Updates: Cc: [EMAIL PROTECTED] Comment #8 on issue 4630 by [EMAIL PROTECTED]: Crash [browser] in OnReadCompleted, on completing FTP request http://code.google.com/p/chromium/issues/detail?id=4630
The top of the call stack can't be examined for some reason. WinDbg says: No prior disassembly possible 6f006300 ?? ??? 6f006301 ?? ??? 6f006302 ?? ??? 6f006303 ?? ??? 6f006304 ?? ??? 6f006305 ?? ??? ... The next function on the call stack is void ResourceDispatcherHost::OnResponseCompleted(URLRequest* request) { RESOURCE_LOG("OnResponseCompleted: " << request->url().spec()); ExtraRequestInfo* info = ExtraInfoForRequest(request); if (info->event_handler->OnResponseCompleted(info->request_id, request->status())) { <== HERE NotifyResponseCompleted(request, info->render_process_host_id); // The request is complete so we can remove it. RemovePendingRequest(info->render_process_host_id, info->request_id); } // If the handler's OnResponseCompleted returns false, we are deferring the // call until later. We will notify the world and clean up when we resume. } The disassembly is: chrome_690a0000!ResourceDispatcherHost::OnResponseCompleted: 692cc73d 55 push ebp 692cc73e 8bec mov ebp,esp 692cc740 51 push ecx 692cc741 8365fc00 and dword ptr [ebp-4],0 692cc745 53 push ebx 692cc746 8bd8 mov ebx,eax 692cc748 56 push esi 692cc749 8bb3cc010000 mov esi,dword ptr [ebx+1CCh] 692cc74f 8b4e04 mov ecx,dword ptr [esi+4] 692cc752 8b01 mov eax,dword ptr [ecx] 692cc754 8d9388010000 lea edx,[ebx+188h] 692cc75a 52 push edx 692cc75b ff7610 push dword ptr [esi+10h] 692cc75e ff5018 call dword ptr [eax+18h] 692cc761 84c0 test al,al <=== HERE 692cc763 7419 je chrome_690a0000!ResourceDispatcherHost::OnResponseCompleted+0x41 (692cc77e) 692cc765 ff7614 push dword ptr [esi+14h] 692cc768 ff7508 push dword ptr [ebp+8] 692cc76b e802030000 call chrome_690a0000!ResourceDispatcherHost::NotifyResponseCompleted (692cca72) 692cc770 ff7610 push dword ptr [esi+10h] 692cc773 8b4614 mov eax,dword ptr [esi+14h] 692cc776 ff7508 push dword ptr [ebp+8] 692cc779 e8d6f3ffff call chrome_690a0000!ResourceDispatcherHost::RemovePendingRequest (692cbb54) 692cc77e 5e pop esi 692cc77f 5b pop ebx 692cc780 c9 leave 692cc781 c20400 ret 4 I believe we crashed inside "call dword ptr [eax+18h]", which should be info->event_handler->OnResponseCompleted() because that's the only call instruction that uses a function pointer. -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Chromium-bugs" group. To post to this group, send email to chromium-bugs@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/chromium-bugs?hl=en -~----------~----~----~----~------~----~------~--~---