgr_android.cpp(163)] Requested font file /system/fonts/DroidSansFallback.ttf does not exist or cannot be opened.
01-27 18:35:04.125 I/chromium(16970): 
01-27 18:35:04.168 F/chromium(16928): [FATAL:data_reduction_proxy_metrics_observer.cc(147)] Check failed: !navigation_handle->GetURL().SchemeIsCryptographic(). 
01-27 18:35:04.168 F/chromium(16928): #00 0xa19728f7 /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so+0x0009e8f7
01-27 18:35:04.168 F/chromium(16928): #01 0x9770e893 /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so+0x0044a893
01-27 18:35:04.168 F/chromium(16928): #02 0x9771470b /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so+0x0045070b
01-27 18:35:04.168 F/chromium(16928): #03 0x97709d43 /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so+0x00445d43
01-27 18:35:04.168 F/chromium(16928): #04 0x9911f851 /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so+0x009f7851
01-27 18:35:04.168 F/chromium(16928): #05 0x98f50191 /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so+0x00828191
01-27 18:35:04.168 F/chromium(16928): #06 0x98f50385 /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so+0x00828385
01-27 18:35:04.168 F/chromium(16928): #07 0x98f558f1 /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so+0x0082d8f1
01-27 18:35:04.168 F/chromium(16928): #08 0x98f60983 /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so+0x00838983
01-27 18:35:04.168 F/chromium(16928): #09 0x98f62ea1 /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so+0x0083aea1
01-27 18:35:04.168 F/chromium(16928): #10 0x9907cf21 /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so+0x00954f21
01-27 18:35:04.168 F/chromium(16928): #11 0x9ea04e99 /data/app/org.chromium.chrome-1/lib/arm/libipc.cr.so+0x00017e99
01-27 18:35:04.168 F/chromium(16928): #12 0xa195eb23 /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so+0x0008ab23
01-27 18:35:04.168 F/chromium(16928): #13 0xa1979715 /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so+0x000a5715
01-27 18:35:04.168 F/chromium(16928): #14 0xa1979baf /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so+0x000a5baf
01-27 18:35:04.168 F/chromium(16928): #15 0xa1979cb7 /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so+0x000a5cb7
01-27 18:35:04.168 F/chromium(16928): #16 0xa197bbd3 /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so+0x000a7bd3
01-27 18:35:04.168 F/chromium(16928): #17 0xa197bcd7 /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so+0x000a7cd7
01-27 18:35:04.168 F/chromium(16928): #18 0xa2c4e17b /data/dalvik-cache/arm/data@app@org.chromium.chrome-1@base.apk@classes.dex+0x0121d17b
01-27 18:35:04.168 F/chromium(16928): 
01-27 18:35:04.169 F/libc    (16928): Fatal signal 6 (SIGABRT), code -6 in tid 16928 (chromium.chrome)
01-27 18:35:04.270 I/DEBUG   (  185): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
01-27 18:35:04.270 I/DEBUG   (  185): Build fingerprint: 'google/hammerhead/hammerhead:5.1.1/LMY48T/2237560:user/release-keys'
01-27 18:35:04.270 I/DEBUG   (  185): Revision: '11'
01-27 18:35:04.270 I/DEBUG   (  185): ABI: 'arm'
01-27 18:35:04.270 I/DEBUG   (  185): pid: 16928, tid: 16928, name: chromium.chrome  >>> org.chromium.chrome <<<
01-27 18:35:04.270 I/DEBUG   (  185): signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
01-27 18:35:04.298 I/DEBUG   (  185): Abort message: '[FATAL:data_reduction_proxy_metrics_observer.cc(147)] Check failed: !navigation_handle->GetURL().SchemeIsCryptographic(). 
01-27 18:35:04.298 I/DEBUG   (  185): #00 0xa19728f7 /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so+0x0009e8f7
01-27 18:35:04.298 I/DEBUG   (  185): #01 0x9770e893 /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so+0x0044a893
01-27 18:35:04.298 I/DEBUG   (  185): #02 0x9771470b /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so+0x0045070b
01-27 18:35:04.298 I/DEBUG   (  185): #03 0x97709d43 /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so+0x00445d43
01-27 18:35:04.298 I/DEBUG   (  185): #04 0x9911f851 /data/app/org.chromium.chrome-1
01-27 18:35:04.298 I/DEBUG   (  185):     r0 00000000  r1 00004220  r2 00000006  r3 00000000
01-27 18:35:04.298 I/DEBUG   (  185):     r4 b6f72e38  r5 00000006  r6 0000000b  r7 0000010c
01-27 18:35:04.298 I/DEBUG   (  185):     r8 bee12898  r9 00000000  sl b6e454b4  fp bee12cf4
01-27 18:35:04.298 I/DEBUG   (  185):     ip 00004220  sp bee12720  lr b6df03c5  pc b6e14738  cpsr 60070010
01-27 18:35:04.298 I/DEBUG   (  185): 
01-27 18:35:04.298 I/DEBUG   (  185): backtrace:
01-27 18:35:04.298 I/DEBUG   (  185):     #00 pc 0003b738  /system/lib/libc.so (tgkill+12)
01-27 18:35:04.299 I/DEBUG   (  185):     #01 pc 000173c1  /system/lib/libc.so (pthread_kill+52)
01-27 18:35:04.299 I/DEBUG   (  185):     #02 pc 00017fd3  /system/lib/libc.so (raise+10)
01-27 18:35:04.299 I/DEBUG   (  185):     #03 pc 00014795  /system/lib/libc.so (__libc_android_abort+36)
01-27 18:35:04.299 I/DEBUG   (  185):     #04 pc 00012f44  /system/lib/libc.so (abort+4)
01-27 18:35:04.299 I/DEBUG   (  185):     #05 pc 0008a213  /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so (base::debug::BreakDebugger()+18)
01-27 18:35:04.299 I/DEBUG   (  185):     #06 pc 0009ea6b  /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so (logging::LogMessage::~LogMessage()+606)
01-27 18:35:04.299 I/DEBUG   (  185):     #07 pc 0044a891  /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so
01-27 18:35:04.299 I/DEBUG   (  185):     #08 pc 0045070b  /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so
01-27 18:35:04.299 I/DEBUG   (  185):     #09 pc 00445d41  /data/app/org.chromium.chrome-1/lib/arm/libchrome.cr.so
01-27 18:35:04.299 I/DEBUG   (  185):     #10 pc 009f7851  /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so (content::WebContentsImpl::DidFinishNavigation(content::NavigationHandle*)+52)
01-27 18:35:04.299 I/DEBUG   (  185):     #11 pc 00828191  /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so (content::NavigationHandleImpl::~NavigationHandleImpl()+156)
01-27 18:35:04.299 I/DEBUG   (  185):     #12 pc 00828383  /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so (content::NavigationHandleImpl::~NavigationHandleImpl()+6)
01-27 18:35:04.299 I/DEBUG   (  185):     #13 pc 0082d8f1  /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so (content::NavigatorImpl::DidNavigate(content::RenderFrameHostImpl*, FrameHostMsg_DidCommitProvisionalLoad_Params const&, std::__ndk1::unique_ptr<content::NavigationHandleImpl, std::__ndk1::default_delete<content::NavigationHandleImpl> >)+972)
01-27 18:35:04.299 I/DEBUG   (  185):     #14 pc 00838983  /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so (content::RenderFrameHostImpl::OnDidCommitProvisionalLoad(IPC::Message const&)+1226)
01-27 18:35:04.299 I/DEBUG   (  185):     #15 pc 0083ae9f  /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so
01-27 18:35:04.300 I/DEBUG   (  185):     #16 pc 00954f21  /data/app/org.chromium.chrome-1/lib/arm/libcontent.cr.so
01-27 18:35:04.300 I/DEBUG   (  185):     #17 pc 00017e99  /data/app/org.chromium.chrome-1/lib/arm/libipc.cr.so (IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const&)+324)
01-27 18:35:04.300 I/DEBUG   (  185):     #18 pc 0008ab23  /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so (base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*)+374)
01-27 18:35:04.300 I/DEBUG   (  185):     #19 pc 000a5713  /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so (base::MessageLoop::RunTask(base::PendingTask*)+438)
01-27 18:35:04.300 I/DEBUG   (  185):     #20 pc 000a5bad  /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so (base::MessageLoop::DeferOrRunPendingTask(base::PendingTask)+28)
01-27 18:35:04.300 I/DEBUG   (  185):     #21 pc 000a5cb5  /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so (base::MessageLoop::DoWork()+156)
01-27 18:35:04.300 I/DEBUG   (  185):     #22 pc 000a7bd3  /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so
01-27 18:35:04.300 I/DEBUG   (  185):     #23 pc 000a7cd5  /data/app/org.chromium.chrome-1/lib/arm/libbase.cr.so (Java_org_chromium_base_SystemMessageHandler_nativeDoRunLoopOnce+52)


Please use labels and text to provide additional information.


For graphics-related bugs, please copy/paste the contents of the about:gpu
page at the end of this report.

Comment 1 by dtapu...@chromium.org, Jan 30 2017

Cc: ryansturm@chromium.org
Components: Internals>Network>DataProxy

Comment 2 by ryansturm@chromium.org, Jan 30 2017 

This seems a little fishy.
csashi@google.com, Did you visit https://dump-truck.appspot.com directly, or were you redirected from another URL?

There might be something interesting happening in the d_r_p NetworkDelegate code, and it would be really good to know if this is caused by redirect behavior. If this was not redirected, I'd be curious if something is going wrong in the proxy delegate code because we should not ever proxy HTTPS.

Any specific way of reproducing this would also be great.

Thanks.

I'll take a look at seeing if I can reproduce this as well.

Comment 3 by csashi@google.com, Jan 30 2017 

To the best of my recollection, I visited directly. However, it is possible I typed "dump-truck.appspot.com" and that redirected me to the HTTPS.

Comment 4 by ryansturm@chromium.org, Jan 30 2017

Owner: ryansturm@chromium.org
Status: Assigned (was: Untriaged)

Comment 5 by ryansturm@chromium.org, Jan 30 2017

Status: Started (was: Assigned)
The DRP NetworkDelegate code is handling redirects incorrectly.

At a high level, when a redirect happens, before sending the headers to fetch the next resource in the redirect chain, the user data for DRP is cleared off the request.

Instead, OnBeforeRedirectInternal should be used to clear the user data, as if the final URL in the redirect chain is cached, we won't send headers and won't clear the user data.
Project Member

Comment 6 by bugdroid1@chromium.org, Jan 31 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ee1900abec9b62a0657726f5f238ed7123df7d97

commit ee1900abec9b62a0657726f5f238ed7123df7d97
Author: ryansturm <ryansturm@chromium.org>
Date: Tue Jan 31 00:22:08 2017

Fixing redirect DataReductionProxyNewtorkDelegate behavior

The current behavior to clear out DataReductionProxyData from
URLRequest's UserData was based on OnBeforeSendHeaders being called for
the request after a redirect. However, when the resource is cached, the
DataReductionProxyData won't be cleared. This CL aims to fix this by
moving the code that clears the DRPData to OnBeforeRedirect, which is
called for every redirect response.

BUG= 686367 

Review-Url: https://codereview.chromium.org/2664983002
Cr-Commit-Position: refs/heads/master@{#447125}

[modify] https://crrev.com/ee1900abec9b62a0657726f5f238ed7123df7d97/components/data_reduction_proxy/core/browser/data_reduction_proxy_network_delegate.cc
[modify] https://crrev.com/ee1900abec9b62a0657726f5f238ed7123df7d97/components/data_reduction_proxy/core/browser/data_reduction_proxy_network_delegate.h
[modify] https://crrev.com/ee1900abec9b62a0657726f5f238ed7123df7d97/components/data_reduction_proxy/core/browser/data_reduction_proxy_network_delegate_unittest.cc
[modify] https://crrev.com/ee1900abec9b62a0657726f5f238ed7123df7d97/components/data_reduction_proxy/core/browser/data_reduction_proxy_test_utils.cc

Comment 7 by ryansturm@chromium.org, Jan 31 2017

Status: Fixed (was: Started)

Sign in to add a comment