Issue metadata
Sign in to add a comment
|
Work Chrome crashes when touch-holding a link
Reported by
lquinn@blackberry.com,
May 10 2017
|
||||||||||||||||||||||
Issue descriptionSteps to reproduce the problem: 1. Using Chrome in Android for Work, go to a Web page that has links. 2. Touch and hold on a link. What is the expected behavior? Context menu with choices such as "Open in new tab" What went wrong? This crashes 100% of the time for me. I also experience the crash on Android 6.0.1 devices such as the BlackBerry PRIV and BlackBerry DTEK60. The crash does not happen using the same version of Chrome outside of AfW. Here is the stack trace from logcat: 05-09 08:30:07.794 5190 5190 W System.err: java.lang.NullPointerException: Attempt to read from field 'java.lang.String org.chromium.chrome.browser.search_engines.TemplateUrlService$TemplateUrl.mShortName' on a null object reference 05-09 08:30:07.795 5190 5190 W System.err: at org.chromium.chrome.browser.contextmenu.ChromeContextMenuPopulator.buildContextMenu(ChromeContextMenuPopulator.java:7089) 05-09 08:30:07.795 5190 5190 W System.err: at org.chromium.chrome.browser.tab.TabContextMenuPopulator.buildContextMenu(TabContextMenuPopulator.java:40) 05-09 08:30:07.795 5190 5190 W System.err: at org.chromium.chrome.browser.contextmenu.ContextMenuHelper.onCreateContextMenu(ContextMenuHelper.java:131) 05-09 08:30:07.795 5190 5190 W System.err: at android.view.View.createContextMenu(View.java:10859) 05-09 08:30:07.795 5190 5190 W System.err: at com.android.internal.view.menu.ContextMenuBuilder.showDialog(ContextMenuBuilder.java:81) 05-09 08:30:07.795 5190 5190 W System.err: at com.android.internal.policy.DecorView.showContextMenuForChildInternal(DecorView.java:794) 05-09 08:30:07.795 5190 5190 W System.err: at com.android.internal.policy.DecorView.showContextMenuForChild(DecorView.java:764) 05-09 08:30:07.795 5190 5190 W System.err: at android.view.ViewGroup.showContextMenuForChild(ViewGroup.java:771) 05-09 08:30:07.795 5190 5190 W System.err: at android.view.ViewGroup.showContextMenuForChild(ViewGroup.java:771) 05-09 08:30:07.795 5190 5190 W System.err: at android.view.ViewGroup.showContextMenuForChild(ViewGroup.java:771) 05-09 08:30:07.795 5190 5190 W System.err: at android.view.ViewGroup.showContextMenuForChild(ViewGroup.java:771) 05-09 08:30:07.795 5190 5190 W System.err: at android.view.ViewGroup.showContextMenuForChild(ViewGroup.java:771) 05-09 08:30:07.795 5190 5190 W System.err: at android.view.ViewGroup.showContextMenuForChild(ViewGroup.java:771) 05-09 08:30:07.795 5190 5190 W System.err: at android.view.ViewGroup.showContextMenuForChild(ViewGroup.java:771) 05-09 08:30:07.795 5190 5190 W System.err: at android.view.View.showContextMenu(View.java:5793) 05-09 08:30:07.795 5190 5190 W System.err: at org.chromium.chrome.browser.contextmenu.ContextMenuHelper.showContextMenu(ContextMenuHelper.java:76) 05-09 08:30:07.795 5190 5190 W System.err: at org.chromium.base.SystemMessageHandler.nativeDoRunLoopOnce(Native Method) 05-09 08:30:07.796 5190 5190 W System.err: at org.chromium.base.SystemMessageHandler.handleMessage(SystemMessageHandler.java:41) Did this work before? Yes Not sure exactly, but I'm pretty sure that it worked in Chrome 57.0.2987.132 Chrome version: 58.0.3029.83 Channel: stable OS Version: 7.1.1 Flash Version:
,
May 11 2017
Issue 720552 has been merged into this issue.
,
May 31 2017
We now have external customers reporting a similar issue to this on Pixel as well. They reported the crash happened if Chrome was opened in the work profile, it crashes when the user opens settings (cc: kingston :)) We have full debug logs if more detail is helpful to repro.
Logs from Pixel N, Chrome V. 57.0.2987.132
04-20 13:08:05.975 10461 10461 E AndroidRuntime: FATAL EXCEPTION: main
04-20 13:08:05.975 10461 10461 E AndroidRuntime: Process: com.android.chrome, PID: 10461
04-20 13:08:05.975 10461 10461 E AndroidRuntime: java.lang.RuntimeException: Unable to resume activity {com.android.chrome/org.chromium.chrome.browser.preferences.Preferences}: java.lang.NullPointerException: Attempt to read from field 'java.lang.String org.chromium.chrome.browser.search_engines.TemplateUrlService$TemplateUrl.mShortName' on a null object reference
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.ActivityThread.performResumeActivity(ActivityThread.java:3430)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.ActivityThread.handleResumeActivity(ActivityThread.java:3470)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2733)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.ActivityThread.-wrap12(ActivityThread.java)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1478)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.os.Handler.dispatchMessage(Handler.java:102)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.os.Looper.loop(Looper.java:154)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.ActivityThread.main(ActivityThread.java:6121)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at java.lang.reflect.Method.invoke(Native Method)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:889)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:779)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: Caused by: java.lang.NullPointerException: Attempt to read from field 'java.lang.String org.chromium.chrome.browser.search_engines.TemplateUrlService$TemplateUrl.mShortName' on a null object reference
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at org.chromium.chrome.browser.preferences.MainPreferences.updateSummary(MainPreferences.java:6089)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at org.chromium.chrome.browser.preferences.MainPreferences.updatePreferences(MainPreferences.java:101)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at org.chromium.chrome.browser.preferences.MainPreferences.onResume(MainPreferences.java:69)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.Fragment.performResume(Fragment.java:2399)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.FragmentManagerImpl.moveToState(FragmentManager.java:1032)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.FragmentManagerImpl.moveToState(FragmentManager.java:1171)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.FragmentManagerImpl.moveToState(FragmentManager.java:1153)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.FragmentManagerImpl.dispatchResume(FragmentManager.java:2049)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.FragmentController.dispatchResume(FragmentController.java:198)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.Activity.performResume(Activity.java:6807)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: at android.app.ActivityThread.performResumeActivity(ActivityThread.java:3407)
04-20 13:08:05.975 10461 10461 E AndroidRuntime: ... 10 more
04-20 13:08:05.977 1122 3520 W ActivityManager: Force finishing activity com.android.chrome/org.chromium.chrome.browser.preferences.Preferences
,
Jun 1 2017
+amineer/ted Any ideas what might be going on here?
,
Jun 1 2017
Can someone please visit chrome://crashes after this occurs and provide us with a crash ID? Placing in sheriff queue.
,
Jun 1 2017
Looks like TemplateUrlService#getDefaultSearchEngineTemplateUrl is returning null. The call sites I saw were guarded by an isLoaded() check, so nothing obviously jumps out at me. Lei changed a bunch for custom search engines, but I believe that was all in M57. I'm not aware of any changes in M58, but assigning to Lei to investigate more.
,
Jun 5 2017
I uploaded Crash ID 3294509ef0000000 just now. I'm not sure if something changed in M58 or if something changed in my MDM.
,
Jun 6 2017
Thanks for taking a look! Two additional Crash IDs from the customer: Crash ID 452d7a88 Android 6.01 Crash ID 29686cec Android 7.0
,
Jun 9 2017
@askatte, are you able to repro this locally?
,
Jun 9 2017
No, I am unable to repro this issue on Pixel XL / 7.1.2 / Chrome for work 58.0.3029.108. I tried going to cnn and wikipedia and long pressed on some links trying to open them in a new tab. Worked fine. Also tried navigating to/ in Settings' and didn't see any issues.
,
Jun 12 2017
@tedchoc are the crash traces missing anything you need? Happy to work on fresh repros if they're insufficient and we can ask for something specific.
,
Jun 12 2017
Without being able to repro this locally, it is hard to figure out what is really going on. The default search engine seems to be returning null in these cases, and that seems quite bad. If you have devices that repro, can you go to Chrome Settings? Does that crash? If it doesn't crash, what happens when you click on the "Search engine" preference? I don't see anything obvious in the TemplateUrlService that changed in this range, so I'm definitely curious if there have been changes to the policy definitions. Any idea how to test local policies tmccoy@?
,
Jun 13 2017
Chrome Settings crashes every time for me using Work Chrome 58.0.3029.83. Crash ID 263a2acc58000000
,
Jun 13 2017
Yeah, tricky. We'll see if we can get screenshots of the chrome://policy page w/ any DefaultSearchProvider values. @lquinn can you provide the same please? +bartfab can you give any suggestions for how to test local chrome policies?
,
Jun 13 2017
Sorry –atwilson +bartfab
,
Jun 13 2017
+bauerb, do you know if it is possible to specify command-line flags for Clank? If so, one could point Clank at YAPS to feed it custom policies: https://sites.google.com/a/google.com/chrome-enterprise-new/faq/using-yaps?pli=1
,
Jun 13 2017
Internally we can just use Dasher CPanel to test policies, right?
,
Jun 13 2017
Depends on the policies you want to set. Travis' mention of "local Chrome policies" made me think some specific, custom set of policies is needed. If all policies required are exposed in CPanel then of course, a Dasher-enabled test domain like managedchrome.com is sufficient.
,
Jun 13 2017
You can use TestDPC (https://play.google.com/store/apps/details?id=com.afwsamples.testdpc) to create a work profile and set app restrictions there. Also, +dgn who was CCd on the other bug.
,
Jun 13 2017
Ah ha...that does definitely seem to be it. I can repro locally by changing the code in DefaultSearchPolicyHandler::DefaultSearchProviderIsDisabled to return true. There are a few places that incorrectly assume this can be null (and even TemplateUrl really only implies it can be null in unit test environments, so we need to fix that).
,
Jun 13 2017
I'll get a patch together for the cases I can find.
,
Jun 13 2017
Related internal bugs: b/36802393 and potentially b/37688593
,
Jun 13 2017
Some more background, but this was broken in M58 by this change: https://codereview.chromium.org/2710833002 The change separated what were the total supported options vs the disabled options for the current state. Search by image was in the valid supported list, but is marked as disabled because the default search engine is null. Unfortunately, we only checked it was in the supported list before attempting to populate the name of the menu item using the DSE (w/o the null check). The was a refactoring not that long after that split out the logic again and fixed the issue (now we do not attempt to generate the title unless the menu item is actually shown): https://codereview.chromium.org/2747453002 So the good news is that it is fixed. The bad news is that we missed the boat for 58 and there is not much we can do about that now. If you have any ability, getting your administrators to temporarily disable the DefaultSearchProviderEnabled policy is the only recourse. Even with 59, there are issues where settings and other problems creep in, so there is still work to be done here.
,
Jun 14 2017
Good to hear it's fixed - probably makes sense to add a test for this case to prevent future regressions before we close out this bug...
,
Jun 15 2017
Can you override policies via command line? If we can't do that, then I think tests for this are going to be exceptionally hard.
,
Jun 16 2017
Upping the priority of this bug as the search widget work causes Chrome to crash on startup in the cases where this would have previously failed.
,
Jun 17 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/9c436a9669b2a3bc5cd10d8d75488715c8bf86aa commit 9c436a9669b2a3bc5cd10d8d75488715c8bf86aa Author: tedchoc <tedchoc@chromium.org> Date: Sat Jun 17 00:12:37 2017 Check for the default search engine being null before using. It is valid for the DSE to be null if DefaultSearchProviderEnabled is false in the policy (see chrome://policy). Check and appropriately handle null in all cases. TEST=1.) Set "DefaultSearchProviderEnabled": false 2.) Go to settings, 3.) search engine marked as managed, disabled, and empty TEST=1.) Set "DefaultSearchProviderEnabled": true, "DefaultSearchProviderSearchURL": "http://www.google.com/?q={searchTerms}", "DefaultSearchProviderKeyword": "google" 2.) Go to settings 3.) search engine marked as managed, disabled, show google BUG= 720504 Review-Url: https://codereview.chromium.org/2938403002 Cr-Commit-Position: refs/heads/master@{#480234} [modify] https://crrev.com/9c436a9669b2a3bc5cd10d8d75488715c8bf86aa/chrome/android/java/src/org/chromium/chrome/browser/preferences/MainPreferences.java [modify] https://crrev.com/9c436a9669b2a3bc5cd10d8d75488715c8bf86aa/chrome/android/java/src/org/chromium/chrome/browser/search_engines/TemplateUrlService.java [modify] https://crrev.com/9c436a9669b2a3bc5cd10d8d75488715c8bf86aa/chrome/android/java/src/org/chromium/chrome/browser/searchwidget/SearchWidgetProvider.java [modify] https://crrev.com/9c436a9669b2a3bc5cd10d8d75488715c8bf86aa/chrome/browser/search_engines/template_url_service_android.cc [modify] https://crrev.com/9c436a9669b2a3bc5cd10d8d75488715c8bf86aa/chrome/browser/search_engines/template_url_service_android.h [modify] https://crrev.com/9c436a9669b2a3bc5cd10d8d75488715c8bf86aa/components/search_engines/template_url_service.h
,
Jun 19 2017
,
Jun 19 2017
This bug requires manual review: M60 has already been promoted to the beta branch, so this requires manual review Please contact the milestone owner if you have questions. Owners: amineer@(Android), cmasso@(iOS), josafat@(ChromeOS), bustamante@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jun 19 2017
Thanks for the quick fix and merge!
,
Jun 19 2017
Ted: You can indeed set policies for instrumentation tests via a `@Policies.Add` annotation.
,
Jun 19 2017
FYI. This hasn't been merged yet (or been approved yet).
,
Jun 19 2017
Approved for 60 branch 3112.
,
Jun 19 2017
Merged with: https://codereview.chromium.org/2950583002 Removing RBS to try and get tests landed for this as well.
,
Jun 22 2017
,
Jun 23 2017
,
Jul 18 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/83172211a056e94deb56d7fc214dbf5b4d9b4ae9 commit 83172211a056e94deb56d7fc214dbf5b4d9b4ae9 Author: Ted Choc <tedchoc@google.com> Date: Tue Jul 18 21:28:28 2017 Add integration tests for when the DSE is null. The tests added are: 1.) Search google for this image not shown in context menu (and doesn't crash). 2.) Search engine preference is disabled in settings (also doesn't crash). BUG= 720504 Change-Id: Ib481169f83c789a4aa23aac37d13d5fe512c443f Reviewed-on: https://chromium-review.googlesource.com/576387 Reviewed-by: Theresa <twellington@chromium.org> Commit-Queue: Ted Choc <tedchoc@chromium.org> Cr-Commit-Position: refs/heads/master@{#487610} [modify] https://crrev.com/83172211a056e94deb56d7fc214dbf5b4d9b4ae9/chrome/android/java/src/org/chromium/chrome/browser/preferences/MainPreferences.java [modify] https://crrev.com/83172211a056e94deb56d7fc214dbf5b4d9b4ae9/chrome/android/javatests/src/org/chromium/chrome/browser/contextmenu/ContextMenuTest.java [modify] https://crrev.com/83172211a056e94deb56d7fc214dbf5b4d9b4ae9/chrome/android/javatests/src/org/chromium/chrome/browser/preferences/PreferencesTest.java
,
Jul 18 2017
This change landed previously to ensure the new search engine promo logic did not crash on no template URLs. https://codereview.chromium.org/2946803002 With that, I believe we have test coverage for all failing cases, so I'm going to close this out. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by candr...@chromium.org
, May 11 2017Labels: triage-te