New issue
Advanced search Search tips

Issue 117668 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Mar 2012
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 1
Type: Bug

Restricted
  • Only users with EditIssue permission may comment.



Sign in to add a comment

Chrome: Crash Report - Stack Signature: views::internal::RootView::GetContentsView(...

Project Member Reported by dharani@google.com, Mar 10 2012

Issue description

wez@ can you please find an owner? thanks!

Product: Chrome
Stack Signature: views::internal::RootView::GetContentsView()-26B2D37
New Signature Label: views::internal::RootView::GetContentsView()
New Signature Hash: c3ccb97f_d59f73f5_05b4a5df_e859a48b_a1088744

Report link: http://go/crash/reportdetail?reportid=080c3e26edb3991b

Meta information:
Product Name: Chrome
Product Version: 19.0.1064.0
Report ID: 080c3e26edb3991b
Report Time: 2012/03/09 18:28:43, Fri
Uptime: 3547 sec
Cumulative Uptime: 0 sec
OS Name: Windows NT
OS Version: 6.1.7600 
CPU Architecture: x86
CPU Info: AuthenticAMD family 16 model 6 stepping 3
ptype: browser


Thread 0 *CRASHED* ( EXCEPTION_ACCESS_VIOLATION_READ @ 0x00000028 )

0x60fec052	 [chrome.dll	 - root_view.cc:102	views::internal::RootView::GetContentsView()
0x619575c3	 [chrome.dll	 - tab_contents_view_views.cc:137	TabContentsViewViews::Focus()
0x610d0719	 [chrome.dll	 - focus_manager.cc:283	views::FocusManager::SetFocusedViewWithReason(views::View *,views::FocusManager::FocusChangeReason)
0x6117ee3d	 [chrome.dll	 - view.cc:964	views::View::RequestFocus()
0x61c201cc	 [chrome.dll	 - native_tab_contents_container_win.cc:124	NativeTabContentsContainerWin::RequestFocus()
0x610d0542	 [chrome.dll	 - focus_manager.cc:352	views::FocusManager::RestoreFocusedView()
0x610d04d4	 [chrome.dll	 - native_widget_win.cc:2230	views::NativeWidgetWin::PostProcessActivateMessage(views::NativeWidgetWin *,int)
0x60fd54a2	 [chrome.dll	 - native_widget_win.cc:1176	views::NativeWidgetWin::OnWndProc(unsigned int,unsigned int,long)
0x60fd53fb	 [chrome.dll	 - window_impl.cc:196	ui::WindowImpl::WndProc(HWND__ *,unsigned int,unsigned int,long)
0x60fd538c	 [chrome.dll	 - wrapped_window_proc.h:60	base::win::WrappedWindowProc<&ui::WindowImpl::WndProc(HWND__ *,unsigned int,unsigned int,long)>(HWND__ *,unsigned int,unsigned int,long)
0x764986ee	 [user32.dll	 + 0x000186ee]	InternalCallWinProc
0x76498875	 [user32.dll	 + 0x00018875]	UserCallWinProcCheckWow
0x764970f3	 [user32.dll	 + 0x000170f3]	DispatchClientMessage
0x7649738e	 [user32.dll	 + 0x0001738e]	__fnDWORD
0x773660cd	 [ntdll.dll	 + 0x000460cd]	KiUserCallbackDispatcher
0x7736607f	 [ntdll.dll	 + 0x0004607f]	KiUserApcDispatcher
0x61195bc9	 [chrome.dll	 - native_widget_win.cc:423	views::NativeWidgetWin::~NativeWidgetWin()
0x6119cf92	 [chrome.dll	 + 0x0049cf92]	views::NativeWidgetWin::`scalar deleting destructor'(unsigned int)
0x6119580f	 [chrome.dll	 - widget.cc:191	views::Widget::~Widget()
0x6119ce94	 [chrome.dll	 + 0x0049ce94]	views::Widget::`vector deleting destructor'(unsigned int)
0x60d1c8ea	 [chrome.dll	 - scoped_ptr.h:160	scoped_ptr<appcache::AppCacheResponseWriter>::reset(appcache::AppCacheResponseWriter *)
0x61159876	 [chrome.dll	 - sad_tab_helper.cc:74	SadTabHelper::Observe(int,content::NotificationSource const &,content::NotificationDetails const &)
0x60db1a9a	 [chrome.dll	 - notification_service_impl.cc:127	NotificationServiceImpl::Notify(int,content::NotificationSource const &,content::NotificationDetails const &)
0x6115977f	 [chrome.dll	 - tab_contents.cc:1841	TabContents::NotifyConnected()
0x611596c5	 [chrome.dll	 - tab_contents.cc:1916	TabContents::RenderViewReady(content::RenderViewHost *)
0x6115964c	 [chrome.dll	 - render_view_host_impl.cc:942	content::RenderViewHostImpl::OnMsgRenderViewReady()
0x61158fc8	 [chrome.dll	 - ipc_message.h:140	IPC::Message::Dispatch<content::RenderWidgetHostImpl,content::RenderWidgetHostImpl>(IPC::Message const *,content::RenderWidgetHostImpl *,content::RenderWidgetHostImpl *,void ( content::RenderWidgetHostImpl::*)(void))
0x61155b5f	 [chrome.dll	 - render_view_host_impl.cc:782	content::RenderViewHostImpl::OnMessageReceived(IPC::Message const &)
0x61158de9	 [chrome.dll	 - render_process_host_impl.cc:926	RenderProcessHostImpl::OnMessageReceived(IPC::Message const &)
0x60d29151	 [chrome.dll	 - ipc_channel_proxy.cc:268	IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const &)
...... (1 stack frames dropped.)
0x60d2659a	 [chrome.dll	 - message_loop.cc:458	MessageLoop::RunTask(base::PendingTask const &)
0x60d25386	 [chrome.dll	 - message_loop.cc:660	MessageLoop::DoWork()
0x60e5341c	 [chrome.dll	 - message_pump_win.cc:203	base::MessagePumpForUI::DoRunLoop()
0x610e9fa2	 [chrome.dll	 - message_pump_win.cc:51	base::MessagePumpWin::RunWithDispatcher(base::MessagePump::Delegate *,base::MessagePumpWin::Dispatcher *)
0x60d24ee6	 [chrome.dll	 - message_loop.cc:390	MessageLoop::RunHandler()
0x610e9f59	 [chrome.dll	 - message_loop.cc:776	MessageLoopForUI::RunWithDispatcher(base::MessagePumpWin::Dispatcher *)
0x610e9e87	 [chrome.dll	 - chrome_browser_main.cc:1865	ChromeBrowserMainParts::MainMessageLoopRun(int *)
0x610e9e39	 [chrome.dll	 - browser_main_loop.cc:453	content::BrowserMainLoop::RunMainMessageLoopParts()
0x610e9e03	 [chrome.dll	 - browser_main_runner.cc:94	`anonymous namespace'::BrowserMainRunnerImpl::Run()
0x60d96a39	 [chrome.dll	 - browser_main.cc:21	BrowserMain(content::MainFunctionParams const &)
0x60d21929	 [chrome.dll	 - content_main_runner.cc:282	`anonymous namespace'::RunNamedProcessTypeMain(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::MainFunctionParams const &,content::ContentMainDelegate *)
0x60d218ae	 [chrome.dll	 - content_main_runner.cc:511	`anonymous namespace'::ContentMainRunnerImpl::Run()
0x60d14ca8	 [chrome.dll	 - content_main.cc:35	content::ContentMain(HINSTANCE__ *,sandbox::SandboxInterfaceInfo *,content::ContentMainDelegate *)
0x60d14c33	 [chrome.dll	 - chrome_main.cc:28	ChromeMain
0x00f45749	 [chrome.exe	 - client_util.cc:424	MainDllLoader::Launch(HINSTANCE__ *,sandbox::SandboxInterfaceInfo *)
0x00f44b8c	 [chrome.exe	 - chrome_exe_main_win.cc:36	wWinMain
0x00f650e1	 [chrome.exe	 - crt0.c:263	__tmainCRTStartup
0x75be1113	 [kernel32.dll	 + 0x00051113]	BaseThreadInitThunk
0x7737b298	 [ntdll.dll	 + 0x0005b298]	__RtlUserThreadStart
0x7737b26b	 [ntdll.dll	 + 0x0005b26b]	_RtlUserThreadStart


 

Comment 1 by w...@chromium.org, Mar 12 2012

Owner: jam@chromium.org
Assigning to jam@ because on the face of it we're hitting |sad_tab=NULL| in code changed by him in r125126 (CL 9554017).

Comment 2 by dharani@google.com, Mar 15 2012

jam@, any updates? thanks!
Project Member

Comment 3 by bugdroid1@chromium.org, Mar 20 2012

Summary: Chrome: Crash Report - Stack Signature: views::internal::RootView::GetContentsView(...
The following revision refers to this bug:
    http://src.chromium.org/viewvc/chrome?view=rev&revision=127686

------------------------------------------------------------------------
r127686 | jam@chromium.org | Tue Mar 20 08:23:47 PDT 2012

Changed paths:
 M http://src.chromium.org/viewvc/chrome/trunk/src/chrome/browser/ui/sad_tab_helper.cc?r1=127686&r2=127685&pathrev=127686

Fix crash in TabContentsViewViews::Focus. This was caused by r125126. The subtle bug is that the SadTabHelper's Observe function use to reset TabContentsViewView's Widget pointer before it deleted the sad tab Widget. With my change, TabContentsViewWin would call SadTabHelper in the middle of its sad_tab_.reset() call and would use a Widget that's being destructed.

BUG= 117668 
Review URL: https://chromiumcodereview.appspot.com/9733023
------------------------------------------------------------------------

Comment 4 by jam@chromium.org, Mar 20 2012

Status: Fixed
Project Member

Comment 5 by bugdroid1@chromium.org, Oct 13 2012

Labels: Restrict-AddIssueComment-Commit
This issue has been closed for some time. No one will pay attention to new comments.
If you are seeing this bug or have new data, please click New Issue to start a new bug.
Project Member

Comment 6 by bugdroid1@chromium.org, Mar 10 2013

Labels: -Area-UI -Mstone-19 M-19 Cr-UI
Project Member

Comment 7 by bugdroid1@chromium.org, Mar 14 2013

Labels: -Restrict-AddIssueComment-Commit Restrict-AddIssueComment-EditIssue

Sign in to add a comment