Crash on closing the last incognito tab/window
Reported by
alvinhoc...@gmail.com,
Aug 20 2016
|
||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.70 Safari/537.36 Steps to reproduce the problem: 1. Open Chrome, browse some webpages 2. Open an incognito window, browse some webpages 3. Close the incognito window What is the expected behavior? What went wrong? Chrome crashes and all non-incognito windows close. Crashed report ID: 35ad7519-ef44-4def-98f7-8198b0c3bf58 How much crashed? Whole browser Is it a problem with a plugin? N/A Did this work before? N/A Chrome version: 53.0.2785.70 Channel: beta OS Version: 6.1 (Windows 7, Windows Server 2008 R2) Flash Version: Shockwave Flash 23.0 r0 It is not always reproduceable. But the crash dumps seem to have the same stack trace. Several Report IDs: 35ad7519-ef44-4def-98f7-8198b0c3bf58 3f363e1d-799a-46b1-a8d2-9c6c92947a32 18b4a07b-1831-4b87-964d-8cee328e0c25 6d6bcdea-91d0-4ce1-af77-7a76a8e1b687 f1d94273-ad4d-4989-bfa0-c12a956adede 7e5adc83-ab7f-4257-a80b-dd27eb2d19a4 Stack track of one of them: # Child-SP RetAddr Call Site 00 00000000`002fc5c8 000007fe`fd311203 ntdll!NtDelayExecution+0xa *** WARNING: Unable to verify checksum for chrome.exe 01 00000000`002fc5d0 00000001`3f95cc60 KERNELBASE!SleepEx+0xab *** WARNING: Unable to verify checksum for kernel32.dll 02 00000000`002fc670 00000000`7716b9f0 chrome!`anonymous namespace'::UnhandledExceptionHandler+0x64 [c:\b\build\slave\win64-pgo\build\src\third_party\crashpad\crashpad\client\crashpad_client_win.cc @ 110] 03 00000000`002fc7b0 00000000`77377610 kernel32!UnhandledExceptionFilter+0x160 04 00000000`002fc890 00000000`77307b58 ntdll! ?? ::FNODOBFM::`string'+0x2365 05 00000000`002fc8c0 00000000`77318bbd ntdll!_C_specific_handler+0x8c 06 00000000`002fc930 00000000`7730875f ntdll!RtlpExecuteHandlerForException+0xd 07 00000000`002fc960 00000000`7733d348 ntdll!RtlDispatchException+0x45a 08 00000000`002fd040 000007fe`d962bc26 ntdll!KiUserExceptionDispatch+0x2e *** WARNING: Unable to verify checksum for chrome.dll 09 (Inline Function) --------`-------- chrome_7fed9590000!chrome::GetBrowserContextRedirectedInIncognito+0x6 [c:\b\build\slave\win64-pgo\build\src\chrome\browser\profiles\incognito_helpers.cc @ 13] 0a 00000000`002fd778 000007fe`d9cde1c1 chrome_7fed9590000!TemplateURLServiceFactory::GetBrowserContextToUse+0x6 [c:\b\build\slave\win64-pgo\build\src\chrome\browser\search_engines\template_url_service_factory.cc @ 89] 0b 00000000`002fd780 000007fe`da3499f8 chrome_7fed9590000!KeyedServiceFactory::GetServiceForContext+0xe5 [c:\b\build\slave\win64-pgo\build\src\components\keyed_service\core\keyed_service_factory.cc @ 65] 0c 00000000`002fd890 000007fe`da34bdaa chrome_7fed9590000!extensions::`anonymous namespace'::LogApiActivityOnUI+0x20 [c:\b\build\slave\win64-pgo\build\src\chrome\browser\extensions\activity_log\activity_log.cc @ 400] 0d (Inline Function) --------`-------- chrome_7fed9590000!base::internal::RunnableAdapter<void (__cdecl*)(content::BrowserContext *,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,std::unique_ptr<base::ListValue,std::default_delete<base::ListValue> >,enum extensions::Action::ActionType)>::Run+0x23 [c:\b\build\slave\win64-pgo\build\src\base\bind_internal.h @ 144] 0e (Inline Function) --------`-------- chrome_7fed9590000!base::internal::InvokeHelper<0,void>::MakeItSo+0x23 [c:\b\build\slave\win64-pgo\build\src\base\bind_internal.h @ 296] 0f (Inline Function) --------`-------- chrome_7fed9590000!base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (__cdecl*)(content::BrowserContext *,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,std::unique_ptr<base::ListValue,std::default_delete<base::ListValue> >,enum extensions::Action::ActionType)>,content::BrowserContext * &,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,base::internal::PassedWrapper<std::unique_ptr<base::ListValue,std::default_delete<base::ListValue> > >,enum extensions::Action::ActionType &>,void __cdecl(void)>::RunImpl+0x35 [c:\b\build\slave\win64-pgo\build\src\base\bind_internal.h @ 363] 10 00000000`002fd920 000007fe`d972c58f chrome_7fed9590000!base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (__cdecl*)(content::BrowserContext * __ptr64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const & __ptr64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const & __ptr64,std::unique_ptr<base::ListValue,std::default_delete<base::ListValue> >,enum extensions::Action::ActionType)>,content::BrowserContext * __ptr64 & __ptr64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const & __ptr64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const & __ptr64,base::internal::PassedWrapper<std::unique_ptr<base::ListValue,std::default_delete<base::ListValue> > >,enum extensions::Action::ActionType & __ptr64>,void __cdecl(void)>::Run+0x3e [c:\b\build\slave\win64-pgo\build\src\base\bind_internal.h @ 342] 11 (Inline Function) --------`-------- chrome_7fed9590000!base::Callback<void __cdecl(void),1>::Run+0x8 [c:\b\build\slave\win64-pgo\build\src\base\callback.h @ 389] 12 00000000`002fd960 000007fe`d96ce188 chrome_7fed9590000!base::debug::TaskAnnotator::RunTask+0x1ef [c:\b\build\slave\win64-pgo\build\src\base\debug\task_annotator.cc @ 53] 13 00000000`002fda90 000007fe`d96cf312 chrome_7fed9590000!base::MessageLoop::RunTask+0x448 [c:\b\build\slave\win64-pgo\build\src\base\message_loop\message_loop.cc @ 494] 14 (Inline Function) --------`-------- chrome_7fed9590000!base::MessageLoop::DeferOrRunPendingTask+0x19e [c:\b\build\slave\win64-pgo\build\src\base\message_loop\message_loop.cc @ 502] 15 00000000`002feda0 000007fe`d972cd38 chrome_7fed9590000!base::MessageLoop::DoWork+0x582 [c:\b\build\slave\win64-pgo\build\src\base\message_loop\message_loop.cc @ 625] 16 00000000`002ff290 000007fe`d972ca04 chrome_7fed9590000!base::MessagePumpForUI::DoRunLoop+0x78 [c:\b\build\slave\win64-pgo\build\src\base\message_loop\message_pump_win.cc @ 263] 17 00000000`002ff300 000007fe`d9713290 chrome_7fed9590000!base::MessagePumpWin::Run+0x54 [c:\b\build\slave\win64-pgo\build\src\base\message_loop\message_pump_win.cc @ 142] 18 (Inline Function) --------`-------- chrome_7fed9590000!base::MessageLoop::RunHandler+0x15 [c:\b\build\slave\win64-pgo\build\src\base\message_loop\message_loop.cc @ 457] 19 00000000`002ff350 000007fe`da5744d7 chrome_7fed9590000!base::RunLoop::Run+0x90 [c:\b\build\slave\win64-pgo\build\src\base\run_loop.cc @ 36] 1a 00000000`002ff3a0 000007fe`da06bd21 chrome_7fed9590000!ChromeBrowserMainParts::MainMessageLoopRun+0xef [c:\b\build\slave\win64-pgo\build\src\chrome\browser\chrome_browser_main.cc @ 1945] 1b (Inline Function) --------`-------- chrome_7fed9590000!content::BrowserMainLoop::RunMainMessageLoopParts+0x5f [c:\b\build\slave\win64-pgo\build\src\content\browser\browser_main_loop.cc @ 942] 1c 00000000`002ff420 000007fe`d9f22eed chrome_7fed9590000!content::BrowserMainRunnerImpl::Run+0x71 [c:\b\build\slave\win64-pgo\build\src\content\browser\browser_main_runner.cc @ 155] 1d 00000000`002ff470 000007fe`d969b3bf chrome_7fed9590000!content::BrowserMain+0x161 [c:\b\build\slave\win64-pgo\build\src\content\browser\browser_main.cc @ 46] 1e (Inline Function) --------`-------- chrome_7fed9590000!content::RunNamedProcessTypeMain+0x160 [c:\b\build\slave\win64-pgo\build\src\content\app\content_main_runner.cc @ 418] 1f 00000000`002ff4f0 000007fe`d95e4876 chrome_7fed9590000!content::ContentMainRunnerImpl::Run+0x1ff [c:\b\build\slave\win64-pgo\build\src\content\app\content_main_runner.cc @ 785] 20 (Inline Function) --------`-------- chrome_7fed9590000!content::ContentMain+0x81 [c:\b\build\slave\win64-pgo\build\src\content\app\content_main.cc @ 20] 21 00000000`002ff6a0 00000001`3f8f8b3f chrome_7fed9590000!ChromeMain+0x226 [c:\b\build\slave\win64-pgo\build\src\chrome\app\chrome_main.cc @ 84] 22 00000000`002ff760 00000001`3f8f2b5c chrome!MainDllLoader::Launch+0x3c3 [c:\b\build\slave\win64-pgo\build\src\chrome\app\main_dll_loader_win.cc @ 186] 23 00000000`002ff8b0 00000001`3f985b8e chrome!wWinMain+0x4dc [c:\b\build\slave\win64-pgo\build\src\chrome\app\chrome_exe_main_win.cc @ 263] 24 (Inline Function) --------`-------- chrome!invoke_main+0x21 [f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl @ 113] 25 00000000`002ffd20 00000000`770e59ed chrome!__scrt_common_main_seh+0x11e [f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl @ 255] 26 00000000`002ffd60 00000000`7731b371 kernel32!BaseThreadInitThunk+0xd 27 00000000`002ffd90 00000000`00000000 ntdll!RtlUserThreadStart+0x1d
,
Aug 22 2016
I can't reliably reproduce it. I tried that a few times before with my main profile and a new profile but can't get it to crash. I really can't just go and test it continuously or else I will not be able to do my daily work. I could perhaps use Canary but likewise I haven't been able to get it to just reproduce. But I do get crashes randomly when I was using Chrome as usual and randomly opening an incognito tab to search for something and closing that tab. In fact it just happened again a few minutes ago. And I am pretty sure that every time it crash I was closing the last incognito window. Could it be related to usage in the non-incognito tabs? It did crash once when I only have a handful of non-incognito tabs on a single window and just one incognito tab, but those non-incognito tabs do have some JavaScript and XHRs working.
,
Aug 22 2016
I might write an automated test script to try to reproduce it. Maybe I will get back to you tomorrow... or maybe not...
,
Aug 24 2016
,
Aug 24 2016
It does appear that it couldn't be reproduced on a new profile. I've wrote an autohotkey script to test it out, and on my regular profile it crashed 6 out of 100 times, while on a new profile it could run 300 times without a crash. I'm going to test this on a new profile synced from the same Google account and maybe try to isolate the cause. Do you have any suggestions?
,
Sep 1 2016
Thank you for providing more feedback. Adding requester "tkonchada@chromium.org" for another review and adding "Needs-Review" label for tracking. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 15 2016
I hate to say this but I am still having this issue on 54.0.2840.59 beta-m (64-bit).
,
Oct 17 2016
Still unable to reproduce the issue on windows 7 using chrome version 54.0.2840.59.Not observed any crash while closing the incognito windows. alvinhochun@ Could you please try the issue without any flags or extensions and if the issue still persists please provide us the crash id from chrome://crashes to triage the issue further.
,
Oct 17 2016
I can try again without any extensions but looking more clearly at the stack trace in the OP I see these frames: 0c 00000000`002fd890 000007fe`da34bdaa chrome_7fed9590000!extensions::`anonymous namespace'::LogApiActivityOnUI+0x20 [c:\b\build\slave\win64-pgo\build\src\chrome\browser\extensions\activity_log\activity_log.cc @ 400] 0f (Inline Function) --------`-------- chrome_7fed9590000!base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (__cdecl*)(content::BrowserContext *,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,std::unique_ptr<base::ListValue,std::default_delete<base::ListValue> >,enum extensions::Action::ActionType)>,content::BrowserContext * &,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,base::internal::PassedWrapper<std::unique_ptr<base::ListValue,std::default_delete<base::ListValue> > >,enum extensions::Action::ActionType &>,void __cdecl(void)>::RunImpl+0x35 [c:\b\build\slave\win64-pgo\build\src\base\bind_internal.h @ 363] 10 00000000`002fd920 000007fe`d972c58f chrome_7fed9590000!base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (__cdecl*)(content::BrowserContext * __ptr64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const & __ptr64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const & __ptr64,std::unique_ptr<base::ListValue,std::default_delete<base::ListValue> >,enum extensions::Action::ActionType)>,content::BrowserContext * __ptr64 & __ptr64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const & __ptr64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const & __ptr64,base::internal::PassedWrapper<std::unique_ptr<base::ListValue,std::default_delete<base::ListValue> > >,enum extensions::Action::ActionType & __ptr64>,void __cdecl(void)>::Run+0x3e [c:\b\build\slave\win64-pgo\build\src\base\bind_internal.h @ 342] From these frames I can see types or functions under the `extensions` namespace being mentioned. Assuming the stack trace is accurate, it would look like the crash is related to extensions in some way, so I'm not sure if this can be reproduced at all without any extensions installed. Also, `LogApiActivityOnUI` implies that it's related to some logging facilities.
,
Oct 24 2016
Thank you for providing more feedback. Adding "Needs-Review" label for tracking. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Nov 22 2016
This is a fairly frequent issue at least on OSX - see go/oqwcc likely extension activity on a browser context that went away by the time it was reported. Might be worth looking at what the extension activity is in the minidump.
,
Nov 22 2016
I think this is a dup, and should be fixed in m55. |
||||||||||
►
Sign in to add a comment |
||||||||||
Comment 1 by tkonch...@chromium.org
, Aug 22 2016Labels: Needs-Feedback