New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 767164 link

Starred by 2 users
Status: WontFix
Owner:
thanhph@chromium.org
Last visit > 30 days ago
Closed: Oct 2017
Cc:
sadrul@chromium.org
varkha@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Chrome
Pri: 2
Type: Bug



Sign in to add a comment

For Chrome UI Devtools, reset view_, widget_ and window_ when OnViewIsDeleting(), OnWidgetDestroying(), OnWindowDestroying() are called

Project Member Reported by thanhph@chromium.org, Sep 20 2017 
Resetting |view_| from ViewElement, widget_ from WidgetElement and |window_| from WindowElement could prevent the crash below during UIElement cleanup.

Clicked on empty space after enabling "select an element to inspect" and clicking on system UI a few times, 
Received signal 11 <unknown> 000000000000
#0 0x7f900092cb0c base::debug::StackTrace::StackTrace()
#1 0x7f900092c661 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#2 0x7f9000a6d330 <unknown>
#3 0x7f8ffc424230 views::View::RemoveObserver()
#4 0x5636047d593b ui_devtools::ViewElement::~ViewElement()
#5 0x5636047d53ce ui_devtools::UIElement::~UIElement()
#6 0x5636047d5943 ui_devtools::ViewElement::~ViewElement()
#7 0x5636047d53ce ui_devtools::UIElement::~UIElement()
#8 0x5636047d5943 ui_devtools::ViewElement::~ViewElement()
#9 0x5636047d53ce ui_devtools::UIElement::~UIElement()
#10 0x5636047d5943 ui_devtools::ViewElement::~ViewElement()
#11 0x5636047d53ce ui_devtools::UIElement::~UIElement()
#12 0x5636047d5943 ui_devtools::ViewElement::~ViewElement()
#13 0x5636047d53ce ui_devtools::UIElement::~UIElement()
#14 0x5636047d608d ui_devtools::WidgetElement::~WidgetElement()
#15 0x5636047d53ce ui_devtools::UIElement::~UIElement()
#16 0x5636047d642c ui_devtools::WindowElement::~WindowElement()
#17 0x7f8ffcfb8890 aura::Window::NotifyWindowHierarchyChangeAtReceiver()
#18 0x7f8ffcfb8705 aura::Window::NotifyWindowHierarchyChangeDown()
#19 0x7f8ffcfb5328 aura::Window::~Window()
#20 0x7f8ffcfb5ade aura::Window::~Window()
#21 0x7f900092d39f base::debug::TaskAnnotator::RunTask()
#22 0x7f9000953764 base::MessageLoop::RunTask()
#23 0x7f9000953eea base::MessageLoop::DoWork()
#24 0x7f90009558c9 base::MessagePumpLibevent::Run()
#25 0x7f900097c3ba base::RunLoop::Run()
#26 0x5636048d888b ChromeBrowserMainParts::MainMessageLoopRun()
#27 0x7f8ffe3850f7 content::BrowserMainLoop::RunMainMessageLoopParts()
#28 0x7f8ffe387532 content::BrowserMainRunnerImpl::Run()
#29 0x7f8ffe380ebf content::BrowserMain()
#30 0x7f8ffea408a4 content::ContentMainRunnerImpl::Run()
#31 0x7f9000e38d99 service_manager::Main()
#32 0x7f8ffea3f424 content::ContentMain()
#33 0x5636040c7e48 ChromeMain
#34 0x7f8ff61a5f45 __libc_start_main
#35 0x5636040c7c84 <unknown>


Not sure how I got this - also clicked somewhere on screen, maybe shelf:
[16486:16529:0918/114039.122760:ERROR:devtools_server.cc(136)] Not implemented reached in virtual void ui_devtools::UiDevToolsServer::OnConnect(int)
Received signal 11 SEGV_MAPERR 0000000000b0
#0 0x7f1cf08deb0c base::debug::StackTrace::StackTrace()
#1 0x7f1cf08de661 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#2 0x7f1cf0a1f330 <unknown>
#3 0x7f1cecf68276 aura::Window::GetBoundsInRootWindow()
#4 0x7f1cecf683f2 aura::Window::GetBoundsInScreen()
#5 0x55f39cd516f6 ui_devtools::WindowElement::GetNodeWindowAndBounds()
#6 0x55f39cd4dac3 ui_devtools::UIDevToolsDOMAgent::HighlightNode()
#7 0x55f39cd50037 ui_devtools::UIDevToolsOverlayAgent::highlightNode()
#8 0x7f1ceb76e953 ui_devtools::protocol::Overlay::DispatcherImpl::highlightNode()
#9 0x7f1ceb7661f0 ui_devtools::protocol::CSS::DispatcherImpl::dispatch()
#10 0x7f1ceb772db3 ui_devtools::protocol::UberDispatcher::dispatch()
#11 0x7f1ceb776bad ui_devtools::UiDevToolsClient::Dispatch()
#12 0x7f1cf08df39f base::debug::TaskAnnotator::RunTask()
#13 0x7f1cf0905764 base::MessageLoop::RunTask()
#14 0x7f1cf0905eea base::MessageLoop::DoWork()
#15 0x7f1cf09078c9 base::MessagePumpLibevent::Run()
#16 0x7f1cf092e3ba base::RunLoop::Run()
#17 0x55f39ce5388b ChromeBrowserMainParts::MainMessageLoopRun()
#18 0x7f1cee3370f7 content::BrowserMainLoop::RunMainMessageLoopParts()
#19 0x7f1cee339532 content::BrowserMainRunnerImpl::Run()
#20 0x7f1cee332ebf content::BrowserMain()
#21 0x7f1cee9f28a4 content::ContentMainRunnerImpl::Run()
#22 0x7f1cf0dead99 service_manager::Main()
#23 0x7f1cee9f1424 content::ContentMain()
#24 0x55f39c642e48 ChromeMain
#25 0x7f1ce6157f45 __libc_start_main
#26 0x55f39c642c84 <unknown>
  r8: 0000000000003234  r9: 0000000000003234 r10: 0000000000000001 r11: 00007f1ce62c1510
 r12: 000012da0f7eaee0 r13: 000012da124e7a50 r14: 000012da12348100 r15: 0000000000000000
  di: 0000000000000000  si: 000012da12348100  bp: 00007ffca6422bc0  bx: 0000000000000000
  dx: 0000000000000001  ax: 000055f39f4309b0  cx: 0000000000000001  sp: 00007ffca6422bb0
  ip: 00007f1cecf68276 efl: 0000000000010206 cgf: 0000000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 00000000000000b0

Comment 1 Deleted

Comment 2 by varkha@chromium.org, Sep 20 2017 

Do both those two callstacks have the same root cause?

Comment 3 by thanhph@chromium.org, Sep 20 2017 

It may be related, I'm not sure, i.e. when shelf is closed and then re-opened. We can reset these view_, widget_ and window_ and go from there.

Comment 4 by thanhph@chromium.org, Oct 1 2017 

Try on refs/heads/master@{#505439}, commit: 16647ef7b39cf81f20a1589d484799f315da73d3 Sat Sep 30 00:18:56.

I opened/closed shelves and chrome browsers several times and still couldn't reproduce this bug. If ViewElement overwrote OnViewIsDeleting(), closing chrome caused crashes below.

#0 0x7f25feb42f1c base::debug::StackTrace::StackTrace()
#1 0x7f25feb42a01 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#2 0x7f25fecc1330 <unknown>
#3 0x564473f6cb9b ui_devtools::UIDevToolsCSSAgent::getMatchedStylesForNode()
#4 0x7f25f8f13843 ui_devtools::protocol::CSS::DispatcherImpl::getMatchedStylesForNode()
#5 0x7f25f8f133d0 ui_devtools::protocol::CSS::DispatcherImpl::dispatch()
#6 0x7f25f8f20133 ui_devtools::protocol::UberDispatcher::dispatch()
#7 0x7f25f8f2479d ui_devtools::UiDevToolsClient::Dispatch()
#8 0x7f25feb437af base::debug::TaskAnnotator::RunTask()
#9 0x7f25feb73379 base::internal::IncomingTaskQueue::RunTask()
#10 0x7f25feb75623 base::MessageLoop::RunTask()
#11 0x7f25feb75d4e base::MessageLoop::DoWork()
#12 0x7f25feb785e9 base::MessagePumpLibevent::Run()
#13 0x7f25feb75132 base::MessageLoop::Run()
#14 0x7f25feba91ff base::RunLoop::Run()
#15 0x56447409436a ChromeBrowserMainParts::MainMessageLoopRun()
#16 0x7f25fbfc85a7 content::BrowserMainLoop::RunMainMessageLoopParts()
#17 0x7f25fbfcaf86 content::BrowserMainRunnerImpl::Run()
#18 0x7f25fbfc3dff content::BrowserMain()
#19 0x7f25fc8450ec content::ContentMainRunnerImpl::Run()
#20 0x7f25ff0850fe service_manager::Main()
#21 0x7f25fc843ac4 content::ContentMain()
#22 0x5644736a221b ChromeMain
#23 0x7f25f2bc8f45 __libc_start_main
#24 0x5644736a2042 <unknown>

I'll close this bug for now and re-visit if this issue still persists.

Comment 5 by thanhph@chromium.org, Oct 4 2017

Status: WontFix (was: Available)

Sign in to add a comment