Status: Untriaged Owner: [email protected] CC: [email protected] Labels: Type-Bug Pri-1 OS-All Area-Misc Regression
New issue 7803 by [email protected]: Tabs crash with Inspector ! http://code.google.com/p/chromium/issues/detail?id=7803 Developer build (r9887) --Navigate to a page (cnn.com is fine) --Ctrl+Click on few links to open them in new tabs. --Open inspector for one of the tabs opened above and close the inspector. --Go to any non-Chrome window and come back to Chrome window. --Bring up Inspector again for one of tabs in step2. Result: All the tabs that are opened in step2 crash. Stack Analysis for the Crash ############################ FAULTING_IP: chrome_1000000!WebCore::InspectorController::show+36 [c:\b\slave\chromium-rel-xp\build\src\third_party\webkit\webcore\inspector\inspectorcontroller.cpp @ 1191] 015a2376 897048 mov dword ptr [eax+48h],esi EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff) ExceptionAddress: 015a2376 (chrome_1000000!WebCore::InspectorController::show+0x00000036) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000001 Parameter[1]: feeeff36 Attempt to write to address feeeff36 DEFAULT_BUCKET_ID: STATUS_ACCESS_VIOLATION PROCESS_NAME: chrome.exe ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s". WRITE_ADDRESS: feeeff36 NTGLOBALFLAG: 70 APPLICATION_VERIFIER_FLAGS: 0 FAULTING_THREAD: 00001f88 PRIMARY_PROBLEM_CLASS: STATUS_ACCESS_VIOLATION BUGCHECK_STR: APPLICATION_FAULT_STATUS_ACCESS_VIOLATION LAST_CONTROL_TRANSFER: from 015a276f to 015a2376 STACK_TEXT: 00d7fb94 015a276f 00a6d1b0 02808b18 00000000 chrome_1000000!WebCore::InspectorController::show+0x36 [c:\b\slave\chromium-rel-xp\build\src\third_party\webkit\webcore\inspector\inspectorcontroller.cpp @ 1191] 00d7fbc4 013a4ded 00000001 012d7319 00d7fc00 chrome_1000000!WebCore::InspectorController::showPanel+0x2f [c:\b\slave\chromium-rel-xp\build\src\third_party\webkit\webcore\inspector\inspectorcontroller.cpp @ 1207] 00d7fbcc 012d7319 00d7fc00 012e3b53 02808b18 chrome_1000000!WebViewImpl::ShowJavaScriptConsole+0xd [c:\b\slave\chromium-rel-xp\build\src\webkit\glue\webview_impl.cc @ 1427] 00d7fbd4 012e3b53 02808b18 00a6d1b0 012d6d90 chrome_1000000!IPC::Message::Dispatch<RenderView>+0x19 [c:\b\slave\chromium-rel-xp\build\src\chrome\common\ipc_message.h @ 136] 00d7fc00 012b4694 02808b18 02808b18 00a6fe88 chrome_1000000!RenderView::OnMessageReceived+0x2b3 [c:\b\slave\chromium-rel-xp\build\src\chrome\renderer\render_view.cc @ 357] 00d7fc14 012b4650 02808b18 02808b18 00a6fe4c chrome_1000000!MessageRouter::RouteMessage+0x34 [c:\b\slave\chromium-rel-xp\build\src\chrome\common\message_router.cc @ 39] 00d7fc28 012d6345 02808b18 00d7fef0 00a6a938 chrome_1000000!MessageRouter::OnMessageReceived+0x30 [c:\b\slave\chromium-rel-xp\build\src\chrome\common\message_router.cc @ 30] 00d7fc44 0186f107 02808b18 02808b08 010116f0 chrome_1000000!RenderThread::OnMessageReceived+0x115 [c:\b\slave\chromium-rel-xp\build\src\chrome\renderer\render_thread.cc @ 202] 00d7fc50 010116f0 00000000 00d7fef0 00000001 chrome_1000000!RunnableMethod<URLRequestInetJob,void (__thiscall URLRequestInetJob::*)(URLRequestInetJob::AsyncResult const &),Tuple1<URLRequestInetJob::AsyncResult> >::Run+0x17 [c:\b\slave\chromium-rel-xp\build\src\base\task.h @ 312] 00d7fcf0 0101224a 02808b08 00a69428 00d7fef0 chrome_1000000!MessageLoop::RunTask+0x80 [c:\b\slave\chromium-rel-xp\build\src\base\message_loop.cc @ 309] 00d7fd40 01026d61 00d7fef0 00d7fef0 00000000 chrome_1000000!MessageLoop::DoWork+0x1ea [c:\b\slave\chromium-rel-xp\build\src\base\message_loop.cc @ 416] 00d7fdec 01011dc7 00d7fef0 00a6fe54 00a6fe54 chrome_1000000!base::MessagePumpDefault::Run+0x111 [c:\b\slave\chromium-rel-xp\build\src\base\message_pump_default.cc @ 50] 00d7fe8c 01011f60 24cdf5b9 00a6fe68 00a6fe54 chrome_1000000!MessageLoop::RunInternal+0xb7 [c:\b\slave\chromium-rel-xp\build\src\base\message_loop.cc @ 197] 00d7fec0 010127fd 00000001 00000000 00000000 chrome_1000000!MessageLoop::RunHandler+0xa0 [c:\b\slave\chromium-rel-xp\build\src\base\message_loop.cc @ 181] 00d7fedc 0157e58a 00000048 00a60000 00000000 chrome_1000000!MessageLoop::Run+0x3d [c:\b\slave\chromium-rel-xp\build\src\base\message_loop.cc @ 155] 00d7ffac 0101a9cd 00d7ffec 7c80b713 00a6fe54 chrome_1000000!base::Thread::ThreadMain+0x8a [c:\b\slave\chromium-rel-xp\build\src\base\thread.cc @ 159] 00d7ffb4 7c80b713 00a6fe54 00000048 00a60000 chrome_1000000!`anonymous namespace'::ThreadFunc+0xd [c:\b\slave\chromium-rel-xp\build\src\base\platform_thread_win.cc @ 27] 00d7ffec 00000000 0101a9c0 00a6fe54 00000000 kernel32!BaseThreadStart+0x37 STACK_COMMAND: ~2s; .ecxr ; kb FOLLOWUP_IP: chrome_1000000!WebCore::InspectorController::show+36 [c:\b\slave\chromium-rel-xp\build\src\third_party\webkit\webcore\inspector\inspectorcontroller.cpp @ 1191] 015a2376 897048 mov dword ptr [eax+48h],esi FAULTING_SOURCE_CODE: No source found for 'c:\b\slave\chromium-rel-xp\build\src\third_party\webkit\webcore\inspector\inspectorcontroller.cpp' SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: chrome_1000000!WebCore::InspectorController::show+36 FOLLOWUP_NAME: MachineOwner MODULE_NAME: chrome_1000000 IMAGE_NAME: chrome.dll DEBUG_FLR_IMAGE_TIMESTAMP: 499aff2a FAILURE_BUCKET_ID: STATUS_ACCESS_VIOLATION_c0000005_chrome.dll!WebCore::InspectorController::show BUCKET_ID: APPLICATION_FAULT_STATUS_ACCESS_VIOLATION_chrome_1000000!WebCore::InspectorController::show+36 -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
