My favorites | Sign in
Project Home Downloads Wiki Issues Code Search
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 128652: crash @ content_settings::OriginIdentifierValueMap::size
9 people starred this issue and may be notified of changes. Back to list
 
Project Member Reported by jasn...@chromium.org, May 17, 2012
Chrome Version     :  20.0.1132.11 (Official Build 137611)
OS Version         :  2268.16.0


I was able to reproduce crash only once. Following are the steps
1.Open few tabs
2.launch incognito window
3.Go to hulu.com
4.Open new tab

Browser crash seen

Call Stack
Thread 0 *CRASHED* ( SIGSEGV @ 0x00000018 )
0x7fb567d93fdc 	[chrome] 	- chrome/browser/content_settings/content_settings_origin_identifier_value_map.cc:186] 	content_settings::OriginIdentifierValueMap::size
0x7fb5671907cf 	[chrome] 	- ./chrome/browser/content_settings/content_settings_origin_identifier_value_map.h:65] 	ExtensionContentSettingsStore::ClearContentSettingsForExtension
0x7fb5671b93e4 	[chrome] 	- chrome/browser/extensions/extension_prefs.cc:1872] 	ExtensionPrefs::ClearIncognitoSessionOnlyContentSettings
0x7fb565f29957 	[chrome] 	- chrome/browser/profiles/off_the_record_profile_impl.cc:127] 	OffTheRecordProfileImpl::~OffTheRecordProfileImpl
0x7fb565f299e8 	[chrome] 	- chrome/browser/profiles/off_the_record_profile_impl.cc:145] 	OffTheRecordProfileImpl::~OffTheRecordProfileImpl
0x7fb565d55d55 	[chrome] 	- ./base/memory/scoped_ptr.h:185] 	ProfileImpl::DestroyOffTheRecordProfile
0x7fb565d55ab7 	[chrome] 	- chrome/browser/profiles/profile_destroyer.cc:25] 	ProfileDestroyer::DestroyOffTheRecordProfile
0x7fb565a3297f 	[chrome] 	- chrome/browser/ui/browser.cc:520] 	Browser::~Browser
0x7fb565a32ad8 	[chrome] 	- chrome/browser/ui/browser.cc:529] 	Browser::~Browser
0x7fb565a4db65 	[chrome] 	- ./base/memory/scoped_ptr.h:185] 	BrowserView::~BrowserView
0x7fb565a4dd78 	[chrome] 	- chrome/browser/ui/views/frame/browser_view.cc:393] 	BrowserView::~BrowserView
0x7fb56828f3eb 	[chrome] 	- ui/views/view.cc:161] 	views::View::~View
0x7fb568624e56 	[chrome] 	- ui/views/window/non_client_view.cc:38] 	views::NonClientView::~NonClientView
0x7fb568624dd8 	[chrome] 	- ui/views/window/non_client_view.cc:42] 	views::NonClientView::~NonClientView
0x7fb56828ee39 	[chrome] 	- ./base/memory/scoped_ptr.h:162] 	views::View::DoRemoveChildView
0x7fb5683af7b1 	[chrome] 	- ui/views/view.cc:265] 	views::View::RemoveAllChildViews
0x7fb5683af74a 	[chrome] 	- ui/views/widget/root_view.cc:79] 	views::internal::RootView::~RootView
0x7fb565dfb79b 	[chrome] 	- ./chrome/browser/ui/views/frame/browser_root_view.h:23] 	BrowserRootView::~BrowserRootView
0x7fb5683af6ba 	[chrome] 	- ./base/memory/scoped_ptr.h:185] 	views::Widget::DestroyRootView
0x7fb5683af567 	[chrome] 	- ui/views/widget/widget.cc:181] 	views::Widget::~Widget
0x7fb565dfade8 	[chrome] 	- chrome/browser/ui/views/frame/browser_frame.cc:41] 	BrowserFrame::~BrowserFrame
0x7fb5677856d8 	[chrome] 	- ui/views/widget/native_widget_aura.cc:147] 	views::NativeWidgetAura::~NativeWidgetAura
0x7fb565dfb17c 	[chrome] 	- chrome/browser/ui/views/frame/browser_frame_aura.cc:73] 	BrowserFrameAura::~BrowserFrameAura
0x7fb565dfb1f8 	[chrome] 	- chrome/browser/ui/views/frame/browser_frame_aura.cc:74] 	BrowserFrameAura::~BrowserFrameAura
0x7fb56745d6a0 	[chrome] 	- ui/aura/window.cc:112] 	aura::Window::~Window
0x7fb56745de58 	[chrome] 	- ui/aura/window.cc:138] 	aura::Window::~Window
0x7fb567ccdee5 	[chrome] 	- ./base/callback.h:272] 	MessageLoop::RunTask
0x7fb567ccde17 	[chrome] 	- base/message_loop.cc:470] 	MessageLoop::DeferOrRunPendingTask
0x7fb567ccb8f2 	[chrome] 	- base/message_loop.cc:647] 	MessageLoop::DoWork
0x7fb567e56f33 	[chrome] 	- base/message_pump_glib.cc:210] 	base::MessagePumpGlib::RunWithDispatcher
0x7fb567ccb2bf 	[chrome] 	- base/message_loop.cc:390] 	MessageLoop::Run
0x7fb567e56e03 	[chrome] 	- chrome/browser/chrome_browser_main.cc:1894] 	ChromeBrowserMainParts::MainMessageLoopRun
0x7fb56729ffa0 	[chrome] 	- content/browser/browser_main_loop.cc:453] 	content::BrowserMainLoop::RunMainMessageLoopParts
0x7fb5672a007c 	[chrome] 	- content/browser/browser_main_runner.cc:98] 	BrowserMainRunnerImpl::Run
0x7fb567cac5c8 	[chrome] 	- content/browser/browser_main.cc:21] 	BrowserMain
0x7fb566010bc6 	[chrome] 	- content/app/content_main_runner.cc:290] 	ContentMainRunnerImpl::Run
0x7fb567ca35e0 	[chrome] 	- content/app/content_main.cc:35] 	content::ContentMain
0x7fb567ca34d7 	[chrome] 	- chrome/app/chrome_main.cc:32] 	ChromeMain
0x7fb5636b95cc 	[libc-2.11.1.so] 	- libc-start.c:240] 	__libc_start_main
0x7fb5658f1d68 	[chrome] 	+ 0x006e2d68] 

Crash report : http://crash.corp.google.com/reportdetail?reportid=edd3dfce9177e853

May 17, 2012
#1 dd...@chromium.org
Bulk moving non-blocking issues to Mstone-21
Labels: -Mstone-20 bulkmove Mstone-21
May 22, 2012
#3 saintlou@chromium.org
(No comment was entered for this change.)
Status: Assigned
Owner: sky@chromium.org
May 22, 2012
#4 sky@chromium.org
This crash exists as far back as 18 (I didn't look any earlier).
May 22, 2012
#5 sky@chromium.org
This crash can also be seen on windows (ef9220870110a65f).

I suspect map in ContentSettingsStore::ClearContentSettingsForExtension is NULL. Other places in this class check for a NULL return value from GetValueMap, but not ClearContentSettingsForExtension. I don't know enough about the class to say if this is intentional or not. I'm passing to Bernard who seems to have done the most with this code.
Owner: bauerb@chromium.org
Cc: sky@chromium.org
Labels: -OS-Chrome OS-All
May 23, 2012
#6 bauerb@chromium.org
https://chromiumcodereview.appspot.com/10383303 should fix it, but I'm not really sure *why* this is happening, so I don't want to mask another bug. Jasneet, could you attach your Preferences file, so I can check whether there's some weird extension state?
Status: Started
May 23, 2012
#7 jasn...@chromium.org
Attached is the preferences file.  
Preferences
4.0 KB   View   Download
May 31, 2012
#9 saintlou@chromium.org
(No comment was entered for this change.)
Labels: -Feature-Ash -Iteration-57
Jun 4, 2012
#10 sky@chromium.org
 Issue 130661  has been merged into this issue.
Jun 4, 2012
#11 vivi...@chromium.org
Issue 130478 has been merged into this issue.
Jun 6, 2012
#12 zelidrag@chromium.org
3rd most frequent crash in M20 beta (CrOS), moving back to M20

http://chromecrash/browse?q=product.name%3D'Chrome_ChromeOS'%20AND%20product.version%3D'20.0.1132.22'%20AND%20custom_data.ChromeCrashProto.ptype%3D'browser'
Labels: -Mstone-21 Mstone-20 ReleaseBlock-Stable
Jun 11, 2012
#13 bugdro...@chromium.org
The following revision refers to this bug:
    http://src.chromium.org/viewvc/chrome?view=rev&revision=141415

------------------------------------------------------------------------
r141415 | bauerb@chromium.org | Mon Jun 11 08:38:44 PDT 2012

Changed paths:
 M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/extensions/api/content_settings/content_settings_store.cc?r1=141415&r2=141414&pathrev=141415

Gracefully deal with clearing content settings for unregistered extensions.

This CL is only for merging to the M20 branch; on trunk I'm going to revert it and add additional information to the crash dumps to find out why this is happening.

BUG=128652
TEST=no crash


Review URL: https://chromiumcodereview.appspot.com/10383303
------------------------------------------------------------------------
Jun 11, 2012
#14 bauerb@chromium.org
I'd like to merge http://crrev.com/141415 to the M20 branch.
Labels: Merge-Requested
Jun 11, 2012
#15 dhar...@google.com
(No comment was entered for this change.)
Labels: -Merge-Requested Merge-Approved
Jun 12, 2012
#16 bugdro...@chromium.org
The following revision refers to this bug:
    http://src.chromium.org/viewvc/chrome?view=rev&revision=141644

------------------------------------------------------------------------
r141644 | bauerb@chromium.org | Tue Jun 12 04:10:26 PDT 2012

Changed paths:
 M http://src.chromium.org/viewvc/chrome/branches/1132/src/chrome/browser/extensions/extension_content_settings_store.cc?r1=141644&r2=141643&pathrev=141644

Merge 141415 - Gracefully deal with clearing content settings for unregistered extensions.

This CL is only for merging to the M20 branch; on trunk I'm going to revert it and add additional information to the crash dumps to find out why this is happening.

BUG=128652
TEST=no crash

Original review URL: https://chromiumcodereview.appspot.com/10383303

Review URL: https://chromiumcodereview.appspot.com/10543109
------------------------------------------------------------------------
Labels: merge-merged-1132
Jun 12, 2012
#17 bauerb@chromium.org
The crash is fixed for M20, but I'll keep the bug open for M21.
Labels: -Mstone-20 -Merge-Approved Mstone-21 Merge-Merged
Jun 12, 2012
#18 bugdro...@chromium.org
The following revision refers to this bug:
    http://src.chromium.org/viewvc/chrome?view=rev&revision=141649

------------------------------------------------------------------------
r141649 | bauerb@chromium.org | Tue Jun 12 05:05:50 PDT 2012

Changed paths:
 M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/extensions/api/content_settings/content_settings_store.cc?r1=141649&r2=141648&pathrev=141649

Add extension ID to crash dump info when trying to clear content settings for an unregistered extension.


BUG=128652
TEST=none


Review URL: https://chromiumcodereview.appspot.com/10544094
------------------------------------------------------------------------
Jun 27, 2012
#19 kar...@google.com
bauer which CL do u need/want to merge to 1180 to make this crash go away? 141415 is already on m21 branch.
Jun 27, 2012
#20 bauerb@chromium.org
Does the crash still happen on 1180?
Jun 27, 2012
#21 kar...@google.com
nope :) closing this. ok?
Status: Fixed
Jul 30, 2012
#22 mihaip@chromium.org
Issue 139614 has been merged into this issue.
Jul 30, 2012
#23 zelidrag@chromium.org
The crash still happens in M21 (1180) - it's second most frequent crash on ChromeOS side - see stack at http://crbug.com/139614 and crashes from the latest beta at:

https://chromecrash.corp.google.com/browse?q=product.name%3D%27Chrome_ChromeOS%27%20AND%20product.version%3D%2721.0.1180.55%27%20AND%20custom_data.ChromeCrashProto.ptype%3D%27browser%27
Status: Assigned
Aug 1, 2012
#24 kar...@google.com
so, this bug is not on chrome windows or chrome linux anymore ubut it's definitely on Cros. John can u take a look?
Labels: -OS-All OS-Chrome
Aug 1, 2012
#25 kar...@google.com
i meant Bernard!!! :)
Aug 1, 2012
#26 bauerb@chromium.org
I have a CL at http://codereview.chromium.org/10830082/ to fail gracefully instead of crashing. I don't know what the actual issue is though, so I'm gonna leave it on trunk.
Aug 1, 2012
#27 bauerb@chromium.org
(No comment was entered for this change.)
Labels: -Merge-Merged Merge-Requested
Aug 2, 2012
#28 kar...@google.com
(No comment was entered for this change.)
Labels: -Merge-Requested Merge-Approved
Aug 2, 2012
#29 bugdro...@chromium.org
The following revision refers to this bug:
    http://src.chromium.org/viewvc/chrome?view=rev&revision=149703

------------------------------------------------------------------------
r149703 | bauerb@chromium.org | 2012-08-02T21:28:35.824613Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/branches/1180/src/chrome/browser/extensions/api/content_settings/content_settings_store.cc?r1=149703&r2=149702&pathrev=149703

Deal gracefully with removing content settings for unregistered extensions.

This is a repeat of r141415 for M21. I'll leave it in on trunk to continue to investigate.

BUG=128652

Review URL: https://chromiumcodereview.appspot.com/10830082
------------------------------------------------------------------------
Labels: -Merge-Approved merge-merged-1180
Aug 7, 2012
#30 josa...@chromium.org
Anything pending here? 
Can this be marked as fixed for 21 and ToT (22)?
Aug 7, 2012
#31 bauerb@chromium.org
This is *not* fixed on trunk (cf. commit message in the previous comment: "I'll leave it in on trunk to continue to investigate").

It's fixed for 21 though, so punting.
Labels: -Mstone-21 Mstone-22
Sep 6, 2012
#33 bauerb@chromium.org
Issue 146671 has been merged into this issue.
Sep 6, 2012
#34 bauerb@chromium.org
Issue 146671 was a ReleaseBlock-Stable, so I'm carrying that over.
Labels: ReleaseBlock-Stable
Sep 6, 2012
#35 bugdro...@chromium.org
The following revision refers to this bug:
    http://src.chromium.org/viewvc/chrome?view=rev&revision=155341

------------------------------------------------------------------------
r155341 | bauerb@chromium.org | 2012-09-07T06:27:25.121365Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/extensions/api/content_settings/content_settings_store.cc?r1=155341&r2=155340&pathrev=155341

Gracefully deal with clearing content settings for unregistered extensions.


BUG=128652


Review URL: https://chromiumcodereview.appspot.com/10907093
------------------------------------------------------------------------
Sep 11, 2012
#36 dd...@chromium.org
Ping for status update on this bug. Is there a specific CL that should be merge-requested to the M22 branch for this? Is the remaining crash rate worth addressing by merging this?
Sep 14, 2012
#37 bauerb@chromium.org
155341 is the CL to merge if we decide to. I defer to others whether we need to.
Oct 25, 2012
#38 saintlou@chromium.org
Marking as fixed for M23.
Status: Fixed
Labels: -Mstone-22 Mstone-23
Oct 29, 2012
#39 kr...@chromium.org
(No comment was entered for this change.)
Status: Verified
Mar 10, 2013
#40 bugdro...@chromium.org
(No comment was entered for this change.)
Labels: -Area-UI -Mstone-23 M-23 Cr-UI
Sign in to add a comment

Powered by Google Project Hosting