This is the chromium side bug created from b/28065142
symbolized microdump:
Thread 0 (crashed)
0 linux-gate.so + 0x430
eip = 0xffffe430 esp = 0xcfbf5c2c ebp = 0xcfbf5c88 ebx = 0x00000daa
esi = 0xcfbf6978 edi = 0xcfbf6920 eax = 0x00000000 ecx = 0x00000dc6
edx = 0x00000006 efl = 0x00200296
Found by: given as instruction pointer in context
1 libc.so + 0x36beb
eip = 0xe7b29beb esp = 0xcfbf5c90 ebp = 0xcfbf5ca8
Found by: previous frame's frame pointer
2 libc.so + 0x2e147
eip = 0xe7b21147 esp = 0xcfbf5cb0 ebp = 0xcfbf5ce8
Found by: previous frame's frame pointer
3 libart.so + 0x50b5ca
eip = 0xe77835ca esp = 0xcfbf5cf0 ebp = 0xcfbf5d48
Found by: previous frame's frame pointer
4 libart.so + 0x1183f5
eip = 0xe73903f5 esp = 0xcfbf5d50 ebp = 0xcfbf5db8
Found by: previous frame's frame pointer
5 libart.so + 0x38b8aa
eip = 0xe76038aa esp = 0xcfbf5dc0 ebp = 0xcfbf5f28
Found by: previous frame's frame pointer
6 libart.so + 0x38bafd
eip = 0xe7603afd esp = 0xcfbf5f30 ebp = 0xcfbf5f78
Found by: previous frame's frame pointer
7 libart.so + 0x3f54a0
eip = 0xe766d4a0 esp = 0xcfbf5f80 ebp = 0xcfbf6008
Found by: previous frame's frame pointer
8 libwebviewchromium.so!base::android::ConvertJavaStringToUTF8 [jni.h : 864 + 0xf]
eip = 0xd7fc490e esp = 0xcfbf6010 ebp = 0x00000000
Found by: previous frame's frame pointer
9 libwebviewchromium.so!std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > >::resize [vector : 1983 + 0xb]
eip = 0xd789b88d esp = 0xcfbf6030 ebp = 0x00000000
Found by: stack scanning
10 libwebviewchromium.so!base::android::ConvertJavaStringToUTF8 [jni_string.cc : 26 + 0x9]
eip = 0xd7fc48e9 esp = 0xcfbf603c ebp = 0x00000000
Found by: stack scanning
11 libwebviewchromium.so!base::android::AppendJavaStringArrayToStringVector [jni_array.cc : 176 + 0x9]
eip = 0xd7fc3edd esp = 0xcfbf6050 ebp = 0x00000000
Found by: stack scanning
12 libwebviewchromium.so!base::android::AppendJavaStringArrayToStringVector [jni_array.cc : 166 + 0x9]
eip = 0xd7fc3e29 esp = 0xcfbf608c ebp = 0x00000000
Found by: stack scanning
13 libwebviewchromium.so!android_webview::AwWebResourceResponseImpl::GetResponseHeaders [aw_web_resource_response_impl.cc : 88 + 0xd]
eip = 0xd585d7e3 esp = 0xcfbf60a0 ebp = 0x00000000
Found by: stack scanning
14 libc.so + 0x1456b
eip = 0xe7b0756b esp = 0xcfbf60c0 ebp = 0xcfbf60d8
Found by: stack scanning
15 0xe0db7800
eip = 0xe0db7800 esp = 0xcfbf60e0 ebp = 0xe0d902a0
Found by: previous frame's frame pointer
16 libwebviewchromium.so!std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::~basic_string [memory : 1636 + 0xb]
eip = 0xd5820522 esp = 0xcfbf6100 ebp = 0xe0d902a0
Found by: stack scanning
17 libwebviewchromium.so!android_webview::AwWebResourceResponseImpl::GetResponseHeaders [aw_web_resource_response_impl.cc : 76 + 0x9]
eip = 0xd585d6c5 esp = 0xcfbf610c ebp = 0xe0d902a0
Found by: stack scanning
18 libwebviewchromium.so!android_webview::::StreamReaderJobDelegateImpl::AppendResponseHeaders [aw_request_interceptor.cc : 73 + 0xc]
eip = 0xd58387cd esp = 0xcfbf6120 ebp = 0xe0d902a0
Found by: stack scanning
19 libwebviewchromium.so!base::android::AttachCurrentThread [jni.h : 1091 + 0x14]
eip = 0xd7fc28a6 esp = 0xcfbf6160 ebp = 0xe0d902a0
Found by: stack scanning
20 libwebviewchromium.so!android_webview::::StreamReaderJobDelegateImpl::AppendResponseHeaders [aw_request_interceptor.cc : 61 + 0x9]
eip = 0xd58386c9 esp = 0xcfbf616c ebp = 0xcfbf617c
Found by: stack scanning
21 0xce8ebb80
eip = 0xce8ebb80 esp = 0xcfbf6184 ebp = 0xd583402b
Found by: previous frame's frame pointer
22 boot-framework.oat + 0xd0af74
eip = 0x74682f74 esp = 0xcfbf61c0 ebp = 0xd583402b
Found by: stack scanning
23 libwebviewchromium.so!android_webview::AndroidStreamReaderURLRequestJob::HeadersComplete [android_stream_reader_url_request_job.cc : 312 + 0x9]
eip = 0xd5833df3 esp = 0xcfbf61dc ebp = 0xd583402b
Found by: stack scanning
24 libwebviewchromium.so!android_webview::AndroidStreamReaderURLRequestJob::OnReaderSeekCompleted [android_stream_reader_url_request_job.cc : 207 + 0xf]
eip = 0xd5834159 esp = 0xcfbf61f0 ebp = 0xd583402b
Found by: stack scanning
25 libwebviewchromium.so!android_webview::AndroidStreamReaderURLRequestJob::OnReaderSeekCompleted [android_stream_reader_url_request_job.cc : 203 + 0x8]
eip = 0xd583411a esp = 0xcfbf6210 ebp = 0xd583402b
Found by: stack scanning
26 libwebviewchromium.so!base::internal::Invoker<base::IndexSequence<0u>, base::internal::BindState<base::internal::RunnableAdapter<void (android_webview::AndroidStreamReaderURLRequestJob::*)(int)>, void(android_webview::AndroidStreamReaderURLRequestJob*, int), base::WeakPtr<android_webview::AndroidStreamReaderURLRequestJob> >, base::internal::InvokeHelper<true, void, base::internal::RunnableAdapter<void (android_webview::AndroidStreamReaderURLRequestJob::*)(int)> >, void(int)>::Run [bind_internal.h : 181 + 0x5]
eip = 0xd5834a3d esp = 0xcfbf6220 ebp = 0xd583402b
Found by: stack scanning
27 libwebviewchromium.so!base::internal::Invoker<base::IndexSequence<0u>, base::internal::BindState<base::internal::RunnableAdapter<void (android_webview::AndroidStreamReaderURLRequestJob::*)(int)>, void(android_webview::AndroidStreamReaderURLRequestJob*, int), base::WeakPtr<android_webview::AndroidStreamReaderURLRequestJob> >, base::internal::InvokeHelper<true, void, base::internal::RunnableAdapter<void (android_webview::AndroidStreamReaderURLRequestJob::*)(int)> >, void(int)>::Run [bind_internal.h : 357 + 0x9]
eip = 0xd58349dd esp = 0xcfbf624c ebp = 0xd583402b
Found by: stack scanning
28 libwebviewchromium.so!base::internal::ReplyAdapter<int, int> [callback.h : 397 + 0xb]
eip = 0xd5832f4d esp = 0xcfbf6260 ebp = 0xd583402b
Found by: stack scanning
29 libwebviewchromium.so!base::internal::Invoker<base::IndexSequence<0u, 1u>, base::internal::BindState<base::internal::RunnableAdapter<void (*)(const base::Callback<void(int), (base::internal::CopyMode)1>&, int*)>, void(const base::Callback<void(int), (base::internal::CopyMode)1>&, int*), const base::Callback<void(int), (base::internal::CopyMode)1>&, base::internal::OwnedWrapper<int> >, base::internal::InvokeHelper<false, void, base::internal::RunnableAdapter<void (*)(const base::Callback<void(int), (base::internal::CopyMode)1>&, int*)> >, void()>::Run [bind_internal.h : 159 + 0x4]
eip = 0xd583321e esp = 0xcfbf6290 ebp = 0xd583402b
Found by: stack scanning
30 libwebviewchromium.so!tracked_objects::DeathData::RecordDeath [tracked_objects.cc : 129 + 0x9]
eip = 0xd8043399 esp = 0xcfbf629c ebp = 0xd583402b
Found by: stack scanning
31 libwebviewchromium.so!base::ThreadLocalStorage::StaticSlot::Get [thread_local_storage.cc : 230 + 0x6]
eip = 0xd8020336 esp = 0xcfbf62a8 ebp = 0xcfbf6510
Found by: stack scanning
Comment 1 by gsennton@chromium.org
, Apr 22 2016