- Code: Select all
...
Crashed Thread: 0 CrBrowserMain Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Codes: 0x0000000000000001, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Termination Reason: Namespace SIGNAL, Code 11 Segmentation fault: 11
Terminating Process: exc handler [1679]
VM Region Info: 0 is not in any region. Bytes before following region: 4513230848
REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL
UNUSED SPACE AT START
--->
__TEXT 10d027000-10d2c7000 [ 2688K] r-x/r-x SM=COW ................
Thread 0 Crashed:: CrBrowserMain Dispatch queue: com.apple.main-thread
0 Chromium Embedded Framework 0x1263b4461 extensions::RendererStartupHelper::UntrackProcess(content::RenderProcessHost*) + 49 (renderer_startup_helper.cc:207)
1 Chromium Embedded Framework 0x1238395e8 content::RenderProcessHostImpl::Cleanup() + 1304 (render_process_host_impl.cc:4005)
2 Chromium Embedded Framework 0x123833781 content::RenderProcessHostImpl::DecrementKeepAliveRefCount() + 353 (render_process_host_impl.cc:2881)
3 Chromium Embedded Framework 0x1236fc523 content::(anonymous namespace)::KeepAliveHandleImpl::~KeepAliveHandleImpl() + 73 (keep_alive_handle_factory.cc:42) [inlined]
4 Chromium Embedded Framework 0x1236fc523 content::(anonymous namespace)::KeepAliveHandleImpl::~KeepAliveHandleImpl() + 73 (keep_alive_handle_factory.cc:36) [inlined]
5 Chromium Embedded Framework 0x1236fc523 content::(anonymous namespace)::KeepAliveHandleImpl::~KeepAliveHandleImpl() + 83 (keep_alive_handle_factory.cc:36)
6 Chromium Embedded Framework 0x1236fc0e2 std::__1::default_delete<blink::mojom::KeepAliveHandle>::operator()(blink::mojom::KeepAliveHandle*) const + 6 (unique_ptr.h:54) [inlined]
7 Chromium Embedded Framework 0x1236fc0e2 std::__1::unique_ptr<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> >::reset(blink::mojom::KeepAliveHandle*) + 23 (unique_ptr.h:315) [inlined]
8 Chromium Embedded Framework 0x1236fc0e2 std::__1::unique_ptr<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> >::~unique_ptr() + 23 (unique_ptr.h:269) [inlined]
9 Chromium Embedded Framework 0x1236fc0e2 std::__1::unique_ptr<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> >::~unique_ptr() + 23 (unique_ptr.h:269) [inlined]
10 Chromium Embedded Framework 0x1236fc0e2 blink::mojom::KeepAliveHandleStub<mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >::~KeepAliveHandleStub() + 34 (frame.mojom.h:1737) [inlined]
11 Chromium Embedded Framework 0x1236fc0e2 blink::mojom::KeepAliveHandleStub<mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >::~KeepAliveHandleStub() + 34 (frame.mojom.h:1737) [inlined]
12 Chromium Embedded Framework 0x1236fc0e2 mojo::internal::BindingState<blink::mojom::KeepAliveHandle, mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >::~BindingState() + 46 (binding_state.h:114) [inlined]
13 Chromium Embedded Framework 0x1236fc0e2 mojo::internal::BindingState<blink::mojom::KeepAliveHandle, mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >::~BindingState() + 46 (binding_state.h:114) [inlined]
14 Chromium Embedded Framework 0x1236fc0e2 mojo::Receiver<blink::mojom::KeepAliveHandle, mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >::~Receiver() + 46 (receiver.h:77) [inlined]
15 Chromium Embedded Framework 0x1236fc0e2 mojo::Receiver<blink::mojom::KeepAliveHandle, mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >::~Receiver() + 46 (receiver.h:77) [inlined]
16 Chromium Embedded Framework 0x1236fc0e2 mojo::ReceiverSetBase<mojo::Receiver<blink::mojom::KeepAliveHandle, mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >, void>::ReceiverEntry::~ReceiverEntry() + 56 (receiver_set.h:362) [inlined]
17 Chromium Embedded Framework 0x1236fc0e2 mojo::ReceiverSetBase<mojo::Receiver<blink::mojom::KeepAliveHandle, mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >, void>::ReceiverEntry::~ReceiverEntry() + 56 (receiver_set.h:362) [inlined]
18 Chromium Embedded Framework 0x1236fc0e2 mojo::ReceiverSetBase<mojo::Receiver<blink::mojom::KeepAliveHandle, mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >, void>::ReceiverEntry::~ReceiverEntry() + 66 (receiver_set.h:362)
19 Chromium Embedded Framework 0x1231dcfaf std::__1::default_delete<mojo::ReceiverSetState::Entry>::operator()(mojo::ReceiverSetState::Entry*) const + 8 (unique_ptr.h:54) [inlined]
20 Chromium Embedded Framework 0x1231dcfaf std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> >::reset(mojo::ReceiverSetState::Entry*) + 25 (unique_ptr.h:315) [inlined]
21 Chromium Embedded Framework 0x1231dcfaf std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> >::~unique_ptr() + 25 (unique_ptr.h:269) [inlined]
22 Chromium Embedded Framework 0x1231dcfaf std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> >::~unique_ptr() + 25 (unique_ptr.h:269) [inlined]
23 Chromium Embedded Framework 0x1231dcfaf std::__1::pair<unsigned long long const, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >::~pair() + 25 (utility:394) [inlined]
24 Chromium Embedded Framework 0x1231dcfaf std::__1::pair<unsigned long long const, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >::~pair() + 25 (utility:394) [inlined]
25 Chromium Embedded Framework 0x1231dcfaf void std::__1::allocator_traits<std::__1::allocator<std::__1::__tree_node<std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >, void*> > >::destroy<std::__1::pair<unsigned long long const, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >, void, void>(std::__1::allocator<std::__1::__tree_node<std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >, void*> >&, std::__1::pair<unsigned long long const, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >*) + 25 (allocator_traits.h:318) [inlined]
26 Chromium Embedded Framework 0x1231dcfaf std::__1::__tree<std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >, std::__1::__map_value_compare<unsigned long long, std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >, std::__1::less<unsigned long long>, true>, std::__1::allocator<std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > > > >::destroy(std::__1::__tree_node<std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >, void*>*) + 63 (__tree:1801)
27 Chromium Embedded Framework 0x1254f562f std::__1::__tree<std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >, std::__1::__map_value_compare<unsigned long long, std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >, std::__1::less<unsigned long long>, true>, std::__1::allocator<std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > > > >::~__tree() + 9 (__tree:1789) [inlined]
28 Chromium Embedded Framework 0x1254f562f std::__1::__tree<std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >, std::__1::__map_value_compare<unsigned long long, std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > >, std::__1::less<unsigned long long>, true>, std::__1::allocator<std::__1::__value_type<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > > > >::~__tree() + 9 (__tree:1786) [inlined]
29 Chromium Embedded Framework 0x1254f562f std::__1::map<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> >, std::__1::less<unsigned long long>, std::__1::allocator<std::__1::pair<unsigned long long const, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > > > >::~map() + 13 (map:1103) [inlined]
30 Chromium Embedded Framework 0x1254f562f std::__1::map<unsigned long long, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> >, std::__1::less<unsigned long long>, std::__1::allocator<std::__1::pair<unsigned long long const, std::__1::unique_ptr<mojo::ReceiverSetState::Entry, std::__1::default_delete<mojo::ReceiverSetState::Entry> > > > >::~map() + 13 (map:1101) [inlined]
31 Chromium Embedded Framework 0x1254f562f mojo::ReceiverSetState::~ReceiverSetState() + 22 (receiver_set.cc:67) [inlined]
32 Chromium Embedded Framework 0x1254f562f mojo::ReceiverSetState::~ReceiverSetState() + 31 (receiver_set.cc:67)
33 Chromium Embedded Framework 0x1236fbe45 mojo::ReceiverSetBase<mojo::Receiver<blink::mojom::KeepAliveHandle, mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >, void>::~ReceiverSetBase() + 9 (receiver_set.h:172) [inlined]
34 Chromium Embedded Framework 0x1236fbe45 mojo::ReceiverSetBase<mojo::Receiver<blink::mojom::KeepAliveHandle, mojo::UniquePtrImplRefTraits<blink::mojom::KeepAliveHandle, std::__1::default_delete<blink::mojom::KeepAliveHandle> > >, void>::~ReceiverSetBase() + 9 (receiver_set.h:172) [inlined]
35 Chromium Embedded Framework 0x1236fbe45 content::KeepAliveHandleFactory::Context::~Context() + 28 (keep_alive_handle_factory.cc:60) [inlined]
36 Chromium Embedded Framework 0x1236fbe45 content::KeepAliveHandleFactory::Context::~Context() + 28 (keep_alive_handle_factory.cc:60) [inlined]
37 Chromium Embedded Framework 0x1236fbe45 content::KeepAliveHandleFactory::Context::~Context() + 37 (keep_alive_handle_factory.cc:60)
38 Chromium Embedded Framework 0x1236fc585 std::__1::default_delete<content::KeepAliveHandleFactory::Context>::operator()(content::KeepAliveHandleFactory::Context*) const + 6 (unique_ptr.h:54) [inlined]
39 Chromium Embedded Framework 0x1236fc585 std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> >::reset(content::KeepAliveHandleFactory::Context*) + 23 (unique_ptr.h:315) [inlined]
40 Chromium Embedded Framework 0x1236fc585 std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> >::~unique_ptr() + 23 (unique_ptr.h:269) [inlined]
41 Chromium Embedded Framework 0x1236fc585 std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> >::~unique_ptr() + 23 (unique_ptr.h:269) [inlined]
42 Chromium Embedded Framework 0x1236fc585 std::__1::__tuple_leaf<0ul, std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> >, false>::~__tuple_leaf() + 23 (tuple:186) [inlined]
43 Chromium Embedded Framework 0x1236fc585 std::__1::__tuple_impl<std::__1::__tuple_indices<0ul>, std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> > >::~__tuple_impl() + 23 (tuple:360) [inlined]
44 Chromium Embedded Framework 0x1236fc585 std::__1::__tuple_impl<std::__1::__tuple_indices<0ul>, std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> > >::~__tuple_impl() + 23 (tuple:360) [inlined]
45 Chromium Embedded Framework 0x1236fc585 std::__1::tuple<std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> > >::~tuple() + 23 (tuple:446) [inlined]
46 Chromium Embedded Framework 0x1236fc585 std::__1::tuple<std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> > >::~tuple() + 23 (tuple:446) [inlined]
47 Chromium Embedded Framework 0x1236fc585 base::internal::BindState<content::KeepAliveHandleFactory::~KeepAliveHandleFactory()::$_0, std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> > >::~BindState() + 23 (bind_internal.h:918) [inlined]
48 Chromium Embedded Framework 0x1236fc585 base::internal::BindState<content::KeepAliveHandleFactory::~KeepAliveHandleFactory()::$_0, std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> > >::~BindState() + 23 (bind_internal.h:918) [inlined]
49 Chromium Embedded Framework 0x1236fc585 base::internal::BindState<content::KeepAliveHandleFactory::~KeepAliveHandleFactory()::$_0, std::__1::unique_ptr<content::KeepAliveHandleFactory::Context, std::__1::default_delete<content::KeepAliveHandleFactory::Context> > >::Destroy(base::internal::BindStateBase const*) + 37 (bind_internal.h:921)
50 Chromium Embedded Framework 0x1255a42f4 std::__1::allocator<base::sequence_manager::Task>::destroy(base::sequence_manager::Task*) + 8 (allocator.h:133) [inlined]
51 Chromium Embedded Framework 0x1255a42f4 void std::__1::allocator_traits<std::__1::allocator<base::sequence_manager::Task> >::destroy<base::sequence_manager::Task, void>(std::__1::allocator<base::sequence_manager::Task>&, base::sequence_manager::Task*) + 8 (allocator_traits.h:308) [inlined]
52 Chromium Embedded Framework 0x1255a42f4 std::__1::__vector_base<base::sequence_manager::Task, std::__1::allocator<base::sequence_manager::Task> >::__destruct_at_end(base::sequence_manager::Task*) + 26 (vector:429) [inlined]
53 Chromium Embedded Framework 0x1255a42f4 std::__1::__vector_base<base::sequence_manager::Task, std::__1::allocator<base::sequence_manager::Task> >::clear() + 26 (vector:372) [inlined]
54 Chromium Embedded Framework 0x1255a42f4 std::__1::__vector_base<base::sequence_manager::Task, std::__1::allocator<base::sequence_manager::Task> >::~__vector_base() + 31 (vector:466) [inlined]
55 Chromium Embedded Framework 0x1255a42f4 std::__1::vector<base::sequence_manager::Task, std::__1::allocator<base::sequence_manager::Task> >::~vector() + 31 (vector:558) [inlined]
56 Chromium Embedded Framework 0x1255a42f4 std::__1::vector<base::sequence_manager::Task, std::__1::allocator<base::sequence_manager::Task> >::~vector() + 31 (vector:553) [inlined]
57 Chromium Embedded Framework 0x1255a42f4 std::__1::priority_queue<base::sequence_manager::Task, std::__1::vector<base::sequence_manager::Task, std::__1::allocator<base::sequence_manager::Task> >, std::__1::less<base::sequence_manager::Task> >::~priority_queue() + 31 (queue:413) [inlined]
58 Chromium Embedded Framework 0x1255a42f4 base::sequence_manager::internal::TaskQueueImpl::DelayedIncomingQueue::PQueue::~PQueue() + 31 (task_queue_impl.h:337) [inlined]
59 Chromium Embedded Framework 0x1255a42f4 base::sequence_manager::internal::TaskQueueImpl::DelayedIncomingQueue::PQueue::~PQueue() + 31 (task_queue_impl.h:337) [inlined]
60 Chromium Embedded Framework 0x1255a42f4 base::sequence_manager::internal::TaskQueueImpl::DelayedIncomingQueue::~DelayedIncomingQueue() + 31 (task_queue_impl.cc:1336) [inlined]
61 Chromium Embedded Framework 0x1255a42f4 base::sequence_manager::internal::TaskQueueImpl::DelayedIncomingQueue::~DelayedIncomingQueue() + 31 (task_queue_impl.cc:1336) [inlined]
62 Chromium Embedded Framework 0x1255a42f4 base::sequence_manager::internal::TaskQueueImpl::UnregisterTaskQueue() + 1220 (task_queue_impl.cc:210)
63 Chromium Embedded Framework 0x12559719d base::sequence_manager::internal::SequenceManagerImpl::UnregisterTaskQueueImpl(std::__1::unique_ptr<base::sequence_manager::internal::TaskQueueImpl, std::__1::default_delete<base::sequence_manager::internal::TaskQueueImpl> >) + 253 (sequence_manager_impl.cc:413)
64 Chromium Embedded Framework 0x1255a1f97 base::sequence_manager::TaskQueue::ShutdownTaskQueue() + 535 (task_queue.cc:189)
65 Chromium Embedded Framework 0x123891371 content::BrowserTaskQueues::~BrowserTaskQueues() + 337 (browser_task_queues.cc:209)
66 Chromium Embedded Framework 0x123891d1b content::BrowserUIThreadScheduler::~BrowserUIThreadScheduler() + 49 (browser_ui_thread_scheduler.cc:93) [inlined]
67 Chromium Embedded Framework 0x123891d1b content::BrowserUIThreadScheduler::~BrowserUIThreadScheduler() + 59 (browser_ui_thread_scheduler.cc:93)
68 Chromium Embedded Framework 0x12389048a std::__1::default_delete<content::BrowserUIThreadScheduler>::operator()(content::BrowserUIThreadScheduler*) const + 8 (unique_ptr.h:54) [inlined]
69 Chromium Embedded Framework 0x12389048a std::__1::unique_ptr<content::BrowserUIThreadScheduler, std::__1::default_delete<content::BrowserUIThreadScheduler> >::reset(content::BrowserUIThreadScheduler*) + 25 (unique_ptr.h:315) [inlined]
70 Chromium Embedded Framework 0x12389048a std::__1::unique_ptr<content::BrowserUIThreadScheduler, std::__1::default_delete<content::BrowserUIThreadScheduler> >::~unique_ptr() + 25 (unique_ptr.h:269) [inlined]
71 Chromium Embedded Framework 0x12389048a std::__1::unique_ptr<content::BrowserUIThreadScheduler, std::__1::default_delete<content::BrowserUIThreadScheduler> >::~unique_ptr() + 25 (unique_ptr.h:269) [inlined]
72 Chromium Embedded Framework 0x12389048a content::BrowserTaskExecutor::UIThreadExecutor::~UIThreadExecutor() + 58 (browser_task_executor.cc:372)
73 Chromium Embedded Framework 0x12389050e content::BrowserTaskExecutor::UIThreadExecutor::~UIThreadExecutor() + 5 (browser_task_executor.cc:369) [inlined]
74 Chromium Embedded Framework 0x12389050e content::BrowserTaskExecutor::UIThreadExecutor::~UIThreadExecutor() + 14 (browser_task_executor.cc:369)
75 Chromium Embedded Framework 0x12388fdc8 std::__1::default_delete<content::BrowserTaskExecutor::UIThreadExecutor>::operator()(content::BrowserTaskExecutor::UIThreadExecutor*) const + 6 (unique_ptr.h:54) [inlined]
76 Chromium Embedded Framework 0x12388fdc8 std::__1::unique_ptr<content::BrowserTaskExecutor::UIThreadExecutor, std::__1::default_delete<content::BrowserTaskExecutor::UIThreadExecutor> >::reset(content::BrowserTaskExecutor::UIThreadExecutor*) + 23 (unique_ptr.h:315) [inlined]
77 Chromium Embedded Framework 0x12388fdc8 content::BrowserTaskExecutor::Shutdown() + 200 (browser_task_executor.cc:284)
78 Chromium Embedded Framework 0x125114380 content::ContentMainRunnerImpl::Shutdown() + 224 (content_main_runner_impl.cc:1124)
79 Chromium Embedded Framework 0x1251c30f5 CefMainRunner::FinalizeShutdown(base::OnceCallback<void ()>) + 117 (main_runner.cc:507)
80 Chromium Embedded Framework 0x1251c2f80 CefMainRunner::Shutdown(base::OnceCallback<void ()>, base::OnceCallback<void ()>) + 336 (main_runner.cc:274)
81 Chromium Embedded Framework 0x12519963a CefContext::Shutdown() + 250 (context.cc:386)
82 Chromium Embedded Framework 0x1251994bd CefShutdown() + 125 (context.cc:233)
83 My App 0x103a85528 main + 2168 (main.mm:211)
84 dyld 0x1113274fe start + 462
...
The relevant portion of the CEF code looks like this:
- Code: Select all
...
205 void RendererStartupHelper::UntrackProcess(
206 content::RenderProcessHost* process) {
207 if (!ExtensionsBrowserClient::Get()->IsSameContext(
208 browser_context_, process->GetBrowserContext())) {
209 return;
210 }
211
212 process->RemoveObserver(this);
213 process_mojo_map_.erase(process);
214 pending_active_extensions_.erase(process);
215 for (auto& extension_process_pair : extension_process_map_)
216 extension_process_pair.second.erase(process);
217 }
...
Line 207 is given as the failing line, and you can see that ExtensionsBrowserClient::Get() is called to retrieve a pointer that is immediately dereferenced without checking its value. My guess is that the pointer is intermittently NULL, which is what the crash report indicates. The fact that this pointer is used without first checking its value would seem to be a bug. Of course, the next question is why is the pointer NULL, and the answer to that may lead to another more-complicated issue.
Does this seem to be a correct analysis of this intermittent crash, or is there something else I should check?
Thanks in advance for any help you can provide.