Regression: Browser crashes on clicking cancel while running audit on NTP |
|||||||
Issue description
Chrome Version:63.0.3215.0
OS:Ubuntu 14.04
What steps will reproduce the problem?
(1)Launch chrome and open devtools on NTP
(2)Perform an audit and when running an audit about:blank page will appear
(3)Now Cancel the audit
This is a Regression issue broken in M-63
Crash Id: 02098470ebd3f3db
c06efe2b62a4a359
will update other info soon
,
Sep 14 2017
Able to reproduce this issue on Ubuntu 14.04 using chrome latest Dev #63.0.3215.0. This is a latest regression observed in M-63, hence adding RB-Stable, please feel free to edit if this is not the case. Thanks!
,
Sep 14 2017
Stack Trace: ------------ Thread 0 (id: 8262) CRASHED [SIGSEGV @ 0x00000208 ] MAGIC SIGNATURE THREAD Stack Quality66%Show frame trust levels 0x00007eff2cd65c50 (chrome -render_process_host_impl.cc:2943 ) content::RenderProcessHostImpl::GetID() const 0x00007eff2cb76d67 (chrome -render_frame_devtools_agent_host.cc:814 ) content::RenderFrameDevToolsAgentHost::RevokePolicy(content::RenderFrameHostImpl*) 0x00007eff2cb7a892 (chrome -render_frame_devtools_agent_host.cc:737 ) content::RenderFrameDevToolsAgentHost::UpdateFrameHost(content::RenderFrameHostImpl*) 0x00007eff2cb7a991 (chrome -render_frame_devtools_agent_host.cc:668 ) non-virtual thunk to content::RenderFrameDevToolsAgentHost::ReadyToCommitNavigation(content::NavigationHandle*) 0x00007eff2ce589ff (chrome -web_contents_impl.cc:3746 ) content::WebContentsImpl::ReadyToCommitNavigation(content::NavigationHandle*) 0x00007eff2cbeb074 (chrome -navigation_handle_impl.cc:746 ) content::NavigationHandleImpl::ReadyToCommitNavigation(content::RenderFrameHostImpl*) 0x00007eff2cbe951a (chrome -navigation_handle_impl.cc:1089 ) content::NavigationHandleImpl::WillProcessResponse(content::RenderFrameHostImpl*, scoped_refptr<net::HttpResponseHeaders>, net::HttpResponseInfo::ConnectionInfo, content::SSLStatus const&, content::GlobalRequestID const&, bool, bool, bool, base::RepeatingCallback<void ()> const&, base::RepeatingCallback<void (content::NavigationThrottle::ThrottleCheckResult)> const&) 0x00007eff2cbeee49 (chrome -navigation_request.cc:735 ) content::NavigationRequest::OnResponseStarted(scoped_refptr<content::ResourceResponse> const&, std::__1::unique_ptr<content::StreamHandle, std::__1::default_delete<content::StreamHandle> >, mojo::ScopedHandleBase<mojo::DataPipeConsumerHandle>, content::SSLStatus const&, std::__1::unique_ptr<content::NavigationData, std::__1::default_delete<content::NavigationData> >, content::GlobalRequestID const&, bool, bool, mojo::InterfacePtrInfo<content::mojom::URLLoaderFactory>) 0x00007eff2cca24f2 (chrome -navigation_url_loader_impl.cc:106 ) content::NavigationURLLoaderImpl::NotifyResponseStarted(scoped_refptr<content::ResourceResponse> const&, std::__1::unique_ptr<content::StreamHandle, std::__1::default_delete<content::StreamHandle> >, content::SSLStatus const&, std::__1::unique_ptr<content::NavigationData, std::__1::default_delete<content::NavigationData> >, content::GlobalRequestID const&, bool, bool) 0x00007eff2cca3368 (chrome -bind_internal.h:194 ) void base::internal::Invoker<base::internal::BindState<void (content::NavigationURLLoaderImpl::*)(scoped_refptr<content::ResourceResponse> const&, std::__1::unique_ptr<content::StreamHandle, std::__1::default_delete<content::StreamHandle> >, content::SSLStatus const&, std::__1::unique_ptr<content::NavigationData, std::__1::default_delete<content::NavigationData> >, content::GlobalRequestID const&, bool, bool), base::WeakPtr<content::NavigationURLLoaderImpl>, scoped_refptr<content::ResourceResponse>, base::internal::PassedWrapper<std::__1::unique_ptr<content::StreamHandle, std::__1::default_delete<content::StreamHandle> > >, content::SSLStatus, base::internal::PassedWrapper<std::__1::unique_ptr<content::NavigationData, std::__1::default_delete<content::NavigationData> > >, content::GlobalRequestID, bool, bool>, void ()>::RunImpl<void (content::NavigationURLLoaderImpl::*)(scoped_refptr<content::ResourceResponse> const&, std::__1::unique_ptr<content::StreamHandle, std::__1::default_delete<content::StreamHandle> >, content::SSLStatus const&, std::__1::unique_ptr<content::NavigationData, std::__1::default_delete<content::NavigationData> >, content::GlobalRequestID const&, bool, bool), std::__1::tuple<base::WeakPtr<content::NavigationURLLoaderImpl>, scoped_refptr<content::ResourceResponse>, base::internal::PassedWrapper<std::__1::unique_ptr<content::StreamHandle, std::__1::default_delete<content::StreamHandle> > >, content::SSLStatus, base::internal::PassedWrapper<std::__1::unique_ptr<content::NavigationData, std::__1::default_delete<content::NavigationData> > >, content::GlobalRequestID, bool, bool>, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul, 6ul, 7ul>(void (content::NavigationURLLoaderImpl::*&&)(scoped_refptr<content::ResourceResponse> const&, std::__1::unique_ptr<content::StreamHandle, std::__1::default_delete<content::StreamHandle> >, content::SSLStatus const&, std::__1::unique_ptr<content::NavigationData, std::__1::default_delete<content::NavigationData> >, content::GlobalRequestID const&, bool, bool), std::__1::tuple<base::WeakPtr<content::NavigationURLLoaderImpl>, scoped_refptr<content::ResourceResponse>, base::internal::PassedWrapper<std::__1::unique_ptr<content::StreamHandle, std::__1::default_delete<content::StreamHandle> > >, content::SSLStatus, base::internal::PassedWrapper<std::__1::unique_ptr<content::NavigationData, std::__1::default_delete<content::NavigationData> > >, content::GlobalRequestID, bool, bool>&&, std::__1::integer_sequence<unsigned long, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul, 6ul, 7ul>) 0x00007eff2dcb9825 (chrome -callback.h:64 ) base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) 0x00007eff2dcd2078 (chrome -message_loop.cc:406 ) base::MessageLoop::RunTask(base::PendingTask*) 0x00007eff2dcd2771 (chrome -message_loop.cc:417 ) base::MessageLoop::DoWork() 0x00007eff2dcd42a8 (chrome -message_pump_glib.cc:267 ) base::(anonymous namespace)::WorkSourceDispatch(_GSource*, int (*)(void*), void*) 0x00007eff2989ae03 (libglib-2.0.so.0.4002.0 + 0x00048e03 ) 0x00007eff298a9b3f (libglib-2.0.so.0.4002.0 + 0x00057b3f ) 0x00007eff2989b047 (libglib-2.0.so.0.4002.0 + 0x00049047 ) 0x00007eff2989b0eb (libglib-2.0.so.0.4002.0 + 0x000490eb ) 0x00007eff2dcd4152 (chrome -message_pump_glib.cc:309 ) base::MessagePumpGlib::Run(base::MessagePump::Delegate*) 0x00007eff2dcf317f (chrome -run_loop.cc:123 ) base::RunLoop::Run() 0x00007eff2da0840f (chrome -chrome_browser_main.cc:1922 ) ChromeBrowserMainParts::MainMessageLoopRun(int*) 0x00007eff2caf14ac (chrome -browser_main_loop.cc:1188 ) content::BrowserMainLoop::RunMainMessageLoopParts() 0x00007eff2caf3edc (chrome -browser_main_runner.cc:148 ) content::BrowserMainRunnerImpl::Run() 0x00007eff2caeca65 (chrome -browser_main.cc:46 ) content::BrowserMain(content::MainFunctionParams const&) 0x00007eff2d9eb3c0 (chrome -content_main_runner.cc:703 ) content::ContentMainRunnerImpl::Run() 0x00007eff2d9f3b40 (chrome -main.cc:469 ) service_manager::Main(service_manager::MainParams const&) 0x00007eff2d9e9d41 (chrome -content_main.cc:19 ) content::ContentMain(content::ContentMainParams const&) 0x00007eff2c5222e3 (chrome -chrome_main.cc:122 ) ChromeMain 0x00007eff2485ff44 (libc-2.19.so + 0x00021f44 ) 0x00007eff2c52223f (chrome + 0x017c323f ) 0x00007eff2c41cfff (chrome + 0x016bdfff ) 0x00007eff2ab4a1f2 (ld-2.19.so + 0x000101f2 ) 0x00007eff2c41cfff (chrome + 0x016bdfff ) 0x00007eff2c41d028 (chrome + 0x016be028 ) _start 0x00007ffcee169a27 This issue is not reproducible consistently to identify the regression range to provide bisect, hence assigning to the concerned dev person for further triage. Used code search for the file "render_frame_devtools_agent_host.cc" from above stack trace and observed some recent changes made for the below file https://chromium.googlesource.com/chromium/src/+/0bca6d017817166b770cc4862159805f27bd803d dgozman@: Could you please check if this is caused with respect to your change, if not please help us in reassign the issue to the right owner. Thanks!
,
Sep 18 2017
Removing UI>Browser>NewTabPage since this probably doesn't have anything to do with code the NTP team owns. Please re-add if you have a different opinion.
,
Sep 21 2017
Users experienced this crash on the following builds: Linux Dev 63.0.3218.0 - 10.03 CPM, 5 reports, 5 clients (signature content::RenderProcessHostImpl::GetID) If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates. - Go/Fracas
,
Sep 21 2017
Users experienced this crash on the following builds: Linux Dev 63.0.3218.0 - 10.03 CPM, 5 reports, 5 clients (signature content::RenderProcessHostImpl::GetID) If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates. - Go/Fracas
,
Sep 22 2017
Just to update the latest behavior of this crash: This is a top#2 browser crash on Dev#63.0.3218.0 , still seeing 8 crashes form 6 clients so far. Link to the list of builds: -------------------------- https://crash.corp.google.com/browse?q=product.name%3D%27Chrome_Linux%27%20AND%20custom_data.ChromeCrashProto.ptype%3D%27browser%27%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D%27content%3A%3ARenderProcessHostImpl%3A%3AGetID%27&sql_dialect=dremelsql&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D 63.0.3218.0 9.41% 8 -Dev 63.0.3216.0 1.18% 1 63.0.3215.0 8.24% 7 63.0.3213.3 18.82% 16 dgozman@, Could you please take a look into this issue as it is marked as stable blocker. Thanks..!
,
Sep 25 2017
As dgozman@ at BlinkOn, cc'ing reviewer caseq@ to take a look into this issue. Thanks..!
,
Sep 30 2017
This is a same crash as 742955, although I cannot reproduce it myself on ToT linux with steps above. |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by keerthan...@techmahindra.com
, Sep 14 20171.9 MB
1.9 MB View Download