invalid handle when printing |
||||
Issue descriptionVersion: 54.0.2832.2 dev-m 32-bit OS: Windows 7 32-bit What steps will reproduce the problem? (1) Attach windbg to all processes (2) Print a page (3) What is the expected output? no crash What do you see instead? debugger breaks Please use labels and text to provide additional information. (Note: I was running with --no-sandbox in order to try and diagnose issue 636206 but I do not know if this would happen without that flag.) C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-features="AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,*MaterialDesignHistory<MD History,MaterialDesignUserManager<MaterialDesignUserManager,MediaFoundationH264Encoding<MediaFoundationH264Encoding,NetworkPrediction<NetworkPrediction,NewMediaPlaybackUi<NewMediaPlaybackUi,*PaintOptimizations<PaintOptimizations,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PassiveEventListenersDueToFling<PassiveEventListenersDueToFling,*PersistentHistograms<PersistentHistograms,PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SyzyasanDeferredFree<SyzyasanDeferredFree,TranslateUI2016Q2<TranslateUI2016Q2,*UseGoogleLocalNtp<UseGoogleLocalNtp,UsePredictorDNSQueue<UsePredictorDNSQueue,*WebRTC-H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg" --disable-features="BrowserHangFixesExperiment<BrowserHangFixesExperiment,FontCacheScaling<FontCacheScaling,MainFrameBeforeActivation<MainFrameBeforeActivation,NetworkTimeServiceQuerying<NetworkTimeQueries,NewAudioRenderingMixingStrategy<NewAudioRenderingMixingStrategy,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OptimizeLoadingIPCForSmallResources<OptimizeLoadingIPCForSmallResources,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,PassiveDocumentEventListeners<PassiveDocumentEventListeners,SafeBrowsingV4LocalDatabaseManagerEnabled<SafeBrowsingV4LocalDatabaseManagerEnabled,StickyDefaultBrowserPrompt<StickyDefaultBrowserPrompt,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,V8_ES2015_TailCalls<V8_ES2015_TailCalls,V8_ES2016_ExplicitTailCalls<V8_ES2015_TailCalls,WeakMemoryCache<WeakMemoryCache,token-binding<TokenBinding" --force-fieldtrials="*AppBannerTriggering/site-engagement-medium/*AutofillFieldMetadata/Enabled/AutofillSingleClick/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BackgroundTracing/default/*BrowserHangFixesExperiment/Control/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ClientSideDetectionModel/Model0/*DefaultBrowserPromptStyle/BlueIconOnYellowInfoBar2/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup2/*EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/*ExtensionDeveloperModeWarning/Enabled/*GFE/Default/InstanceID/Enabled/*MD History/Control/MainFrameBeforeActivation/Control/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*MediaFoundationH264Encoding/Enabled/*NetworkPrediction/Control/*NetworkQualityEstimator/Enabled/*NetworkTimeQueries/NetworkTimeQueriesDisabled/NewAudioRenderingMixingStrategy/Disabled/*NewMediaPlaybackUi/Default/NonValidatingReloadOnNormalReload/Disabled/OfferUploadCreditCards/Enabled/*OmniboxBundledExperimentV1/HQPAllowOverlappingMatches_Dev/Override YouTube Flash emed/Control/*ParseHTMLOnMainThread/Enabled_25/*PassiveDocumentEventListeners/Control/*PassiveEventListenersDueToFling/Enabled/*PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Enabled/*PasswordManagerSettingsMigration/Enable/PasswordSmartBubble/Default/*PersistentHistograms/Default/PluginPowerSaver/Enabled/PluginPowerSaverTiny/Enabled/*PointerEvent/Enabled/*QUIC/EnabledCubicBytes/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SSLBufferSizeRecv/17408 (Default)/*SSLBufferSizeSend/17408 (Control)/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SafeBrowsingV4LocalDatabaseManagerEnabled/Control/SecurityWarningIconUpdate/Enabled/*SimpleCacheTrial/ExperimentYes/*SiteEngagement/Enabled/*SiteIsolationExtensions/Control/StackProfiling/Report profiles/StickyDefaultBrowserPrompt/Control/*StrictSecureCookies/Enabled/*SubresourceFilter/DryRunOnAllSites/SyncHttpContentCompression/Disabled/SyzyasanDeferredFree/Enabled/*TokenBinding/Control/TranslateServerStudy/Dummy/TranslateUI2016Q2/NeverDefaultAlways/*TriggeredResetFieldTrial/On/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*V8CacheStrategiesForCacheStorage/none/V8Ignition/Default/*V8_ES2015_TailCalls/Control/*WeakMemoryCache/Control/*WebFontsInterventionV2/Disabled/WebRTC-DisableCpuAdaptation/CpuAdaptationOn/WebRTC-StunInterPacketDelay/Default/WebRTC-SupportVP9SVC/Default/" --primordial-pipe-token=969B299D21313DCB9312F0C460F900EB --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false,parseHTMLOnMainThreadCoalesceChunks=false,parseHTMLOnMainThreadSyncTokenize=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=969B299D21313DCB9312F0C460F900EB --channel="752.17.522609249\705398337" --mojo-platform-channel-handle=5284 /prefetch:1 (fd4.bd0): Invalid handle - code c0000008 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=c0000008 ebx=00000000 ecx=0024dce8 edx=77136018 esi=00000258 edi=0024de3c eip=7713604f esp=0024dc94 ebp=0024dce4 iopl=0 nv up ei pl nz na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202 ntdll!KiRaiseUserExceptionDispatcher+0x37: 7713604f 8b0424 mov eax,dword ptr [esp] ss:0023:0024dc94=c0000008 7:133> k # ChildEBP RetAddr 00 0024dce4 77136073 ntdll!KiRaiseUserExceptionDispatcher+0x37 01 0024dce8 771363b4 ntdll!KiFastSystemCall+0x3 02 0024dcec 752d6be2 ntdll!NtClose+0xc 03 0024dcfc 76fdea40 KERNELBASE!CloseHandle+0x2d 04 0024dd0c 5f74c866 kernel32!CloseHandleImplementation+0x3f 05 0024dd1c 5f750442 chrome_child!`anonymous namespace'::CloseHandleHook+0x2c [c:\b\build\slave\win\build\src\base\debug\close_handle_hook_win.cc @ 43] 06 0024dd30 60949fdb chrome_child!base::SharedMemoryHandle::Close+0x19 [c:\b\build\slave\win\build\src\base\memory\shared_memory_handle_win.cc @ 49] 07 0024df10 60948e9a chrome_child!printing::PrintWebViewHelper::PrintPagesNative+0x2a5 [c:\b\build\slave\win\build\src\components\printing\renderer\print_web_view_helper_pdf_win.cc @ 65] 08 0024e098 60947b69 chrome_child!printing::PrintWebViewHelper::PrintPages+0x123 [c:\b\build\slave\win\build\src\components\printing\renderer\print_web_view_helper.cc @ 1488] 09 0024e0a0 609463a2 chrome_child!printing::PrintWebViewHelper::OnFramePreparedForPrintPages+0x8 [c:\b\build\slave\win\build\src\components\printing\renderer\print_web_view_helper.cc @ 1456] 0a (Inline) -------- chrome_child!base::Callback<void __cdecl(void),1>::Run+0x6 [c:\b\build\slave\win\build\src\base\callback.h @ 388] 0b (Inline) -------- chrome_child!printing::PrepareFrameAndViewForPrint::CallOnReady+0x6 [c:\b\build\slave\win\build\src\components\printing\renderer\print_web_view_helper.cc @ 791] 0c 0024e0b4 60949034 chrome_child!printing::PrepareFrameAndViewForPrint::CopySelectionIfNeeded+0x2a [c:\b\build\slave\win\build\src\components\printing\renderer\print_web_view_helper.cc @ 722] 0d 0024e0e0 60947dcd chrome_child!printing::PrintWebViewHelper::RenderPagesForPrint+0x8c [c:\b\build\slave\win\build\src\components\printing\renderer\print_web_view_helper.cc @ 1736] 0e 0024e4b8 609454cf chrome_child!printing::PrintWebViewHelper::OnPrintForPrintPreview+0x1e2 [c:\b\build\slave\win\build\src\components\printing\renderer\print_web_view_helper.cc @ 1053] 0f (Inline) -------- chrome_child!base::DispatchToMethodImpl+0xd [c:\b\build\slave\win\build\src\base\tuple.h @ 140] 10 (Inline) -------- chrome_child!base::DispatchToMethod+0xd [c:\b\build\slave\win\build\src\base\tuple.h @ 147] 11 (Inline) -------- chrome_child!IPC::DispatchToMethod+0xd [c:\b\build\slave\win\build\src\ipc\ipc_message_templates.h @ 26] 12 0024e4f0 5eecee04 chrome_child!IPC::MessageT<PrintMsg_PrintForPrintPreview_Meta,std::tuple<base::DictionaryValue>,void>::Dispatch<printing::PrintWebViewHelper,printing::PrintWebViewHelper,void,void (__thiscall printing::PrintWebViewHelper::*)(base::DictionaryValue const &)>+0x81 [c:\b\build\slave\win\build\src\ipc\ipc_message_templates.h @ 121] 13 0024e544 5eecd778 chrome_child!printing::PrintWebViewHelper::OnMessageReceived+0x1c3 [c:\b\build\slave\win\build\src\components\printing\renderer\print_web_view_helper.cc @ 932] 14 0024e64c 5ee81a06 chrome_child!content::RenderViewImpl::OnMessageReceived+0xe6 [c:\b\build\slave\win\build\src\content\renderer\render_view_impl.cc @ 1304] 15 0024e65c 5ee819d5 chrome_child!IPC::MessageRouter::RouteMessage+0x24 [c:\b\build\slave\win\build\src\ipc\message_router.cc @ 52] 16 0024e668 5ed14fb0 chrome_child!IPC::MessageRouter::OnMessageReceived+0x1d [c:\b\build\slave\win\build\src\ipc\message_router.cc @ 45] 17 0024e6ac 5ed14f11 chrome_child!content::ChildThreadImpl::OnMessageReceived+0x8a [c:\b\build\slave\win\build\src\content\child\child_thread_impl.cc @ 773] 18 0024e6c0 5ed14ef2 chrome_child!IPC::ChannelProxy::Context::OnDispatchMessage+0x1d [c:\b\build\slave\win\build\src\ipc\ipc_channel_proxy.cc @ 315] 19 (Inline) -------- chrome_child!base::internal::FunctorTraits<void (__thiscall content::CompositorForwardingMessageFilter::*)(IPC::Message const &),void>::Invoke+0x9 [c:\b\build\slave\win\build\src\base\bind_internal.h @ 214] 1a (Inline) -------- chrome_child!base::internal::InvokeHelper<0,void>::MakeItSo+0xf [c:\b\build\slave\win\build\src\base\bind_internal.h @ 283] 1b (Inline) -------- chrome_child!base::internal::Invoker<base::internal::BindState<void (__thiscall content::CompositorForwardingMessageFilter::*)(IPC::Message const &),scoped_refptr<content::CompositorForwardingMessageFilter>,IPC::Message>,void __cdecl(void)>::RunImpl+0xf [c:\b\build\slave\win\build\src\base\bind_internal.h @ 346] 1c 0024e6cc 5ed1382c chrome_child!base::internal::Invoker<base::internal::BindState<void (__thiscall content::CompositorForwardingMessageFilter::*)(IPC::Message const &),scoped_refptr<content::CompositorForwardingMessageFilter>,IPC::Message>,void __cdecl(void)>::Run+0x15 [c:\b\build\slave\win\build\src\base\bind_internal.h @ 328] 1d (Inline) -------- chrome_child!base::Callback<void __cdecl(void),1>::Run+0xb [c:\b\build\slave\win\build\src\base\callback.h @ 388] 1e 0024e738 5edc43c4 chrome_child!base::debug::TaskAnnotator::RunTask+0x179 [c:\b\build\slave\win\build\src\base\debug\task_annotator.cc @ 54] 1f 0024e7e8 5edc3573 chrome_child!blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue+0x1e7 [c:\b\build\slave\win\build\src\third_party\webkit\source\platform\scheduler\base\task_queue_manager.cc @ 319] 20 0024e954 5edc33ee chrome_child!blink::scheduler::TaskQueueManager::DoWork+0x183 [c:\b\build\slave\win\build\src\third_party\webkit\source\platform\scheduler\base\task_queue_manager.cc @ 218] 21 0024e968 5edc33ca chrome_child!base::internal::FunctorTraits<void (__thiscall content::WebFileWriterBase::*)(__int64,bool),void>::Invoke<base::WeakPtr<content::WebFileWriterImpl> const &,__int64,bool>+0x1f [c:\b\build\slave\win\build\src\base\bind_internal.h @ 215] 22 0024e980 5edc33a3 chrome_child!base::internal::InvokeHelper<1,void>::MakeItSo<void (__thiscall content::WebFileWriterBase::*const &)(__int64,bool),base::WeakPtr<content::WebFileWriterImpl> const &,__int64,bool>+0x22 [c:\b\build\slave\win\build\src\base\bind_internal.h @ 303] 23 0024e998 5edc3387 chrome_child!base::internal::Invoker<base::internal::BindState<void (__thiscall blink::scheduler::TaskQueueManager::*)(base::TimeTicks,bool),base::WeakPtr<blink::scheduler::TaskQueueManager>,base::TimeTicks,bool>,void __cdecl(void)>::RunImpl<void (__thiscall blink::scheduler::TaskQueueManager::*const &)(base::TimeTicks,bool),std::tuple<base::WeakPtr<blink::scheduler::TaskQueueManager>,base::TimeTicks,bool> const &,0,1,2>+0x17 [c:\b\build\slave\win\build\src\base\bind_internal.h @ 346] 24 0024e9ac 5ed1382c chrome_child!base::internal::Invoker<base::internal::BindState<void (__thiscall blink::scheduler::TaskQueueManager::*)(base::TimeTicks,bool),base::WeakPtr<blink::scheduler::TaskQueueManager>,base::TimeTicks,bool>,void __cdecl(void)>::Run+0x16 [c:\b\build\slave\win\build\src\base\bind_internal.h @ 324] 25 (Inline) -------- chrome_child!base::Callback<void __cdecl(void),1>::Run+0xb [c:\b\build\slave\win\build\src\base\callback.h @ 388] 26 0024ea18 5ed13326 chrome_child!base::debug::TaskAnnotator::RunTask+0x179 [c:\b\build\slave\win\build\src\base\debug\task_annotator.cc @ 54] 27 0024f584 5ed12fc8 chrome_child!base::MessageLoop::RunTask+0x2cd [c:\b\build\slave\win\build\src\base\message_loop\message_loop.cc @ 489] 28 (Inline) -------- chrome_child!base::MessageLoop::DeferOrRunPendingTask+0x63 [c:\b\build\slave\win\build\src\base\message_loop\message_loop.cc @ 497] 29 0024f6e8 5ed15ce2 chrome_child!base::MessageLoop::DoWork+0x403 [c:\b\build\slave\win\build\src\base\message_loop\message_loop.cc @ 621] 2a 0024f72c 5ed129b7 chrome_child!base::MessagePumpDefault::Run+0x168 [c:\b\build\slave\win\build\src\base\message_loop\message_pump_default.cc @ 36] 2b (Inline) -------- chrome_child!base::MessageLoop::RunHandler+0x10 [c:\b\build\slave\win\build\src\base\message_loop\message_loop.cc @ 451] 2c 0024f758 5ed40972 chrome_child!base::RunLoop::Run+0x49 [c:\b\build\slave\win\build\src\base\run_loop.cc @ 36] 2d 0024f830 5ecfcc94 chrome_child!content::RendererMain+0x1e6 [c:\b\build\slave\win\build\src\content\renderer\renderer_main.cc @ 198] 2e 0024f844 5ecf9151 chrome_child!content::RunNamedProcessTypeMain+0x61 [c:\b\build\slave\win\build\src\content\app\content_main_runner.cc @ 418] 2f 0024f898 5ecdf064 chrome_child!content::ContentMainRunnerImpl::Run+0x91 [c:\b\build\slave\win\build\src\content\app\content_main_runner.cc @ 785] 30 0024f8a8 5ecdeda9 chrome_child!content::ContentMain+0x23 [c:\b\build\slave\win\build\src\content\app\content_main.cc @ 20] 31 0024f8f0 0122f1e4 chrome_child!ChromeMain+0x6e [c:\b\build\slave\win\build\src\chrome\app\chrome_main.cc @ 88] 32 0024f98c 0122e865 chrome!MainDllLoader::Launch+0x1e8 [c:\b\build\slave\win\build\src\chrome\app\main_dll_loader_win.cc @ 184] 33 0024fab0 013aebcf chrome!wWinMain+0x125 [c:\b\build\slave\win\build\src\chrome\app\chrome_exe_main_win.cc @ 251] 34 (Inline) -------- chrome!invoke_main+0x1a [f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl @ 113] 35 0024fafc 76fdef1c chrome!__scrt_common_main_seh+0xfd [f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl @ 255] 36 0024fb08 77154608 kernel32!BaseThreadInitThunk+0xe 37 0024fb48 771545db ntdll!__RtlUserThreadStart+0x70 38 0024fb60 00000000 ntdll!_RtlUserThreadStart+0x1b
,
Aug 20 2016
Is print_web_view_helper_pdf_win.cc:65 printed_page_params.metafile_data_handle = base::SharedMemoryHandle(); ?? I guess I didn't quite get it right in r395757.
,
Aug 20 2016
tldr: Removing the line "printed_page_params.metafile_data_handle.Close();" should make everything work. printed_page_params.metafile_data_handle is populated in https://cs.chromium.org/chromium/src/components/printing/renderer/print_web_view_helper.cc?q=CopyMetafileDataToSharedMem&sq=package:chromium&dr=CSs&l=1841 which uses base::SharedMemory::DuplicateHandle. That method sets a flag that makes it so that ownership is passed to IPC: https://cs.chromium.org/chromium/src/base/memory/shared_memory_win.cc?q=SharedMemory::DuplicateHandle&sq=package:chromium&dr=CSs&l=204 [Ideally ownership semantics would be expressed as a ScopedSharedMemoryHandle...but that's a giant refactor I've never gotten around to.]
,
Aug 22 2016
Ya, I figured. Who wants the credit for the quick 1 line fix?
,
Aug 25 2016
Hrm, no takers.
,
Aug 25 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/ae78ab89c2b1d437cdbd933fac8ab15e2dbd3ebc commit ae78ab89c2b1d437cdbd933fac8ab15e2dbd3ebc Author: thestig <thestig@chromium.org> Date: Thu Aug 25 20:46:48 2016 Windows: Fix an invalid handle when printing. BUG= 639505 Review-Url: https://codereview.chromium.org/2276133003 Cr-Commit-Position: refs/heads/master@{#414530} [modify] https://crrev.com/ae78ab89c2b1d437cdbd933fac8ab15e2dbd3ebc/components/printing/renderer/print_web_view_helper_pdf_win.cc
,
Aug 25 2016
wow, I never expect my random bugs I report while testing to ever get fixed. Bravo!
,
Aug 25 2016
|
||||
►
Sign in to add a comment |
||||
Comment 1 by wfh@chromium.org
, Aug 19 2016