cef
cef copied to clipboard
chromiumembedded
windows: crash in ReleaseNativeCapture
Describe the bug CEF browser is crashing while using
To Reproduce It's hard to reproduce, but crashed several times for our users
Versions
- OS: Windows 10
- CEF Version: 111.2.7
Additional context Stack trace
libcef.dll!aura::WindowEventDispatcher::ReleaseNativeCapture() line 482
in Y:\work\CEF3_git\chromium\src\ui\aura\window_event_dispatcher.cc(482)
libcef.dll!views::DesktopCaptureClient::SetCapture(aura::Window * new_capture_window) line 100
in Y:\work\CEF3_git\chromium\src\ui\views\widget\desktop_aura\desktop_capture_client.cc(100)
libcef.dll!views::MenuController::RepostEventAndCancel(views::SubmenuView * source, const ui::LocatedEvent * event=0x00000088522fb8d8) line 3055
in Y:\work\CEF3_git\chromium\src\ui\views\controls\menu\menu_controller.cc(3055)
libcef.dll!views::MenuController::SetSelectionOnPointerDown(views::SubmenuView * source=0x000034480075e800, const ui::LocatedEvent * event) line 1486
in Y:\work\CEF3_git\chromium\src\ui\views\controls\menu\menu_controller.cc(1486)
libcef.dll!views::MenuController::OnMousePressed(views::SubmenuView * source=0x000034480075e800, const ui::MouseEvent & event={...}) line 695
in Y:\work\CEF3_git\chromium\src\ui\views\controls\menu\menu_controller.cc(695)
libcef.dll!views::Widget::OnMouseEvent(ui::MouseEvent * event=0x00000088522fb8d8) line 1722
in Y:\work\CEF3_git\chromium\src\ui\views\widget\widget.cc(1722)
[Internal frame] libcef.dll!ui::EventDispatcher::DispatchEvent(ui::EventHandler * handler=0x000034480060fc08, ui::Event * event=0x00000088522fb8d8) line 187
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(187)
libcef.dll!ui::EventDispatcher::ProcessEvent(ui::EventTarget * target=0x000034480060dc58, ui::Event * event=0x00000088522fb8d8) line 147
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(147)
libcef.dll!ui::EventDispatcherDelegate::DispatchEventToTarget(ui::EventTarget * target=0x000034480060dc58, ui::Event * event=0x00000088522fb8d8) line 83
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(83)
libcef.dll!ui::EventDispatcherDelegate::DispatchEvent(ui::EventTarget * target=0x000034480060dc58, ui::Event * event=0x00000088522fb8d8) line 54
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(54)
libcef.dll!ui::EventProcessor::OnEventFromSource(ui::Event * event=0x00000088522fb8d8) line 21
in Y:\work\CEF3_git\chromium\src\ui\events\event_processor.cc(21)
libcef.dll!ui::EventSource::DeliverEventToSink(ui::Event * event=0x00000088522fb8d8) line 119
in Y:\work\CEF3_git\chromium\src\ui\events\event_source.cc(119)
libcef.dll!ui::EventSource::SendEventToSinkFromRewriter(const ui::Event * event, const ui::EventRewriter * rewriter) line 146
in Y:\work\CEF3_git\chromium\src\ui\events\event_source.cc(146)
libcef.dll!ui::EventSource::SendEventToSink(const ui::Event * event) line 112
in Y:\work\CEF3_git\chromium\src\ui\events\event_source.cc(112)
libcef.dll!views::DesktopWindowTreeHostWin::HandleMouseEvent(ui::MouseEvent * event=0x00000088522fb8d8) line 1068
in Y:\work\CEF3_git\chromium\src\ui\views\widget\desktop_aura\desktop_window_tree_host_win.cc(1068)
libcef.dll!views::HWNDMessageHandler::HandleMouseEventInternal(unsigned int message, unsigned __int64 w_param=1, __int64 l_param=0, bool track_mouse) line 3253
in Y:\work\CEF3_git\chromium\src\ui\views\win\hwnd_message_handler.cc(3253)
[Internal frame] libcef.dll!views::HWNDMessageHandler::OnClose() line 1702
in Y:\work\CEF3_git\chromium\src\ui\views\win\hwnd_message_handler.cc(1702)
libcef.dll!views::HWNDMessageHandler::ProcessWindowMessage(HWND_ * hWnd, unsigned int uMsg=513, unsigned __int64 wParam=1, __int64 lParam=0, __int64 & lResult=0, unsigned long dwMsgMapID=0) line 430
in Y:\work\CEF3_git\chromium\src\ui\views\win\hwnd_message_handler.h(430)
libcef.dll!views::HWNDMessageHandler::OnWndProc(unsigned int message=513, unsigned __int64 w_param=1, __int64 l_param=0) line 1108
in Y:\work\CEF3_git\chromium\src\ui\views\win\hwnd_message_handler.cc(1108)
libcef.dll!gfx::WindowImpl::WndProc(HWND__ * hwnd, unsigned int message=513, unsigned __int64 w_param=1, __int64 l_param=0) line 306
in Y:\work\CEF3_git\chromium\src\ui\gfx\win\window_impl.cc(306)
libcef.dll!base::win::WrappedWindowProc<&gfx::WindowImpl::WndProc>(HWND__ * hwnd, unsigned int message, unsigned __int64 wparam, __int64 lparam) line 77
in Y:\work\CEF3_git\chromium\src\base\win\wrapped_window_proc.h(77)
...
Does the problem reproduce with a Supported Version?
What is the actual error you are seeing?
- CEF Version: 111.2.7
This is an unsupported version. M115 is the current stable version of Chromium. In future please test with a supported version before opening an issue.
We have confirmed that it crashes on 114, but we don't have stack trace for that version
Stack trace from 114.2.12
libcef.dll!aura::WindowEventDispatcher::ReleaseNativeCapture() line 482
in Y:\work\CEF3_git\chromium\src\ui\aura\window_event_dispatcher.cc(482)
libcef.dll!views::DesktopCaptureClient::SetCapture(aura::Window * new_capture_window) line 100
in Y:\work\CEF3_git\chromium\src\ui\views\widget\desktop_aura\desktop_capture_client.cc(100)
libcef.dll!views::MenuController::RepostEventAndCancel(views::SubmenuView * source, const ui::LocatedEvent * event=0x00000054a4efbc78) line 3055
in Y:\work\CEF3_git\chromium\src\ui\views\controls\menu\menu_controller.cc(3055)
libcef.dll!views::MenuController::SetSelectionOnPointerDown(views::SubmenuView * source=0x00005b2c00275800, const ui::LocatedEvent * event) line 1485
in Y:\work\CEF3_git\chromium\src\ui\views\controls\menu\menu_controller.cc(1485)
libcef.dll!views::MenuController::OnMousePressed(views::SubmenuView * source=0x00005b2c00275800, const ui::MouseEvent & event={...}) line 694
in Y:\work\CEF3_git\chromium\src\ui\views\controls\menu\menu_controller.cc(694)
libcef.dll!views::Widget::OnMouseEvent(ui::MouseEvent * event=0x00000054a4efbc78) line 1745
in Y:\work\CEF3_git\chromium\src\ui\views\widget\widget.cc(1745)
[Internal frame] libcef.dll!ui::EventDispatcher::DispatchEvent(ui::EventHandler * handler=0x00005b2c00323808, ui::Event * event=0x00000054a4efbc78) line 187
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(187)
libcef.dll!ui::EventDispatcher::ProcessEvent(ui::EventTarget * target=0x00005b2c00323058, ui::Event * event=0x00000054a4efbc78) line 147
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(147)
libcef.dll!ui::EventDispatcherDelegate::DispatchEventToTarget(ui::EventTarget * target=0x00005b2c00323058, ui::Event * event=0x00000054a4efbc78) line 83
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(83)
libcef.dll!ui::EventDispatcherDelegate::DispatchEvent(ui::EventTarget * target=0x00005b2c00323058, ui::Event * event=0x00000054a4efbc78) line 54
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(54)
libcef.dll!ui::EventProcessor::OnEventFromSource(ui::Event * event=0x00000054a4efbc78) line 21
in Y:\work\CEF3_git\chromium\src\ui\events\event_processor.cc(21)
libcef.dll!ui::EventSource::DeliverEventToSink(ui::Event * event=0x00000054a4efbc78) line 119
in Y:\work\CEF3_git\chromium\src\ui\events\event_source.cc(119)
libcef.dll!ui::EventSource::SendEventToSinkFromRewriter(const ui::Event * event, const ui::EventRewriter * rewriter) line 146
in Y:\work\CEF3_git\chromium\src\ui\events\event_source.cc(146)
libcef.dll!ui::EventSource::SendEventToSink(const ui::Event * event) line 112
in Y:\work\CEF3_git\chromium\src\ui\events\event_source.cc(112)
libcef.dll!views::DesktopWindowTreeHostWin::HandleMouseEvent(ui::MouseEvent * event=0x00000054a4efbc78) line 1074
in Y:\work\CEF3_git\chromium\src\ui\views\widget\desktop_aura\desktop_window_tree_host_win.cc(1074)
libcef.dll!views::HWNDMessageHandler::HandleMouseEventInternal(unsigned int message, unsigned __int64 w_param=1, __int64 l_param=20578716, bool track_mouse) line 3384
in Y:\work\CEF3_git\chromium\src\ui\views\win\hwnd_message_handler.cc(3384)
libcef.dll!views::HWNDMessageHandler::_ProcessWindowMessage(HWND__ * hWnd, unsigned int uMsg=513, unsigned __int64 wParam=1, __int64 lParam=20578716, __int64 & lResult=0, unsigned long dwMsgMapID=0) line 0
in Y:\work\CEF3_git\chromium\src\ui\views\win\hwnd_message_handler.h(0)
libcef.dll!views::HWNDMessageHandler::OnWndProc(unsigned int message=513, unsigned __int64 w_param=1, __int64 l_param=20578716) line 1238
in Y:\work\CEF3_git\chromium\src\ui\views\win\hwnd_message_handler.cc(1238)
libcef.dll!gfx::WindowImpl::WndProc(HWND__ * hwnd, unsigned int message=513, unsigned __int64 w_param=1, __int64 l_param=20578716) line 306
in Y:\work\CEF3_git\chromium\src\ui\gfx\win\window_impl.cc(306)
libcef.dll!base::win::WrappedWindowProc<&gfx::WindowImpl::WndProc>(HWND__ * hwnd, unsigned int message, unsigned __int64 wparam, __int64 lparam) line 77
in Y:\work\CEF3_git\chromium\src\base\win\wrapped_window_proc.h(77)
...
Thanks for the updated stack trace.
Does the problem reproduce with the CEF sample apps (cefclient or cefsimple)? Are you customizing any CefSettings or passing any command-line flags?
In CefSettings we set
external_message_pump=true;
locales_dir_path= locales path
resources_dir_path= resources path
browser_subprocess_path= path to exe
locale= locale
accept_language_list= language list
Stack trace from 115.3.9
libcef.dll!aura::WindowEventDispatcher::ReleaseNativeCapture() line 482
in Y:\work\CEF3_git\chromium\src\ui\aura\window_event_dispatcher.cc(482)
libcef.dll!views::DesktopCaptureClient::SetCapture(aura::Window * new_capture_window) line 100
in Y:\work\CEF3_git\chromium\src\ui\views\widget\desktop_aura\desktop_capture_client.cc(100)
libcef.dll!views::MenuController::RepostEventAndCancel(views::SubmenuView * source, const ui::LocatedEvent * event=0x000000f892bdbbc8) line 3055
in Y:\work\CEF3_git\chromium\src\ui\views\controls\menu\menu_controller.cc(3055)
libcef.dll!views::MenuController::SetSelectionOnPointerDown(views::SubmenuView * source=0x00002ff801473c00, const ui::LocatedEvent * event) line 1485
in Y:\work\CEF3_git\chromium\src\ui\views\controls\menu\menu_controller.cc(1485)
libcef.dll!views::MenuController::OnMousePressed(views::SubmenuView * source=0x00002ff801473c00, const ui::MouseEvent & event={...}) line 694
in Y:\work\CEF3_git\chromium\src\ui\views\controls\menu\menu_controller.cc(694)
libcef.dll!views::Widget::OnMouseEvent(ui::MouseEvent * event=0x000000f892bdbbc8) line 1751
in Y:\work\CEF3_git\chromium\src\ui\views\widget\widget.cc(1751)
[Internal frame] libcef.dll!ui::EventDispatcher::DispatchEvent(ui::EventHandler * handler=0x00002ff802565c08, ui::Event * event=0x000000f892bdbbc8) line 187
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(187)
libcef.dll!ui::EventDispatcher::ProcessEvent(ui::EventTarget * target=0x00002ff802566458, ui::Event * event=0x000000f892bdbbc8) line 147
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(147)
libcef.dll!ui::EventDispatcherDelegate::DispatchEventToTarget(ui::EventTarget * target=0x00002ff802566458, ui::Event * event=0x000000f892bdbbc8) line 83
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(83)
libcef.dll!ui::EventDispatcherDelegate::DispatchEvent(ui::EventTarget * target=0x00002ff802566458, ui::Event * event=0x000000f892bdbbc8) line 54
in Y:\work\CEF3_git\chromium\src\ui\events\event_dispatcher.cc(54)
libcef.dll!ui::EventProcessor::OnEventFromSource(ui::Event * event=0x000000f892bdbbc8) line 21
in Y:\work\CEF3_git\chromium\src\ui\events\event_processor.cc(21)
libcef.dll!ui::EventSource::DeliverEventToSink(ui::Event * event=0x000000f892bdbbc8) line 119
in Y:\work\CEF3_git\chromium\src\ui\events\event_source.cc(119)
libcef.dll!ui::EventSource::SendEventToSinkFromRewriter(const ui::Event * event, const ui::EventRewriter * rewriter) line 146
in Y:\work\CEF3_git\chromium\src\ui\events\event_source.cc(146)
libcef.dll!ui::EventSource::SendEventToSink(const ui::Event * event) line 112
in Y:\work\CEF3_git\chromium\src\ui\events\event_source.cc(112)
libcef.dll!views::DesktopWindowTreeHostWin::HandleMouseEvent(ui::MouseEvent * event=0x000000f892bdbbc8) line 1074
in Y:\work\CEF3_git\chromium\src\ui\views\widget\desktop_aura\desktop_window_tree_host_win.cc(1074)
libcef.dll!views::HWNDMessageHandler::HandleMouseEventInternal(unsigned int message, unsigned __int64 w_param=2, __int64 l_param=65535, bool track_mouse) line 3384
in Y:\work\CEF3_git\chromium\src\ui\views\win\hwnd_message_handler.cc(3384)
libcef.dll!views::HWNDMessageHandler::_ProcessWindowMessage(HWND__ * hWnd, unsigned int uMsg=516, unsigned __int64 wParam=2, __int64 lParam=65535, __int64 & lResult=0, unsigned long dwMsgMapID=0) line 0
in Y:\work\CEF3_git\chromium\src\ui\views\win\hwnd_message_handler.h(0)
libcef.dll!views::HWNDMessageHandler::OnWndProc(unsigned int message=516, unsigned __int64 w_param=2, __int64 l_param=65535) line 1238
in Y:\work\CEF3_git\chromium\src\ui\views\win\hwnd_message_handler.cc(1238)
libcef.dll!gfx::WindowImpl::WndProc(HWND__ * hwnd, unsigned int message=516, unsigned __int64 w_param=2, __int64 l_param=65535) line 306
in Y:\work\CEF3_git\chromium\src\ui\gfx\win\window_impl.cc(306)
libcef.dll!base::win::WrappedWindowProc<&gfx::WindowImpl::WndProc>(HWND__ * hwnd, unsigned int message, unsigned __int64 wparam, __int64 lparam) line 77
in Y:\work\CEF3_git\chromium\src\base\win\wrapped_window_proc.h(77)
...
We managed to reproduce this crash, but only once after few week of testing we have a core dump visual studio tells
Unhandled exception thrown: read access violation. this->**** was nullptr.
when debugging core dump in chromium\src\ui\views\widget\desktop_aura\desktop_capture_client.cc
void DesktopCaptureClient::SetCapture(aura::Window* new_capture_window)
root_ == nullptr
We managed to reproduce this crash, but only once after few week of testing
What are the reproduction steps?
Unfortunately we don't know - as I wrote We manage only once and cannot do it anymore. We can only say it wasn't some bug on one PC but at least we reproduce on our test machine