Regression: [DevTools] "Google Arts & Culture" page gets crash after running the audit.
Reported by
dchau...@etouch.net,
Nov 22 2017
|
||||||||||
Issue descriptionChrome Version: 64.0.3274.0 (Official Build)38c9257b930f883c3ab936b1274590c94cc08012-refs/head/master@{#518061} 32/64-bit. OS: Windows(7,8,10) URL: https://www.google.com/culturalinstitute/beta/exhibit/6wIyW4kD5ASAJg What steps will reproduce the problem? 1. Launch Chrome, go to above URL, open DevTools and go to Audits section. 2. Now, run the audit and observe. Page gets crash. Page should not get crash. Crash ID: Uploaded Crash Report ID 9ca3c6cfa32fc89e (Local Crash ID: 9a0d8f91-e758-42c8-8bd4-10a56d1173ff) This is a regression issue, broken in M-64, will soon update other info.
,
Nov 22 2017
Stack Trace for the provided crash id: -------------------------------------- Thread 0 (id: 3824) CRASHED [EXCEPTION_ACCESS_VIOLATION_READ @ 0x00000000 ] MAGIC SIGNATURE THREAD Stack Quality100%Show frame trust levels 0x63838a86 (chrome_child.dll -SkImage.cpp:216 ) SkImage::readPixels(SkPixmap const &,int,int,SkImage::CachingHint) 0x65d40a8b (chrome_child.dll -InspectorAuditsAgent.cpp:93 ) blink::InspectorAuditsAgent::getEncodedResponse(WTF::String const &,WTF::String const &,blink::protocol::Maybe<double>,blink::protocol::Maybe<bool>,blink::protocol::Maybe<WTF::String> *,int *,int *) 0x63ca7701 (chrome_child.dll -Audits.cpp:119 ) blink::protocol::Audits::DispatcherImpl::getEncodedResponse(int,std::unique_ptr<blink::protocol::DictionaryValue,std::default_delete<blink::protocol::DictionaryValue> >,blink::protocol::ErrorSupport *) 0x63cd373a (chrome_child.dll -Network.cpp:1893 ) blink::protocol::Network::DispatcherImpl::dispatch(int,WTF::String const &,std::unique_ptr<blink::protocol::DictionaryValue,std::default_delete<blink::protocol::DictionaryValue> >) 0x63ce436a (chrome_child.dll -Protocol.cpp:822 ) blink::protocol::UberDispatcher::dispatch(std::unique_ptr<blink::protocol::Value,std::default_delete<blink::protocol::Value> >,int *,WTF::String *) 0x65d3a699 (chrome_child.dll -InspectorSession.cpp:84 ) blink::InspectorSession::DispatchProtocolMessage(WTF::String const &,WTF::String const &) 0x65c92efa (chrome_child.dll -WebDevToolsAgentImpl.cpp:522 ) blink::WebDevToolsAgentImpl::DispatchMessageFromFrontend(int,WTF::String const &,WTF::String const &) 0x65c92d50 (chrome_child.dll -WebDevToolsAgentImpl.cpp:509 ) blink::WebDevToolsAgentImpl::DispatchOnInspectorBackend(int,int,blink::WebString const &,blink::WebString const &) 0x652b38eb (chrome_child.dll -devtools_agent.cc:242 ) content::DevToolsAgent::OnDispatchOnInspectorBackend(int,int,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &) 0x652b36ef (chrome_child.dll -ipc_message_templates.h:145 ) IPC::MessageT<DevToolsAgentMsg_DispatchOnInspectorBackend_Meta,std::tuple<int,int,std::basic_string<char,std::char_traits<char>,std::allocator<char> >,std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,void>::Dispatch<content::DevToolsAgent,content::DevToolsAgent,void,void (content::DevToolsAgent::*)(int, int, const std::basic_string<char,std::char_traits<char>,std::allocator<char> > &, const std::basic_string<char,std::char_traits<char>,std::allocator<char> > &) __attribute__((thiscall))> 0x633d5c25 (chrome_child.dll -devtools_agent.cc:105 ) content::DevToolsAgent::OnMessageReceived(IPC::Message const &) 0x633d425e (chrome_child.dll -render_frame_impl.cc:1718 ) content::RenderFrameImpl::OnMessageReceived(IPC::Message const &) 0x6336e73a (chrome_child.dll -message_router.cc:56 ) IPC::MessageRouter::RouteMessage(IPC::Message const &) 0x63349de8 (chrome_child.dll -ipc_channel_proxy.cc:321 ) IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const &) 0x63349dc6 (chrome_child.dll -bind_internal.h:333 ) base::internal::Invoker<base::internal::BindState<void (extensions::AutomationMessageFilter::*)(const IPC::Message &) __attribute__((thiscall)),scoped_refptr<extensions::AutomationMessageFilter>,IPC::Message>,void ()>::Run 0x632f7d66 (chrome_child.dll -task_annotator.cc:55 ) base::debug::TaskAnnotator::RunTask(char const *,base::PendingTask *) 0x63330494 (chrome_child.dll -task_queue_manager.cc:535 ) blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(blink::scheduler::internal::WorkQueue *,bool,blink::scheduler::LazyNow,base::TimeTicks *) 0x6332f1d8 (chrome_child.dll -task_queue_manager.cc:323 ) blink::scheduler::TaskQueueManager::DoWork(bool) 0x6332f040 (chrome_child.dll -bind_internal.h:333 ) base::internal::Invoker<base::internal::BindState<void (gpu::GpuWatchdogThread::*)(bool) __attribute__((thiscall)),base::WeakPtr<gpu::GpuWatchdogThread>,bool>,void ()>::Run 0x632f7d66 (chrome_child.dll -task_annotator.cc:55 ) base::debug::TaskAnnotator::RunTask(char const *,base::PendingTask *) 0x64297b02 (chrome_child.dll -incoming_task_queue.cc:128 ) base::internal::IncomingTaskQueue::RunTask(base::PendingTask *) 0x632f77d5 (chrome_child.dll -message_loop.cc:394 ) base::MessageLoop::RunTask(base::PendingTask *) 0x64262baa (chrome_child.dll -message_loop.cc:406 ) base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) 0x632f2a1d (chrome_child.dll -message_loop.cc:450 ) base::MessageLoop::DoWork() 0x632f2926 (chrome_child.dll -message_pump_default.cc:37 ) base::MessagePumpDefault::Run(base::MessagePump::Delegate *) 0x64262afe (chrome_child.dll -message_loop.cc:345 ) base::MessageLoop::Run(bool) 0x632f26ed (chrome_child.dll -run_loop.cc:114 ) base::RunLoop::Run() 0x632e4f13 (chrome_child.dll -renderer_main.cc:222 ) content::RendererMain(content::MainFunctionParams const &) 0x632e4caf (chrome_child.dll -content_main_runner.cc:427 ) content::RunNamedProcessTypeMain(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::MainFunctionParams const &,content::ContentMainDelegate *) 0x632ded39 (chrome_child.dll -content_main_runner.cc:705 ) content::ContentMainRunnerImpl::Run() 0x632c3922 (chrome_child.dll -main.cc:456 ) service_manager::Main(service_manager::MainParams const &) 0x632c35ff (chrome_child.dll -content_main.cc:19 ) content::ContentMain(content::ContentMainParams const &) 0x632c1d47 (chrome_child.dll -chrome_main.cc:125 ) ChromeMain 0x00192ef3 (chrome.exe -main_dll_loader_win.cc:199 ) MainDllLoader::Launch(HINSTANCE__ *,base::TimeTicks) 0x00191464 (chrome.exe -chrome_exe_main_win.cc:230 ) wWinMain 0x0024e7c7 (chrome.exe -exe_common.inl:283 ) __scrt_common_main_seh 0x77923379 (kernel32.dll + 0x00013379 ) BaseThreadInitThunk 0x77e792e1 (ntdll.dll + 0x000392e1 ) __RtlUserThreadStart 0x77e792b4 (ntdll.dll + 0x000392b4 ) _RtlUserThreadStart Adding Release blocker for this issue.Please remove if not the case. Thank You!
,
Nov 22 2017
,
Nov 28 2017
Still we are able to reproduce the issue on Windows 7,Mac 10.12.6 & Ubuntu 14.04 using chrome latest Canary-64.0.3278.0 as per C#0. paulirish@, As it is marked as stable blocker , could you please take a look and update the thread. Thanks..!
,
Dec 4 2017
Friendly ping to get an update on this issue.
,
Dec 11 2017
Gentle ping!! paulirish@@, Still we are able to reproduce the issue on Windows 7 , Mac 10.12.6 & Ubuntu 14.04 using latest Canary-65.0.3290.0 as per C#0. Could you please take a look as it is marked as stable blocker. Thanks..!
,
Dec 11 2017
,
Dec 11 2017
Seems to be a result of the more performant optimized image checks, can be worked around by unchecking the Performance category. Will look into what's causing the crash.
,
Dec 12 2017
Seems to be the result of a resource served as a mime type asset mismatch but still passes the baseline sniffing checks, fix in progress.
,
Dec 13 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/9df8050c30be27870697b71adf7631870932942a commit 9df8050c30be27870697b71adf7631870932942a Author: Patrick Hulce <phulce@chromium.org> Date: Wed Dec 13 20:23:42 2017 DevTools: Handle invalid bitmaps in Audits.getEncodedResponse BUG= 787701 Change-Id: Ia3b5cac31c8559f8a3549853257a121360677fef Reviewed-on: https://chromium-review.googlesource.com/823074 Commit-Queue: Patrick Hulce <phulce@chromium.org> Reviewed-by: Andrey Kosyakov <caseq@chromium.org> Cr-Commit-Position: refs/heads/master@{#523860} [modify] https://crrev.com/9df8050c30be27870697b71adf7631870932942a/third_party/WebKit/LayoutTests/http/tests/inspector-protocol/audits/get-encoded-response-expected.txt [modify] https://crrev.com/9df8050c30be27870697b71adf7631870932942a/third_party/WebKit/LayoutTests/http/tests/inspector-protocol/audits/get-encoded-response.js [modify] https://crrev.com/9df8050c30be27870697b71adf7631870932942a/third_party/WebKit/Source/core/inspector/InspectorAuditsAgent.cpp
,
Dec 15 2017
,
Dec 15 2017
This bug requires manual review: M64 has already been promoted to the beta branch, so this requires manual review Please contact the milestone owner if you have questions. Owners: cmasso@(Android), cmasso@(iOS), kbleicher@(ChromeOS), abdulsyed@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 15 2017
Is this well tested in Canary and verified? How safe is this merge overall?
,
Dec 15 2017
It's been in past 2 Canary releases, and I've manually verified the specified site no longer crashes when being audited. Change is a simple null pointer check and should be safe to merge.
,
Dec 15 2017
Approving merge to M64. Branch:3282
,
Dec 15 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b680e5f74ed2f537585a8523720be1727fa991a8 commit b680e5f74ed2f537585a8523720be1727fa991a8 Author: Patrick Hulce <phulce@chromium.org> Date: Fri Dec 15 18:36:56 2017 DevTools: Handle invalid bitmaps in Audits.getEncodedResponse BUG= 787701 Change-Id: Ia3b5cac31c8559f8a3549853257a121360677fef Reviewed-on: https://chromium-review.googlesource.com/823074 Commit-Queue: Patrick Hulce <phulce@chromium.org> Reviewed-by: Andrey Kosyakov <caseq@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#523860}(cherry picked from commit 9df8050c30be27870697b71adf7631870932942a) Reviewed-on: https://chromium-review.googlesource.com/830134 Reviewed-by: Patrick Hulce <phulce@chromium.org> Cr-Commit-Position: refs/branch-heads/3282@{#241} Cr-Branched-From: 5fdc0fab22ce7efd32532ee989b223fa12f8171e-refs/heads/master@{#520840} [modify] https://crrev.com/b680e5f74ed2f537585a8523720be1727fa991a8/third_party/WebKit/LayoutTests/http/tests/inspector-protocol/audits/get-encoded-response-expected.txt [modify] https://crrev.com/b680e5f74ed2f537585a8523720be1727fa991a8/third_party/WebKit/LayoutTests/http/tests/inspector-protocol/audits/get-encoded-response.js [modify] https://crrev.com/b680e5f74ed2f537585a8523720be1727fa991a8/third_party/WebKit/Source/core/inspector/InspectorAuditsAgent.cpp |
||||||||||
►
Sign in to add a comment |
||||||||||
Comment 1 by dchau...@etouch.net
, Nov 22 2017Owner: paulir...@chromium.org
Status: Assigned (was: Unconfirmed)
Summary: Regression: [DevTools] "Google Arts & Culture" page gets crash after running the audit. (was: Regression: [DevTools] Webpage gets crash after running the audit.)
2.8 MB
2.8 MB View Download
2.3 MB
2.3 MB View Download