New issue
Advanced search Search tips

Issue 763136 link

Starred by 2 users
Status: Fixed
Owner:
bsep@chromium.org
Closed: Sep 2017
Cc:
robliao@chromium.org
gab@chromium.org
fdoray@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 3
Type: Bug



Sign in to add a comment

Assertion failure on startup because COM not initialized

Project Member Reported by amccarth@google.com, Sep 7 2017 
Chrome Version: 60.0.3112.113
OS: Windows 7 Enterprise

I built a debug version on Windows.  When I start up, it asserts immediately because a shell API tries to co-create an object on a worker thread that doesn't have COM initialized.

I have a local patch that uses a ScopedCOMInitializer to work around the problem, but robliao says it should have been assigned to a different thread that already has COM initialized.

Can you reproduce this crash?

Yes, every time I start my locally-built debug build of Chrome.  I'm surprised others haven't seen this.

What steps will reproduce this crash (or if it's not reproducible,
what were you doing just before the crash)?
(1)  Launch Chrome.

In email thread with pkasting and robliao, robliao wrote:

Looking at the stack, it appears `anonymous namespace'::GetElevationIcon is being run in the wrong context.
That work has been posted to the regular task worker pool when it should have been posted to the COMSTATaskRunner pool.

The bug is here
https://cs.chromium.org/chromium/src/chrome/browser/ui/views/elevation_icon_setter.cc?rcl=fc561c033e9591defa3817914370b49f693e41cc&l=62

Instead of using a regular base::PostTaskWithTraitsAndReplyWithResult, it needs to use the version that accepts a task runner and pass the COM STA Task Runner.

For reference, here's the stack as shown in the assertion dialog:

[15204:6232:0828/150824.223:FATAL:com_init_util.cc(71)] Check failed: false. CoCreateInstance calls in Chromium require explicit COM initialization via base::CreateCOMSTATaskRunnerWithTraits() or ScopedCOMInitializer. See the comment in DCheckedCoCreateInstance for more details.
Backtrace:
	base::debug::StackTrace::StackTrace [0x100DF706+102] (D:\src\chromium\src\base\debug\stack_trace_win.cc:217)
	base::debug::StackTrace::StackTrace [0x100DE983+35] (D:\src\chromium\src\base\debug\stack_trace.cc:199)
	logging::LogMessage::~LogMessage [0x1015BAD5+149] (D:\src\chromium\src\base\logging.cc:560)
	base::win::AssertComInitialized [0x1054D3F9+281] (D:\src\chromium\src\base\win\com_init_util.cc:72)
	base::win::`anonymous namespace'::HookManager::DCheckedCoCreateInstance [0x1054CED5+53] (D:\src\chromium\src\base\win\com_init_check_hook.cc:252)
	SHParseDisplayName [0x75108128+789]
	Ordinal866 [0x75108225+30]
	ILSaveToStream [0x750C999F+4406]
	ShellExecuteExW [0x750A34BE+5721]
	Ordinal660 [0x750A39B9+750]
	Ordinal660 [0x750A3901+566]
	SHGetDataFromIDListW [0x750B29C8+1245]
	Ordinal660 [0x750A38E4+537]
	SHGetPathFromIDListA [0x751A1B52+1190]
	ReadCabinetState [0x751AF989+13896]
	ReadCabinetState [0x751AFA55+14100]
	`anonymous namespace'::GetElevationIcon [0x15B729E6+262] (D:\src\chromium\src\chrome\browser\ui\views\elevation_icon_setter.cc:42)
	base::internal::FunctorTraits<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > (*)(),void>::Invoke<> [0x15B72EEA+26] (D:\src\chromium\src\base\bind_internal.h:149)
	base::internal::InvokeHelper<0,std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > >::MakeItSo<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > (*const &)()> [0x15B72E94+52] (D:\src\chromium\src\base\bind_internal.h:263)
	base::internal::Invoker<base::internal::BindState<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > (*)()>,std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > ()>::RunImpl<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > (*const &)(),c [0x15B72E39+57] (D:\src\chromium\src\base\bind_internal.h:335)
	base::internal::Invoker<base::internal::BindState<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > (*)()>,std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > ()>::Run [0x15B72CEB+75] (D:\src\chromium\src\base\bind_internal.h:317)
	base::Callback<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > (),base::internal::CopyMode::MoveOnly,base::internal::RepeatMode::Once>::Run [0x15B75DE3+99] (D:\src\chromium\src\base\callback.h:91)
	base::internal::ReturnAsParamAdapter<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > > [0x15B74640+48] (D:\src\chromium\src\base\post_task_and_reply_with_result_internal.h:20)
	base::internal::FunctorTraits<void (*)(base::Callback<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > (),base::internal::CopyMode::MoveOnly,base::internal::RepeatMode::Once>, std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > *),void>::Invo [0x15B75796+118] (D:\src\chromium\src\base\bind_internal.h:149)
	base::internal::InvokeHelper<0,void>::MakeItSo<void (*)(base::Callback<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > (),base::internal::CopyMode::MoveOnly,base::internal::RepeatMode::Once>, std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> [0x15B75618+88] (D:\src\chromium\src\base\bind_internal.h:263)
	base::internal::Invoker<base::internal::BindState<void (*)(base::Callback<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > (),base::internal::CopyMode::MoveOnly,base::internal::RepeatMode::Once>, std::unique_ptr<SkBitmap,std::default_delete<SkBitm [0x15B7554F+111] (D:\src\chromium\src\base\bind_internal.h:335)
	base::internal::Invoker<base::internal::BindState<void (*)(base::Callback<std::unique_ptr<SkBitmap,std::default_delete<SkBitmap> > (),base::internal::CopyMode::MoveOnly,base::internal::RepeatMode::Once>, std::unique_ptr<SkBitmap,std::default_delete<SkBitm [0x15B75382+82] (D:\src\chromium\src\base\bind_internal.h:304)
	base::Callback<void (),base::internal::CopyMode::MoveOnly,base::internal::RepeatMode::Once>::Run [0x1004C36E+78] (D:\src\chromium\src\base\callback.h:91)
	base::`anonymous namespace'::PostTaskAndReplyRelay::RunTaskAndPostReply [0x1038384C+60] (D:\src\chromium\src\base\threading\post_task_and_reply_impl.cc:46)
	base::internal::FunctorTraits<void (base::(anonymous namespace)::PostTaskAndReplyRelay::*)() __attribute__((thiscall)),void>::Invoke<base::(anonymous namespace)::PostTaskAndReplyRelay *> [0x1038402C+28] (D:\src\chromium\src\base\bind_internal.h:194)
	base::internal::InvokeHelper<0,void>::MakeItSo<void (base::(anonymous namespace)::PostTaskAndReplyRelay::*)() __attribute__((thiscall)),base::(anonymous namespace)::PostTaskAndReplyRelay *> [0x10383F6D+77] (D:\src\chromium\src\base\bind_internal.h:263)
	base::internal::Invoker<base::internal::BindState<void (base::(anonymous namespace)::PostTaskAndReplyRelay::*)() __attribute__((thiscall)),base::internal::UnretainedWrapper<base::(anonymous namespace)::PostTaskAndReplyRelay> >,void ()>::RunImpl<void (base [0x10383EB3+83] (D:\src\chromium\src\base\bind_internal.h:335)
	base::internal::Invoker<base::internal::BindState<void (base::(anonymous namespace)::PostTaskAndReplyRelay::*)() __attribute__((thiscall)),base::internal::UnretainedWrapper<base::(anonymous namespace)::PostTaskAndReplyRelay> >,void ()>::RunOnce [0x10383D42+82] (D:\src\chromium\src\base\bind_internal.h:304)
	base::Callback<void (),base::internal::CopyMode::MoveOnly,base::internal::RepeatMode::Once>::Run [0x1004C36E+78] (D:\src\chromium\src\base\callback.h:91)
	base::debug::TaskAnnotator::RunTask [0x100E54F2+914] (D:\src\chromium\src\base\debug\task_annotator.cc:68)
	base::internal::TaskTracker::PerformRunTask [0x1037132C+2124] (D:\src\chromium\src\base\task_scheduler\task_tracker.cc:335)
	base::internal::TaskTracker::RunNextTask [0x1036FFA7+551] (D:\src\chromium\src\base\task_scheduler\task_tracker.cc:251)
	base::internal::SchedulerWorker::Thread::ThreadMain [0x10357014+580] (D:\src\chromium\src\base\task_scheduler\scheduler_worker.cc:72)
	base::`anonymous namespace'::ThreadFunc [0x10382F8D+317] (D:\src\chromium\src\base\threading\platform_thread_win.cc:91)
	BaseThreadInitThunk [0x76E7336A+18]
	RtlInitializeExceptionChain [0x77409902+99]
	RtlInitializeExceptionChain [0x774098D5+54]

(This is my second attempt to report this bug.  The first attempt appears to have failed.)

Comment 1 by robliao@chromium.org, Sep 7 2017

Components: Internals>TaskScheduler
Labels: -Restrict-View-EditIssue OS-Windows
Owner: robliao@chromium.org
Status: Assigned (was: Unconfirmed)

Comment 2 by robliao@chromium.org, Sep 11 2017

Owner: fdoray@chromium.org

Comment 3 by robliao@chromium.org, Sep 11 2017

Owner: bsep@chromium.org
Project Member

Comment 4 by bugdroid1@chromium.org, Sep 11 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/aefd7ad0da91450492f1bbce64dc5d21a59cef00

commit aefd7ad0da91450492f1bbce64dc5d21a59cef00
Author: Bret Sepulveda <bsep@chromium.org>
Date: Mon Sep 11 22:00:19 2017

Fix crash when creating an SRTGlobalError dialog on Windows.

When elevation is required getting the icon requires a COM thread.

Bug:  763136 
Change-Id: Ic0109be1f613856818f5fcdc8dcc076eae632388
Reviewed-on: https://chromium-review.googlesource.com/657250
Commit-Queue: Bret Sepulveda <bsep@chromium.org>
Reviewed-by: Francois Doray <fdoray@chromium.org>
Reviewed-by: Robert Liao <robliao@chromium.org>
Cr-Commit-Position: refs/heads/master@{#501054}
[modify] https://crrev.com/aefd7ad0da91450492f1bbce64dc5d21a59cef00/chrome/browser/ui/views/elevation_icon_setter.cc

Comment 5 by bsep@chromium.org, Sep 11 2017

Status: Fixed (was: Assigned)

Sign in to add a comment