Issue 668334 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	paulmeyer@chromium.org
Closed:	Oct 2017
EstimatedDays:	----
NextAction:	----
OS:	Linux , Windows
Pri:	3
Type:	Bug

hit DCHECK(rfh->IsRenderFrameLive()) in FindRequestManager::SendFindIPC

Project Member Reported by bsep@chromium.org, Nov 24 2016

Issue description

Version: 57.0.2930.0 (Developer Build) (32-bit)
OS: Windows 10

1. Open or refresh a webpage that takes a while to load (about:histograms works well)
2. Control-F, type something in, and hit enter while the page is loading
3. The DCHECK gets hit around when the page finishes loading

Stack trace:
	base.dll!base::debug::BreakDebugger() Line 21	C++
 	base.dll!logging::LogMessage::~LogMessage() Line 751	C++
 	content.dll!content::FindRequestManager::SendFindIPC(const content::FindRequestManager::FindRequest & request, content::RenderFrameHost * rfh) Line 441	C++
 	content.dll!content::FindRequestManager::FindInternal(const content::FindRequestManager::FindRequest & request) Line 416	C++
 	content.dll!content::FindRequestManager::AdvanceQueue(int request_id) Line 436	C++
 	content.dll!content::FindRequestManager::FinalUpdateReceived(int request_id, content::RenderFrameHost * rfh) Line 555	C++
 	content.dll!content::FindRequestManager::RemoveFrame(content::RenderFrameHost * rfh) Line 274	C++
 	content.dll!content::FindRequestManager::DidFinishLoad(content::RenderFrameHost * rfh, const GURL & validated_url) Line 362	C++
 	content.dll!content::WebContentsImpl::OnDidFinishLoad(const GURL & url) Line 3581	C++
 	content.dll!base::DispatchToMethodImpl<content::WebContentsImpl *,void (__thiscall content::WebContentsImpl::*)(GURL const &),std::tuple<GURL> const &,0>(content::WebContentsImpl * const & obj, void(content::WebContentsImpl::*)(const GURL &) method, const std::tuple<GURL> & args, base::IndexSequence<0> __formal) Line 144	C++
 	content.dll!base::DispatchToMethod<content::WebContentsImpl *,void (__thiscall content::WebContentsImpl::*)(GURL const &),std::tuple<GURL> const &>(content::WebContentsImpl * const & obj, void(content::WebContentsImpl::*)(const GURL &) method, const std::tuple<GURL> & args) Line 150	C++
 	content.dll!IPC::DispatchToMethod<content::WebContentsImpl,void (__thiscall content::WebContentsImpl::*)(GURL const &),void,std::tuple<GURL> >(content::WebContentsImpl * obj, void(content::WebContentsImpl::*)(const GURL &) method, void * __formal, const std::tuple<GURL> & tuple) Line 26	C++
 	content.dll!IPC::MessageT<FrameHostMsg_DidFinishLoad_Meta,std::tuple<GURL>,void>::Dispatch<content::WebContentsImpl,content::WebContentsImpl,void,void (__thiscall content::WebContentsImpl::*)(GURL const &)>(const IPC::Message * msg, content::WebContentsImpl * obj, content::WebContentsImpl * sender, void * parameter, void(content::WebContentsImpl::*)(const GURL &) func) Line 121	C++
 	content.dll!content::WebContentsImpl::OnMessageReceived(content::RenderViewHost * render_view_host, content::RenderFrameHost * render_frame_host, const IPC::Message & message) Line 710	C++
 	content.dll!content::WebContentsImpl::OnMessageReceived(content::RenderFrameHost * render_frame_host, const IPC::Message & message) Line 4050	C++
 	content.dll!content::RenderFrameHostImpl::OnMessageReceived(const IPC::Message & msg) Line 675	C++
 	content.dll!content::RenderProcessHostImpl::OnMessageReceived(const IPC::Message & msg) Line 2016	C++
 	ipc.dll!IPC::ChannelProxy::Context::OnDispatchMessage(const IPC::Message & message) Line 341	C++

Comment 1 by majidvp@chromium.org, Dec 7 2016

Labels: OS-Linux

I experienced the same crash on Linux as well.

Chromium	57.0.2939.0 (Developer Build) (64-bit)
Revision	f70c856e2fc338a5bc982422a0772359dd995cd4
OS	Linux 

What happened:
- opened my local build
- google search
- opened chrome://histograms
- Ctrl+F and started typing immediately (I think at this point the page was not fully loaded yet)
- The find in page text field showed up and started capturing what I was typing
- CRASH


Here is the stacktrace:

#2 0x7f8d96046a80 content::FindRequestManager::SendFindIPC()
#3 0x7f8d960450e1 content::FindRequestManager::FindInternal()
#4 0x7f8d96045d63 content::FindRequestManager::AdvanceQueue()
#5 0x7f8d96045f9c content::FindRequestManager::FinalUpdateReceived()
#6 0x7f8d960464f5 content::FindRequestManager::RemoveFrame()
#7 0x7f8d960465a8 content::FindRequestManager::DidFinishLoad()
#8 0x7f8d969b7b51 content::WebContentsImpl::OnDidFinishLoad()
#9 0x7f8d95d03d2d _ZN4base20DispatchToMethodImplIPN7content18BlobDispatcherHostEMS2_FvRK4GURLERKSt5tupleIJS4_EEJLm0EEEEvRKT_T0_OT1_NS_13IndexSequenceIJXspT2_EEEE
#10 0x7f8d9603e590 _ZN4base16DispatchToMethodIPN7content20FileAPIMessageFilterEMS2_FvRK4GURLERKSt5tupleIJS4_EEEEvRKT_T0_OT1_
#11 0x7f8d969e476f _ZN3IPC16DispatchToMethodIN7content15WebContentsImplEMS2_FvRK4GURLEvSt5tupleIJS3_EEEEvPT_T0_PT1_RKT2_
#12 0x7f8d969d300f _ZN3IPC8MessageTI31FrameHostMsg_DidFinishLoad_MetaSt5tupleIJ4GURLEEvE8DispatchIN7content15WebContentsImplES8_vMS8_FvRKS3_EEEbPKNS_7MessageEPT_PT0_PT1_T2_
#13 0x7f8d969b5f4f content::WebContentsImpl::OnMessageReceived()
#14 0x7f8d969c9aa4 content::WebContentsImpl::OnMessageReceived()
#15 0x7f8d960af681 content::RenderFrameHostImpl::OnMessageReceived()
#16 0x7f8d9663aab2 content::RenderProcessHostImpl::OnMessageReceived()
#17 0x7f8d99582be8 IPC::ChannelProxy::Context::OnDispatchMessage()
#18 0x7f8d995896cf _ZN4base8internal13FunctorTraitsIMN3IPC12ChannelProxy7ContextEFvRKNS2_7MessageEEvE6InvokeIRK13scoped_refptrIS4_EJS7_EEEvS9_OT_DpOT0_
#19 0x7f8d995895b6 _ZN4base8internal12InvokeHelperILb0EvE8MakeItSoIRKMN3IPC12ChannelProxy7ContextEFvRKNS4_7MessageEEJRK13scoped_refptrIS6_ES9_EEEvOT_DpOT0_
#20 0x7f8d99589543 _ZN4base8internal7InvokerINS0_9BindStateIMN3IPC12ChannelProxy7ContextEFvRKNS3_7MessageEEJ13scoped_refptrIS5_ES6_EEEFvvEE7RunImplIRKSA_RKSt5tupleIJSC_S6_EEJLm0ELm1EEEEvOT_OT0_NS_13IndexSequenceIJXspT1_EEEE
#21 0x7f8d9958945c _ZN4base8internal7InvokerINS0_9BindStateIMN3IPC12ChannelProxy7ContextEFvRKNS3_7MessageEEJ13scoped_refptrIS5_ES6_EEEFvvEE3RunEPNS0_13BindStateBaseE
#22 0x7f8d9c609491 _ZNO4base8internal8RunMixinINS_8CallbackIFvvELNS0_8CopyModeE0ELNS0_10RepeatModeE0EEEE3RunEv
#23 0x7f8d9c608e62 base::debug::TaskAnnotator::RunTask()
#24 0x7f8d9c6995ca base::MessageLoop::RunTask()
#25 0x7f8d9c699854 base::MessageLoop::DeferOrRunPendingTask()
#26 0x7f8d9c699b3e base::MessageLoop::DoWork()
#27 0x7f8d9c6b1e9c base::MessagePumpGlib::HandleDispatch()
#28 0x7f8d9c6b2661 base::(anonymous namespace)::WorkSourceDispatch()
#29 0x7f8d8bb79e04 g_main_context_dispatch
#30 0x7f8d8bb7a048 <unknown>
#31 0x7f8d8bb7a0ec g_main_context_iteration
#32 0x7f8d9c6b1f9f base::MessagePumpGlib::Run()
#33 0x7f8d9c69914a base::MessageLoop::RunHandler()
#34 0x7f8d9c745c04 base::RunLoop::Run()
#35 0x7f8d9ec2823f ChromeBrowserMainParts::MainMessageLoopRun()
#36 0x7f8d95d7afe9 content::BrowserMainLoop::RunMainMessageLoopParts()
#37 0x7f8d95d86ce5 content::BrowserMainRunnerImpl::Run()
#38 0x7f8d95d74ab8 content::BrowserMain()
#39 0x7f8d975482a6 content::RunNamedProcessTypeMain()
#40 0x7f8d9754a732 content::ContentMainRunnerImpl::Run()
#41 0x7f8d97547592 content::ContentMain()
#42 0x7f8d9d49ec0b ChromeMain
#43 0x7f8d9d49eba2 main
#44 0x7f8d8912bf45 __libc_start_main
#45 0x7f8d9d49eaa5 <unknown>

Comment 2 by paulmeyer@chromium.org, Oct 17 2017

Status: WontFix (was: Untriaged)

Comment 3 by xhw...@chromium.org, Oct 27 2017

I am still seeing this on Linux today after I opened about://histograms. Why this is a WontFix?

Comment 4 by xhw...@chromium.org, Oct 27 2017

FYI, here's the callstack I saw:

[37496:37496:1027/162144.293974:FATAL:find_request_manager.cc(586)] Check failed: CheckFrame(rfh). 
#0 0x7fdfd14c0ddd base::debug::StackTrace::StackTrace()
#1 0x7fdfd14bf20c base::debug::StackTrace::StackTrace()
#2 0x7fdfd1545f9a logging::LogMessage::~LogMessage()
#3 0x7fdfccf2cbfb content::FindRequestManager::SendFindIPC()
#4 0x7fdfccf2a463 content::FindRequestManager::FindInternal()
#5 0x7fdfccf2ba2f content::FindRequestManager::AdvanceQueue()
#6 0x7fdfccf2bc9c content::FindRequestManager::FinalUpdateReceived()
#7 0x7fdfccf2c5e0 content::FindRequestManager::RemoveFrame()
#8 0x7fdfccf32980 content::FindRequestManager::FrameObserver::DidFinishLoad()
#9 0x7fdfcd845a12 content::WebContentsImpl::OnDidFinishLoad()
#10 0x7fdfcc752972 _ZN3IPC20DispatchToMethodImplIN5media24GpuJpegDecodeAccelerator13MessageFilterEMS3_FvPKiRK39AcceleratedJpegDecoderMsg_Decode_ParamsES4_NSt3__15tupleIJS6_EEEJLm0EEEEvPT_T0_PT1_OT2_NSB_16integer_sequenceImJXspT3_EEEE
#11 0x7fdfcc7528c0 _ZN3IPC16DispatchToMethodIN5media24GpuJpegDecodeAccelerator13MessageFilterEKiJRK39AcceleratedJpegDecoderMsg_Decode_ParamsENSt3__15tupleIJS5_EEEEENS8_9enable_ifIXeqsZT1_sr3std10tuple_sizeINS8_5decayIT2_E4typeEEE5valueEvE4typeEPT_MSI_FvPT0_DpT1_ESL_OSD_
#12 0x7fdfcd86c341 _ZN3IPC8MessageTI31FrameHostMsg_DidFinishLoad_MetaNSt3__15tupleIJ4GURLEEEvE8DispatchIN7content15WebContentsImplES9_NS8_19RenderFrameHostImplEMS9_FvPSA_RKS4_EEEbPKNS_7MessageEPT_PT0_PT1_T2_
#13 0x7fdfcd844e73 content::WebContentsImpl::OnMessageReceived()
#14 0x7fdfccfc235a content::RenderFrameHostImpl::OnMessageReceived()
#15 0x7fdfcd53aad0 content::RenderProcessHostImpl::OnMessageReceived()
#16 0x7fdfd0c886f8 IPC::ChannelProxy::Context::OnDispatchMessage()
#17 0x7fdfd0c8eb4f _ZN4base8internal13FunctorTraitsIMN3IPC12ChannelProxy7ContextEFvRKNS2_7MessageEEvE6InvokeIRK13scoped_refptrIS4_EJS7_EEEvS9_OT_DpOT0_
#18 0x7fdfd0c8eaaf _ZN4base8internal12InvokeHelperILb0EvE8MakeItSoIRKMN3IPC12ChannelProxy7ContextEFvRKNS4_7MessageEEJRK13scoped_refptrIS6_ES9_EEEvOT_DpOT0_
#19 0x7fdfd0c8ea3d _ZN4base8internal7InvokerINS0_9BindStateIMN3IPC12ChannelProxy7ContextEFvRKNS3_7MessageEEJ13scoped_refptrIS5_ES6_EEEFvvEE7RunImplIRKSA_RKNSt3__15tupleIJSC_S6_EEEJLm0ELm1EEEEvOT_OT0_NSJ_16integer_sequenceImJXspT1_EEEE
#20 0x7fdfd0c8e94c _ZN4base8internal7InvokerINS0_9BindStateIMN3IPC12ChannelProxy7ContextEFvRKNS3_7MessageEEJ13scoped_refptrIS5_ES6_EEEFvvEE3RunEPNS0_13BindStateBaseE
#21 0x7fdfd146ffb1 _ZNO4base12OnceCallbackIFvvEE3RunEv
#22 0x7fdfd14c50da base::debug::TaskAnnotator::RunTask()
#23 0x7fdfd15648e5 base::internal::IncomingTaskQueue::RunTask()
#24 0x7fdfd156d704 base::MessageLoop::RunTask()
#25 0x7fdfd156d9a6 base::MessageLoop::DeferOrRunPendingTask()
#26 0x7fdfd156dcf3 base::MessageLoop::DoWork()
#27 0x7fdfd15713cc base::MessagePumpGlib::HandleDispatch()
#28 0x7fdfd1571b71 base::(anonymous namespace)::WorkSourceDispatch()
#29 0x7fdfba3f1e04 g_main_context_dispatch
#30 0x7fdfba3f2048 <unknown>
#31 0x7fdfba3f20ec g_main_context_iteration
#32 0x7fdfd15714cf base::MessagePumpGlib::Run()
#33 0x7fdfd156cea4 base::MessageLoop::Run()
#34 0x7fdfd1616a15 base::RunLoop::Run()
#35 0x5650f3c963fd ChromeBrowserMainParts::MainMessageLoopRun()
#36 0x7fdfccba2306 content::BrowserMainLoop::RunMainMessageLoopParts()
#37 0x7fdfccbaabef content::BrowserMainRunnerImpl::Run()
#38 0x7fdfccb9650b content::BrowserMain()
#39 0x7fdfce703494 content::RunNamedProcessTypeMain()
#40 0x7fdfce706052 content::ContentMainRunnerImpl::Run()
#41 0x7fdfce700c6d content::ContentServiceManagerMainDelegate::RunEmbedderProcess()
#42 0x7fdfd1d1c7f5 service_manager::Main()
#43 0x7fdfce7022ef content::ContentMain()

►

Issue 668334 link

Issue metadata

hit DCHECK(rfh->IsRenderFrameLive()) in FindRequestManager::SendFindIPC

Issue description

Comment 1 by majidvp@chromium.org, Dec 7 2016

Comment 1 Deleted

Comment 2 by paulmeyer@chromium.org, Oct 17 2017

Comment 2 Deleted

Comment 3 by xhw...@chromium.org, Oct 27 2017

Comment 3 Deleted

Comment 4 by xhw...@chromium.org, Oct 27 2017

Comment 4 Deleted

Sign in to add a comment