New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 609236 link

Starred by 1 user
Status: Duplicate
Merged: issue 617728
Owner:
paulmeyer@chromium.org
Closed: Nov 2016
Cc:
aval...@chromium.org
dcheng@chromium.org
lfg@chromium.org
wjmaclean@chromium.org
wfh@chromium.org
creis@chromium.org
mcnee@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , All
Pri: 3
Type: Bug

Blocking:
issue 647249



Sign in to add a comment

<webview> / OOPIF: Drag and drop hits NOTREACHED

Project Member Reported by aval...@chromium.org, May 4 2016 
When trying to drag some text in an input box in a webview, browser crashes with stack trace:

[54024:54024:0504/152259:FATAL:render_widget_host_view_child_frame.cc(150)] Check failed: false.
#0 0x7f6ab7b12a4e base::debug::StackTrace::StackTrace()
#1 0x7f6ab7b732cf logging::LogMessage::~LogMessage()
#2 0x7f6ab15d6f92 content::RenderWidgetHostViewChildFrame::GetNativeView()
#3 0x7f6ab19562d4 content::GetScaleFactorForView()
#4 0x7f6ab1a86298 content::RenderViewHostImpl::OnStartDragging()
#5 0x7f6ab1a8d0c0 _ZN4base20DispatchToMethodImplIPN7content18RenderViewHostImplEMS2_FvRKNS1_8DropDataEN5blink16WebDragOperationERK8SkBitmapRKN3gfx8Vector2dERKNS1_19DragEventSourceInfoEEJS4_S8_S9_SD_SG_EJLm0ELm1ELm2ELm3ELm4EEEEvRKT_T0_RKSt5tupleIJDpT1_EENS_13IndexSequenceIJXspT2_EEEE
#6 0x7f6ab1a8cfb5 _ZN4base16DispatchToMethodIPN7content18RenderViewHostImplEMS2_FvRKNS1_8DropDataEN5blink16WebDragOperationERK8SkBitmapRKN3gfx8Vector2dERKNS1_19DragEventSourceInfoEEJS4_S8_S9_SD_SG_EEEvRKT_T0_RKSt5tupleIJDpT1_EE
#7 0x7f6ab1a8cf5f _ZN3IPC16DispatchToMethodIN7content18RenderViewHostImplEMS2_FvRKNS1_8DropDataEN5blink16WebDragOperationERK8SkBitmapRKN3gfx8Vector2dERKNS1_19DragEventSourceInfoEEvSt5tupleIJS3_S7_S8_SC_SF_EEEEvPT_T0_PT1_RKT2_
#8 0x7f6ab1a89f79 _ZN3IPC8MessageTI30DragHostMsg_StartDragging_MetaSt5tupleIJN7content8DropDataEN5blink16WebDragOperationE8SkBitmapN3gfx8Vector2dENS3_19DragEventSourceInfoEEEvE8DispatchINS3_18RenderViewHostImplESE_vMSE_FvRKS4_S6_RKS7_RKS9_RKSA_EEEbPKNS_7MessageEPT_PT0_PT1_T2_
#9 0x7f6ab1a85242 content::RenderViewHostImpl::OnMessageReceived()
#10 0x7f6ab1a967e3 content::RenderWidgetHostImpl::OnMessageReceived()
#11 0x7f6ab1a5fef3 content::RenderProcessHostImpl::OnMessageReceived()
#12 0x7f6aafb7b058 IPC::ChannelProxy::Context::OnDispatchMessage()
#13 0x7f6aafb7f6df _ZN4base8internal15RunnableAdapterIMN3IPC12ChannelProxy7ContextEFvRKNS2_7MessageEEE3RunIS4_JS7_EEEvRK13scoped_refptrIT_EDpOT0_
#14 0x7f6aafb7f5fe _ZN4base8internal12InvokeHelperILb0EvNS0_15RunnableAdapterIMN3IPC12ChannelProxy7ContextEFvRKNS3_7MessageEEEEE8MakeItSoIJRK13scoped_refptrIS5_ES8_EEEvSB_DpOT_
#15 0x7f6aafb7f5ad _ZN4base8internal7InvokerINS_13IndexSequenceIJLm0ELm1EEEENS0_9BindStateINS0_15RunnableAdapterIMN3IPC12ChannelProxy7ContextEFvRKNS6_7MessageEEEEFvPS8_SB_EJSF_SB_EEENS0_12InvokeHelperILb0EvSE_EEFvvEE3RunEPNS0_13BindStateBaseE
#16 0x7f6ab7af2e2e base::Callback<>::Run()
#17 0x7f6ab7b1843e base::debug::TaskAnnotator::RunTask()
#18 0x7f6ab7b900fc base::MessageLoop::RunTask()
#19 0x7f6ab7b90398 base::MessageLoop::DeferOrRunPendingTask()
#20 0x7f6ab7b90562 base::MessageLoop::DoWork()
#21 0x7f6ab7ba28cc base::MessagePumpGlib::HandleDispatch()
#22 0x7f6ab7ba3091 base::(anonymous namespace)::WorkSourceDispatch()
#23 0x7f6aa8d25e04 g_main_context_dispatch
#24 0x7f6aa8d26048 <unknown>
#25 0x7f6aa8d260ec g_main_context_iteration
#26 0x7f6ab7ba29cf base::MessagePumpGlib::Run()
#27 0x7f6ab7b8fb0f base::MessageLoop::RunHandler()
#28 0x7f6ab7c2fa34 base::RunLoop::Run()
#29 0x7f6ab883abef ChromeBrowserMainParts::MainMessageLoopRun()
#30 0x7f6ab12e3389 content::BrowserMainLoop::RunMainMessageLoopParts()
#31 0x7f6ab12ec9f5 content::BrowserMainRunnerImpl::Run()
#32 0x7f6ab12dd066 content::BrowserMain()
#33 0x7f6ab2e55066 content::RunNamedProcessTypeMain()
#34 0x7f6ab2e56cc9 content::ContentMainRunnerImpl::Run()
#35 0x7f6ab2e544e2 content::ContentMain()
#36 0x7f6ab87398c0 ChromeMain
#37 0x7f6ab8739852 main
#38 0x7f6aa37e0ec5 __libc_start_main
#39 0x7f6ab8739751 <unknown>


Running with flags:  --use-cross-process-frames-for-guests --isolate-extensions --site-per-process

Comment 1 by creis@chromium.org, May 4 2016

Cc: dcheng@chromium.org
Labels: OS-All
Summary: <webview> / OOPIF: Drag and drop crash (was: <webview>: Drag and drop crash)
Thanks for looking into this!  To be clear, this crash would repro with any one of those flags, right?  (You don't need all three.)  It's just a matter of drag and drop with an OOPIF.

CC'ing Daniel for drag and drop knowledge, if you need him.

Comment 2 by creis@chromium.org, May 11 2016

Summary: <webview> / OOPIF: Drag and drop hits NOTREACHED (was: <webview> / OOPIF: Drag and drop crash)
Updating the summary, since this is a NOTREACHED, and thus doesn't crash in release builds.  The feature still needs updating, though.  Likely joint work with  issue 611065 .

Comment 3 by aval...@chromium.org, May 11 2016

Cc: aval...@chromium.org
 Issue 611065  has been merged into this issue.

Comment 4 by paulmeyer@chromium.org, Jun 6 2016

Owner: paulmeyer@chromium.org
Status: Assigned (was: Available)

Comment 5 by paulmeyer@chromium.org, Jun 6 2016

Components: -Internals>Sandbox>SiteIsolation Platform>Apps>BrowserTag

Comment 6 by paulmeyer@chromium.org, Jun 6 2016

Components: Internals>Sandbox>SiteIsolation

Comment 7 by paulmeyer@chromium.org, Jun 7 2016

Status: Started (was: Assigned)

Comment 8 by wjmaclean@chromium.org, Sep 15 2016

Blocking: 647249

Comment 9 by paulmeyer@chromium.org, Nov 2 2016

Mergedinto: 617728
Status: Duplicate (was: Started)

Comment 10 by dcheng@chromium.org, Nov 18 2016

Components: Blink>DataTransfer

Sign in to add a comment