New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 674428 link

Starred by 2 users
Status: Duplicate
Merged: issue 674474
Owner:
dgozman@chromium.org
Closed: Dec 2016
Cc:
nyerramilli@chromium.org
brajkumar@chromium.org
ranjitkan@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Regression: Browser crash is seen after opening/closing the NTP

Reported by jshan...@etouch.net, Dec 15 2016 
Chrome Version: 57.0.2952.0 (Official Build)199daadb512fd39c2c8c3e56f536acb7eb941fb4-refs/heads/master@{#438707}-32/64 bit
OS: Windows(7,8,10),  Mac (10.11.6, 10.12.1)

Steps:
1. Launch Chrome and open Devtools on NTP
2. Press 'Ctrl+R' keys, open other NTP and close previous NTP on which devtools is open.
3. Observe

Actual: Browser crash is seen after closing the NTP

Expected: Browser should not crash

This is a regression issue broken in M-57, will soon update the bisect info

Good build: 57.0.2951.0 
Bad build: 57.0.2952.0 

Crash ID c7bef71b-f168-46f4-9056-851c974e9104 (Server ID: c336ea0080000000)
Actual_video.mp4
788 KB View Download

Comment 1 by brajkumar@chromium.org, Dec 15 2016

Cc: brajkumar@chromium.org
Labels: hasbisect-per-revision ReleaseBlock-Dev Stability-Crash HasTestcase OS-Linux OS-Mac
Owner: dgozman@chromium.org
Status: Assigned (was: Unconfirmed)
Able to reproduce the issue on Ubuntu 14.04 and Mac OS 10.12 using chrome latest Dev M57-57.0.2952.0.

Using the per-revision bisect providing the bisect results,
You are probably looking for a change made after 438675 (known good), but no later than 438676 (first known bad).

CHANGE-LOG URL:
---------------------------------------
https://chromium.googlesource.com/chromium/src/+log/0d69452813c95ee10e53b8e83eaceea23a2b1780..b41d221cb138f0f5e3824229f12bf794172e106f

From the CL above, assigning the issue to the concern owner
Review-Url: https://codereview.chromium.org/2573993003

dgozman@ - Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Note: Adding RB-Dev since this issue is broken in M-57, please feel free to edit if this is not the case.

Thanks!

Comment 2 by brajkumar@chromium.org, Dec 15 2016 

Stack Trace:
-----------------
Thread 18 CRASHED [EXCEPTION_ACCESS_VIOLATION_EXEC @ 0x69737369 ] MAGIC SIGNATURE THREAD
Stack Quality93%Show frame trust levels
0x69737369		
0x5cfa82a3	(chrome.dll -bind_internal.h:164 )	base::internal::FunctorTraits<void (*)(void ( content::ServiceWorkerContextObserver::*)(__int64,GURL const &),__int64,GURL const &,content::ServiceWorkerContextObserver *),void>::Invoke<void ( content::ServiceWorkerContextObserver::*const &)(__int64,GURL const &),__int64 const &,GURL const &,content::ServiceWorkerContextObserver *>(void (*)(void ( content::ServiceWorkerContextObserver::*)(__int64,GURL const &),__int64,GURL const &,content::ServiceWorkerContextObserver *),void ( content::ServiceWorkerContextObserver::*const &)(__int64,GURL const &),__int64 const &,GURL const &,content::ServiceWorkerContextObserver * &&)
0x5cfa8c5b	(chrome.dll -bind_internal.h:361 )	base::internal::Invoker<base::internal::BindState<void (*)(void ( content::ServiceWorkerContextObserver::*)(__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &),__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::ServiceWorkerContextObserver *),void ( content::ServiceWorkerContextObserver::*)(__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &),__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,void >::RunImpl<void (*const &)(void ( content::ServiceWorkerContextObserver::*)(__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &),__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::ServiceWorkerContextObserver *),std::tuple<void ( content::ServiceWorkerContextObserver::*)(__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &),__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > > const &,0,1,2>(void (*const &)(void ( content::ServiceWorkerContextObserver::*)(__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &),__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::ServiceWorkerContextObserver *),std::tuple<void ( content::ServiceWorkerContextObserver::*)(__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &),__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > > const &,base::IndexSequence<0,1,2>,content::ServiceWorkerContextObserver * &&)
0x5cfab901	(chrome.dll -bind_internal.h:339 )	base::internal::Invoker<base::internal::BindState<void (*)(void ( content::ServiceWorkerContextObserver::*)(__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &),__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::ServiceWorkerContextObserver *),void ( content::ServiceWorkerContextObserver::*)(__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &),__int64,std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,void >::Run(base::internal::BindStateBase *,content::ServiceWorkerContextObserver * &&)
0x5d599503	(chrome.dll -observer_list_threadsafe.h:195 )	base::ObserverListThreadSafe<media::UserInputMonitor::MouseEventListener>::NotifyWrapper(base::ObserverListThreadSafe<media::UserInputMonitor::MouseEventListener>::ObserverListContext *,base::Callback<void ,1,1> const &)
0x5d94330f	(chrome.dll -bind_internal.h:339 )	base::internal::Invoker<base::internal::BindState<void ( base::ObserverListThreadSafe<storage_monitor::RemovableStorageObserver>::*)(base::ObserverListThreadSafe<storage_monitor::RemovableStorageObserver>::ObserverListContext *,base::Callback<void ,1,1> const &),scoped_refptr<base::ObserverListThreadSafe<storage_monitor::RemovableStorageObserver> >,base::ObserverListThreadSafe<storage_monitor::RemovableStorageObserver>::ObserverListContext *,base::Callback<void ,1,1> >,void >::Run(base::internal::BindStateBase *)
0x5c88d338	(chrome.dll -task_annotator.cc:52 )	base::debug::TaskAnnotator::RunTask(char const *,base::PendingTask *)
0x5c84a1dd	(chrome.dll -message_loop.cc:413 )	base::MessageLoop::RunTask(base::PendingTask *)
0x5c84abe4	(chrome.dll -message_loop.cc:515 )	base::MessageLoop::DoWork()
0x5c88e1e0	(chrome.dll -message_pump_win.cc:475 )	base::MessagePumpForIO::DoRunLoop()
0x5c88d4e4	(chrome.dll -message_pump_win.cc:56 )	base::MessagePumpWin::Run(base::MessagePump::Delegate *)
0x5c86264c	(chrome.dll -run_loop.cc:37 )	base::RunLoop::Run()
0x5c848908	(chrome.dll -thread.cc:245 )	base::Thread::Run(base::RunLoop *)
0x5ce3917a	(chrome.dll -browser_thread_impl.cc:252 )	content::BrowserThreadImpl::IOThreadRun(base::RunLoop *)
0x5ce39680	(chrome.dll -browser_thread_impl.cc:287 )	content::BrowserThreadImpl::Run(base::RunLoop *)
0x5c848b1e	(chrome.dll -thread.cc:328 )	base::Thread::ThreadMain()
0x5c81c19a	(chrome.dll -platform_thread_win.cc:84 )	base::`anonymous namespace'::ThreadFunc
0x75b433a9	(kernel32.dll + 0x000133a9 )	BaseThreadInitThunk
0x77ae9f71	(ntdll.dll + 0x00039f71 )	__RtlUserThreadStart
0x77ae9f44	(ntdll.dll + 0x00039f44 )	_RtlUserThreadStart

Below link gives in details of the number of instances in which the crash has occurred for associated builds:
https://crash.corp.google.com/browse?q=product.name%3D%27Chrome%27%20AND%20custom_data.ChromeCrashProto.ptype%3D%27browser%27%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D%27base%3A%3AObserverListThreadSafe%3Cmedia%3A%3AUserInputMonitor%3A%3AMouseEventListener%3E%3A%3ANotifyWrapper%27&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D

Comment 3 by dgozman@chromium.org, Dec 15 2016

Mergedinto: 674474
Status: Duplicate (was: Assigned)

Sign in to add a comment