New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 597255 link

Starred by 3 users
Status: Archived
Owner: ----
Closed: Aug 2017
Cc:
brajkumar@chromium.org
djeche@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows , Chrome
Pri: 3
Type: Bug



Sign in to add a comment

Chrome consistently crashing

Project Member Reported by djeche@chromium.org, Mar 23 2016 
Chrome Version       : 49.0.2623.75
URLs (if applicable) : N/A 
Other browsers tested: Tests don't apply to other browser's

What steps will reproduce the problem?

(1) User just needs to execute chrome and run it for a while before the bug trigger's

What is the expected result?

The excepted result is for the browser not crash.

What happens instead?

The browser consistently crashes. Please see the images of attached of chrome://crashs

Please provide any additional information below. Attach a screenshot if
possible.


First assumption was that an extension could of been the main cause or something in the client side environment. I noticed that chrome_child.dll was reported as the core source of the crash. The main component of interest in this region of code was nacl_log.c. 

This maybe something related to Native Client or Portable Native Client. This again would be pointing toward's extension related issue's.

After exploring the browser log's a little bit. I noticed one of the crashes reported. It seem's as though this was part of the cause of the crash chromium/extensions/renderer/script_context.cc .

AS you can see a context was created :

[2640:2620:0320/171252:VERBOSE1:script_context.cc(111)] Created context:
  extension id:           (none)
  frame:                  27496688
  URL:                    https://plus.google.com/u/0/_/notifications/frame?sourceid=1&hl=en&origin=https%3A%2F%2Fwww.google.com&uc=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.z_2t079yKPw.O%2Fm%3D__features__%2Fam%3DAAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAHpOoo_E1VxFHHLNAhxnRjoRHyLV5gA32A#pid=1&rpctoken=160541986&_methods=onError%2ConInfo%2ChideNotificationWidget%2CpostSharedMessage%2Creauth%2CsetNotificationWidgetHeight%2CsetNotificationWidgetSize%2CswitchTo%2CnavigateTo%2CsetNotificationText%2CsetNotificationAnimation%2CgetNotificationText%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=I1_1458508372921&parent=https%3A%2F%2Fwww.google.com&pfname=
  context_type:           WEB_PAGE
  effective extension id: (none)
  effective context type: WEB_PAGE
[2640:2620:0320/171252:VERBOSE1:script_context.cc(111)] Created context:
  extension id:           (none)
  frame:                  00000000
  URL:                    
  context_type:           UNSPECIFIED
  effective extension id: (none)
  effective context type: UNSPECIFIED


And the context created with no ID is destroyed until one crash occur's : 

[2640:2620:0320/171252:VERBOSE1:script_context.cc(118)] Destroyed context for extension
  extension id: 
  effective extension id: 
[2640:2620:0320/171252:VERBOSE1:script_context.cc(118)] Destroyed context for extension
  extension id: 
  effective extension id: 
[2640:2620:0320/171302:VERBOSE1:dispatcher.cc(441)] Num tracked contexts: 1
[2640:2620:0320/171302:VERBOSE1:script_context.cc(118)] Destroyed context for extension

The main cause to this specific issue is unknown and requires further investigation. The device has been wiped and it was brand new. This mean's that a corrupted registry cant be the cause. 

Debug files & screenshots : https://drive.google.com/open?id=0B1pxq4g1boBFWEdxVGg3ZU9PeG8 

Any idea's ?

Comment 1 by brajkumar@chromium.org, Mar 24 2016

Cc: brajkumar@chromium.org
Components: Platform>NaCl
Labels: OS-Chrome
Owner: teravest@chromium.org
Status: Assigned (was: Unconfirmed)
Stack Trace for report ID e7054be800000000:
=============================================
Thread 0 CRASHED [EXCEPTION_BREAKPOINT @ 0x6b9bf01b ] MAGIC SIGNATURE THREAD
0x6b9bf01b	(chrome_child.dll -process_startup_helper.cc:21 )	`anonymous namespace'::InvalidParameter(wchar_t const *,wchar_t const *,wchar_t const *,unsigned int,unsigned int)
0x6cd4d725	(chrome_child.dll -invarg.c:96 )	_invalid_parameter_noinfo
0x6b3fcb1c	(chrome_child.dll -dup.c:51 )	_dup
0x6b3fca14	(chrome_child.dll -nacl_log.c:152 )	NaClLogDupFileIo
0x6b3fc9f0	(chrome_child.dll -nacl_log.c:204 )	NaClLogDefaultLogGio
0x6b3fc9c4	(chrome_child.dll -nacl_log.c:304 )	NaClLogModuleInit
0x6b3fc999	(chrome_child.dll -platform_init.c:14 )	NaClPlatformInit
0x6b3fc98f	(chrome_child.dll -nrd_all_modules.c:21 )	NaClNrdAllModulesInit
0x6b3fc956	(chrome_child.dll -module_ppapi.cc:53 )	plugin::ModulePpapi::Init()
0x6b3fb535	(chrome_child.dll -module.cc:216 )	pp::Module::InternalInit(int,void const * (*)(char const *))
0x6b3fb439	(chrome_child.dll -ppapi_entrypoints.cc:21 )	nacl_plugin::PPP_InitializeModule(int,void const * (*)(char const *))
0x6b3fb3ab	(chrome_child.dll -plugin_module.cc:759 )	content::PluginModule::InitializeModule(content::PepperPluginInfo::EntryPoints const &)
0x6b3fb377	(chrome_child.dll -plugin_module.cc:568 )	content::PluginModule::InitAsInternalPlugin(content::PepperPluginInfo::EntryPoints const &)
0x6b3f90b4	(chrome_child.dll -pepper_plugin_registry.cc:127 )	content::PepperPluginRegistry::Initialize()
0x6b3f8fa2	(chrome_child.dll -pepper_plugin_registry.cc:24 )	content::PepperPluginRegistry::GetInstance()
0x6b3eaa94	(chrome_child.dll -renderer_main.cc:195 )	content::RendererMain(content::MainFunctionParams const &)
0x6b3916c3	(chrome_child.dll -content_main_runner.cc:382 )	content::RunNamedProcessTypeMain(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::MainFunctionParams const &,content::ContentMainDelegate *)
0x6b39163f	(chrome_child.dll -content_main_runner.cc:787 )	content::ContentMainRunnerImpl::Run()
0x6b377d8a	(chrome_child.dll -content_main.cc:19 )	content::ContentMain(content::ContentMainParams const &)
0x6b377a6e	(chrome_child.dll -chrome_main.cc:67 )	ChromeMain
0x00f57e49	(chrome.exe -main_dll_loader_win.cc:260 )	MainDllLoader::Launch(HINSTANCE__ *)
0x00f573d5	(chrome.exe -chrome_exe_main_win.cc:259 )	wWinMain
0x00f93dd9	(chrome.exe -crt0.c:251 )	__tmainCRTStartup
0x76983743	(KERNEL32.DLL + 0x00013743 )	BaseThreadInitThunk
0x77a7a063	(ntdll.dll + 0x0005a063 )	__RtlUserThreadStart
0x77a7a02e	(ntdll.dll + 0x0005a02e )	_RtlUserThreadStart

This is a regression issue seen from M45 - 45.0.2454.99, Below link gives in details of the number of instances in which the crash has occurred for associated builds:
https://crash.corp.google.com/browse?q=product.name%3D%27Chrome%27%20%20AND%20custom_data.ChromeCrashProto.ptype%3D%27renderer%27%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D%27NaClLogDupFileIo%27&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D#-samplereports:5,productversion:1000

1. This crash is observed only on stable channel as of now, No crashes seen on latest beta, dev and canary chanels.
2. Over all 2007 crash instances are seen on latest stable M49-49.0.2623.87
3. Last crash is seen on 50.0.2638.0 with 8 instances
4. This crash is seen on Windows and Chrome OS platform as per below link
https://crash.corp.google.com/browse?q=custom_data.ChromeCrashProto.ptype%3D%27renderer%27%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D%27NaClLogDupFileIo%27&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D

Using code search for the file "PPP_InitializeModule" and suspecting the below change
Review URL: https://codereview.chromium.org/397243004
teravest@: Could you please check if this is caused with respect to your change, if not please help us in reassign the issue to the right owner. 

Thanks!

Comment 2 by teravest@chromium.org, Nov 3 2016

Owner: ----

Comment 3 by roy...@google.com, Aug 18 2017

Status: Archived (was: Assigned)

Sign in to add a comment