Crash on reload if large-ish JS project open

[peterflynn]

This seems very timing-sensitive, so hopefully this is hard to hit in general... I ran into it about 10 times in a row while working on PR #10859 though :-/

1. Open a extensions/default/CloseOthers/main.js into the working set
2. Reload Brackets
3. If it doesn't crash, wait until a moment after the UI is finished loading up, then reload again

It almost always crashes after 1-3 reloads for me.

Crash dump:

Process:         Brackets Helper [2675]
Path:            /Users/USER/*/Brackets.app/Contents/Frameworks/Brackets Helper.app/Contents/MacOS/Brackets Helper
Identifier:      Brackets Helper
Version:         ???
Code Type:       X86 (Native)
Parent Process:  Brackets [2666]
Responsible:     Brackets [2666]
User ID:         501

Date/Time:       2015-04-09 19:23:15.628 -0700
OS Version:      Mac OS X 10.9.5 (13F34)
Report Version:  11
Anonymous UUID:  F54128F3-AD70-8E9F-EBBC-E7986990B9FA


Crashed Thread:  0  CrRendererMain  Dispatch queue: com.apple.main-thread

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000000

VM Regions Near 0:
--> __PAGEZERO             0000000000000000-0000000000001000 [    4K] ---/--- SM=NUL  /Users/USER/*/Brackets.app/Contents/Frameworks/Brackets Helper.app/Contents/MacOS/Brackets Helper
    VM_ALLOCATE            0000000000001000-000000000002a000 [  164K] ---/--- SM=NUL  

Thread 0 Crashed:: CrRendererMain  Dispatch queue: com.apple.main-thread
0   org.cef.cefclient.helper        0x00032c3f ClientApp::OnProcessMessageReceived(CefRefPtr<CefBrowser>, cef_process_id_t, CefRefPtr<CefProcessMessage>) + 1135
1   org.cef.cefclient.helper        0x00033d0a non-virtual thunk to ClientApp::OnProcessMessageReceived(CefRefPtr<CefBrowser>, cef_process_id_t, CefRefPtr<CefProcessMessage>) + 42
2   org.cef.cefclient.helper        0x000541ed render_process_handler_on_process_message_received(_cef_render_process_handler_t*, _cef_browser_t*, cef_process_id_t, _cef_process_message_t*) + 381
3   org.chromium.ContentShell.framework 0x000b6b73 0x92000 + 150387
4   org.chromium.ContentShell.framework 0x001456e8 0x92000 + 734952
5   org.chromium.ContentShell.framework 0x00145560 0x92000 + 734560
6   org.chromium.ContentShell.framework 0x0014635b 0x92000 + 738139
7   org.chromium.ContentShell.framework 0x0297d457 0x92000 + 42906711
8   org.chromium.ContentShell.framework 0x020aa9e5 0x92000 + 33655269
9   org.chromium.ContentShell.framework 0x020aa981 0x92000 + 33655169
10  org.chromium.ContentShell.framework 0x02a7efdb 0x92000 + 43962331
11  org.chromium.ContentShell.framework 0x01deaec9 0x92000 + 30772937
12  org.chromium.ContentShell.framework 0x01deca49 0x92000 + 30779977
13  org.chromium.ContentShell.framework 0x001a7c3b 0x92000 + 1137723
14  org.chromium.ContentShell.framework 0x001d7955 0x92000 + 1333589
15  org.chromium.ContentShell.framework 0x001d7d1a 0x92000 + 1334554
16  org.chromium.ContentShell.framework 0x00191eb2 0x92000 + 1048242
17  com.apple.CoreFoundation        0x980fbb5f __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 15
18  com.apple.CoreFoundation        0x980ec95b __CFRunLoopDoSources0 + 235
19  com.apple.CoreFoundation        0x980ec05e __CFRunLoopRun + 1022
20  com.apple.CoreFoundation        0x980eb9ea CFRunLoopRunSpecific + 394
21  com.apple.CoreFoundation        0x980eb84b CFRunLoopRunInMode + 123
22  com.apple.Foundation            0x989a65b9 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 277
23  org.chromium.ContentShell.framework 0x001929ef 0x92000 + 1051119
24  org.chromium.ContentShell.framework 0x0019233c 0x92000 + 1049404
25  org.chromium.ContentShell.framework 0x001d7531 0x92000 + 1332529
26  org.chromium.ContentShell.framework 0x001ebe2f 0x92000 + 1416751
27  org.chromium.ContentShell.framework 0x001d72da 0x92000 + 1331930
28  org.chromium.ContentShell.framework 0x0299c24a 0x92000 + 43033162
29  org.chromium.ContentShell.framework 0x02dfb5fa 0x92000 + 47617530
30  org.chromium.ContentShell.framework 0x02dfbf90 0x92000 + 47619984
31  org.chromium.ContentShell.framework 0x02dfb352 0x92000 + 47616850
32  org.chromium.ContentShell.framework 0x000e7972 0x92000 + 350578
33  org.chromium.ContentShell.framework 0x00093efb cef_execute_process + 251
34  org.cef.cefclient.helper        0x0003c4a6 CefExecuteProcess(CefMainArgs const&, CefRefPtr<CefApp>, void*) + 150
35  org.cef.cefclient.helper        0x0003ad46 main + 150
36  org.cef.cefclient.helper        0x0002d5e5 start + 53

[peterflynn]

Here's one with full CEF symbols:

Process:         Brackets Helper [2696]
Path:            /Users/USER/*/Brackets.app/Contents/Frameworks/Brackets Helper.app/Contents/MacOS/Brackets Helper
Identifier:      Brackets Helper
Version:         ???
Code Type:       X86 (Native)
Parent Process:  Brackets [2691]
Responsible:     Brackets [2691]
User ID:         501

Date/Time:       2015-04-09 19:30:43.697 -0700
OS Version:      Mac OS X 10.9.5 (13F34)
Report Version:  11
Anonymous UUID:  F54128F3-AD70-8E9F-EBBC-E7986990B9FA


Crashed Thread:  0  CrRendererMain  Dispatch queue: com.apple.main-thread

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000000

VM Regions Near 0:
--> __PAGEZERO             0000000000000000-0000000000001000 [    4K] ---/--- SM=NUL  /Users/USER/*/Brackets.app/Contents/Frameworks/Brackets Helper.app/Contents/MacOS/Brackets Helper
    VM_ALLOCATE            0000000000001000-0000000000079000 [  480K] ---/--- SM=NUL  

Thread 0 Crashed:: CrRendererMain  Dispatch queue: com.apple.main-thread
0   org.cef.cefclient.helper        0x00081c3f ClientApp::OnProcessMessageReceived(CefRefPtr<CefBrowser>, cef_process_id_t, CefRefPtr<CefProcessMessage>) + 1135
1   org.cef.cefclient.helper        0x00082d0a non-virtual thunk to ClientApp::OnProcessMessageReceived(CefRefPtr<CefBrowser>, cef_process_id_t, CefRefPtr<CefProcessMessage>) + 42
2   org.cef.cefclient.helper        0x000a31ed render_process_handler_on_process_message_received(_cef_render_process_handler_t*, _cef_browser_t*, cef_process_id_t, _cef_process_message_t*) + 381
3   org.chromium.ContentShell.framework 0x00107b73 CefRenderProcessHandlerCToCpp::OnProcessMessageReceived(CefRefPtr<CefBrowser>, cef_process_id_t, CefRefPtr<CefProcessMessage>) + 211 (render_process_handler_ctocpp.cc:270)
4   org.chromium.ContentShell.framework 0x001966e8 CefBrowserImpl::OnRequest(Cef_Request_Params const&) + 296 (ref_counted.h:294)
5   org.chromium.ContentShell.framework 0x00196560 CefBrowserImpl::OnMessageReceived(IPC::Message const&) + 688 (tuple.h:80)
6   org.chromium.ContentShell.framework 0x0019735b non-virtual thunk to CefBrowserImpl::OnMessageReceived(IPC::Message const&) + 27 (browser_impl.cc:608)
7   org.chromium.ContentShell.framework 0x029ce457 content::RenderViewImpl::OnMessageReceived(IPC::Message const&) + 695 (render_view_impl.cc:1301)
8   org.chromium.ContentShell.framework 0x020fb9e5 content::MessageRouter::RouteMessage(IPC::Message const&) + 85 (message_router.cc:54)
9   org.chromium.ContentShell.framework 0x020fb981 content::MessageRouter::OnMessageReceived(IPC::Message const&) + 49 (message_router.cc:47)
10  org.chromium.ContentShell.framework 0x02acffdb content::ChildThread::OnMessageReceived(IPC::Message const&) + 859 (child_thread.cc:491)
11  org.chromium.ContentShell.framework 0x01e3bec9 IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const&) + 121 (ipc_message.h:126)
12  org.chromium.ContentShell.framework 0x01e3da49 base::internal::Invoker<2, base::internal::BindState<base::internal::RunnableAdapter<void (IPC::ChannelProxy::Context::*)(IPC::Message const&)>, void (IPC::ChannelProxy::Context*, IPC::Message const&), void (IPC::ChannelProxy::Context*, IPC::Message)>, void (IPC::ChannelProxy::Context*, IPC::Message const&)>::Run(base::internal::BindStateBase*) + 41 (bind_internal.h:1248)
13  org.chromium.ContentShell.framework 0x001f8c3b base::debug::TaskAnnotator::RunTask(char const*, char const*, base::PendingTask const&) + 235 (callback.h:401)
14  org.chromium.ContentShell.framework 0x00228955 base::MessageLoop::RunTask(base::PendingTask const&) + 549 (stl_vector.h:400)
15  org.chromium.ContentShell.framework 0x00228d1a base::MessageLoop::DoWork() + 586 (message_loop.cc:567)
16  org.chromium.ContentShell.framework 0x001e2eb2 base::MessagePumpCFRunLoopBase::RunWorkSource(void*) + 50 (message_pump_mac.mm:325)
17  com.apple.CoreFoundation        0x980fbb5f __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 15
18  com.apple.CoreFoundation        0x980ec95b __CFRunLoopDoSources0 + 235
19  com.apple.CoreFoundation        0x980ec05e __CFRunLoopRun + 1022
20  com.apple.CoreFoundation        0x980eb9ea CFRunLoopRunSpecific + 394
21  com.apple.CoreFoundation        0x980eb84b CFRunLoopRunInMode + 123
22  com.apple.Foundation            0x989a65b9 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 277
23  org.chromium.ContentShell.framework 0x001e39ef base::MessagePumpNSRunLoop::DoRun(base::MessagePump::Delegate*) + 127 (message_pump_mac.mm:590)
24  org.chromium.ContentShell.framework 0x001e333c base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) + 92 (message_pump_mac.mm:243)
25  org.chromium.ContentShell.framework 0x00228531 base::MessageLoop::RunHandler() + 33 (message_loop.cc:415)
26  org.chromium.ContentShell.framework 0x0023ce2f base::RunLoop::Run() + 79 (run_loop.cc:55)
27  org.chromium.ContentShell.framework 0x002282da base::MessageLoop::Run() + 26 (message_loop.cc:308)
28  org.chromium.ContentShell.framework 0x029ed24a content::RendererMain(content::MainFunctionParams const&) + 1642 (renderer_main.cc:231)
29  org.chromium.ContentShell.framework 0x02e4c5fa content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) + 186 (content_main_runner.cc:437)
30  org.chromium.ContentShell.framework 0x02e4cf90 content::ContentMainRunnerImpl::Run() + 128 (content_main_runner.cc:769)
31  org.chromium.ContentShell.framework 0x02e4c352 content::ContentMain(content::ContentMainParams const&) + 50 (content_main.cc:19)
32  org.chromium.ContentShell.framework 0x00138972 CefExecuteProcess(CefMainArgs const&, CefRefPtr<CefApp>, void*) + 370 (context.cc:100)
33  org.chromium.ContentShell.framework 0x000e4efb cef_execute_process + 251 (libcef_dll.cc:130)
34  org.cef.cefclient.helper        0x0008b4a6 CefExecuteProcess(CefMainArgs const&, CefRefPtr<CefApp>, void*) + 150
35  org.cef.cefclient.helper        0x00089d46 main + 150
36  org.cef.cefclient.helper        0x0007c5e5 start + 53

(this was using a tip-of-master local brackets-shell build, but I can also repro this crash just as easily with the official 1.2 build)

[peterflynn]

I have a suspicion this is related to the JS code hints web worker -- the crash doesn't repro if you have a non-JS file open or if you have a JS file outside the project open. The main difference between those cases? In the crash case, code hints parsing/indexing process is running in the background and is probably unfinished (still running) when the reload happened. In the non-crash case that background process isn't running at all...

[peterflynn]

Sorry, original title was wrong -- wrote it earlier before I'd fully narrowed down the repro steps

[marcelgerber]

It's probably not Mac only. I got into a case where Brackets white-screened on Windows 8.1 with the same steps (it was even like 5-10 seconds after starting when I reloaded).

EDIT: Tested it again; yeah, I can absolutely (and easily) repro on Windows, too.

[prksingh]

The steps and crash log appear similar to #4522. Also see #10779

[marcelgerber]

Re #4552: Those aren't that similar as over there, you cause the reload by reloading the Dev Tools (which in turn reloads the "page" that's currently open).

Re #10779: It could be the same root cause, but if you do it right, for this issue to reproduce, you only need one reload.

[marcelgerber]

On #11569, I can no longer repro this issue while I can on master. Looks promising.

[marcelgerber]

This appears to be fixed with the merge of #11569 and will come to you in Release 1.8.
Please let us know if it still doesn't work for you when the Release ships.