Web view crash when block all fingerprint is set on icloud.com

[srirambv]

Description

Web view crash when block all fingerprint is set on icloud.com

Steps to Reproduce

1. Build from source
2. Open icloud.com in a new tab and set Block all fingerprinting in shields
3. Wait till the FP block counts stops at 3..

4. Wait for a couple of mins, webview crashes, no errors on console

   Actual result:

   

Expected result:

Should not crash webview

Reproduces how often:

100%

[srirambv]

[8648:16772:0525/075221.067:ERROR:gpu_process_transport_factory.cc(1007)] Lost UI shared context. is logged when webview crashes

[srirambv]

Scenario 2: Webview crashes when an extension background page is closed

1. Install any of the brave extensions
2. Open chrome://extensions and click on background page
3. Close the background page of the extensions, main window goes blank and causes webview crash
4. Console logs ERROR:gpu_process_transport_factory.cc(1007)] Lost UI shared context.

[srirambv]

Scenario 3 : Webview crash when javascript is blocked globally #174

[bsclifton]

+1 from me - example site where it happens all the time: http://www.benzworld.org/forums/w126-s-se-sec-sel-sd/

[bbondy]

@srirambv still a bug with a release build on master?

[srirambv]

Still an issue with the link @bsclifton provided. The first two scenarios are working as expected. Scenario 3 still needs a second verification. I found a different bug so need to check that so not fully fixed on release build on master

[bbondy]

any console output for the crash that Clifton supported? I think that was the referrer one which is fixed now but you need to apply the patch in the recent commit from me.

[srirambv]

Still reproducible after pulling the patch. Loaded this github link in new tab and ctrl+click the link Clifton provided. After page loaded completely both Github and the Benzworld tabs crashed with following errors in console

> brave@1.0.0 start C:\brave-browser
> node ./scripts/commands.js start "Release"

C:\brave-browser\src\out\Release\brave.exe --enable-logging --v=0
[49500:15748:0607/215228.570:ERROR:install_util.cc(589)] Unable to create registry key HKLM\SOFTWARE\Policies\BraveSoftware\Brave-Browser-Development for reading result=2
[49500:15748:0607/215230.492:ERROR:brave_extension_provider.cc(110)] Extension will not install  ID: mhjfbmdgcfjbbpaeojofohoefgiehjai,  Name: Chromium PDF Viewer
[49500:15748:0607/215243.005:ERROR:brave_extension_provider.cc(110)] Extension will not install  ID: fheoggkfdfchfphceeifdbepaooicaho,  Name: McAfee® WebAdvisor
[49500:15748:0607/215244.605:ERROR:brave_extension_provider.cc(110)] Extension will not install  ID: efaidnbmnnnibpcajpcglclefindmkaj,  Name: Adobe Acrobat
Received fatal exception 0xc0000008
Backtrace:
        KiRaiseUserExceptionDispatcher [0x00007FFD8663DD7A+3a]
        WaitForSingleObjectEx [0x00007FFD82BCE0E2+a2]
        base::`anonymous namespace'::WaitUntil [0x00007FFD0CC14057+97] (C:\brave-browser\src\base\synchronization\waitable_event_win.cc:58)
        base::WaitableEvent::TimedWait [0x00007FFD0CC13F85+75] (C:\brave-browser\src\base\synchronization\waitable_event_win.cc:75)
        base::internal::SchedulerWorker::Delegate::WaitForWork [0x00007FFD0CC7387A+4a] (C:\brave-browser\src\base\task_scheduler\scheduler_worker.cc:be)
        base::internal::SchedulerWorker::Thread::ThreadMain [0x00007FFD0CC73FDB+29b] (C:\brave-browser\src\base\task_scheduler\scheduler_worker.cc:51)
        base::`anonymous namespace'::ThreadFunc [0x00007FFD0CBDD074+f4] (C:\brave-browser\src\base\threading\platform_thread_win.cc:5e)
        BaseThreadInitThunk [0x00007FFD85BF3034+14]
        RtlUserThreadStart [0x00007FFD86611551+21]
[85972:27432:0607/215337.570:ERROR:gles2_cmd_decoder_passthrough_doers.cc(4126)] NOT IMPLEMENTED
[0607/215923.865:FATAL:scoped_handle_verifier.cc(73)] Check failed: false.
Error initializing symbols (87).  Dumping unresolved backtrace:
        00007FF60B460844
        00007FF60B4456B5
        00007FF60B466A34
        00007FFD0CBDD0D5
        00007FFD85BF3034
        00007FFD86611551

Received fatal exception EXCEPTION_BREAKPOINT
Received fatal exception 0xc0000008
Backtrace:
        base::debug::BreakDebugger [0x00007FF60B46039D+13] (C:\brave-browser\src\base\debug\debugger_win.cc:21)
        logging::LogMessage::~LogMessage [0x00007FF60B445A3E+1006] (C:\brave-browser\src\base\logging.cc:855)
        base::win::internal::ScopedHandleVerifier::CloseHandle [0x00007FF60B466A34+180] (C:\brave-browser\src\base\win\scoped_handle_verifier.cc:140)
Backtrace:
        KiRaiseUserExceptionDispatcher [0x00007FFD8663DD7A+3a]
        WaitForSingleObjectEx [0x00007FFD82BCE0E2+a2]
        base::`anonymous namespace'::ThreadFunc [0x00007FFD0CBDD0D5+341] (C:\brave-browser\src\base\threading\platform_thread_win.cc:100)
        BaseThreadInitThunk [0x00007FFD85BF3034+20]
        RtlUserThreadStart [0x00007FFD86611551+33]
        base::`anonymous namespace'::WaitUntil [0x00007FFD0CC14057+97] (C:\brave-browser\src\base\synchronization\waitable_event_win.cc:58)
        base::WaitableEvent::TimedWait [0x00007FFD0CC13F85+75] (C:\brave-browser\src\base\synchronization\waitable_event_win.cc:75)
        base::internal::SchedulerWorker::Delegate::WaitForWork [0x00007FFD0CC7387A+4a] (C:\brave-browser\src\base\task_scheduler\scheduler_worker.cc:be)
        base::internal::SchedulerWorker::Thread::ThreadMain [0x00007FFD0CC73FDB+29b] (C:\brave-browser\src\base\task_scheduler\scheduler_worker.cc:51)
        base::`anonymous namespace'::ThreadFunc [0x00007FFD0CBDD074+f4] (C:\brave-browser\src\base\threading\platform_thread_win.cc:5e)
        BaseThreadInitThunk [0x00007FFD85BF3034+14]
        RtlUserThreadStart [0x00007FFD86611551+21]

[srirambv]

Console log for #174 but doesn't cause webview crash

Backtrace:
        KiRaiseUserExceptionDispatcher [0x00007FFD8663DD7A+3a]
        CancelIo [0x00007FFD82C01E1F+f]
        mojo::edk::`anonymous namespace'::ChannelWin::ShutDownOnIOThread [0x00007FFD0B30183F+ef] (C:\brave-browser\src\mojo\edk\system\channel_win.cc:9f)
        base::internal::FunctorTraits<void (mojo::edk::(anonymous namespace)::ChannelWin::*)(),void>::Invoke<scoped_refptr<mojo::edk::(anonymous namespace)::ChannelWin>> [0x00007FFD0B3011C3+43] (C:\brave-browser\src\base\bind_internal.h:1bf)
        base::internal::InvokeHelper<0,void>::MakeItSo<void (mojo::edk::(anonymous namespace)::ChannelWin::*)(),scoped_refptr<mojo::edk::(anonymous namespace)::ChannelWin> > [0x00007FFD0B301166+56] (C:\brave-browser\src\base\bind_internal.h:212)
        base::internal::Invoker<base::internal::BindState<void (mojo::edk::(anonymous namespace)::ChannelWin::*)(),scoped_refptr<mojo::edk::(anonymous namespace)::ChannelWin> >,void ()>::RunImpl<void (mojo::edk::(anonymous namespace)::ChannelWin::*)(),std::tuple< [0x00007FFD0B301109+49] (C:\brave-browser\src\base\bind_internal.h:25c)
        base::internal::Invoker<base::internal::BindState<void (mojo::edk::(anonymous namespace)::ChannelWin::*)(),scoped_refptr<mojo::edk::(anonymous namespace)::ChannelWin> >,void ()>::RunOnce [0x00007FFD0B301046+46] (C:\brave-browser\src\base\bind_internal.h:23c)
        base::debug::TaskAnnotator::RunTask [0x00007FFD0CC2B455+135] (C:\brave-browser\src\base\debug\task_annotator.cc:65)
        base::MessageLoop::RunTask [0x00007FFD0CC0585C+23c] (C:\brave-browser\src\base\message_loop\message_loop.cc:163)
        base::MessageLoop::DoWork [0x00007FFD0CC05DB8+198] (C:\brave-browser\src\base\message_loop\message_loop.cc:198)
        base::MessagePumpForIO::DoRunLoop [0x00007FFD0CC1AABA+14a] (C:\brave-browser\src\base\message_loop\message_pump_win.cc:1df)
        base::MessagePumpWin::Run [0x00007FFD0CC19DB8+68] (C:\brave-browser\src\base\message_loop\message_pump_win.cc:3b)
        base::RunLoop::Run [0x00007FFD0CBEF241+31] (C:\brave-browser\src\base\run_loop.cc:88)
        base::Thread::ThreadMain [0x00007FFD0CC156D0+180] (C:\brave-browser\src\base\threading\thread.cc:154)
        base::`anonymous namespace'::ThreadFunc [0x00007FFD0CBDD074+f4] (C:\brave-browser\src\base\threading\platform_thread_win.cc:5e)
        BaseThreadInitThunk [0x00007FFD85BF3034+14]
        RtlUserThreadStart [0x00007FFD86611551+21]

[garrettr]

@srirambv I just tried and failed to reproduce Scenario 3 (http://www.benzworld.org/forums/w126-s-se-sec-sel-sd/) with the latest brave-browser/brave-core. This is what my site shield settings look like, do they match yours?

[srirambv]

@garrettr Actually i see 33 blocked items on my machine

This is on 0.50.16 (49284671f81e6d5cb4870d89a080aee3c95ae07d). Didn't have the page crash but it took almost a min to load the page completely.

[bbondy]

@srirambv can you update comment 0 and the title accordingly or close and re-open a new issue? Thanks!

[srirambv]

This can be closed as both scenario 1,2 and 3 doesn't crash anymore on master.

[btlechowski]

Verification passed on

Brave	0.55.5 Chromium: 70.0.3538.16 (Official Build) dev (64-bit)
Revision	16ed95b41bb05e565b11fb66ac33c660b721f778-refs/branch-heads/3538@{#306}
OS	Windows 7

Tested all scenarios.

Verification Passed on

Brave	0.55.6 Chromium: 70.0.3538.16 (Official Build) dev (64-bit)
Revision	16ed95b41bb05e565b11fb66ac33c660b721f778-refs/branch-heads/3538@{#306}
OS	Linux

Verification Pass with

Brave 0.55.6 Chromium: 70.0.3538.16 (Official Build) dev (64-bit) Revision 16ed95b41bb05e565b11fb66ac33c660b721f778-refs/branch-heads/3538@{#306} OS Mac OS X