New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 713505 link

Starred by 4 users
Status: Fixed
Owner:
spqc...@chromium.org
Last visit > 30 days ago
Closed: Apr 2017
Cc:
nyerramilli@chromium.org
msrchandra@chromium.org
ranjitkan@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Regression: Browser crash is observed on clicking wrench menu.

Reported by aiman.an...@etouch.net, Apr 20 2017 
Chrome Version: 60.0.3075.0 (Official Build) (64-bit) (cohort: win_58_81)acba6ce3ba4f318e84b772ce094cc8990bdf2022-refs/heads/master@{#465641}(32/64 Bit).

OS:  Windows(7,8,10).

Steps to reproduce:
1.Freshly install and launch chrome, click on Wrench and observe.

Actual Result: Browser crash is observed.
Expected Result: Browser should not crash.

Crash ID 8b3f3e6a-4455-4bca-ac58-c13f276e4405 (Server ID: 5f5bfe8e80000000)

This is regression issue broken in 'M 59' and will soon update the bisect info:

Manual Bisect Info: 
Good Build 59.0.3074.0
Bad Build 55.0.3075.0

Comment 1 Deleted

Comment 2 Deleted

Comment 3 Deleted

Comment 4 by aiman.an...@etouch.net, Apr 20 2017

Components: UI>Browser>Toolbar
Note: Issue is observed only when warning icon is seen on wrench menu.
Actual Result.mp4
1.3 MB View Download

Comment 5 Deleted

Comment 6 by aiman.an...@etouch.net, Apr 20 2017 

Correction:
Good Build 60.0.3074.0
Bad Build 60.0.3075.0

Comment 7 by msrchandra@chromium.org, Apr 20 2017

Labels: hasbisect-per-revision ReleaseBlock-Dev OS-Linux
Owner: spqc...@chromium.org
Status: Assigned (was: Unconfirmed)
Using the per-revision bisect providing the bisect results,
Good build: 60.0.3074.0 (Revision: 465085).
Bad build : 60.0.3075.0 (Revision: 465641).

You are probably looking for a change made after 465266 (known good), but no later than 465267 (first known bad).
CHANGELOG URL:
  https://chromium.googlesource.com/chromium/src/+log/87648f2cf83870acac8d73ea6bb61a5dcf11b921..064a811986ce8b3bdcb9bd134d4927b9b36fee2a

Providing the Stack Trace for the Crash ID -- 5f5bfe8e80000000

Stack Trace ::
===============
Thread 0 CRASHED [EXCEPTION_ACCESS_VIOLATION_READ @ 0x00000018 ] MAGIC SIGNATURE THREAD
Stack Quality100%Show frame trust levels
0x000007fee573affd	(chrome.dll -app_menu_animation.cc:174 )	AppMenuAnimation::StartAnimation()
0x000007fee5716746	(chrome.dll -app_menu_button.cc:113 )	AppMenuButton::ShowMenu(bool)
0x000007fee5764d39	(chrome.dll -toolbar_view.cc:397 )	ToolbarView::OnMenuButtonClicked(views::MenuButton *,gfx::Point const &,ui::Event const *)
0x000007fee5adfd62	(chrome.dll -menu_button.cc:136 )	views::MenuButton::Activate(ui::Event const *)
0x000007fee5ae02a5	(chrome.dll -menu_button.cc:213 )	views::MenuButton::OnMousePressed(ui::MouseEvent const &)
0x000007fee5ac0de8	(chrome.dll -view.cc:2401 )	views::View::ProcessMousePressed(ui::MouseEvent const &)
0x000007fee5ac0221	(chrome.dll -view.cc:1086 )	views::View::OnMouseEvent(ui::MouseEvent *)
0x000007fee4e7c24d	(chrome.dll -event_handler.cc:27 )	ui::EventHandler::OnEvent(ui::Event *)
0x000007fee5ba62b8	(chrome.dll -scoped_target_handler.cc:32 )	ui::ScopedTargetHandler::OnEvent(ui::Event *)
0x000007fee4e7c57c	(chrome.dll -event_dispatcher.cc:191 )	ui::EventDispatcher::DispatchEvent(ui::EventHandler *,ui::Event *)
0x000007fee4e7c981	(chrome.dll -event_dispatcher.cc:139 )	ui::EventDispatcher::ProcessEvent(ui::EventTarget *,ui::Event *)
0x000007fee4e7c815	(chrome.dll -event_dispatcher.cc:86 )	ui::EventDispatcherDelegate::DispatchEventToTarget(ui::EventTarget *,ui::Event *)
0x000007fee4e7c610	(chrome.dll -event_dispatcher.cc:58 )	ui::EventDispatcherDelegate::DispatchEvent(ui::EventTarget *,ui::Event *)
0x000007fee5af2d44	(chrome.dll -root_view.cc:376 )	views::internal::RootView::OnMousePressed(ui::MouseEvent const &)
0x000007fee5ab8dc9	(chrome.dll -widget.cc:1202 )	views::Widget::OnMouseEvent(ui::MouseEvent *)
0x000007fee4e7c24d	(chrome.dll -event_handler.cc:27 )	ui::EventHandler::OnEvent(ui::Event *)
0x000007fee4e7c57c	(chrome.dll -event_dispatcher.cc:191 )	ui::EventDispatcher::DispatchEvent(ui::EventHandler *,ui::Event *)
0x000007fee4e7c981	(chrome.dll -event_dispatcher.cc:139 )	ui::EventDispatcher::ProcessEvent(ui::EventTarget *,ui::Event *)
0x000007fee4e7c815	(chrome.dll -event_dispatcher.cc:86 )	ui::EventDispatcherDelegate::DispatchEventToTarget(ui::EventTarget *,ui::Event *)
0x000007fee4e7c610	(chrome.dll -event_dispatcher.cc:58 )	ui::EventDispatcherDelegate::DispatchEvent(ui::EventTarget *,ui::Event *)
0x000007fee5ba611a	(chrome.dll -event_processor.cc:46 )	ui::EventProcessor::OnEventFromSource(ui::Event *)
0x000007fee5ba5e77	(chrome.dll -event_source.cc:73 )	ui::EventSource::DeliverEventToSink(ui::Event *)
0x000007fee5ba5f11	(chrome.dll -event_source.cc:51 )	ui::EventSource::SendEventToSink(ui::Event *)
0x000007fee5b00120	(chrome.dll -desktop_window_tree_host_win.cc:835 )	views::DesktopWindowTreeHostWin::HandleMouseEvent(ui::MouseEvent const &)
0x000007fee5b16867	(chrome.dll -hwnd_message_handler.cc:2674 )	views::HWNDMessageHandler::HandleMouseEventInternal(unsigned int,unsigned __int64,__int64,bool)
0x000007fee5b1b03b	(chrome.dll -hwnd_message_handler.h:338 )	views::HWNDMessageHandler::_ProcessWindowMessage(HWND__ *,unsigned int,unsigned __int64,__int64,__int64 &,unsigned long)
0x000007fee5b19c30	(chrome.dll -hwnd_message_handler.cc:915 )	views::HWNDMessageHandler::OnWndProc(unsigned int,unsigned __int64,__int64)
0x000007fee4dc5feb	(chrome.dll -window_impl.cc:303 )	gfx::WindowImpl::WndProc(HWND__ *,unsigned int,unsigned __int64,__int64)
0x000007fee4dc57f6	(chrome.dll -wrapped_window_proc.h:76 )	base::win::WrappedWindowProc<&gfx::WindowImpl::WndProc(HWND__ *,unsigned int,unsigned __int64,__int64)>(HWND__ *,unsigned int,unsigned __int64,__int64)
0x77a89bd0	(USER32.dll + 0x00019bd0 )	UserCallWinProcCheckWow
0x77a898d9	(USER32.dll + 0x000198d9 )	DispatchMessageWorker
0x000007fee3ccb046	(chrome.dll -message_pump_win.cc:363 )	base::MessagePumpForUI::ProcessMessageHelper(tagMSG const &)
0x000007fee3ccac1f	(chrome.dll -message_pump_win.cc:169 )	base::MessagePumpForUI::DoRunLoop()
0x000007fee3cca893	(chrome.dll -message_pump_win.cc:56 )	base::MessagePumpWin::Run(base::MessagePump::Delegate *)
0x000007fee3c9ab5f	(chrome.dll -run_loop.cc:37 )	base::RunLoop::Run()
0x000007fee499404f	(chrome.dll -chrome_browser_main.cc:1977 )	ChromeBrowserMainParts::MainMessageLoopRun(int *)
0x000007fee4422cb5	(chrome.dll -browser_main_loop.cc:1166 )	content::BrowserMainLoop::RunMainMessageLoopParts()
0x000007fee442422d	(chrome.dll -browser_main_runner.cc:140 )	content::BrowserMainRunnerImpl::Run()
0x000007fee441e6f3	(chrome.dll -browser_main.cc:46 )	content::BrowserMain(content::MainFunctionParams const &)
0x000007fee4942022	(chrome.dll -content_main_runner.cc:438 )	content::RunNamedProcessTypeMain(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::MainFunctionParams const &,content::ContentMainDelegate *)
0x000007fee4941e6b	(chrome.dll -content_main_runner.cc:740 )	content::ContentMainRunnerImpl::Run()
0x000007fee4fdf935	(chrome.dll -main.cc:179 )	service_manager::Main(service_manager::MainParams const &)
0x000007fee494168f	(chrome.dll -content_main.cc:19 )	content::ContentMain(content::ContentMainParams const &)
0x000007fee4127487	(chrome.dll -chrome_main.cc:123 )	ChromeMain
0x000000013f3d428f	(chrome.exe -main_dll_loader_win.cc:202 )	MainDllLoader::Launch(HINSTANCE__ *,base::TimeTicks)
0x000000013f3d334f	(chrome.exe -chrome_exe_main_win.cc:271 )	wWinMain
0x000000013f4050c2	(chrome.exe -exe_common.inl:253 )	__scrt_common_main_seh
0x77b8652c	(kernel32.dll + 0x0001652c )	BaseThreadInitThunk
0x77cbc520	(ntdll.dll + 0x0002c520 )	RtlUserThreadStart

@spqchan: Could you please look into the issue, pardon me if it has nothing to do with your changes and if possible please assign it to concern owner.
Adding RB Label as this is a recent Regression. Please change if not required.

Note: This issue is also seen on Linux 14.04.
Not reproducible on Mac OS X 10.12.3.
Thank You.

Comment 8 by spqc...@chromium.org, Apr 20 2017

Status: Started (was: Assigned)
Project Member

Comment 9 by bugdroid1@chromium.org, Apr 21 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8623ad421d2a9c367b1dd9a98a2bd26e54f7ba65

commit 8623ad421d2a9c367b1dd9a98a2bd26e54f7ba65
Author: spqchan <spqchan@chromium.org>
Date: Fri Apr 21 02:55:02 2017

App Menu Crash Fix

Added a missing nullptr check.

BUG= 713505 

Review-Url: https://codereview.chromium.org/2830193002
Cr-Commit-Position: refs/heads/master@{#466238}

[modify] https://crrev.com/8623ad421d2a9c367b1dd9a98a2bd26e54f7ba65/chrome/browser/ui/views/toolbar/app_menu_button.cc

Comment 10 by spqc...@chromium.org, Apr 22 2017

Status: Fixed (was: Started)

Comment 11 by msrchandra@chromium.org, Apr 24 2017 

 Issue 714105  has been merged into this issue.

Comment 12 by ajha@chromium.org, Apr 25 2017 

Issue 714104 has been merged into this issue.

Comment 13 by ajha@chromium.org, Apr 25 2017 

Issue 714151 has been merged into this issue.

Comment 14 by sureshkumari@chromium.org, Apr 26 2017

Labels: TE-Verified-M60 TE-Verified-60.0.3080.5
Tested the issue on Windows-7 and Linux Ubuntu-14.04 using chrome version# 60.0.3080.5
Observed that the fix is working as expected. Hence adding TE-Verified labels.
Please find the attached screen cast for the same.

Thanks!!
713505.mp4
196 KB View Download

Sign in to add a comment