Issue metadata
Sign in to add a comment
|
Regression: Browser crash is seen for any pdf after clicking Cancel button on Print Dialog box
Reported by
nutan.ga...@etouch.net,
Dec 18 2017
|
||||||||||||||||||||||
Issue descriptionChrome Version: 65.0.3297.0 d046a9d9f3ca30d1d00c0bba152668e70d86d385-refs/heads/master@{#524606} OS: Windows Steps to reproduce the problem? 1. Launch chrome, navigate to http://www.stepupnihongo.com/images/SUN3_L-51.pdf 2. Press Ctrl+P, print preview appears 3. Click on 'Print using system dialog...(Ctrl+Shift+P)' (Print dialog opens) 4. Now click on Cancel button and observe Actual: Browser get crash Expected: Browser should not get crashed This is an Regression issue broken in M-65, will soon update other info
,
Dec 18 2017
,
Dec 18 2017
Note: Issue is seen for all PDF files Another steps to reproduce 1. Launch chrome, navigate to NTP 2. Press Ctrl+P, print preview appears 3. Click on 'Print using system dialog...(Ctrl+Shift+P)' (Print dialog opens) 4. Now click on Cancel button and observe
,
Dec 18 2017
Issue is also seen on latest canary #65.0.3298.0
,
Dec 18 2017
Stack Trace for the provided crash id: --------------------------------------- Thread 0 (id: 5292) CRASHED [EXCEPTION_ILLEGAL_INSTRUCTION @ 0x00007fffeee1bdd0 ] MAGIC SIGNATURE THREAD Stack Quality97%Show frame trust levels 0x00007fffeee1bdd0 (chrome.dll -agc_audio_stream.h:78 ) media::AgcAudioStream<media::AudioInputStream>::~AgcAudioStream 0x00007ffff0c97860 (chrome.dll -print_job.cc:194 ) printing::PrintJob::Cancel() 0x00007ffff0c97e37 (chrome.dll -print_job.cc:299 ) printing::PrintJob::OnPdfPageConverted(int,float,std::unique_ptr<printing::MetafilePlayer,std::default_delete<printing::MetafilePlayer> >) 0x00007ffff0c983bd (chrome.dll -bind_internal.h:343 ) base::internal::Invoker<base::internal::BindState<void (printing::PrintJob::*)(int, float, std::unique_ptr<printing::MetafilePlayer,std::default_delete<printing::MetafilePlayer> >),scoped_refptr<printing::PrintJob> >,void (int, float, std::unique_ptr<printing::MetafilePlayer,std::default_delete<printing::MetafilePlayer> >)>::Run 0x00007ffff0cc1adb (chrome.dll -pdf_to_emf_converter.cc:519 ) printing::`anonymous namespace'::PdfConverterImpl::OnPageDone 0x00007fffefb2cdad (chrome.dll -pdf_to_emf_converter.mojom.cc:586 ) printing::mojom::PdfToEmfConverter_ConvertPage_ForwardToCallback::Accept(mojo::Message *) 0x00007fffeedfbd6b (chrome.dll -interface_endpoint_client.cc:413 ) mojo::InterfaceEndpointClient::HandleValidatedMessage(mojo::Message *) 0x00007fffeedfb39e (chrome.dll -multiplex_router.cc:879 ) mojo::internal::MultiplexRouter::ProcessIncomingMessage(mojo::internal::MultiplexRouter::MessageWrapper *,mojo::internal::MultiplexRouter::ClientCallBehavior,base::SequencedTaskRunner *) 0x00007fffeedfae49 (chrome.dll -multiplex_router.cc:604 ) mojo::internal::MultiplexRouter::Accept(mojo::Message *) 0x00007fffeedf9907 (chrome.dll -connector.cc:444 ) mojo::Connector::ReadSingleMessage(unsigned int *) 0x00007fffeedf9788 (chrome.dll -connector.cc:474 ) mojo::Connector::ReadAllAvailableMessages() 0x00007fffeedf9653 (chrome.dll -simple_watcher.cc:275 ) mojo::SimpleWatcher::OnHandleReady(int,unsigned int,mojo::HandleSignalsState const &) 0x00007fffeed21296 (chrome.dll -task_annotator.cc:53 ) base::debug::TaskAnnotator::RunTask(char const *,base::PendingTask *) 0x00007fffeed20b7b (chrome.dll -message_loop.cc:391 ) base::MessageLoop::RunTask(base::PendingTask *) 0x00007fffeed20496 (chrome.dll -message_loop.cc:454 ) base::MessageLoop::DoWork() 0x00007fffeee384bc (chrome.dll -message_pump_win.cc:173 ) base::MessagePumpForUI::DoRunLoop() 0x00007fffeed30f64 (chrome.dll -message_pump_win.cc:56 ) base::MessagePumpWin::Run(base::MessagePump::Delegate *) 0x00007fffeed1fe74 (chrome.dll -run_loop.cc:130 ) base::RunLoop::Run() 0x00007fffef107d7f (chrome.dll -chrome_browser_main.cc:1945 ) ChromeBrowserMainParts::MainMessageLoopRun(int *) 0x00007fffef107b76 (chrome.dll -browser_main_loop.cc:1195 ) content::BrowserMainLoop::RunMainMessageLoopParts() 0x00007fffef107b24 (chrome.dll -browser_main_runner.cc:140 ) content::BrowserMainRunnerImpl::Run() 0x00007fffeed187ac (chrome.dll -browser_main.cc:46 ) content::BrowserMain(content::MainFunctionParams const &) 0x00007fffeed18639 (chrome.dll -content_main_runner.cc:427 ) content::RunNamedProcessTypeMain(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,content::MainFunctionParams const &,content::ContentMainDelegate *) 0x00007fffeed184e9 (chrome.dll -content_main_runner.cc:710 ) content::ContentMainRunnerImpl::Run() 0x00007fffeed058c2 (chrome.dll -main.cc:456 ) service_manager::Main(service_manager::MainParams const &) 0x00007fffeed0536f (chrome.dll -content_main.cc:19 ) content::ContentMain(content::ContentMainParams const &) 0x00007fffeed01b40 (chrome.dll -chrome_main.cc:128 ) ChromeMain 0x00007ff6baff3519 (chrome.exe -main_dll_loader_win.cc:199 ) MainDllLoader::Launch(HINSTANCE__ *,base::TimeTicks) 0x00007ff6baff169c (chrome.exe -chrome_exe_main_win.cc:230 ) wWinMain 0x00007ff6bb0cb0d2 (chrome.exe -exe_common.inl:283 ) __scrt_common_main_seh 0x00007ff822a28101 (KERNEL32.DLL + 0x00018101 ) BaseThreadInitThunk 0x00007ff822f3c5b3 (ntdll.dll + 0x0005c5b3 ) RtlUserThreadStart 1)This crash is first started on 64.0.3282.14 and seeing single instances. 2)This crash only seen on Windows>Browser and rank position not generated yet. Links to the list of builds: ---------------------------- https://goto.google.com/pfftt Adding release blocker for this issue. please remove if not the case. Thank You!
,
Dec 18 2017
,
Dec 18 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/1dfa656c7d805661c3fd59f4411be72d814e821a commit 1dfa656c7d805661c3fd59f4411be72d814e821a Author: Jay Civelli <jcivelli@chromium.org> Date: Mon Dec 18 21:51:56 2017 Fix crasher when canceling print. Now that PdfConverterImpl is not ref counted anymore, it needs to make sure it did not get deleted after invoking a client callback. Bug: 795637 Change-Id: I61812357f4f7f1960af5cf46256043ee453612ba Reviewed-on: https://chromium-review.googlesource.com/832928 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Jay Civelli <jcivelli@chromium.org> Cr-Commit-Position: refs/heads/master@{#524813} [modify] https://crrev.com/1dfa656c7d805661c3fd59f4411be72d814e821a/chrome/browser/printing/pdf_to_emf_converter.cc
,
Dec 18 2017
Would you mind merging the above fix to 3298 branch. We are planning to build an RC from this branch.
,
Dec 18 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/3b1e1f46a2177de26e7617616ab014cc0cb7ea7a commit 3b1e1f46a2177de26e7617616ab014cc0cb7ea7a Author: Jay Civelli <jcivelli@chromium.org> Date: Mon Dec 18 23:19:02 2017 Fix crasher when canceling print. Now that PdfConverterImpl is not ref counted anymore, it needs to make sure it did not get deleted after invoking a client callback. Bug: 795637 Change-Id: I61812357f4f7f1960af5cf46256043ee453612ba Reviewed-on: https://chromium-review.googlesource.com/832928 Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Jay Civelli <jcivelli@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#524813}(cherry picked from commit 1dfa656c7d805661c3fd59f4411be72d814e821a) Reviewed-on: https://chromium-review.googlesource.com/833307 Reviewed-by: Krishna Govind <govind@chromium.org> Cr-Commit-Position: refs/branch-heads/3298@{#3} Cr-Branched-From: 6586a208880a70a00856529493741971ecfea5c2-refs/heads/master@{#524617} [modify] https://crrev.com/3b1e1f46a2177de26e7617616ab014cc0cb7ea7a/chrome/browser/printing/pdf_to_emf_converter.cc
,
Dec 19 2017
,
Dec 19 2017
There are only 3 reports of of this crash in 65.0.3298.3, hence no an RBD. Reopening for further investigation
,
Dec 20 2017
jcivelli@: Please take a look as this is one of the top browser crash(currently #2) on the latest Windows chrome canary(65.0.3299.0). Link to the list of the builds with this magic signature and crashes: https://goto.google.com/hgajp Other crash reports with similar magic signature: Issue 796008
,
Dec 27 2017
No crashes seen on crash server post chrome version: 65.0.3300.0, This looks to be fixed by the fix landed in Issue 796008. Removing the Blocker for now.
,
Dec 28 2017
Not seeing more crashers, closing the bug.
,
Jan 2 2018
Just to update: media::AgcAudioStream<media::AudioInputStream>::~AgcAudioStream Still seeing crash instances on latest dev & beta: 65.0.3298.3 89.32% 2668(from 1496 clients) -dev 64.0.3282.39 0.30% 9 (From 9 clients) -Beta Link to the list of builds: ------------------------- https://crash.corp.google.com/browse?q=product.name%3D%27Chrome%27%20AND%20custom_data.ChromeCrashProto.ptype%3D%27browser%27%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D%27media%3A%3AAgcAudioStream%3Cmedia%3A%3AAudioInputStream%3E%3A%3A~AgcAudioStream%27&sql_dialect=googlesql&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D#productversion:1000 jcivelli@,Could you please merge the same fix to latest dev & beta? Thanks in advance..!
,
Jan 2 2018
This is currently top#2 browser crash on latest Chrome Dev i.e., 65.0.3298.3 based on above comment reopening the bug.
,
Jan 3 2018
Sorry missed that this was fixed as part of another Issue#796008(Thanks Amit) where Lei has fixed both issues#796008 and 795637 . Apologize for the confusion. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by nutan.ga...@etouch.net
, Dec 18 2017Owner: jcivelli@chromium.org
Status: Assigned (was: Unconfirmed)
1.9 MB
1.9 MB View Download
1.3 MB
1.3 MB View Download