Engine crashes in content::RenderViewImpl::Initialize |
||||
Issue descriptionSYNCED to: commit a7467383c208ef2e5a90d8e20979b6ba722ac104 Author: pfeldman <pfeldman@chromium.org> Date: Thu Mar 24 15:50:19 2016 -0700 [1:1:0324/160516:FATAL:crash_logging.cc(55)] Check failed: crash_key. All crash keys must be registered before use (key = rvinit_view_id) #0 0x7f6d6ff65ece base::debug::StackTrace::StackTrace() #1 0x7f6d6ffc661f logging::LogMessage::~LogMessage() #2 0x7f6d6ff5f36f base::debug::SetCrashKeyValue() #3 0x7f6d6db881cd content::RenderViewImpl::Initialize() #4 0x7f6d6db8b791 content::RenderViewImpl::Create() #5 0x7f6d6db7337e content::RenderThreadImpl::OnCreateNewView() #6 0x7f6d6db86699 _ZN4base20DispatchToMethodImplIPN7content16RenderThreadImplEMS2_FvRK18ViewMsg_New_ParamsEJS4_EJLm0EEEEvRKT_T0_RKSt5tupleIJDpT1_EENS_13IndexSequenceIJXspT2_EEEE #7 0x7f6d6db865f5 _ZN4base16DispatchToMethodIPN7content16RenderThreadImplEMS2_FvRK18ViewMsg_New_ParamsEJS4_EEEvRKT_T0_RKSt5tupleIJDpT1_EE #8 0x7f6d6db8659f _ZN3IPC16DispatchToMethodIN7content16RenderThreadImplEMS2_FvRK18ViewMsg_New_ParamsEvSt5tupleIJS3_EEEEvPT_T0_PT1_RKT2_ #9 0x7f6d6db7862b _ZN3IPC8MessageTI16ViewMsg_New_MetaSt5tupleIJ18ViewMsg_New_ParamsEEvE8DispatchIN7content16RenderThreadImplES8_vMS8_FvRKS3_EEEbPKNS_7MessageEPT_PT0_PT1_T2_ #10 0x7f6d6db72dd4 content::RenderThreadImpl::OnControlMessageReceived() #11 0x7f6d6bd2a871 content::ChildThreadImpl::OnMessageReceived() #12 0x7f6d6abd7223 IPC::ChannelProxy::Context::OnDispatchMessage() #13 0x7f6d6abdbb6f _ZN4base8internal15RunnableAdapterIMN3IPC12ChannelProxy7ContextEFvRKNS2_7MessageEEE3RunIS4_JS7_EEEvRK13scoped_refptrIT_EDpOT0_ #14 0x7f6d6abdba8e _ZN4base8internal12InvokeHelperILb0EvNS0_15RunnableAdapterIMN3IPC12ChannelProxy7ContextEFvRKNS3_7MessageEEEEE8MakeItSoIJRK13scoped_refptrIS5_ES8_EEEvSB_DpOT_ #15 0x7f6d6abdba3d _ZN4base8internal7InvokerINS_13IndexSequenceIJLm0ELm1EEEENS0_9BindStateINS0_15RunnableAdapterIMN3IPC12ChannelProxy7ContextEFvRKNS6_7MessageEEEEFvPS8_SB_EJSF_SB_EEENS0_12InvokeHelperILb0EvSE_EEFvvEE3RunEPNS0_13BindStateBaseE #16 0x7f6d6ff462ae base::Callback<>::Run() #17 0x7f6d6ff6b8be base::debug::TaskAnnotator::RunTask() #18 0x7f6d6454c012 scheduler::TaskQueueManager::ProcessTaskFromWorkQueue() #19 0x7f6d64549f92 scheduler::TaskQueueManager::DoWork() #20 0x7f6d6455175e _ZN4base8internal15RunnableAdapterIMN9scheduler16TaskQueueManagerEFvNS_9TimeTicksEbEE3RunIJRKS4_RKbEEEvPS3_DpOT_ #21 0x7f6d6455165a _ZN4base8internal12InvokeHelperILb1EvNS0_15RunnableAdapterIMN9scheduler16TaskQueueManagerEFvNS_9TimeTicksEbEEEE8MakeItSoINS_7WeakPtrIS4_EEJRKS5_RKbEEEvS8_T_DpOT0_ #22 0x7f6d645515d8 _ZN4base8internal7InvokerINS_13IndexSequenceIJLm0ELm1ELm2EEEENS0_9BindStateINS0_15RunnableAdapterIMN9scheduler16TaskQueueManagerEFvNS_9TimeTicksEbEEEFvPS7_S8_bEJNS_7WeakPtrIS7_EERS8_bEEENS0_12InvokeHelperILb1EvSB_EEFvvEE3RunEPNS0_13BindStateBaseE #23 0x7f6d6ff462ae base::Callback<>::Run() #24 0x7f6d6ff6b8be base::debug::TaskAnnotator::RunTask() #25 0x7f6d6ffe348f base::MessageLoop::RunTask() #26 0x7f6d6ffe3718 base::MessageLoop::DeferOrRunPendingTask() #27 0x7f6d6ffe38e2 base::MessageLoop::DoWork() #28 0x7f6d6fff5113 base::MessagePumpDefault::Run() #29 0x7f6d6ffe2ebf base::MessageLoop::RunHandler() #30 0x7f6d70081924 base::RunLoop::Run() #31 0x7f6d6ffe1f34 base::MessageLoop::Run() #32 0x7f6d6dbe30e9 content::RendererMain() #33 0x7f6d6df53986 content::RunZygote() #34 0x7f6d6df53c30 content::RunNamedProcessTypeMain() #35 0x7f6d6df55ab9 content::ContentMainRunnerImpl::Run() #36 0x7f6d6df53052 content::ContentMain() #37 0x0000004188b5 main #38 0x7f6d65813ec5 __libc_start_main #39 0x000000418799 <unknown> Received signal 6 #0 0x7f6d6ff65ece base::debug::StackTrace::StackTrace() #1 0x7f6d6ff65a0f base::debug::(anonymous namespace)::StackDumpSignalHandler() #2 0x7f6d65bc8340 <unknown> #3 0x7f6d65828cc9 gsignal #4 0x7f6d6582c0d8 abort #5 0x7f6d6ff627c6 base::debug::(anonymous namespace)::DebugBreak() #6 0x7f6d6ff627a8 base::debug::BreakDebugger() #7 0x7f6d6ffc696d logging::LogMessage::~LogMessage() #8 0x7f6d6ff5f36f base::debug::SetCrashKeyValue() #9 0x7f6d6db881cd content::RenderViewImpl::Initialize() #10 0x7f6d6db8b791 [7017:7036:0324/160516:VERBOSE2:blimp_message_output_buffer.cc(63)] OutputBuffer::ProcessMessage <BlimpMessage type=PROTOCOL_CONTROL subtype=CHECKPOINT_ACK checkpoint_id=5 byte_size=13> [7017:7036:0324/160516:VERBOSE2:blimp_connection.cc(66)] Sender::ProcessMessage <BlimpMessage type=PROTOCOL_CONTROL subtype=CHECKPOINT_ACK checkpoint_id=5 byte_size=15> [7017:7036:0324/160516:VERBOSE2:blimp_connection.cc(92)] OnWritePacketComplete, result=0 [7017:7036:0324/160516:VERBOSE2:blimp_message_output_buffer.cc(147)] Write complete, result=0 content::RenderViewImpl::Create() #11 0x7f6d6db7337e content::RenderThreadImpl::OnCreateNewView() #12 0x7f6d6db86699 _ZN4base20DispatchToMethodImplIPN7content16RenderThreadImplEMS2_FvRK18ViewMsg_New_ParamsEJS4_EJLm0EEEEvRKT_T0_RKSt5tupleIJDpT1_EENS_13IndexSequenceIJXspT2_EEEE #13 0x7f6d6db865f5 _ZN4base16DispatchToMethodIPN7content16RenderThreadImplEMS2_FvRK18ViewMsg_New_ParamsEJS4_EEEvRKT_T0_RKSt5tupleIJDpT1_EE #14 0x7f6d6db8659f _ZN3IPC16DispatchToMethodIN7content16RenderThreadImplEMS2_FvRK18ViewMsg_New_ParamsEvSt5tupleIJS3_EEEEvPT_T0_PT1_RKT2_ #15 0x7f6d6db7862b _ZN3IPC8MessageTI16ViewMsg_New_MetaSt5tupleIJ18ViewMsg_New_ParamsEEvE8DispatchIN7content16RenderThreadImplES8_vMS8_FvRKS3_EEEbPKNS_7MessageEPT_PT0_PT1_T2_ #16 0x7f6d6db72dd4 content::RenderThreadImpl::OnControlMessageReceived() #17 0x7f6d6bd2a871 content::ChildThreadImpl::OnMessageReceived() #18 0x7f6d6abd7223 IPC::ChannelProxy::Context::OnDispatchMessage() #19 0x7f6d6abdbb6f _ZN4base8internal15RunnableAdapterIMN3IPC12ChannelProxy7ContextEFvRKNS2_7MessageEEE3RunIS4_JS7_EEEvRK13scoped_refptrIT_EDpOT0_ #20 0x7f6d6abdba8e _ZN4base8internal12InvokeHelperILb0EvNS0_15RunnableAdapterIMN3IPC12ChannelProxy7ContextEFvRKNS3_7MessageEEEEE8MakeItSoIJRK13scoped_refptrIS5_ES8_EEEvSB_DpOT_ #21 0x7f6d6abdba3d _ZN4base8internal7InvokerINS_13IndexSequenceIJLm0ELm1EEEENS0_9BindStateINS0_15RunnableAdapterIMN3IPC12ChannelProxy7ContextEFvRKNS6_7MessageEEEEFvPS8_SB_EJSF_SB_EEENS0_12InvokeHelperILb0EvSE_EEFvvEE3RunEPNS0_13BindStateBaseE #22 0x7f6d6ff462ae base::Callback<>::Run() #23 0x7f6d6ff6b8be base::debug::TaskAnnotator::RunTask() #24 0x7f6d6454c012 scheduler::TaskQueueManager::ProcessTaskFromWorkQueue() #25 0x7f6d64549f92 scheduler::TaskQueueManager::DoWork() #26 0x7f6d6455175e _ZN4base8internal15RunnableAdapterIMN9scheduler16TaskQueueManagerEFvNS_9TimeTicksEbEE3RunIJRKS4_RKbEEEvPS3_DpOT_ #27 0x7f6d6455165a _ZN4base8internal12InvokeHelperILb1EvNS0_15RunnableAdapterIMN9scheduler16TaskQueueManagerEFvNS_9TimeTicksEbEEEE8MakeItSoINS_7WeakPtrIS4_EEJRKS5_RKbEEEvS8_T_DpOT0_ #28 0x7f6d645515d8 _ZN4base8internal7InvokerINS_13IndexSequenceIJLm0ELm1ELm2EEEENS0_9BindStateINS0_15RunnableAdapterIMN9scheduler16TaskQueueManagerEFvNS_9TimeTicksEbEEEFvPS7_S8_bEJNS_7WeakPtrIS7_EERS8_bEEENS0_12InvokeHelperILb1EvSB_EEFvvEE3RunEPNS0_13BindStateBaseE #29 0x7f6d6ff462ae base::Callback<>::Run() #30 0x7f6d6ff6b8be base::debug::TaskAnnotator::RunTask() #31 0x7f6d6ffe348f base::MessageLoop::RunTask() #32 0x7f6d6ffe3718 base::MessageLoop::DeferOrRunPendingTask() #33 0x7f6d6ffe38e2 base::MessageLoop::DoWork() #34 0x7f6d6fff5113 base::MessagePumpDefault::Run() #35 0x7f6d6ffe2ebf base::MessageLoop::RunHandler() #36 0x7f6d70081924 base::RunLoop::Run() #37 0x7f6d6ffe1f34 base::MessageLoop::Run() #38 0x7f6d6dbe30e9 content::RendererMain() #39 0x7f6d6df53986 content::RunZygote() #40 0x7f6d6df53c30 content::RunNamedProcessTypeMain() #41 0x7f6d6df55ab9 content::ContentMainRunnerImpl::Run() #42 0x7f6d6df53052 content::ContentMain() #43 0x0000004188b5 main #44 0x7f6d65813ec5 __libc_start_main #45 0x000000418799 <unknown> r8: 0000000000000001 r9: 00007f6d65942e00 r10: 0000000000000008 r11: 0000000000000202 r12: 0000000000418770 r13: 00007fff3093daa0 r14: 0000000000000000 r15: 0000000000000000 di: 0000000000000001 si: 0000000000000001 bp: 00007fff30939600 bx: 0000000000000000 dx: 0000000000000006 ax: 0000000000000000 cx: ffffffffffffffff sp: 00007fff309394c8 ip: 00007f6d65828cc9 efl: 0000000000000202 cgf: 0000000000000033 erf: 0000000000000000 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000 [end of stack trace] [7017:7036:0324/160516:VERBOSE2:blimp_message_output_buffer.cc(63)] OutputBuffer::ProcessMessage <BlimpMessage type=NAVIGATION subtype=NAVIGATION_STATE_CHANGED target_tab_id=0 byte_size=14>
,
Mar 24 2016
,
Mar 25 2016
,
Mar 25 2016
Root cause: base::debug::SetCrashKeyValue() has a DCHECK that will bomb out if a crash key is set without being registered first. Turns out in http://crrev.com/1783053002, I didn't catch _all_ of the crash keys being used (some were added recently as temporary debugging crash keys). So now we're left with a couple possible solutions: 1) We depend on //chrome/common/crash_keys.h, which probably will be kept up to date with all the crash keys. Downside, we need to depend on //chrome, which is an explicit anti-dependency for the engine today. 2) I get rid of the DCHECK() in SetCrashKeyValue(). Probably the best long-term solution to this, but requires buy-in from crash-team. 3) Update our crash keys to keep track those in //chrome/common/crash_keys.h, and continuously check and sync the lists. At best this is a short-term solution, and will be fairly fragile. From my understanding, option 1 is definitely out- we don't want any dependency on //chrome. I think the best course of action is to start chatting with the crash team about the second option. It'll definitely be the most robust for us, but we'll need to see if they're okay with it. I have a patchset for option 3 ready to go, but I'll hold off on sending it out until we have a clear direction here.
,
Dec 9 2016
|
||||
►
Sign in to add a comment |
||||
Comment 1 by haibinlu@chromium.org
, Mar 24 2016