New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 831953 link

Starred by 23 users

<input type=file> with accepting only image crashes DecoderService in Android 6.0-

Reported by thehimen...@gmail.com, Apr 12

Issue description

Steps to reproduce the problem:
On Chrome 66 beta with Android 6.x or below
1. open https://codepen.io/anon/pen/BrEQbv (This has input tag with accepting only image file)
2. tap "Choose File"

What is the expected behavior?
Photo picker should be open.

What went wrong?
"Unfortunately, Chrome Beta has stopped" dialog appears due to crash in DecoderService

below is the related logs from adb logcat
---
04-12 13:22:30.471   803   803 E AndroidRuntime: FATAL EXCEPTION: main
04-12 13:22:30.471   803   803 E AndroidRuntime: Process: com.chrome.beta:decoder_service, PID: 803
04-12 13:22:30.471   803   803 E AndroidRuntime: java.lang.RuntimeException: Unable to create service org.chromium.chrome.browser.photo_picker.DecoderService: java.lang.NullPointerException: Attempt to invoke virtual method 'boolean org.chromium.base.CommandLine.hasSwitch(java.lang.String)' on a null object reference
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at android.app.ActivityThread.handleCreateService(ActivityThread.java:3818)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at android.app.ActivityThread.access$2100(ActivityThread.java:222)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1883)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at android.os.Handler.dispatchMessage(Handler.java:102)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at android.os.Looper.loop(Looper.java:158)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at android.app.ActivityThread.main(ActivityThread.java:7229)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at java.lang.reflect.Method.invoke(Native Method)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)
04-12 13:22:30.471   803   803 E AndroidRuntime: Caused by: java.lang.NullPointerException: Attempt to invoke virtual method 'boolean org.chromium.base.CommandLine.hasSwitch(java.lang.String)' on a null object reference
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at org.chromium.base.SysUtils.isLowEndDevice(SysUtils.java:35)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at org.chromium.base.library_loader.LegacyLinker.ensureInitializedLocked(LegacyLinker.java:11)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at org.chromium.base.library_loader.LegacyLinker.prepareLibraryLoad(LegacyLinker.java:25)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at org.chromium.base.library_loader.LibraryLoader.loadAlreadyLocked(LibraryLoader.java:62)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at org.chromium.base.library_loader.LibraryLoader.ensureInitialized(LibraryLoader.java:17)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at org.chromium.chrome.browser.photo_picker.DecoderService.onCreate(DecoderService.java:4)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	at android.app.ActivityThread.handleCreateService(ActivityThread.java:3808)
04-12 13:22:30.471   803   803 E AndroidRuntime: 	... 8 more
04-12 13:22:30.481  3466   817 E android.os.Debug: ro.product_ship = true
04-12 13:22:30.481  3466   817 E android.os.Debug: ro.debug_level = 0x4f4c
04-12 13:22:30.481  3466   817 E android.os.Debug: sys.mobilecare.preload = false

Crashed report ID: 

How much crashed? Just one tab

Is it a problem with a plugin? No 

Did this work before? Yes Chrome 65

Chrome version: 66.0.3359.82  Channel: beta
OS Version: 6.0.1 Build/MMB29K
Flash Version: 

This crash reproduced when Android version is less than or equal to 6.x
 
Labels: Needs-triage-Mobile
Cc: nyerramilli@chromium.org pnangunoori@chromium.org
Components: Internals
Labels: hasbisect-per-revision ReleaseBlock-Stable Target-67 RegressedIn-66 FoundIn-67 Triaged-Mobile FoundIn-66 Target-66
Owner: agrieve@chromium.org
Status: Assigned (was: Unconfirmed)
Tested the issue in Android and able to reproduce the issue. 

Steps Followed:
1. Launch Chrome.
2. Navigate to any URL - https://codepen.io/anon/pen/BrEQbv 
3. Tap on “Choose File” button
4. Observed that “Unfortunately, Chrome Beta has stopped.” message.

Chrome versions tested:
66.0.3359.106(Beta), 67.0.3395.0(Canary)

OS:
Android 4.4.4

Android Devices:
Sony C6902

Using the per-revision bisect providing the bisect results,
Good Build - 66.0. 3336.0  (533409)
Bad Build - 66.0. 3338.0  (534242)

You are looking for a change made after 533411(GOOD), but before 533412(BAD).

CHANGELOG URL:
The script might not always return single CL as suspect as some perf builds might get missing due to failure.
https://chromium.googlesource.com/chromium/src/+/7ee6c14b661b0abdfb91f8f0c8a07c34f1d353bc

From the CL above, assigning the issue to the owner concerned.

@agrieve:  Could you please look into the issue, pardon me if it has nothing to do with your changes and if possible please assign it to owner concerned.

Please navigate to below link for log's--
go/chrome-androidlogs/831953

Note: 
1. This issue is not observed in Desktop.
2. Issue is not observed on Android 7.0 and above devices. Verified on Samsung J7 Android 7.0.0 and Pixel 2 XL Android 8.1.0

Thanks!


Project Member

Comment 3 by sheriffbot@chromium.org, Apr 16

This issue is marked as a release blocker with no milestone associated. Please add an appropriate milestone.

All release blocking issues should have milestones associated to it, so that the issue can tracked and the fixes can be pushed promptly.

Thanks for your time! To disable nags, add the Disable-Nags label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Labels: M-66
	agrieve@ are you planning to fix this issue?
Sorry, yes. Fixed it last week but review is going slowly. Will TBR it today if I ping doesn't work:
https://chromium-review.googlesource.com/c/chromium/src/+/1011667
Project Member

Comment 7 by bugdroid1@chromium.org, Apr 18

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9e4b4571b7836b0ddbfce77b1dd710fa5988fc7d

commit 9e4b4571b7836b0ddbfce77b1dd710fa5988fc7d
Author: Andrew Grieve <agrieve@chromium.org>
Date: Wed Apr 18 12:21:34 2018

Android: Fix crash when trying to select a photo from an <input>

Bug:  831953 
Change-Id: I9e3c697d25a0754fad18a45f7a0a19c721e54e9c
Reviewed-on: https://chromium-review.googlesource.com/1011667
Commit-Queue: agrieve <agrieve@chromium.org>
Reviewed-by: Peter Beverloo <peter@chromium.org>
Cr-Commit-Position: refs/heads/master@{#551640}
[modify] https://crrev.com/9e4b4571b7836b0ddbfce77b1dd710fa5988fc7d/chrome/android/java/src/org/chromium/chrome/browser/photo_picker/DecoderService.java

Labels: Merge-Request-66
Status: Fixed (was: Assigned)
Requesting merge to 66 (where this was reported in). Did M66 ship already? This is a small change and <input> tags for images don't work at all without it.
Project Member

Comment 9 by sheriffbot@chromium.org, Apr 18

Labels: -Merge-Request-66 Merge-Review-66 Hotlist-Merge-Review
This bug requires manual review: Request affecting a post-stable build
Please contact the milestone owner if you have questions.
Owners: cmasso@(Android), cmasso@(iOS), josafat@(ChromeOS), abdulsyed@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
M66 is already out.
Labels: Merge-Request-67
Oh well then, let's merge to M67?
Labels: -Hotlist-Merge-Review -Merge-Request-67 -Merge-Review-66 Merge-Approved-67 M-67
Project Member

Comment 13 by bugdroid1@chromium.org, Apr 19

Labels: -merge-approved-67 merge-merged-3396
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f248278a23c62358aff045ce221cc2370c39f95b

commit f248278a23c62358aff045ce221cc2370c39f95b
Author: Andrew Grieve <agrieve@chromium.org>
Date: Thu Apr 19 11:48:35 2018

Android: Fix crash when trying to select a photo from an <input>

TBR=agrieve@chromium.org

(cherry picked from commit 9e4b4571b7836b0ddbfce77b1dd710fa5988fc7d)

Bug:  831953 
Change-Id: I9e3c697d25a0754fad18a45f7a0a19c721e54e9c
Reviewed-on: https://chromium-review.googlesource.com/1011667
Commit-Queue: agrieve <agrieve@chromium.org>
Reviewed-by: Peter Beverloo <peter@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#551640}
Reviewed-on: https://chromium-review.googlesource.com/1018882
Reviewed-by: agrieve <agrieve@chromium.org>
Cr-Commit-Position: refs/branch-heads/3396@{#123}
Cr-Branched-From: 9ef2aa869bc7bc0c089e255d698cca6e47d6b038-refs/heads/master@{#550428}
[modify] https://crrev.com/f248278a23c62358aff045ce221cc2370c39f95b/chrome/android/java/src/org/chromium/chrome/browser/photo_picker/DecoderService.java

Cc: agrieve@chromium.org sandeepkumars@chromium.org
 Issue 834395  has been merged into this issue.
Cc: twelling...@chromium.org finnur@chromium.org peter@chromium.org cma...@chromium.org
 Issue 836923  has been merged into this issue.
Labels: -Pri-2 Pri-1
Status: Started (was: Fixed)
Let me reopen this and increase priority -

We're still getting many reports of users finding this in the wild, both on Twitter and through feedback from large partners directly.

https://twitter.com/JulZ_RulZ_NY/status/989701500359372800
https://mobile.twitter.com/Homan4Potusa/status/989574773544927232
https://twitter.com/GeekyAshLee/status/987546204547485697

Andrew, Estelle, since this completely blocks an important use-case—being able to upload photos—we need to consider to (a) either do a post-stable merge to M66, or (b) disable the photo picker altogether.

If there will be a re-spin then my preference would be to take that route, since the feature has been available for quite some milestones already. In either case it's important that we figure out how to prevent this from happening again in the future too.
I'd be in favour of a respin. Being able to use <input> to upload a file seems like pretty core functionality.
Labels: Merge-Request-66
Same here. I think we should respin.
Here's the post-mortem on the issue...
https://docs.google.com/document/d/1T_sKQprG8dR8Zd2RIzpSP5CRDmJWsydFyEW7nvkFg0U/edit?ts=5ae33ba9
(Sorry, Googler's only)
Cc: amineer@chromium.org
Labels: -Pri-1 Pri-0
+amineer
Able to repro this case per comment #16 reports.
Steps:
1. Launch Chrome, go to twitter.com 
2. Try uploading a picture 
3. "Unfortunately, Chrome has stopped." error is displayed.

Reproduced on Sasmung S3 /JZO54K - 66.0.3359.126
Verified that #13 fixed issue on - 67.0.3396.22
Just wanted to add that, while investigating  issue 836923 , I also verified the bug on 66 and that it is fixed in 67. To test, I used a Samsung Galaxy S4 GT-I9505, running Android 5.0.1.
Labels: -Merge-Request-66 Merge-Approved-66
Let's get the fix already in M66 while we still debate about the severity of this issue. Thanks!
I am stability sheriff this week and I cant seam to find an increase in crash rates because of this issue. It looks like the crash might not be reported. I tried to search on crash for reports like this but could not find any (could be an issue with proguard obfuscation in exception messages). I tried to repo the crash locally so that I can get a crash id but I am not able to report the crash. It fails to report and does not show up in chrome://crashes

Could this be because the crash happens in an isolated process (com.android.chrome:decoder_service)?
I got some crash numbers here https://listnrcrash.corp.google.com/product/282/crash/1000000000029047812?dateRange=30 I believe this is the android crash reporting. 5m crashes per day.
Merge is approved for 66, please merge, thanks.
Hello, it's good news that the fix is approved for 66. When is the date this patch is planned to be released?
 Issue 838801  has been merged into this issue.
 Issue 837980  has been merged into this issue.
Project Member

Comment 30 by bugdroid1@chromium.org, May 3

Labels: -merge-approved-66 merge-merged-3359
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7819759179877594bba5c08da0e99ddaddc7c621

commit 7819759179877594bba5c08da0e99ddaddc7c621
Author: Andrew Grieve <agrieve@chromium.org>
Date: Thu May 03 09:16:40 2018

Android: Fix crash when trying to select a photo from an <input>

Bug:  831953 
Change-Id: I9e3c697d25a0754fad18a45f7a0a19c721e54e9c
Reviewed-on: https://chromium-review.googlesource.com/1011667
Commit-Queue: agrieve <agrieve@chromium.org>
Reviewed-by: Peter Beverloo <peter@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#551640}(cherry picked from commit 9e4b4571b7836b0ddbfce77b1dd710fa5988fc7d)
Reviewed-on: https://chromium-review.googlesource.com/1041225
Reviewed-by: Bernhard Bauer <bauerb@chromium.org>
Cr-Commit-Position: refs/branch-heads/3359@{#793}
Cr-Branched-From: 66afc5e5d10127546cc4b98b9117aff588b5e66b-refs/heads/master@{#540276}
[modify] https://crrev.com/7819759179877594bba5c08da0e99ddaddc7c621/chrome/android/java/src/org/chromium/chrome/browser/photo_picker/DecoderService.java

Cc: rbyers@chromium.org
+rbyers

I won't include the metrics cause this is a public bug, but if this was causing a crashing renderer bug, based on the magnitude, I'd call for a re-spin. This is more in the platform/compat issue at this stage though. I still *think* we should respin but adding Rick to speak to compat/platform risks
This is definitely very serious.

One public stat here: across all platforms, about one in every 300 page views results in someone opening the file upload chooser at least once: https://www.chromestatus.com/metrics/feature/timeline/popularity/2324

As I understand it, this makes a key platform feature (image upload) completely unavailable for users on M and below.  That's quite bad for key mobile web partners like Twitter and Facebook, as well as for users. So I also support a stable respin to fix this (assuming clank team is confident in the safety of the fix of course).
Components: Blink>Forms>File
Andrew is away at the moment, but being familiar with the decoder service I have high confidence in Andrew's fix being low-risk. Any theoretical risk introduced would be contained within the decoder service and for M and below it is already crashing, so anything we do is likely to be an improvement...

For N and up there shouldn't be any impact.
There is going to be a respin next Monday 5/7
Verified that issue is fixed issue on - Sasmung S3 /JZO54K - 66.0.3359.158

Steps:
1. Launch Chrome, go to twitter.com 
2. Try uploading a picture 
3. "Unfortunately, Chrome has stopped." error is displayed.


Hi all!

This is Nico S. from Chrome-es support forum.

We have a lot of reports with this issue.

All in Android 6.0.1 with Chrome 66.0.3359.126, but seems random issue (Not all the user with Android 6.0.1 and chrome 66 have this issue).

Example post: https://productforums.google.com/d/msg/chrome-es/E7Bk3C03j2k/qZ7htNSHAwAJ

We will wait until the update to update again.

Thanks!

Issue 838148 has been merged into this issue.
Hi Nico, we are aware of the issue. Sorry for the trouble, but the fix is already checked in and should be starting to reach users soon (I was hoping today, but I don't have a good insight into where in the pipeline it stands).
Any ideas for a (temporary) work-around?

I've been getting lots of reports from users on my site (which includes a photo upload feature).

Thank you for fixing this in M66!
The fix landed in 66.0.3359.156.

The only easy temporary work-around I can think of is to also accept one (maybe obscure) type that is not an image type. Not ideal, but then the Android stock picker will be used instead of the photo picker.
Verified that issue is fixed issue on - Sasmung S3 /JZO54K - 68.0.3417.3 latest Chrome Dev channel as well, Can we close the bug if there is no pending work here?
Status: Fixed (was: Started)
Andrew is away. Thank you for verifying. We're monitoring on our side what the impact is. We can always reopen if need be.
Status: Verified (was: Fixed)
Just FYI a new version of M66 is rolling out that corrects this bug, it's at 25% now and should reach 100% shortly. 
 Issue 841709  has been merged into this issue.
the issue is fixed for me now after May 7 update

Screenshot_2018-05-12-06-03-18.png
64.2 KB View Download
Thank you for the verification!

Sign in to add a comment