New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 733182 link

Starred by 2 users
Status: Duplicate
Merged: issue 733499
Owner:
kochi@chromium.org
Last visit > 30 days ago
Closed: Jun 2017
Cc:
kkaluri@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

a one time Aw Snap when going to ...->About Chromium

Reported by xftroxgpx@gmail.com, Jun 14 2017 
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3128.0 Safari/537.36

Steps to reproduce the problem:
I don't know!
But used this chromium:
https://www.googleapis.com/download/storage/v1/b/chromium-browser-snapshots/o/Linux_x64%2F479344%2Fchrome-linux.zip?alt=media

I had Settings open in one tab (with 'javascript' in its search)
I went to a new tab (Ctrl+t)
Clicked "..."(menu) then 'About Chromium' which switched to the already opened Settings tab and Aw Snap-ped it!

Can't reproduce again! But have the stacktrace and net log, if at all useful.

What is the expected behavior?
no tab crash

What went wrong?
tab crashed the already opened Settings tab when I tried ...->About Chromium

Crashed report ID: no

How much crashed? Just one tab

Is it a problem with a plugin? N/A 

Did this work before? N/A 

Chrome version: 61.0.3131.0  Channel: stable
OS Version: ArchLinux
Flash Version: none

$ ./go
[18864:18893:0614/124746.125040:ERROR:ssl_client_socket_impl.cc(1071)] handshake failed; returned -1, SSL error code 1, net_error -102
[18864:18893:0614/124746.129593:ERROR:ssl_client_socket_impl.cc(1071)] handshake failed; returned -1, SSL error code 1, net_error -102
Received signal 11 SEGV_MAPERR 000000000030
#0 0x5618dc514b47 base::debug::StackTrace::StackTrace()
#1 0x5618dc5146bf base::debug::(anonymous namespace)::StackDumpSignalHandler()
#2 0x7f872d696940 <unknown>
#3 0x5618de4f6346 blink::HTMLImportsController::ShouldBlockScriptExecution()
#4 0x5618df812e78 blink::Document::ExecuteScriptsWaitingForResources()
#5 0x5618de31b0dd blink::TaskHandle::Runner::Run()
#6 0x5618dc599220 base::debug::TaskAnnotator::RunTask()
#7 0x5618de3e62a8 blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue()
#8 0x5618de3e473f blink::scheduler::TaskQueueManager::DoWork()
#9 0x5618dc599220 base::debug::TaskAnnotator::RunTask()
#10 0x5618dc52d66d base::MessageLoop::RunTask()
#11 0x5618dc52d9b8 base::MessageLoop::DeferOrRunPendingTask()
#12 0x5618dc52dd81 base::MessageLoop::DoWork()
#13 0x5618dc52ec4a base::MessagePumpDefault::Run()
#14 0x5618dc54bd2e base::RunLoop::Run()
#15 0x5618de96a73c content::RendererMain()
#16 0x5618dc1d690a content::RunZygote()
#17 0x5618dc1d7798 content::ContentMainRunnerImpl::Run()
#18 0x5618dc1ddff6 service_manager::Main()
#19 0x5618dc1d66f2 content::ContentMain()
#20 0x5618dae441dc ChromeMain
#21 0x7f8726f5543a __libc_start_main
#22 0x5618dae4403d <unknown>
  r8: 00149e50dd7d084c  r9: 00007ffe88979080 r10: 0000000000ff8842 r11: 0000000000000246
 r12: 0000090f5bd45bd8 r13: 00007ffe8895eef8 r14: 00005618e04c925f r15: 00005618e1d5d700
  di: 00000306c6d90938  si: 00001d7c5c2419f0  bp: 00007ffe8895f0c8  bx: 00001d7c5c2419f0
  dx: 0000000000000000  ax: 0000000000000000  cx: 0000000000000000  sp: 00007ffe8895ee88
  ip: 00005618de4f6346 efl: 0000000000010246 cgf: 002b000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000030
[end of stack trace]
Calling _exit(1). Core file will not be generated.
Press any key to continue...

chrome://version/ is:
Chromium	61.0.3131.0 (Developer Build) (64-bit)
Revision	63782c356988416645c4db73cec6d961a769d3d5-refs/heads/master@{#479344}
OS	Linux
JavaScript	V8 6.1.156
Flash	(Disabled)
User Agent	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3131.0 Safari/537.36
Command Line	./latest/chrome --disk-cache-dir=/tmp/chromiumcache-run.sh --disable-sync-preferences --disable-plugins --cipher-suite-blacklist=0x0001,0x0002,0x0004,0x0005,0x0017,0x0018,0xc002,0xc007,0xc00c,0xc011,0xc016,0xff80,0xff81,0xff82,0xff83 --disable-component-extensions-with-background-pages --disable-background-networking --disable-internal-flash --disable-bundled-ppapi-flash --disable-default-apps --ssl-version-min=tls1 --disallow-autofill-sync-credential --disable-device-discovery-notifications --no-pings --disable-media-source --disable-ntp-other-sessions-menu --disable-prefixed-encrypted-media --disable-touch-adjustment --disable-views-rect-based-targeting --disable-webgl --disable-account-consistency --enable-async-dns --enable-deferred-image-decoding --enable-download-resumption --enable-drop-sync-credential --disable-material-design-ntp --disable-new-avatar-menu --disable-new-profile-management --enable-offline-auto-reload-visible-only --disable-offline-auto-reload --enable-offline-load-stale-cache --enable-one-copy --enable-panels --disable-password-generation --enable-permissions-bubbles --disable-extensions-on-chrome-urls --disable-pinch-virtual-viewport --disable-pinch --enable-quic --disable-save-password-bubble --enable-session-crashed-bubble --disable-settings-window --use-simple-cache-backend=off --disable-smooth-scrolling --disable-sync-app-list --disable-sync-synced-notifications --enable-tcp-fastopen --disable-touch-editing --enable-web-based-signin --disable-zero-copy --enable-harfbuzz-rendertext --enable-impl-side-painting --enable-lcd-text --num-raster-threads=4 --disable-origin-chip --disable-overlay-scrollbar --remember-cert-error-decisions=-1 --enable-search-button-in-omnibox-always --disable-spelling-auto-correct --tab-capture-downscale-quality=fast --tab-capture-upscale-quality=fast --touch-events=disabled --wallet-service-use-sandbox=0 --enable-gpu-vsync --show-component-extension-options --disable-hyperlink-auditing --enable-vertical-tabs --disable-audio-support-for-desktop-share --disable-features=NoStatePrefetch --user-data-dir=./user-data-dir --log-net-log=/tmp/chromium-go-chrome-net-export-log.json --user-data-dir=/tmp/go --disk-cache-dir=/tmp/chromiumcache-go --enable-gpu --enable-gpu-rasterization --force-gpu-rasterization --disable-es3-apis --disable-sync-preferences --flag-switches-begin --flag-switches-end
Executable Path	/home/xftroxgpx/build/2nonpkgs/browser.stuff/chromium.stuff/chromium-latest-linux/blobs/479344/chrome-linux/chrome
Profile Path	/tmp/go/Default
Variations	6c18ba9d-3d98b302
241fff6c-4eda1c57
1e528f0f-15305a2
b130ecb8-b130ecb8
d43bf3e5-d43bf3e5
ba3f87da-92cc81ec
a605b19e-3f4a17df
5ca89f9-3f4a17df
6c7c7e88-3f4a17df
9e201a2b-3f4a17df
c5f6e7c4-3f4a17df
5274eb09-3f4a17df
57f575bb-f23d1dea
68812885-3f4a17df
b791c1b8-3f4a17df
9773d3bd-3f4a17df
9ef7d150-3f4a17df
2e109477-f3b42e62
64cbdfc2-3f4a17df
5139837c-3f4a17df
7f8176d9-3f4a17df
b7786474-d93a0620
f7217a71-b2047178
23a898eb-fc93cf74
868bda90-3f4a17df
4ea303a6-3f4a17df
ce152c12-3f4a17df
3a007b7-3f4a17df
12be2281-e3b158e5
64224f74-5087fa4a
56302f8c-3f4a17df
caa06ad2-3f4a17df
ad6d27cc-3e870323
f56e0452-3f4a17df
b2f0086-93053e47
ef25c1eb-3f4a17df
7fc902e8-3f4a17df
d747916f-d747916f
1354da85-768105e1
494d8760-3f4a17df
fe05be5f-4ad60575
828a5926-d8f52f32

I had no extensions installed. I remember setting the 'javascript' to Block then to Allow at some point, in Settings.
chromium-go-chrome-net-export-log.json
17.4 MB Download

Comment 1 by xftroxgpx@gmail.com, Jun 14 2017 

weird, I thought max attachments was 10MB (realized only after pressing the button), yet it still worked.

Comment 2 by ajha@chromium.org, Jun 14 2017

Labels: Needs-Triage-M61

Comment 3 by kkaluri@chromium.org, Jun 19 2017

Cc: kkaluri@chromium.org
Components: Blink
Labels: TE-NeedsTriageHelp
As per steps mentioned in the comment #0. Unable to reproduce the issue on Ubuntu 14.04 with provided chrome build.

Adding "TE-NeedsTriageHelp" label for further triage.

Comment 4 by xftroxgpx@gmail.com, Jun 19 2017 

Yeah, it's unlikely we'll find the steps to reproduce this... since it was a one time thing, but I thought maybe the stacktrace would help, otherwise I wouldn't even have reported it:)

Comment 5 by xftroxgpx@gmail.com, Jun 19 2017 

Ok I just got the tab crash again and still don't know the steps!!

What I know: quic was not disabled, I had like 6 youtube tabs open, of which 2 were in the process of loading (right-click open in new tab) when I did the ...->About Chromium
and the first tab was: chrome://settings/content/javascript?search=javascript

Still can't reproduce it!
I'm on ArchLinux.

$ ./go
[4357:4386:0619/105457.514448:ERROR:ssl_client_socket_impl.cc(1071)] handshake failed; returned -1, SSL error code 1, net_error -102
Received signal 11 SEGV_MAPERR 000000000030
#0 0x55de0f6bcb47 base::debug::StackTrace::StackTrace()
#1 0x55de0f6bc6bf base::debug::(anonymous namespace)::StackDumpSignalHandler()
#2 0x7f5c88c25940 <unknown>
#3 0x55de1169e346 blink::HTMLImportsController::ShouldBlockScriptExecution()
#4 0x55de129bae78 blink::Document::ExecuteScriptsWaitingForResources()
#5 0x55de114c30dd blink::TaskHandle::Runner::Run()
#6 0x55de0f741220 base::debug::TaskAnnotator::RunTask()
#7 0x55de1158e2a8 blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue()
#8 0x55de1158c73f blink::scheduler::TaskQueueManager::DoWork()
#9 0x55de0f741220 base::debug::TaskAnnotator::RunTask()
#10 0x55de0f6d566d base::MessageLoop::RunTask()
#11 0x55de0f6d59b8 base::MessageLoop::DeferOrRunPendingTask()
#12 0x55de0f6d5d81 base::MessageLoop::DoWork()
#13 0x55de0f6d6c4a base::MessagePumpDefault::Run()
#14 0x55de0f6f3d2e base::RunLoop::Run()
#15 0x55de11b1273c content::RendererMain()
#16 0x55de0f37e90a content::RunZygote()
#17 0x55de0f37f798 content::ContentMainRunnerImpl::Run()
#18 0x55de0f385ff6 service_manager::Main()
#19 0x55de0f37e6f2 content::ContentMain()
#20 0x55de0dfec1dc ChromeMain
#21 0x7f5c824e543a __libc_start_main
#22 0x55de0dfec03d <unknown>
  r8: 00511dd97abdf602  r9: 00007ffe5bbdb080 r10: 00000000001a5034 r11: 0000000000000246
 r12: 00000caf26ddfbd8 r13: 00007ffe5bb6ce98 r14: 000055de1367125f r15: 000055de14f05700
  di: 00001d6b238f0938  si: 0000077b07f819f0  bp: 00007ffe5bb6d068  bx: 0000077b07f819f0
  dx: 0000000000000000  ax: 0000000000000000  cx: 0000000000000000  sp: 00007ffe5bb6ce28
  ip: 000055de1169e346 efl: 0000000000010246 cgf: 002b000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000030
[end of stack trace]
Calling _exit(1). Core file will not be generated.
Press any key to continue...

Comment 6 by xftroxgpx@gmail.com, Jun 19 2017 

This is the function btw

bool HTMLImportsController::ShouldBlockScriptExecution(
    const Document& document) const {
  DCHECK_EQ(document.ImportsController(), this);
  if (HTMLImportLoader* loader = LoaderFor(document))
    return loader->ShouldBlockScriptExecution();                                
  return Root()->GetState().ShouldBlockScriptExecution();
}

Comment 7 by bokan@chromium.org, Jun 22 2017

Components: -Blink Blink>HTML>Modules Blink>HTML>Script

Comment 8 by kochi@chromium.org, Jun 23 2017

Components: -Blink>HTML>Script
Mergedinto: 733499
Owner: kochi@chromium.org
Status: Duplicate (was: Unconfirmed)
Thanks for the report.
According to the version (61.0.3131.0, rev 479344) and stack trace signature,
I believe this is the one fixed in  issue 733499 .

Could you try newer builds?
It should be already fixed.

Sign in to add a comment