My extension will cause Google Scholar to crash in some users' browsers

[Shirely Tom]

We released an extension called "easyScholar" that has been running stably for 1 year. But in the last three weeks, some users have reported that the extension is causing page crashes on Google Scholar, but not on other sites. Their browser is already the latest version of Chromium, and other extensions are turned off.

But we can't reproduce the problem.

The extension called "easyScholar" is written in Chinese, and for the convenience of testing, we made an English version of the extension called "PaperGuard" and recorded a video .

1.https://chrome.google.com/webstore/detail/paperguard/ofpfjhecniaokgmlbjoenomjlpkllceh
2.https://www.youtube.com/watch?v=Hs7S21PMBW0
3.https://www.youtube.com/watch?v=GUodJdd7-Tk
4. https://scholar.google.com/citations?user=c0ZgYWAAAAAJ&hl=zh-CN&oi=sra


The first link is the extended store link
The second link is to the fast version of the video, which is 13 seconds long
The third link is to the full video, which is 3 minutes long
The fourth link is Google Scholar website

In the second video: we can see that the page crashes when the user touches the colored span. The title attribute is created using the jquery-ui library (1.13.2). We remove this library and remove the following code:
$('XXXX ').tooltip(
        {
            show: {effect: "none", delay: 300}
        });
Can be effective in alleviating crashes, but occasionally they will still crash.


In the third video:
0:00-0:10 : chrome://version
0:11-0:25 : Only PapgerGuard extension turned on
0:55-0:57 : First crash
2:20-2:45 : Second crash
2:45-3:00 : Crash page (the crash ID number is not reflected in the two videos, I will write it below)

Crash id number:

47179964-2668-474a-8e58-9cb6ee2dc00d
2d4d8d42-0672-4461-6fd4-f063676ae239
32feba63-0429-4068-9a5-567138a2ce95
d698187e-e3a9-4555-b8cf-35a6730f4890
8863e294-6057-4dd9-a31d-dbb78554d43f
d7e2e30-804C-4364-6339-528a72971e96
01095d56-3cc6-4ef8-a195-7196b8269f03
a0850368-d726-4696-8008-98847cd922bd
e991d666-ee81-4a1e-8 41-e2117686173f
06721988-4d5a-4f87-6d77-0006bfd03365

[Oliver Dunk]

Hi Shirely,

Thanks so much for reaching out about this! It definitely sounds like one we should get to the bottom of.

The crash ID you shared is the local identifier - there should also be a shorter, 16 character ID generated when your report gets successfully uploaded. Do you see those? That would allow me to look at the crash report and see what happened.

I'd also be interested to know more about the impact for you - is this affecting a small number of users, or is it something that's coming up a lot?

Thanks!

Oliver Dunk | DevRel, Chrome Extensions | https://developer.chrome.com/ | London, GB

--
You received this message because you are subscribed to the Google Groups "Chromium Extensions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extens...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/23596cd4-e334-466e-951d-77dd05b21849n%40chromium.org.

[Shirely Tom]

I am very glad to receive your reply. I am trying to contact my user to upload the crash ID, but he is unable to upload due to network issues. I copied some dmp files from other users' computers, and I thought this might be of some use. These dmp files are not generated from the video in the above YouTube, but are the result of the same operation as the video.

https://drive.google.com/drive/folders/1s3uGINVApnZf3l7_A8-tUWhAnT1nTBcT?usp=sharing

To answer your second question: easyScholar Extension currently has 90,000 users on the Google Store and 300,000 users on the edge Store. We have received reports from about 10 users since three weeks ago. It may be an isolated phenomenon, but I fear it will become a common phenomenon.

[Shirely Tom]

I would add that I don't think this is due to the extension code update. Because I tried to install an older version of the extension on their computer that was almost 2 months old, it still crashed. But the crash reports only started coming in about a month ago.

In addition, even if they replace other Chromium series of browsers, such as Edge, Google, there will be crashes. So I'm wondering if it has something to do with system updates, and I don't know.

[Shirely Tom]

We received another, clearer video from another user. The video shows that when web page translation is used, it can cause the page to crash.
https://youtu.be/ouaAaUU1Na8

The resulting dmp file is the following url：
https://drive.google.com/file/d/1rFXy3aMKXOthiWjzF-P-yBrME4zphEtc/view?usp=sharing

I tried to parse this file using WinDbg software as follows:
.ecxr
.symfix; .reload
!analyze -v


I get the following results, but I don't understand them

KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.mSec
    Value: 2687

    Key  : Analysis.DebugAnalysisManager
    Value: Create

    Key  : Analysis.Elapsed.mSec
    Value: 2524370

    Key  : Analysis.Init.CPU.mSec
    Value: 905

    Key  : Analysis.Init.Elapsed.mSec
    Value: 99989

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 481

    Key  : Timeline.Process.Start.DeltaSec
    Value: 15

    Key  : WER.Process.Version
    Value: 116.0.5845.141


FILE_IN_CAB:  b4812dad-b3dc-45f4-9fdf-b75abf8c4544.dmp

NTGLOBALFLAG:  0

PROCESS_BAM_CURRENT_THROTTLED: 0

PROCESS_BAM_PREVIOUS_THROTTLED: 0

CONTEXT:  (.ecxr)
rax=0000000000002800 rbx=0000002fe6bfd498 rcx=794d758783ae0000
rdx=0000000000000010 rsi=00001c7800929180 rdi=0000002fe6bfd460
rip=00007ffc7e0bea97 rsp=0000002fe6bfd250 rbp=0000000000000000
 r8=0000000000000000  r9=00007ffd24a9c740 r10=00000fff8fdd6100
r11=0000000000000001 r12=00001c78023a8800 r13=00007ffc86159060
r14=0000002fe6bfd500 r15=00001c7801afca00
iopl=0         nv up ei pl nz na pe nc
cs=0033  ss=0000  ds=0000  es=0000  fs=0053  gs=002b             efl=00000202
chrome!GetHandleVerifier+0x197ae7:
00007ffc`7e0bea97 cc              int     3
Resetting default scope

EXCEPTION_RECORD:  (.exr -1)
ExceptionAddress: 00007ffc7e0bea97 (chrome!GetHandleVerifier+0x0000000000197ae7)
   ExceptionCode: 80000003 (Break instruction exception)
  ExceptionFlags: 00000000
NumberParameters: 1
   Parameter[0]: 0000000000000000

PROCESS_NAME:  chrome.exe

ERROR_CODE: (NTSTATUS) 0x80000003 - {    }

EXCEPTION_CODE_STR:  80000003

EXCEPTION_PARAMETER1:  0000000000000000

STACK_TEXT:  
0000002f`e6bfd250 00007ffc`7e0ba4f7     : 00001c78`01ded108 00007ffc`7eeb099b 00000000`00000511 449fc000`00000000 : chrome!GetHandleVerifier+0x197ae7
0000002f`e6bfd630 00007ffc`7e0bb8a5     : 0000002f`e6bfd7d8 00007ffc`7f4486e0 002e8480`00000000 00000000`00000000 : chrome!GetHandleVerifier+0x193547
0000002f`e6bfd7e0 00007ffc`7e110a02     : aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa : chrome!GetHandleVerifier+0x1948f5
0000002f`e6bfdb00 00007ffc`835ffba4     : aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa : chrome!GetHandleVerifier+0x1e9a52
0000002f`e6bfdd80 00007ffc`7f1e39c1     : 0000002f`e6bfe901 00000000`00000000 00000000`00000000 00000000`00000000 : chrome!sqlite3_dbdata_init+0x438264
0000002f`e6bfdfb0 00007ffc`7f516e98     : 59ddf5dc`4ba4356f 00000000`00000120 72657265`646e6552 00007ffc`7eeb099b : chrome!GetHandleVerifier+0x12bca11
0000002f`e6bfe910 00007ffc`7b61f7b0     : 00001c78`002e24c0 00001c78`003e6200 ffffffff`ffffffd0 00007ffc`7f8b486b : chrome!GetHandleVerifier+0x15efee8
0000002f`e6bfe9b0 00007ffc`7b63067e     : 00007ffc`86171850 0000002f`e6bfea28 00000001`00000000 00000000`00002710 : chrome+0x8bf7b0
0000002f`e6bfea40 00007ffc`7dea9d0d     : 0000002f`e6bfeca0 00007ffd`22a95250 0000002f`e6bff420 0000002f`e6bfef58 : chrome+0x8d067e
0000002f`e6bfeb80 00007ffc`7daca623     : 0000002f`e6bff420 00007ffc`86e9c373 00001c78`0031d490 00007ffc`87884d80 : chrome!IsSandboxedProcess+0x28f3ed
0000002f`e6bfed80 00007ffc`7b6782be     : aaaaaaaa`aaaaaaaa 00000000`00000018 aaaaaaaa`aaaaaaaa 0000002f`e6bff030 : chrome!RelaunchChromeBrowserWithNewCommandLineIfNeeded+0xc91613
0000002f`e6bfeeb0 00007ffc`7b676ec1     : 0000002f`e6bff070 00007ffc`87884d40 0000002f`e6bff238 00001c78`00280080 : chrome!ChromeMain+0x3dae
0000002f`e6bfefe0 00007ffc`7b67478d     : 0000002f`e6bff420 0000002f`e6bff520 00007ff7`36320000 00000000`00000000 : chrome!ChromeMain+0x29b1
0000002f`e6bff210 00007ff7`363cf56a     : 00007ff7`36320000 00007ffc`7b674510 00000000`00000008 00007ae4`002700c0 : chrome!ChromeMain+0x27d
0000002f`e6bff4d0 00007ff7`363ce798     : 00000000`0000000a 00000000`00000000 00000000`00000010 00007ffd`24a2a407 : chrome_exe!GetPakFileHashes+0x149a
0000002f`e6bff750 00007ff7`364a3562     : 00007ff7`3655f0b8 00007ff7`364a35d9 00000000`00000000 00000000`00000000 : chrome_exe!GetPakFileHashes+0x6c8
0000002f`e6bffb80 00007ffd`22a87614     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : chrome_exe!GetHandleVerifier+0xcb1f2
0000002f`e6bffbc0 00007ffd`24a626b1     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : KERNEL32!BaseThreadInitThunk+0x14
0000002f`e6bffbf0 00000000`00000000     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x21


STACK_COMMAND:  ~0s; .ecxr ; kb

SYMBOL_NAME:  chrome+197ae7

MODULE_NAME: chrome

IMAGE_NAME:  chrome.dll

FAILURE_BUCKET_ID:  BREAKPOINT_80000003_chrome.dll!Unknown

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

IMAGE_VERSION:  116.0.5845.141

FAILURE_ID_HASH:  {be0d4058-7058-b7fb-5291-62cb1f25d882}

Followup:     MachineOwner



I would really appreciate it if you would help me!

[Oliver Dunk]

Thanks for the extra information and the effort trying to read the dump file.

Unfortunately, I think there are limitations to how much you can get from a dump file without using tools (and symbols) that are only available to Googlers.

I took a look at the crashes and I'm not immediately seeing what is going wrong, so I've opened a bug here: https://bugs.chromium.org/p/chromium/issues/detail?id=1479080. Feel free to star it if you'd like to follow along.

Oliver Dunk | DevRel, Chrome Extensions | https://developer.chrome.com/ | London, GB

[Shirely Tom]

thank you very much. If you need more information, you can contact me at any time

[Oliver Dunk]

Hi,

Just to follow-up, as you may have seen in the issue it sounds like we will need an uploaded crash report to be able to investigate.

There are some steps here and then you will need to visit chrome://crashes to upload and get the ID. Could you try to encourage your users to do this?

Thanks,

Oliver Dunk | DevRel, Chrome Extensions | https://developer.chrome.com/ | London, GB

[Shirely Tom]

Hello, I saw this question. I used to try to encourage users to go to chrome://crashes and upload reports. However, the status of the report always stops at "User has requested upload". A few minutes later, I went back to chrome://crashes, and the reported status changed again to "Not uploaded". That's why I copied the report from the hard drive.

It is worth mentioning that today I connected the user's computer through the remote tool to debug the code and found a strange phenomenon. If the extension inserts the <span></span> tag after the <a></a> tag in the page, it will crash when the page structure is changed (for example, inserting the <span></span> tag again, or performing a translation action); I'm trying to get the <span></span> tag inserted by the extension to be behind the <div></div> tag so it doesn't crash.

I know it may be hard for you to imagine what really happened without crash reports, operation videos. I plan to record a clearer video in a few days with a simple piece of code.

But the crash report may still be difficult to upload, I will try to upload.

[Oliver Dunk]

Thanks so much for continuing to work on this.

Are your users signed in to a Google account with syncing enabled? I'm not certain exactly what the minimum requirements to upload crash reports are, but I think that might help.

Super interesting to hear that you're slowly figuring out the structure needed to cause the bug. Definitely interested to hear how that progresses and if you do reach a point where you can make a smaller extension that has the same crash, that would be really helpful.

Thanks,

Oliver Dunk | DevRel, Chrome Extensions | https://developer.chrome.com/ | London, GB

[Oliver Dunk]

Just to clarify, signed in as part of their Chrome profile, not just in a tab.

Oliver Dunk | DevRel, Chrome Extensions | https://developer.chrome.com/ | London, GB

[Oliver Dunk]

Hi Shirely,

I just wanted to follow-up and ask if you had been able to try getting any users to sign in to a Google account before uploading a crash report?

Thanks!

[Shirely Tom]

Hi Oliver Dunk:

Thank you very much for your concern about this issue!

In these days, I have been waiting for new users to report crashes to me. But as I said before, when I adjusted the insert <span></span> position, the extension worked fine. So after that, no users ever reported crashes to me. That's why I haven't replied to you for so many days.

Now I'm trying to contact the user who reported the crash earlier, but it will take some time.

Thank you very much for your attention! If there is any new development, I will reply to you as soon as possible.

[Oliver Dunk]

No problem!

Glad you were able to find a fix and roll that out to your users in the meantime :)

Oliver Dunk | DevRel, Chrome Extensions | https://developer.chrome.com/ | London, GB

[Shirely Tom]

Hi, Oliver Dunk .    In the last few days, we've reached out to several users who previously reported crashes to us. Amazingly, the extension doesn't crash when they run it on their browser now. Their current Chrome versions are 117.0.5938.149 and 117.0.2045.60, respectively.

The earliest reports we received were on August 24, 2023
The earliest version of Chrome we've collected to crash is 116.0.5845.141

So I guess between version 116 and 117, there was an update that fixed the problem.

Thank you very much for your continued attention

[Oliver Dunk]

Hi,

That's great news, thanks for sharing.

We can consider this closed for now but do let us know if you see any issues in the future :)

Oliver Dunk | DevRel, Chrome Extensions | https://developer.chrome.com/ | London, GB