[Bug]: Crash base::subtle::RefCountedBase::ReleaseImpl() EXCEPTION_ACCESS_VIOLATION_READ #41987
Comments
helloforrestworld
changed the title
|
Hello @helloforrestworld. Thanks for reporting this and helping to make Electron better! Would it be possible for you to make a standalone testcase with only the code necessary to reproduce the issue? For example, Electron Fiddle is a great tool for making small test cases and makes it easy to publish your test case to a gist that Electron maintainers can use. Stand-alone test cases make fixing issues go more smoothly: it ensure everyone's looking at the same issue, it removes all unnecessary variables from the equation, and it can also provide the basis for automated regression tests. Now adding the
blocked/need-repro
|
|
Unfortunately, without a way to reproduce this issue, we're unable to continue investigation. This issue has been closed and will not be monitored further. If you're able to provide a minimal test case that reproduces this issue on a supported version of Electron please open a new issue and include instructions for reproducing the issue. |
electron-issue-triage
bot
closed this as not planned
Preflight Checklist
Electron Version
27.2.1
What operating system are you using?
Windows
Operating System Version
Windows NT 10.0.19045 CPU: amd64 family 6 model 158 stepping 9 4 CPUs
What arch are you using?
x64
Last Known Working Electron version
never test other version
Expected Behavior
normal
Actual Behavior
crash with EXCEPTION_ACCESS_VIOLATION_READ
Testcase Gist URL
No response
Additional Information
Crash reason: EXCEPTION_ACCESS_VIOLATION_READ
Crash address: 0xffffffffffffffff
Process uptime: 84878 seconds
Thread 0 (crashed)
0 开播助手.exe!base::subtle::RefCountedBase::ReleaseImpl() [ref_counted.cc : 67 + 0x0]
rax = 0x0000000000000ec6 rdx = 0x0000000000000ec5
rcx = 0x0010000000000000 rbx = 0x0000000000000400
rsi = 0x000055e02c810000 rdi = 0x0010000000000000
rbp = 0x0000000000000000 rsp = 0x000000d6f35fe3d8
r8 = 0x0000000000000058 r9 = 0x0000000000000060
r10 = 0x00000ffef25c5d8c r11 = 0x0400400001001000
r12 = 0xffffffff10af8a70 r13 = 0x00002d17ffffffff
r14 = 0x000000000000035d r15 = 0x00000000000035d0
rip = 0x00007ff792bece90
Found by: given as instruction pointer in context
1 开播助手.exe!WTF::HashTable<WTF::AtomicString,WTF::KeyValuePair<WTF::AtomicString,scoped_refptrblink::CSSVariableData >,WTF::KeyValuePairExtractor,WTF::HashMapValueTraits<WTF::HashTraitsWTF::AtomicString,WTF::HashTraits<scoped_refptrblink::CSSVariableData > >,WTF::HashTraitsWTF::AtomicString,WTF::PartitionAllocator>::DeleteAllBucketsAndDeallocate(WTF::KeyValuePair<WTF::AtomicString,scoped_refptrblink::CSSVariableData > *,unsigned int) [hash_table.h : 1566 + 0x20]
rax = 0x0000000000000ec6 rdx = 0x0000000000000ec5
rcx = 0x0010000000000000 rbx = 0x0000000000000400
rsi = 0x000055e02c810000 rdi = 0x0010000000000000
rbp = 0x0000000000000000 rsp = 0x000000d6f35fe3e0
r8 = 0x0000000000000058 r9 = 0x0000000000000060
r10 = 0x00000ffef25c5d8c r11 = 0x0400400001001000
r12 = 0xffffffff10af8a70 r13 = 0x00002d17ffffffff
r14 = 0x000000000000035d r15 = 0x00000000000035d0
rip = 0x00007ff7910267ad
Found by: simulating a return from leaf function
2 开播助手.exe!WTF::RefCounted<blink::StyleInheritedVariables,WTF::DefaultRefCountedTraitsblink::StyleInheritedVariables >::DeleteInternalblink::StyleInheritedVariables(blink::StyleInheritedVariables const *) [ref_counted.h : 55 + 0x1a]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35fe430 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff795a14c8e
Found by: call frame info
3 开播助手.exe!static void cppgc::internal::
anonymous namespace'::SweepFinalizer::FinalizePage(struct cppgc::internal::anonymous namespace'::SpaceState::SweptPageState *) [sweeper.cc : 471 + 0x8]rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35fe470 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff7927ad925
Found by: call frame info
4 开播助手.exe!static bool cppgc::internal::
anonymous namespace'::MutatorThreadSweeper::SweepWithDeadline(class v8::base::TimeDelta, cppgc::internal::anonymous namespace'::MutatorThreadSweepingMode) [sweeper.cc : 574 + 0x169]rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35fe4f0 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff7927af6fd
Found by: call frame info
5 开播助手.exe!static bool cppgc::internal::Sweeper::SweeperImpl::PerformSweepOnMutatorThread(class v8::base::TimeDelta, cppgc::internal::StatsCollector::ScopeId, cppgc::internal::`anonymous namespace'::MutatorThreadSweepingMode) [sweeper.cc : 1019 + 0xe]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35fe880 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff78f8d2b61
Found by: call frame info
6 开播助手.exe!cppgc::internal::Sweeper::SweeperImpl::IncrementalSweepTask::Run() [sweeper.cc : 1090 + 0x17]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35fe970 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff78f8d34da
Found by: call frame info
7 开播助手.exe!base::TaskAnnotator::RunTaskImpl(base::PendingTask &) [task_annotator.cc : 201 + 0x19]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35fe9b0 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff792bd7e12
Found by: call frame info
8 开播助手.exe!base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() [thread_controller_with_message_pump_impl.cc : 345 + 0x340]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35feaf0 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff792c9af30
Found by: call frame info
9 开播助手.exe!base::MessagePumpDefault::Run(base::MessagePump::Delegate *) [message_pump_default.cc : 40 + 0x1d]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35fee40 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff792ca2c5f
Found by: call frame info
10 开播助手.exe!base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool,base::TimeDelta) [thread_controller_with_message_pump_impl.cc : 645 + 0x11]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35feed0 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff790bf6af6
Found by: call frame info
11 开播助手.exe!base::RunLoop::Run(base::Location const &) [run_loop.cc : 134 + 0x17]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35fef60 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff790529508
Found by: call frame info
12 开播助手.exe!content::RendererMain(content::MainFunctionParams) [renderer_main.cc : 354 + 0x31]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35ff070 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff790a02e3b
Found by: call frame info
13 开播助手.exe!static int content::RunOtherNamedProcessTypeMain(const class std::__Cr::basic_string<char,std::__Cr::char_traits,std::__Cr::allocator > & const, struct content::MainFunctionParams, class content::ContentMainDelegate *) [content_main_runner_impl.cc : 771 + 0x34]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35ff280 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff78ee67bc4
Found by: call frame info
14 开播助手.exe!content::ContentMainRunnerImpl::Run() [content_main_runner_impl.cc : 1144 + 0x18]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35ff410 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff78ee6897c
Found by: call frame info
15 开播助手.exe!static int content::RunContentProcess(struct content::ContentMainParams, class content::ContentMainRunner *) [content_main.cc : 330 + 0x8]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35ff5c0 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff78ee64d94
Found by: call frame info
16 开播助手.exe!content::ContentMain(content::ContentMainParams) [content_main.cc : 347 + 0x5]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35ff820 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff78ee64f0d
Found by: call frame info
17 开播助手.exe!wWinMain [electron_main_win.cc : 239 + 0x13]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35ff8b0 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff78ebaaef7
Found by: call frame info
18 开播助手.exe!static int __scrt_common_main_seh() [exe_common.inl : 288 + 0x21]
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35ffac0 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ff793052be2
Found by: call frame info
19 KERNEL32.DLL + 0x17344
rbx = 0x0000000000000400 rbp = 0x0000000000000000
rsp = 0x000000d6f35ffb00 r12 = 0xffffffff10af8a70
r13 = 0x00002d17ffffffff r14 = 0x000000000000035d
r15 = 0x00000000000035d0 rip = 0x00007ffbf15a7344
Found by: call frame info
20 ntdll.dll + 0x526b1
rsp = 0x000000d6f35ffb30 rip = 0x00007ffbf1ee26b1
Found by: stack scanning
21 KERNELBASE.dll + 0x12e050
rsp = 0x000000d6f35ffb80 rip = 0x00007ffbefb4e050
Found by: stack scanning
94777aac-d264-4a42-9522-20864bffc577.dmp
The text was updated successfully, but these errors were encountered: