New issue
Advanced search Search tips

Issue 812697 link

Starred by 1 user
Status: Duplicate
Merged: issue 645913
Owner: ----
Closed: Feb 2018
Cc:
robliao@chromium.org
kkaluri@chromium.org
rbasuvula@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug



Sign in to add a comment

Browser hangs while closing ui::SelectFileDialog

Reported by svartme...@yandex-team.ru, Feb 15 2018 
UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7

Steps to reproduce the problem:
1. Open two browser windows.
2. Navigate to a site with <input type="file> (for example http://resizeimage.net).
3. Open select files dialog (press on "Upload an image" button).
4. Drag & drop 1 (or several) files to another browser window.
5. Close select files dialog via "X" button.

What is the expected behavior?
Browser does not hang.

What went wrong?
Browser hangs in ui::BaseShellDialogImpl::EndRun while joining a dialog thread (waits in base::PlatformThread::Join on WaitForSingleObject).

Crashed report ID: 

How much crashed? Whole browser

Is it a problem with a plugin? No 

Did this work before? No 

Chrome version: master  Channel: dev
OS Version: 10
Flash Version:
select_file_dialog_crash.mp4
6.0 MB View Download

Comment 2 by robliao@chromium.org, Feb 16 2018 

I'm not able to repro this. What's the full stack of the hanging threads in question?

Comment 3 by rbasuvula@chromium.org, Feb 16 2018

Labels: Needs-Feedback

Comment 4 by svartme...@yandex-team.ru, Feb 16 2018 

Stack:
   base.dll!base::PlatformThread::Join(base::PlatformThreadHandle thread_handle)
   base.dll!base::Thread::Stop()
   base.dll!base::Thread::~Thread()
   base.dll!base::Thread::~Thread()
   shell_dialogs.dll!ui::BaseShellDialogImpl::EndRun(ui::BaseShellDialogImpl::RunState run_state)
   shell_dialogs.dll!`anonymous namespace'::SelectFileDialogImpl::FileNotSelected(void * params, ui::BaseShellDialogImpl::RunState run_state)
   shell_dialogs.dll!base::internal::FunctorTraits<void ((anonymous namespace)::SelectFileDialogImpl::*)(void *, ui::BaseShellDialogImpl::RunState) __attribute__((thiscall)),void>::Invoke<const scoped_refptr<(anonymous namespace)::SelectFileDialogImpl> &,void *const &,const ui::BaseShellDialogImpl::RunState &>(void(`anonymous namespace'::SelectFileDialogImpl::*)(void *, ui::BaseShellDialogImpl::RunState) method, const scoped_refptr<(anonymous namespace)::SelectFileDialogImpl> & receiver_ptr, void * const & args, const ui::BaseShellDialogImpl::RunState & args)
   shell_dialogs.dll!base::internal::InvokeHelper<0,void>::MakeItSo<void ((anonymous namespace)::SelectFileDialogImpl::*const &)(void *, ui::BaseShellDialogImpl::RunState) __attribute__((thiscall)),const scoped_refptr<(anonymous namespace)::SelectFileDialogImpl> &,void *const &,const ui::BaseShellDialogImpl::RunState &>(void(`anonymous namespace'::SelectFileDialogImpl::*)(void *, ui::BaseShellDialogImpl::RunState) & functor, const scoped_refptr<(anonymous namespace)::SelectFileDialogImpl> & args, void * const & args, const ui::BaseShellDialogImpl::RunState & args) 
   shell_dialogs.dll!base::internal::Invoker<base::internal::BindState<void ((anonymous namespace)::SelectFileDialogImpl::*)(void *, ui::BaseShellDialogImpl::RunState) __attribute__((thiscall)),scoped_refptr<(anonymous namespace)::SelectFileDialogImpl>,void *,ui::BaseShellDialogImpl::RunState>,void ()>::RunImpl<void ((anonymous namespace)::SelectFileDialogImpl::*const &)(void *, ui::BaseShellDialogImpl::RunState) __attribute__((thiscall)),const std::tuple<scoped_refptr<(anonymous namespace)::SelectFileDialogImpl>,void *,ui::BaseShellDialogImpl::RunState> &,0,1,2>(void(`anonymous namespace'::SelectFileDialogImpl::*)(void *, ui::BaseShellDialogImpl::RunState) & functor, const std::tuple<scoped_refptr<(anonymous namespace)::SelectFileDialogImpl>,void *,ui::BaseShellDialogImpl::RunState> & bound, std::integer_sequence<unsigned int,0,1,2>) 
   shell_dialogs.dll!base::internal::Invoker<base::internal::BindState<void ((anonymous namespace)::SelectFileDialogImpl::*)(void *, ui::BaseShellDialogImpl::RunState) __attribute__((thiscall)),scoped_refptr<(anonymous namespace)::SelectFileDialogImpl>,void *,ui::BaseShellDialogImpl::RunState>,void ()>::Run(base::internal::BindStateBase * base) 
   base.dll!base::OnceCallback<void ()>::Run() 
   base.dll!base::debug::TaskAnnotator::RunTask(const char * queue_function, base::PendingTask * pending_task) 
   base.dll!base::internal::IncomingTaskQueue::RunTask(base::PendingTask * pending_task) 
   base.dll!base::MessageLoop::RunTask(base::PendingTask * pending_task) 
   base.dll!base::MessageLoop::DeferOrRunPendingTask(base::PendingTask pending_task) 
   base.dll!base::MessageLoop::DoWork()
   base.dll!base::MessagePumpForUI::DoRunLoop()
   base.dll!base::MessagePumpWin::Run(base::MessagePump::Delegate * delegate)
   base.dll!base::MessageLoop::Run(bool application_tasks_allowed) 
   base.dll!base::RunLoop::Run() 
   browser.dll!ChromeBrowserMainParts::MainMessageLoopRun(int * result_code) 
   content.dll!content::BrowserMainLoop::RunMainMessageLoopParts() 
   content.dll!content::BrowserMainRunnerImpl::Run() 
   content.dll!content::BrowserMain(const content::MainFunctionParams & parameters)
   content.dll!content::RunNamedProcessTypeMain(const std::basic_string<char,std::char_traits<char>,std::allocator<char> > & process_type, const content::MainFunctionParams & main_function_params, content::ContentMainDelegate * delegate)
   content.dll!content::ContentMainRunnerImpl::Run() 
   content.dll!content::ContentServiceManagerMainDelegate::RunEmbedderProcess()
   embedder.dll!service_manager::Main(const service_manager::MainParams & params)
   content.dll!content::ContentMain(const content::ContentMainParams & params) 
   browser.dll!ChromeMain(HINSTANCE__ * instance, sandbox::SandboxInterfaceInfo * sandbox_info, __int64 exe_entry_point_ticks) 
   browser.exe!MainDllLoader::Launch(HINSTANCE__ * instance, base::TimeTicks exe_entry_point_ticks)
   browser.exe!wWinMain(HINSTANCE__ * instance, HINSTANCE__ * prev, wchar_t *, int)
Project Member

Comment 5 by sheriffbot@chromium.org, Feb 16 2018

Cc: rbasuvula@chromium.org
Labels: -Needs-Feedback
Thank you for providing more feedback. Adding requester "rbasuvula@chromium.org" to the cc list and removing "Needs-Feedback" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 6 by svartme...@yandex-team.ru, Feb 16 2018 

Also, reproduced on Win7.
Tips & tricks:
  1) Here we have some kind of a race, so try to drag & drop several large files before closing the dialog.
  2) Close dialog (quickly) right after files were dropped.
  3) Sometimes it takes several attempts to reproduce the issue.

Comment 7 by kkaluri@chromium.org, Feb 20 2018

Cc: kkaluri@chromium.org
Components: Blink>HTML>Dialog
Labels: Needs-Feedback
Unable to reproduce the issue on Windows 10 with Chrome Beta #65.0.3325.73 Dev #65.0.3325.73 Canary #66.0.3350.0.

svartmetal@ Could you please help us with the crash ID from chrome://crashes for further triage.

Comment 8 by robliao@chromium.org, Feb 21 2018

Cc: robliao@chromium.org

Comment 9 by robliao@chromium.org, Feb 21 2018 

#4. What's the stack of the thread being joined? That will identify the deadlock.

Comment 10 by tkent@chromium.org, Feb 23 2018

Components: -Blink>HTML>Dialog UI
Mergedinto: 645913
Status: Duplicate (was: Unconfirmed)

Comment 11 by sebmarchand@chromium.org, Jun 22 2018 

 Issue 645913  gives us a good repro for this one.

Sign in to add a comment