Stable Signature: tc_free-ef69eb4c |
||||
Issue descriptionProduct, version: Chrome_ChromeOS, M66 beta (10452.69.0, 66.0.3359.102) coral bruce device Process type: browser Magic Signature: tc_free Thread 24 (id: 5107) CRASHED [SIGSEGV @ 0x0000040000000008 ] MAGIC SIGNATURE THREAD Stack Quality: 100% Show frame trust levels 0x00005bfa77899364 (chrome -free_list.h:107 ) tc_free 0x00005bfa70d8f9ab (chrome -callback.h:96 ) base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) 0x00005bfa70d91811 (chrome -message_loop.cc:395 ) base::MessageLoop::RunTask(base::PendingTask*) 0x00005bfa70d92330 (chrome -message_loop.cc:407 ) base::MessageLoop::DoWork() 0x00005bfa70d92716 (chrome -message_pump_default.cc:37 ) base::MessagePumpDefault::Run(base::MessagePump::Delegate*) 0x00005bfa7300af84 (chrome -run_loop.cc:133 ) bool std::__1::operator!=<content::MediaStreamProviderListener**>(std::__1::__wrap_iter<content::MediaStreamProviderListener**> const&, std::__1::__wrap_iter<content::MediaStreamProviderListener**> const&) 0x00005bfa7302bef8 (chrome -thread.cc:338 ) base::Thread::ThreadMain() 0x00005bfa7302a03c (chrome -platform_thread_posix.cc:76 ) base::(anonymous namespace)::ThreadFunc(void*) 0x000078413f7962b7 (libpthread-2.23.so -pthread_create.c:333 ) start_thread 0x000078413e8ebfac (libc-2.23.so + 0x000f6fac ) clone Crash report ID's: bf50477d8538e084 (Local Crash ID: Chrome) 644c6b7ea553f67e (Local Crash ID: ChromeOS_ARC) 2e206c9c294cef87 (Local Crash ID: ChromeOS_ARC) b9352275e5f85938 (Local Crash ID: Chrome)
,
Apr 20 2018
,
Apr 20 2018
Stacks don't give much clue. From code search it looks like AudioInputDeviceManager and VideoCaptureManager are using naked pointers to MediaStreamProviderListener safely on Browser::IO thread. I cc'ed some owners to take a look as well.
,
Apr 24 2018
Passing to guidou@ for triage.
,
Apr 24 2018
mkarkada@: Is this something you can reproduce? This looks like a duplicate of bug 834039. Even though MediaStreamProviderListener appears on the stack, I doubt it is the root cause for this crash since the crash occurs on RunLoop, apparently on this line: https://cs.chromium.org/chromium/src/base/run_loop.cc?q=run_loop.cc&sq=package:chromium&dr&l=130 (this was line 133 in 66.0.3359.102) |
||||
►
Sign in to add a comment |
||||
Comment 1 by reve...@chromium.org
, Apr 20 2018Status: Available (was: Untriaged)