New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 737654 link

Starred by 1 user
Status: Archived
Owner:
khorimoto@chromium.org
Closed: Jun 2017
Cc:
jlklein@chromium.org
lesliewatkins@chromium.org
khorimoto@chromium.org
jhawkins@chromium.org
hansberry@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 1
Type: Bug
61



Sign in to add a comment

Re-opening network list in system tray crashes chrome if a tether host has been found

Project Member Reported by hansberry@chromium.org, Jun 28 2017 
What steps will reproduce the problem?
(1) Open network list in system tray to begin scan.
(2) Let scan successfully populate the network list with a host.
(3) Close the network list.
(4) Reopen the network list -- immediately crashes.

What is the expected result?
View the network list.

What happens instead?
Chrome crashes.

gdb backtrace:

#0  __libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:47
#1  0xb027bde4 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#2  0xb027cd56 in __GI_abort () at abort.c:89
#3  0xb03a8760 in __gnu_cxx::__verbose_terminate_handler() () from /usr/lib/libstdc++.so.6
#4  0xb03a7116 in ?? () from /usr/lib/libstdc++.so.6
#5  0xb03a7174 in std::terminate() () from /usr/lib/libstdc++.so.6
#6  0xb03a73d0 in __cxa_throw () from /usr/lib/libstdc++.so.6
#7  0xb03e2ee6 in std::__throw_out_of_range_fmt(char const*, ...) () from /usr/lib/libstdc++.so.6

#8  0x3c8b5150 in ash::tray::NetworkListView::UpdateNetworkChild(int, ash::NetworkInfo const*) ()
    at /usr/local/google/home/hansberry/chromium/.cros_cache/chrome-sdk/tarballs/veyron_minnie+9649.0.0+target_toolchain/usr/bin/../lib/gcc/armv7a-cros-linux-gnueabi/4.9.x/include/g++-v4/bits/stl_vector.h:898

#9  0x3c8b47f2 in ash::tray::NetworkListView::UpdateNetworkChildren(ash::NetworkInfo::Type, int) () at ../../ash/system/network/network_list.cc:620
#10 0x3c8b44c0 in ash::tray::NetworkListView::UpdateNetworkListEntries() () at ../../ash/system/network/network_list.cc:497
#11 0x3c8b3f24 in ash::tray::NetworkListView::UpdateNetworkListInternal() () at ../../ash/system/network/network_list.cc:411
#12 0x3c8b3908 in ash::tray::NetworkListView::UpdateNetworkList() () at ../../ash/system/network/network_list.cc:331
#13 0x3c8b653a in ash::tray::NetworkStateListDetailedView::Init() () at ../../ash/system/network/network_state_list_detailed_view.cc:180
#14 0x3c885226 in ash::TrayNetwork::CreateDetailedView(ash::LoginStatus) () at ../../ash/system/network/tray_network.cc:250
#15 0x3c830db6 in ash::SystemTrayBubble::CreateItemViews(ash::LoginStatus) () at ../../ash/system/tray/system_tray_bubble.cc:328
#16 0x3c830b72 in ash::SystemTrayBubble::UpdateView(std::vector<ash::SystemTrayItem*, std::allocator<ash::SystemTrayItem*> > const&, ash::SystemTrayBubble::BubbleType) () at ../../ash/system/tray/system_tray_bubble.cc:146
#17 0x3c82fa1c in ash::SystemTray::ShowItems(std::vector<ash::SystemTrayItem*, std::allocator<ash::SystemTrayItem*> > const&, bool, bool, ash::BubbleCreationType, bool) () at ../../ash/system/tray/system_tray.cc:439
#18 0x3c82fcc8 in ash::SystemTray::ShowDetailedView(ash::SystemTrayItem*, int, bool, ash::BubbleCreationType) () at ../../ash/system/tray/system_tray.cc:329
#19 0x3c832106 in base::internal::Invoker<base::internal::BindState<void (ash::SystemTray::*)(ash::SystemTrayItem*, int, bool, ash::BubbleCreationType), base::internal::UnretainedWrapper<ash::SystemTray>, ash::SystemTrayItem*, int, bool, ash::BubbleCreationType>, void ()>::Run(base::internal::BindStateBase*) () at ../../base/bind_internal.h:209
#20 0x3b168372 in base::Timer::RunScheduledTask() () at ../../base/callback.h:80
#21 0x3b187f70 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) () at ../../base/callback.h:91
#22 0x3b12bb40 in base::MessageLoop::RunTask(base::PendingTask*) () at ../../base/message_loop/message_loop.cc:422
#23 0x3b12be1c in base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) () at ../../base/message_loop/message_loop.cc:433
#24 0x3b12c224 in base::MessageLoop::DoDelayedWork(base::TimeTicks*) () at ../../base/message_loop/message_loop.cc:580
#25 0x3b12d33e in base::MessagePumpLibevent::Run(base::MessagePump::Delegate*) () at ../../base/message_loop/message_pump_libevent.cc:229
#26 0x3b146458 in base::RunLoop::Run() () at ../../base/run_loop.cc:111
#27 0x3ae8d7ea in ChromeBrowserMainParts::MainMessageLoopRun(int*) () at ../../chrome/browser/chrome_browser_main.cc:1950
#28 0x39fe62f0 in content::BrowserMainLoop::RunMainMessageLoopParts() () at ../../content/browser/browser_main_loop.cc:1145
#29 0x39fe818c in content::BrowserMainRunnerImpl::Run() () at ../../content/browser/browser_main_runner.cc:142
#30 0x39fe2c52 in content::BrowserMain(content::MainFunctionParams const&) () at ../../content/browser/browser_main.cc:46
#31 0x3ae6b8c0 in content::ContentMainRunnerImpl::Run() () at ../../content/app/content_main_runner.cc:704
#32 0x3ae85490 in service_manager::Main(service_manager::MainParams const&) () at ../../services/service_manager/embedder/main.cc:469
#33 0x3ae6ac0c in content::ContentMain(content::ContentMainParams const&) () at ../../content/app/content_main.cc:19
#34 0x39c0c0de in ChromeMain () at ../../chrome/app/chrome_main.cc:125
#35 0xb026c8b8 in __libc_start_main (main=0x0, argc=-1090993272, argv=0x0, init=<optimized out>, fini=0x3e633f8d <__libc_csu_fini>, rtld_fini=0xb08e3f41 <_dl_fini>, stack_end=0xbef8c4e4) at libc-start.c:289
#36 0x39c0bf80 in _start ()

Comment 1 by khorimoto@chromium.org, Jun 28 2017

Owner: khorimoto@chromium.org
Status: Started (was: Available)
Project Member

Comment 2 by bugdroid1@chromium.org, Jun 29 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ba110b86fcda72e706d03f46c75976018aa80d63

commit ba110b86fcda72e706d03f46c75976018aa80d63
Author: khorimoto <khorimoto@chromium.org>
Date: Thu Jun 29 01:50:06 2017

[CrOS Tether] NetworkList: Remove code which erroneously added Tether networks twice.

Tether networks are already included when NetworkStateHandler::GetVisibleNetworkList() is called, so they should not be added twice. This error caused a crash because NetworkList contains several maps from network GUID to another object, and these maps would get out of sync when two networks with the same GUID were included.

This CL also removes some unnecessary code which skipped adding Wi-Fi networks which have a tether GUID set. This can no longer happen, since those networks are never returned from NetworkStateHandler after https://codereview.chromium.org/2945643002/.

BUG=672263, 737654 

Review-Url: https://codereview.chromium.org/2961153003
Cr-Commit-Position: refs/heads/master@{#483249}

[modify] https://crrev.com/ba110b86fcda72e706d03f46c75976018aa80d63/ash/system/network/network_list.cc

Comment 3 by khorimoto@chromium.org, Jun 29 2017

Status: Fixed (was: Started)

Comment 4 by dchan@chromium.org, Jan 22 2018

Status: Archived (was: Fixed)

Sign in to add a comment