Unassigning from me - the network service is still an experimental feature, and my CL was made to make things not yet using the new API fail (Though, admittedly, ideally with network errors, rather than crashing).  We should certainly fix this before launching, of course.

Glancing at the call stack, this is crashing because in SocketDispatcherHost, which is using the legacy APIs to do DNS lookups, grabbing the HostResolver from ResourceContext.  My CL broke ResourceContext when the network service is enabled, and we'll probably want to make code just use the resolver directly rather than going through ResourceContext.

Please find the stack trace for the crash id:
---------------------------------------------
Thread 3 (id: 0x1ac4) CRASHED [EXCEPTION_ACCESS_VIOLATION_READ @ 0x00000000 ] MAGIC SIGNATURE THREAD
Stack Quality100%Show frame trust levels
0x00007fff91880be8	(chrome.dll -socket_dispatcher_host.cc:82 )	content::P2PSocketDispatcherHost::DnsRequest::Resolve(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,base::RepeatingCallback<void > const &)
0x00007fff9187f4cb	(chrome.dll -socket_dispatcher_host.cc:247 )	content::P2PSocketDispatcherHost::OnGetHostAddress(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,int)
0x00007fff9187f2ee	(chrome.dll -ipc_message_templates.h:146 )	IPC::MessageT<P2PHostMsg_GetHostAddress_Meta,std::tuple<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,int>,void>::Dispatch<content::P2PSocketDispatcherHost,content::P2PSocketDispatcherHost,void,void (content::P2PSocketDispatcherHost::*)(const std::basic_string<char,std::char_traits<char>,std::allocator<char> > &, int)>
0x00007fff9187ee4b	(chrome.dll -socket_dispatcher_host.cc:156 )	content::P2PSocketDispatcherHost::OnMessageReceived(IPC::Message const &)
0x00007fff90e288ae	(chrome.dll -browser_message_filter.cc:73 )	content::BrowserMessageFilter::Internal::OnMessageReceived(IPC::Message const &)
0x00007fff92143270	(chrome.dll -message_filter_router.cc:22 )	IPC::`anonymous namespace'::TryFiltersImpl
0x00007fff910aeab4	(chrome.dll -ipc_channel_proxy.cc:86 )	IPC::ChannelProxy::Context::TryFilters(IPC::Message const &)
0x00007fff910aea6a	(chrome.dll -ipc_channel_proxy.cc:121 )	IPC::ChannelProxy::Context::OnMessageReceived(IPC::Message const &)
0x00007fff90e28541	(chrome.dll -ipc_channel_mojo.cc:263 )	IPC::ChannelMojo::OnMessageReceived(IPC::Message const &)
0x00007fff921430a9	(chrome.dll -ipc_message_pipe_reader.cc:113 )	IPC::internal::MessagePipeReader::Receive(base::span<unsigned char const ,-1>,base::Optional<std::vector<mojo::StructPtr<mojo::native::SerializedHandle>,std::allocator<mojo::StructPtr<mojo::native::SerializedHandle> > > >)
0x00007fff90e26954	(chrome.dll -ipc.mojom.cc:274 )	IPC::mojom::ChannelStubDispatch::Accept(IPC::mojom::Channel *,mojo::Message *)
0x00007fff9214028f	(chrome.dll -ipc_mojo_bootstrap.cc:828 )	IPC::`anonymous namespace'::ChannelAssociatedGroupController::Accept
0x00007fff90bd7ced	(chrome.dll -connector.cc:442 )	mojo::Connector::ReadSingleMessage(unsigned int *)
0x00007fff90bd7b69	(chrome.dll -connector.cc:472 )	mojo::Connector::ReadAllAvailableMessages()
0x00007fff90bd7a54	(chrome.dll -simple_watcher.cc:274 )	mojo::SimpleWatcher::OnHandleReady(int,unsigned int,mojo::HandleSignalsState const &)
0x00007fff90b200d4	(chrome.dll -task_annotator.cc:101 )	base::debug::TaskAnnotator::RunTask(char const *,base::PendingTask *)
0x00007fff90b1fbab	(chrome.dll -message_loop.cc:319 )	base::MessageLoop::RunTask(base::PendingTask *)
0x00007fff90b1f5f7	(chrome.dll -message_loop.cc:373 )	base::MessageLoop::DoWork()
0x00007fff90b641d9	(chrome.dll -message_pump_win.cc:478 )	base::MessagePumpForIO::DoRunLoop()
0x00007fff90b64067	(chrome.dll -message_pump_win.cc:56 )	base::MessagePumpWin::Run(base::MessagePump::Delegate *)
0x00007fff90b1f150	(chrome.dll -run_loop.cc:102 )	base::RunLoop::Run()
0x00007fff90b63fd7	(chrome.dll -browser_process_sub_thread.cc:178 )	content::BrowserProcessSubThread::IOThreadRun(base::RunLoop *)
0x00007fff90b1daef	(chrome.dll -thread.cc:337 )	base::Thread::ThreadMain()
0x00007fff91c2e413	(chrome.dll -platform_thread_win.cc:91 )	base::`anonymous namespace'::ThreadFunc
0x00007fffc5391fe3	(KERNEL32.dll + 0x00011fe3 )	BaseThreadInitThunk
0x00007fffc6efcb30	(ntdll.dll + 0x0006cb30 )	RtlUserThreadStart

 Issue 853835  has been merged into this issue.

As I understand the issue: P2PSocketDispatcherHost is accessing ResourceContext to use HostResolver when network service is enabled. That's blocked when network service is enabled because such code should then go through network service. Not an actual issue yet as network service won't actually be enabled until we fix stuff like this.

Proper fix is to migrate P2PSocketDispatcherHost to do its host resolution via NetworkContext::ResolveHost once that method exists and supports the needs of this code.  I'm already working on implementing that, and I'll make sure to migrate this code once it's ready.

Just visiting "Aliexpress.com" results in this crash. 

 Issue 858950  has been merged into this issue.

I'm hitting this a lot myself. We shouldn't crash in this case until the HostResolver is out of process; we should use the in-process one so that canary is usable.

I'll bring back the HostResolver in the meantime and then once the mojo api is ready we'll convert this.

The issue is it's using the ResourceContext, which has been deprecated for 6 (??) years.  There are in fact plenty of in-process host resolvers it could be using, there's just not a ResourceContext.  I'd suggest moving it over to getting a HostResolver from a URLRequestContext, instead of continuing to use the ResourceContext.

Or just wait a week or two - we're not that far away from having a HostResolver mojo interface, at least.

@Matt; currently with network service, even URLRequestContext's don't have a HostResolver set up.

When the mojo api is ready, it'll be easy to use cs/ and revert the cl. but in the meantime, having canary crash often (I'm hitting this on many websites) is adding noise to testers and making it hard to dogfood this.

btw I can also change that specific code to use the HostResolver from a URLRequestContext, provided it's non null, and that would avoid using the deprecated RC.

They do - they are creating using URLRequestContextBuilder, so just get a default one.

They are created, rather.

ahh, thanks I thought the removal of the following line

" builder.set_shared_host_resolver(
     io_thread_globals->deprecated_host_resolver.get());"
meant there was no hostresolver, I didn't realize the builder created a default one.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ed5e651e10cd158bf786b33c0dcd77d714244d2e

commit ed5e651e10cd158bf786b33c0dcd77d714244d2e
Author: John Abd-El-Malek <jam@chromium.org>
Date: Thu Jul 12 20:32:33 2018

Stop using ResourceContext::GetHostResolver().

ResourceContext is deprecated, and after r567879 it returns nullptr when network service is enabled.

Instead get the HostResolver from the URLRequestContext. Also remove ResourceContext::GetHostResolver() as it's no longer used.

Bug:  853696 
Change-Id: Ic09dac09f14e4aaf0e20dd990246cc51ae35e933
Reviewed-on: https://chromium-review.googlesource.com/1135366
Reviewed-by: Matt Menke <mmenke@chromium.org>
Commit-Queue: John Abd-El-Malek <jam@chromium.org>
Cr-Commit-Position: refs/heads/master@{#574706}
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/android_webview/browser/aw_resource_context.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/android_webview/browser/aw_resource_context.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/chrome/browser/profiles/profile_io_data.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/chrome/browser/profiles/profile_io_data.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/chromecast/browser/cast_browser_context.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/browser/renderer_host/p2p/socket_dispatcher_host.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/browser/renderer_host/p2p/socket_dispatcher_host.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/browser/renderer_host/pepper/pepper_host_resolver_message_filter.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/browser/renderer_host/pepper/pepper_host_resolver_message_filter.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/browser/renderer_host/pepper/pepper_tcp_socket_message_filter.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/browser/renderer_host/pepper/pepper_tcp_socket_message_filter.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/browser/renderer_host/render_process_host_impl.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/public/browser/resource_context.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/public/test/mock_resource_context.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/public/test/mock_resource_context.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/shell/browser/shell_browser_context.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/shell/browser/shell_browser_context.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/shell/browser/shell_url_request_context_getter.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/content/shell/browser/shell_url_request_context_getter.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/extensions/browser/api/dns/dns_api.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/extensions/browser/api/dns/dns_api.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/extensions/browser/api/dns/host_resolver_wrapper.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/extensions/browser/api/dns/host_resolver_wrapper.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/extensions/browser/api/socket/socket_api.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/extensions/browser/api/socket/socket_api.h
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/headless/lib/browser/headless_browser_context_impl.cc
[modify] https://crrev.com/ed5e651e10cd158bf786b33c0dcd77d714244d2e/webrunner/browser/webrunner_browser_context.cc

Update:

Rechecked the above issue on Win(7,10) OS using latest canary build #69.0.3493.0 and issue is fixed. Browser does not gets crashed after clicking on 'place order' button on flipkart.com.

Please find below attached screencast for reference.

Thank You...
 

Deleted: Canary_behaviour.mp4 877 KB

	Canary_behaviour.mp4 877 KB View Download