Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
5.8.0
-
None
-
macOS 10.11
Description
Steps to reproduce:
1) Open demobrowser and go to https://www.w3schools.com/html/html5_geolocation.asp
2) Click try it button, allow the geo location request, check that stdout reports an error like
"The operation couldnât be completed. (kCLErrorDomain error 0.)"
(is Wi-Fi turned on?)
3) Click one more time on try it button, allow request, observe crash.
It seems like there is some mismanagement with the unique_ptrs holding the LocationProviderQt instance, and it gets accessed on the second request, after the first failed request deleted the instance.
Stacktrace:
1 None 2 content::LocationArbitratorImpl::RegisterProvider(std::unique_ptr<content::LocationProvider, std::default_delete<content::LocationProvider>>) location_arbitrator_impl.cc 118 0x101673358 3 content::LocationArbitratorImpl::RegisterSystemProvider() location_arbitrator_impl.cc 129 0x10167252b 4 content::LocationArbitratorImpl::StartProviders(bool) location_arbitrator_impl.cc 62 0x101671e3c 5 content::GeolocationProviderImpl::StartProviders(bool) geolocation_provider_impl.cc 138 0x101666f85 6 void base::internal::RunnableAdapter<void (content::GeolocationProviderImpl:: *)(bool)>::Run<content::GeolocationProviderImpl *, bool const&>(content::GeolocationProviderImpl *&&, bool const&&&) const bind_internal.h 171 0x10166ab1c 7 void base::internal::InvokeHelper<false, void>::MakeItSo<base::internal::RunnableAdapter<void (content::GeolocationProviderImpl:: *)(bool)> const&, content::GeolocationProviderImpl *, bool const&>(base::internal::RunnableAdapter<void (content::GeolocationProviderImpl:: *)(bool)> const&&&, content::GeolocationProviderImpl *&&, bool const&&&) bind_internal.h 296 0x10166aa7d 8 void base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (content::GeolocationProviderImpl:: *)(bool)>, base::internal::UnretainedWrapper<content::GeolocationProviderImpl>, bool&>, void ()>::RunImpl<base::internal::RunnableAdapter<void (content::GeolocationProviderImpl:: *)(bool)> const&, std::tuple<base::internal::UnretainedWrapper<content::GeolocationProviderImpl>, bool> const&, 0ul, 1ul>(base::internal::RunnableAdapter<void (content::GeolocationProviderImpl:: *)(bool)> const&&&, std::tuple<base::internal::UnretainedWrapper<content::GeolocationProviderImpl>, bool> const&&&, base::IndexSequence<0ul, 1ul>) bind_internal.h 363 0x10166aa1b 9 base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (content::GeolocationProviderImpl:: *)(bool)>, base::internal::UnretainedWrapper<content::GeolocationProviderImpl>, bool&>, void ()>::Run(base::internal::BindStateBase *) bind_internal.h 342 0x10166a6ac 10 base::Callback<void (), (base::internal::CopyMode)1>::Run() const callback.h 389 0x1004be8fe 11 base::debug::TaskAnnotator::RunTask(const char *, base::PendingTask const&) task_annotator.cc 51 0x1042d5a2e 12 base::MessageLoop::RunTask(base::PendingTask const&) message_loop.cc 493 0x10437914d 13 base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) message_loop.cc 502 0x104379418 14 base::MessageLoop::DoWork() message_loop.cc 624 0x104379b28 15 base::MessagePumpCFRunLoopBase::RunWork() message_pump_mac.mm 330 0x104296108 16 ::___ZN4base24MessagePumpCFRunLoopBase13RunWorkSourceEPv_block_invoke() message_pump_mac.mm 307 0x10429608c 17 base::mac::CallWithEHFrame(void () block_pointer) call_with_eh_frame_asm.S 36 0x10434734a 18 base::MessagePumpCFRunLoopBase::RunWorkSource(void *) message_pump_mac.mm 306 0x104295615 19 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ 0x7fff89b1f881 20 __CFRunLoopDoSources0 0x7fff89afefbc 21 __CFRunLoopRun 0x7fff89afe4df 22 CFRunLoopRunSpecific 0x7fff89afded8 23 base::MessagePumpCFRunLoop::DoRun(base::MessagePump::Delegate *) message_pump_mac.mm 554 0x10429671c 24 base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate *) message_pump_mac.mm 238 0x104295dfa 25 base::MessageLoop::RunHandler() message_loop.cc 457 0x10437896a 26 base::RunLoop::Run() run_loop.cc 35 0x1044117e5 27 base::Thread::Run(base::MessageLoop *) thread.cc 205 0x1044a6813 28 base::Thread::ThreadMain() thread.cc 256 0x1044a6eb1 29 base::(anonymous namespace)::ThreadFunc(void *) platform_thread_posix.cc 70 0x10448a1a1 30 _pthread_body 0x7fff96a5f99d 31 _pthread_start 0x7fff96a5f91a 32 thread_start 0x7fff96a5d351