Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Asynchronous onBeforeRequest callback crashes Chromium with unretained dangling pointer error for specific websites #42505

Closed
3 tasks done
amitparida opened this issue Jun 14, 2024 · 6 comments
Closed
3 tasks done

[Bug]: Asynchronous onBeforeRequest callback crashes Chromium with unretained dangling pointer error for specific websites #42505

amitparida opened this issue Jun 14, 2024 · 6 comments
Labels
31-x-y 32-x-y bug 🪲 component/webRequest crash 💥 has-repro-gist Issue can be reproduced with code at https://gist.github.com/ platform/all

Comments

@amitparida
Copy link

Preflight Checklist

Electron Version

31.0.1

What operating system are you using?

macOS

Operating System Version

macOS Sonoma 14.5

What arch are you using?

x64

Last Known Working Electron version

29.1.1

Expected Behavior

An asynchronous handler to a window's webContents.session.webRequest.onBeforeRequest method should not result in a crash, regardless of the website being navigated to.

Actual Behavior

If there is any asynchrony in the onBeforeRequest handler, attempting to navigate to or within few websites like Adidas-CA, Yahoo results in Chromium crashing with the fatal error: [67617:0614/200604.586896:FATAL:partition_alloc_support.cc(807)] Detected dangling raw_ptr in unretained with id=0x00000138007c37fc:.
Try-catch blocks are not sufficient to keep this error from tearing down the entire application.

Testcase Gist URL

https://gist.github.com/amitparida/adfd147123f60ad23508a356ff182f8e

Additional Information

Here are the steps to follow to reproduce the issue.

  1. After loading the test Gist in Fiddle, add @electron/remote as a module.
  2. Then, run the application and load Adidas-CA in the browser.
  3. Once the site has loaded, click on the Adidas Icon/logo to renavigate to the home page again.
  4. Anywhere between 1 to 5 clicks, the entire app will crash with an error in the console Detected dangling raw_ptr in unretained with id=0x000001200083e0fc.

The bug lies with multiple stable versions released post v30.0.0. I'm sure there woudl be multiple other websites which if loaded would crash the application. Please look at it at the earliest as we're unable to upgrade our in-Production Electron Application impacting the users.
@electron-issue-triage electron-issue-triage bot added 31-x-y has-repro-gist Issue can be reproduced with code at https://gist.github.com/ labels Jun 14, 2024
@amitparida amitparida mentioned this issue Jun 14, 2024
Open
3 tasks
@codebytere
Copy link
Member

Stacktrace 

[69462:0614/163249.271244:FATAL:partition_alloc_support.cc(830)] Detected dangling raw_ptr in unretained with id=0x000001280038a3f8:

Task trace:
0   Electron Framework                  0x000000011b5a9778 IPC::ChannelAssociatedGroupController::Accept(mojo::Message*) + 1060
1   Electron Framework                  0x000000011b17e7a8 mojo::SimpleWatcher::Context::Notify(unsigned int, MojoHandleSignalsState, unsigned int) + 224

Stack trace:
0   Electron Framework                  0x000000011adf95c8 base::debug::CollectStackTrace(void const**, unsigned long) + 28
1   Electron Framework                  0x000000011ade89cc base::debug::StackTrace::StackTrace() + 80
2   Electron Framework                  0x000000011adfd810 base::allocator::UnretainedDanglingRawPtrDetectedCrash(unsigned long) + 76
3   Electron Framework                  0x000000011ae492c4 base::internal::RawPtrBackupRefImpl<true, false>::ReportIfDanglingInternal(unsigned long) + 3440
4   Electron Framework                  0x0000000115b910fc base::internal::Invoker<base::internal::FunctorTraits<void (electron::api::WebRequest::*&&)(unsigned long long, GURL*, v8::Local<v8::Value>), electron::api::WebRequest*, unsigned long long&&, GURL*&&>, base::internal::BindState<true, true, false, void (electron::api::WebRequest::*)(unsigned long long, GURL*, v8::Local<v8::Value>), base::internal::UnretainedWrapper<electron::api::WebRequest, base::unretained_traits::MayNotDangle, (partition_alloc::internal::RawPtrTraits)0>, unsigned long long, base::internal::UnretainedWrapper<GURL, base::unretained_traits::MayNotDangle, (partition_alloc::internal::RawPtrTraits)0>>, void (v8::Local<v8::Value>)>::RunOnce(base::internal::BindStateBase*, v8::Local<v8::Value>&&) + 56
5   Electron Framework                  0x0000000115b8eb48 base::OnceCallback<void (v8::Local<v8::Value>)>::Run(v8::Local<v8::Value>) && + 76
6   Electron Framework                  0x0000000115b8ea90 base::internal::OnceCallbackHolder<v8::Local<v8::Value>>::Run(v8::Local<v8::Value>) + 144
7   Electron Framework                  0x0000000115afc7a8 base::RepeatingCallback<void (v8::Local<v8::Value>)>::Run(v8::Local<v8::Value>) const & + 88
8   Electron Framework                  0x0000000115b8e6b0 gin_helper::Invoker<std::__Cr::integer_sequence<unsigned long, 0ul>, v8::Local<v8::Value>>::DispatchToCallback(base::RepeatingCallback<void (v8::Local<v8::Value>)>) + 376
9   Electron Framework                  0x0000000115b8e4a8 gin_helper::NativeFunctionInvoker<void (v8::Local<v8::Value>)>::Go(base::RepeatingCallback<void (v8::Local<v8::Value>)>, gin::Arguments*) + 96
10  Electron Framework                  0x0000000115a8cefc base::internal::Invoker<base::internal::FunctorTraits<void (* const&)(base::RepeatingCallback<void (content::CertificateRequestResultType)>, gin::Arguments*), base::RepeatingCallback<void (content::CertificateRequestResultType)> const&>, base::internal::BindState<false, true, false, void (*)(base::RepeatingCallback<void (content::CertificateRequestResultType)>, gin::Arguments*), base::RepeatingCallback<void (content::CertificateRequestResultType)>>, void (gin::Arguments*)>::Run(base::internal::BindStateBase*, gin::Arguments*) + 52
11  Electron Framework                  0x0000000115a7db88 base::RepeatingCallback<void (std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&)>::Run(std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&) const & + 88
12  Electron Framework                  0x0000000115c80cbc gin_helper::(anonymous namespace)::CallTranslater(v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*) + 196
13  Electron Framework                  0x0000000115c819c0 base::RepeatingCallback<void (v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*)>::Run(v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*) const & + 100
14  Electron Framework                  0x0000000115c814e4 gin_helper::Invoker<std::__Cr::integer_sequence<unsigned long, 0ul, 1ul, 2ul>, v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*>::DispatchToCallback(base::RepeatingCallback<void (v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*)>) + 384
15  Electron Framework                  0x0000000115c81298 gin_helper::Dispatcher<void (v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*)>::DispatchToCallbackImpl(gin::Arguments*) + 152
16  Electron Framework                  0x0000000115c81188 gin_helper::Dispatcher<void (v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*)>::DispatchToCallback(v8::FunctionCallbackInfo<v8::Value> const&) + 44
17  ???                                 0x0000000157d93214 0x0 + 5768819220
18  ???                                 0x000000015010d7b4 0x0 + 5638248372
19  ???                                 0x00000001501102f0 0x0 + 5638259440
20  ???                                 0x0000000150110af0 0x0 + 5638261488
21  ???                                 0x00000001500d0f9c 0x0 + 5638000540
22  ???                                 0x0000000150110af0 0x0 + 5638261488
23  ???                                 0x0000000157d8dd28 0x0 + 5768797480
24  ???                                 0x0000000157d8d974 0x0 + 5768796532
25  Electron Framework                  0x000000011767cbfc v8::internal::(anonymous namespace)::Invoke(v8::internal::Isolate*, v8::internal::(anonymous namespace)::InvokeParams const&) + 4200
26  Electron Framework                  0x000000011767ba58 v8::internal::Execution::Call(v8::internal::Isolate*, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*) + 304
27  Electron Framework                  0x00000001173b7aa4 v8::Function::Call(v8::Local<v8::Context>, v8::Local<v8::Value>, int, v8::Local<v8::Value>*) + 872
28  Electron Framework                  0x000000011fde778c node::InternalMakeCallback(node::Environment*, v8::Local<v8::Object>, v8::Local<v8::Object>, v8::Local<v8::Function>, int, v8::Local<v8::Value>*, node::async_context) + 524
29  Electron Framework                  0x000000011fde7b0c node::MakeCallback(v8::Isolate*, v8::Local<v8::Object>, v8::Local<v8::Function>, int, v8::Local<v8::Value>*, node::async_context) + 268
30  Electron Framework                  0x0000000115c83058 gin_helper::internal::CallMethodWithArgs(v8::Isolate*, v8::Local<v8::Object>, char const*, std::__Cr::vector<v8::Local<v8::Value>, std::__Cr::allocator<v8::Local<v8::Value>>>*) + 204
31  Electron Framework                  0x0000000115b6ec98 v8::Local<v8::Value> gin_helper::EmitEvent<std::__Cr::basic_string_view<char, std::__Cr::char_traits<char>>, gin::Handle<gin_helper::internal::Event>&, bool&, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage>(v8::Isolate*, v8::Local<v8::Object>, std::__Cr::basic_string_view<char, std::__Cr::char_traits<char>> const&, gin::Handle<gin_helper::internal::Event>&, bool&, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage&&) + 172
32  Electron Framework                  0x0000000115b52968 bool electron::api::WebContents::EmitWithSender<bool&, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage>(std::__Cr::basic_string_view<char, std::__Cr::char_traits<char>>, content::RenderFrameHost*, base::OnceCallback<void (blink::CloneableMessage)>, bool&, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage&&) + 248
33  Electron Framework                  0x0000000115b53508 electron::api::WebContents::MessageSync(bool, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage, base::OnceCallback<void (blink::CloneableMessage)>, content::RenderFrameHost*) + 136
34  Electron Framework                  0x0000000115ba23ec electron::ElectronApiIPCHandlerImpl::MessageSync(bool, std::__Cr::basic_string<char, std::__Cr::char_traits<char>,
std::__Cr::allocator<char>> const&, blink::CloneableMessage, base::OnceCallback<void (blink::CloneableMessage)>) + 124
35  Electron Framework                  0x000000011aa3abf4 electron::mojom::ElectronApiIPCStubDispatch::AcceptWithResponder(electron::mojom::ElectronApiIPC*, mojo::Message*, std::__Cr::unique_ptr<mojo::MessageReceiverWithStatus, std::__Cr::default_delete<mojo::MessageReceiverWithStatus>>) + 820
36  Electron Framework                  0x0000000115ba2530 electron::mojom::ElectronApiIPCStub<mojo::RawPtrImplRefTraits<electron::mojom::ElectronApiIPC>>::AcceptWithResponder(mojo::Message*, std::__Cr::unique_ptr<mojo::MessageReceiverWithStatus, std::__Cr::default_delete<mojo::MessageReceiverWithStatus>>) + 44
37  Electron Framework                  0x000000011b156718 mojo::InterfaceEndpointClient::HandleValidatedMessage(mojo::Message*) + 1048
38  Electron Framework                  0x000000011b15d15c mojo::MessageDispatcher::Accept(mojo::Message*) + 232
39  Electron Framework                  0x000000011b1583cc mojo::InterfaceEndpointClient::HandleIncomingMessage(mojo::Message*) + 100
40  Electron Framework                  0x000000011b5af788 IPC::ChannelAssociatedGroupController::AcceptSyncMessage(unsigned int, unsigned int, IPC::(anonymous namespace)::ScopedUrgentMessageNotification) + 356
41  Electron Framework                  0x000000011b5b0164 base::internal::Invoker<base::internal::FunctorTraits<void (IPC::ChannelAssociatedGroupController::*&&)(unsigned int, unsigned int, IPC::(anonymous namespace)::ScopedUrgentMessageNotification), IPC::ChannelAssociatedGroupController*&&, unsigned int&&, unsigned int&&, IPC::(anonymous namespace)::ScopedUrgentMessageNotification&&>, base::internal::BindState<true, true, false, void (IPC::ChannelAssociatedGroupController::*)(unsigned int, unsigned int, IPC::(anonymous namespace)::ScopedUrgentMessageNotification), scoped_refptr<IPC::ChannelAssociatedGroupController>, unsigned int, unsigned int, IPC::(anonymous namespace)::ScopedUrgentMessageNotification>, void ()>::RunOnce(base::internal::BindStateBase*) + 184
42  Electron Framework                  0x0000000115a7e15c base::OnceCallback<void ()>::Run() && + 68
43  Electron Framework                  0x000000011ad6d888 base::TaskAnnotator::RunTaskImpl(base::PendingTask&) + 272
44  Electron Framework                  0x000000011ad9dd60 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::LazyNow*) + 1344
45  Electron Framework                  0x000000011ad9d4bc base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() + 100
46  Electron Framework                  0x000000011ae06b14 base::MessagePumpCFRunLoopBase::RunWork() + 332
47  Electron Framework                  0x000000011ae055a4 base::apple::CallWithEHFrame(void () block_pointer) + 16
48  Electron Framework                  0x000000011ae05e48 base::MessagePumpCFRunLoopBase::RunWorkSource(void*) + 68
49  CoreFoundation                      0x000000019511e4d8 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28
50  CoreFoundation                      0x000000019511e46c __CFRunLoopDoSource0 + 176
51  CoreFoundation                      0x000000019511e1dc __CFRunLoopDoSources0 + 244
52  CoreFoundation                      0x000000019511cdc8 __CFRunLoopRun + 828
53  CoreFoundation                      0x000000019511c434 CFRunLoopRunSpecific + 608
54  HIToolbox                           0x000000019f8c019c RunCurrentEventLoopInMode + 292
55  HIToolbox                           0x000000019f8bffd8 ReceiveNextEventCommon + 648
56  HIToolbox                           0x000000019f8bfd30 _BlockUntilNextEventMatchingListInModeWithFilter + 76
57  AppKit                              0x000000019897bd68 _DPSNextEvent + 660
58  AppKit                              0x0000000199171808 -[NSApplication(NSEventRouting) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 700
59  AppKit                              0x000000019896f09c -[NSApplication run] + 476
60  Electron Framework                  0x000000011ae07720 base::MessagePumpNSApplication::DoRun(base::MessagePump::Delegate*) + 408
61  Electron Framework                  0x000000011ae05624 base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) + 112
62  Electron Framework                  0x000000011ad9ec94 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool, base::TimeDelta) + 692
63  Electron Framework                  0x000000011ad4e598 base::RunLoop::Run(base::Location const&) + 952
64  Electron Framework                  0x0000000119812de0 content::BrowserMainLoop::RunMainMessageLoop() + 180
65  Electron Framework                  0x0000000119814d08 content::BrowserMainRunnerImpl::Run() + 48
66  Electron Framework                  0x000000011980f840 content::BrowserMain(content::MainFunctionParams) + 164
67  Electron Framework                  0x0000000115e80114 content::RunBrowserProcessMain(content::MainFunctionParams, content::ContentMainDelegate*) + 280
68  Electron Framework                  0x0000000115e82620 content::ContentMainRunnerImpl::RunBrowser(content::MainFunctionParams, bool) + 1824
69  Electron Framework                  0x0000000115e81dd8 content::ContentMainRunnerImpl::Run() + 952
70  Electron Framework                  0x0000000115e7f748 content::RunContentProcess(content::ContentMainParams, content::ContentMainRunner*) + 1192
71  Electron Framework                  0x0000000115e7f990 content::ContentMain(content::ContentMainParams) + 112
72  Electron Framework                  0x0000000115a76c58 ElectronMain + 320
73  dyld                                0x0000000194cb60e0 start + 2360


Please check for more information on:
https://chromium.googlesource.com/chromium/src/+/main/docs/unretained_dangling_ptr_guide.md

0   Electron Framework                  0x000000011adf95c8 base::debug::CollectStackTrace(void const**, unsigned long) + 28
1   Electron Framework                  0x000000011ade89cc base::debug::StackTrace::StackTrace() + 80
2   Electron Framework                  0x000000011ad18630 logging::LogMessage::Flush() + 152
3   Electron Framework                  0x000000011ad192f0 logging::LogMessageFatal::~LogMessageFatal() + 12
4   Electron Framework                  0x000000011ad19308 logging::LogMessageFatal::~LogMessageFatal() + 0
5   Electron Framework                  0x000000011adfd8ac std::__Cr::basic_ostream<char, std::__Cr::char_traits<char>>& std::__Cr::operator<<<std::__Cr::char_traits<char>>(std::__Cr::basic_ostream<char, std::__Cr::char_traits<char>>&, char) + 0
6   Electron Framework                  0x000000011ae492c4 base::internal::RawPtrBackupRefImpl<true, false>::ReportIfDanglingInternal(unsigned long) + 3440
7   Electron Framework                  0x0000000115b910fc base::internal::Invoker<base::internal::FunctorTraits<void (electron::api::WebRequest::*&&)(unsigned long long, GURL*, v8::Local<v8::Value>), electron::api::WebRequest*, unsigned long long&&, GURL*&&>, base::internal::BindState<true, true, false, void (electron::api::WebRequest::*)(unsigned long long, GURL*, v8::Local<v8::Value>), base::internal::UnretainedWrapper<electron::api::WebRequest, base::unretained_traits::MayNotDangle, (partition_alloc::internal::RawPtrTraits)0>, unsigned long long, base::internal::UnretainedWrapper<GURL, base::unretained_traits::MayNotDangle, (partition_alloc::internal::RawPtrTraits)0>>, void (v8::Local<v8::Value>)>::RunOnce(base::internal::BindStateBase*, v8::Local<v8::Value>&&) + 56
8   Electron Framework                  0x0000000115b8eb48 base::OnceCallback<void (v8::Local<v8::Value>)>::Run(v8::Local<v8::Value>) && + 76
9   Electron Framework                  0x0000000115b8ea90 base::internal::OnceCallbackHolder<v8::Local<v8::Value>>::Run(v8::Local<v8::Value>) + 144
10  Electron Framework                  0x0000000115afc7a8 base::RepeatingCallback<void (v8::Local<v8::Value>)>::Run(v8::Local<v8::Value>) const & + 88
11  Electron Framework                  0x0000000115b8e6b0 gin_helper::Invoker<std::__Cr::integer_sequence<unsigned long, 0ul>, v8::Local<v8::Value>>::DispatchToCallback(base::Repe
atingCallback<void (v8::Local<v8::Value>)>) + 376
12  Electron Framework                  0x0000000115b8e4a8 gin_helper::NativeFunctionInvoker<void (v8::Local<v8::Value>)>::Go(base::RepeatingCallback<void (v8::Local<v8::Value>)>, gin::Arguments*) + 96
13  Electron Framework                  0x0000000115a8cefc base::internal::Invoker<base::internal::FunctorTraits<void (* const&)(base::RepeatingCallback<void (content::CertificateRequestResultType)>, gin::Arguments*), base::RepeatingCallback<void (content::CertificateRequestResultType)> const&>, base::internal::BindState<false, true, false, void (*)(base::RepeatingCallback<void (content::CertificateRequestResultType)>, gin::Arguments*), base::RepeatingCallback<void (content::CertificateRequestResultType)>>, void (gin::Arguments*)>::Run(base::internal::BindStateBase*, gin::Arguments*) + 52
14  Electron Framework                  0x0000000115a7db88 base::RepeatingCallback<void (std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&)>::Run(std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&) const & + 88
15  Electron Framework                  0x0000000115c80cbc gin_helper::(anonymous namespace)::CallTranslater(v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*) + 196
16  Electron Framework                  0x0000000115c819c0 base::RepeatingCallback<void (v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*)>::Run(v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*) const & + 100
17  Electron Framework                  0x0000000115c814e4 gin_helper::Invoker<std::__Cr::integer_sequence<unsigned long, 0ul, 1ul, 2ul>, v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*>::DispatchToCallback(base::RepeatingCallback<void (v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*)>) + 384
18  Electron Framework                  0x0000000115c81298 gin_helper::Dispatcher<void (v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*)>::DispatchToCallbackImpl(gin::Arguments*) + 152
19  Electron Framework                  0x0000000115c81188 gin_helper::Dispatcher<void (v8::Local<v8::External>, v8::Local<v8::Object>, gin::Arguments*)>::DispatchToCallback(v8::FunctionCallbackInfo<v8::Value> const&) + 44
20  ???                                 0x0000000157d93214 0x0 + 5768819220
21  ???                                 0x000000015010d7b4 0x0 + 5638248372
22  ???                                 0x00000001501102f0 0x0 + 5638259440
23  ???                                 0x0000000150110af0 0x0 + 5638261488
24  ???                                 0x00000001500d0f9c 0x0 + 5638000540
25  ???                                 0x0000000150110af0 0x0 + 5638261488
26  ???                                 0x0000000157d8dd28 0x0 + 5768797480
27  ???                                 0x0000000157d8d974 0x0 + 5768796532
28  Electron Framework                  0x000000011767cbfc v8::internal::(anonymous namespace)::Invoke(v8::internal::Isolate*, v8::internal::(anonymous namespace)::InvokeParams const&) + 4200
29  Electron Framework                  0x000000011767ba58 v8::internal::Execution::Call(v8::internal::Isolate*, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*) + 304
30  Electron Framework                  0x00000001173b7aa4 v8::Function::Call(v8::Local<v8::Context>, v8::Local<v8::Value>, int, v8::Local<v8::Value>*) + 872
31  Electron Framework                  0x000000011fde778c node::InternalMakeCallback(node::Environment*, v8::Local<v8::Object>, v8::Local<v8::Object>, v8::Local<v8::Function>, int, v8::Local<v8::Value>*, node::async_context) + 524
32  Electron Framework                  0x000000011fde7b0c node::MakeCallback(v8::Isolate*, v8::Local<v8::Object>, v8::Local<v8::Function>, int, v8::Local<v8::Value>*, node::async_context) + 268
33  Electron Framework                  0x0000000115c83058 gin_helper::internal::CallMethodWithArgs(v8::Isolate*, v8::Local<v8::Object>, char const*, std::__Cr::vector<v8::Local<v8::Value>, std::__Cr::allocator<v8::Local<v8::Value>>>*) + 204
34  Electron Framework                  0x0000000115b6ec98 v8::Local<v8::Value> gin_helper::EmitEvent<std::__Cr::basic_string_view<char, std::__Cr::char_traits<char>>, gin::Handle<gin_helper::internal::Event>&, bool&, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage>(v8::Isolate*, v8::Local<v8::Object>, std::__Cr::basic_string_view<char, std::__Cr::char_traits<char>> const&, gin::Handle<gin_helper::internal::Event>&, bool&, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage&&) + 172
35  Electron Framework                  0x0000000115b52968 bool electron::api::WebContents::EmitWithSender<bool&, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage>(std::__Cr::basic_string_view<char, std::__Cr::char_traits<char>>, content::RenderFrameHost*, base::OnceCallback<void (blink::CloneableMessage)>, bool&, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage&&) + 248
36  Electron Framework                  0x0000000115b53508 electron::api::WebContents::MessageSync(bool, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage, base::OnceCallback<void (blink::CloneableMessage)>, content::RenderFrameHost*) + 136
37  Electron Framework                  0x0000000115ba23ec electron::ElectronApiIPCHandlerImpl::MessageSync(bool, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, blink::CloneableMessage, base::OnceCallback<void (blink::CloneableMessage)>) + 124
38  Electron Framework                  0x000000011aa3abf4 electron::mojom::ElectronApiIPCStubDispatch::AcceptWithResponder(electron::mojom::ElectronApiIPC*, mojo::Message*, std::__Cr::unique_ptr<mojo::MessageReceiverWithStatus, std::__Cr::default_delete<mojo::MessageReceiverWithStatus>>) + 820
39  Electron Framework                  0x0000000115ba2530 electron::mojom::ElectronApiIPCStub<mojo::RawPtrImplRefTraits<electron::mojom::ElectronApiIPC>>::AcceptWithResponder(mojo::Message*, std::__Cr::unique_ptr<mojo::MessageReceiverWithStatus, std::__Cr::default_delete<mojo::MessageReceiverWithStatus>>) + 44
40  Electron Framework                  0x000000011b156718 mojo::InterfaceEndpointClient::HandleValidatedMessage(mojo::Message*) + 1048
41  Electron Framework                  0x000000011b15d15c mojo::MessageDispatcher::Accept(mojo::Message*) + 232
42  Electron Framework                  0x000000011b1583cc mojo::InterfaceEndpointClient::HandleIncomingMessage(mojo::Message*) + 100
43  Electron Framework                  0x000000011b5af788 IPC::ChannelAssociatedGroupController::AcceptSyncMessage(unsigned int, unsigned int, IPC::(anonymous namespace)::ScopedUrgentMessageNotification) + 356
44  Electron Framework                  0x000000011b5b0164 base::internal::Invoker<base::internal::FunctorTraits<void (IPC::ChannelAssociatedGroupController::*&&)(unsigned int, unsigned int, IPC::(anonymous namespace)::ScopedUrgentMessageNotification), IPC::ChannelAssociatedGroupController*&&, unsigned int&&, unsigned int&&, IPC::(anonymous namespace)::ScopedUrgentMessageNotification&&>, base::internal::BindState<true, true, false, void (IPC::ChannelAssociatedGroupController::*)(unsigned int, unsigned int, IPC::(anonymous namespace)::ScopedUrgentMessageNotification), scoped_refptr<IPC::ChannelAssociatedGroupController>, unsigned int, unsigned int, IPC::(anonymous namespace)::ScopedUrgentMessageNotification>, void ()>::RunOnce(base::internal::BindStateBase*) + 184
45  Electron Framework                  0x0000000115a7e15c base::OnceCallback<void ()>::Run() && + 68
46  Electron Framework                  0x000000011ad6d888 base::TaskAnnotator::RunTaskImpl(base::PendingTask&) + 272
47  Electron Framework                  0x0000
00011ad9dd60 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::LazyNow*) + 1344
48  Electron Framework                  0x000000011ad9d4bc base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() + 100
49  Electron Framework                  0x000000011ae06b14 base::MessagePumpCFRunLoopBase::RunWork() + 332
50  Electron Framework                  0x000000011ae055a4 base::apple::CallWithEHFrame(void () block_pointer) + 16
51  Electron Framework                  0x000000011ae05e48 base::MessagePumpCFRunLoopBase::RunWorkSource(void*) + 68
52  CoreFoundation                      0x000000019511e4d8 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28
53  CoreFoundation                      0x000000019511e46c __CFRunLoopDoSource0 + 176
54  CoreFoundation                      0x000000019511e1dc __CFRunLoopDoSources0 + 244
55  CoreFoundation                      0x000000019511cdc8 __CFRunLoopRun + 828
56  CoreFoundation                      0x000000019511c434 CFRunLoopRunSpecific + 608
57  HIToolbox                           0x000000019f8c019c RunCurrentEventLoopInMode + 292
58  HIToolbox                           0x000000019f8bffd8 ReceiveNextEventCommon + 648
59  HIToolbox                           0x000000019f8bfd30 _BlockUntilNextEventMatchingListInModeWithFilter + 76
60  AppKit                              0x000000019897bd68 _DPSNextEvent + 660
61  AppKit                              0x0000000199171808 -[NSApplication(NSEventRouting) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 700
62  AppKit                              0x000000019896f09c -[NSApplication run] + 476
63  Electron Framework                  0x000000011ae07720 base::MessagePumpNSApplication::DoRun(base::MessagePump::Delegate*) + 408
64  Electron Framework                  0x000000011ae05624 base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) + 112
65  Electron Framework                  0x000000011ad9ec94 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool, base::TimeDelta) + 692
66  Electron Framework                  0x000000011ad4e598 base::RunLoop::Run(base::Location const&) + 952
67  Electron Framework                  0x0000000119812de0 content::BrowserMainLoop::RunMainMessageLoop() + 180
68  Electron Framework                  0x0000000119814d08 content::BrowserMainRunnerImpl::Run() + 48
69  Electron Framework                  0x000000011980f840 content::BrowserMain(content::MainFunctionParams) + 164
70  Electron Framework                  0x0000000115e80114 content::RunBrowserProcessMain(content::MainFunctionParams, content::ContentMainDelegate*) + 280
71  Electron Framework                  0x0000000115e82620 content::ContentMainRunnerImpl::RunBrowser(content::MainFunctionParams, bool) + 1824
72  Electron Framework                  0x0000000115e81dd8 content::ContentMainRunnerImpl::Run() + 952
73  Electron Framework                  0x0000000115e7f748 content::RunContentProcess(content::ContentMainParams, content::ContentMainRunner*) + 1192
74  Electron Framework                  0x0000000115e7f990 content::ContentMain(content::ContentMainParams) + 112
75  Electron Framework                  0x0000000115a76c58 ElectronMain + 320
76  dyld                                0x0000000194cb60e0 start + 2360
Task trace:
0   Electron Framework                  0x000000011b5a9778 IPC::ChannelAssociatedGroupController::Accept(mojo::Message*) + 1060
1   Electron Framework                  0x000000011b17e7a8 mojo::SimpleWatcher::Context::Notify(unsigned int, MojoHandleSignalsState, unsigned int) + 224
Crash keys:
  "total-discardable-memory-allocated" = "4194304"
  "ever_had_universal_access_exemption" = "true"
  "amfi-status" = "rv=0 status=0x0 allow_everything=0"
  "platform" = "darwin"
  "process_type" = "browser"

@amitparida
Copy link
Author

@codebytere Can we have an update please? Our in-production applications are impacted.

@codebytere
Copy link
Member

@amitparida we have hundreds of issues, all with their own distinct impacts to different consumers. My backlog is deep and I will do my best but can make no guarantees.

@codebytere
Copy link
Member

codebytere commented Jun 20, 2024
edited
Loading

I tracked this to #41490 and it looks like a bug in the remote module (which we heavily discourage using) resultant of a Chrome roll. I rewrote your code using ipc and now see no issues: https://gist.github.com/bc20399ee30acd0f08bdbacbca9a8969, meaning it's not an issue with the callback itself.

@pushkin-
Copy link

@codebytere just FYI - in the case of #42149, we don't use the remote module but still get a similar crash. Maybe callstack is different though, didn't check.

@codebytere
Copy link
Member

Folding this into #42149 - they have the same root cause

@codebytere codebytere closed this as not planned Won't fix, can't repro, duplicate, stale Jun 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
31-x-y 32-x-y bug 🪲 component/webRequest crash 💥 has-repro-gist Issue can be reproduced with code at https://gist.github.com/ platform/all
Projects
31-x-y
Status: 👍 Does Not Block Stable
32-x-y
Status: 👍 Does Not Block Stable
Milestone
No milestone
Development

No branches or pull requests
3 participants
@codebytere @pushkin- @amitparida