Dolphine is crashing while playing a video on amazon.com |
|||||||||||
Issue descriptionThis report will ONLY be viewable by Google. Device name: Galaxy St/ATT/MMB29M WebView version : 52. Application: Webview : 52.0.2743.8 Application version: Dolphin browser/V11.5.6 URLs (if applicable): https://play.google.com/store/apps/details?id=mobi.mgeek.TunnyBrowser&hl=en amazon product http://www.amazon.com/gp/aw/d/B00MNG37C2/ref=s9_hps_gw_g21_i1/191-2815740-0214228?ie=UTF8&fpl=fresh&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=mobile-1&pf_rd_r=03747F5SNBD632EWPVPY&pf_rd_t=36701&pf_rd_p=1ee93ea3-f360-4ebe-aef7-2d71f6144505&pf_rd_i=mobile Steps to reproduce: (1) Launch Dolphin > go to setting > Disable Jet back (2) Go to Home screen of the dolphin > select Amazon (SYMA X5C Explorers 2.4G 4CH 6-Axis Gyro RC Quadcopter With HD Camera) (3) Scroll down to the related videos, click of the any of the video Actual result: The related video pages spin for ever to load and evenly crashes Additional info:- -Repro on Nexus 5/M and S7/ATT -This issue happen for first time when trying the dolphine/amazon/related videos, after the doplhine gets crashed, trying for 2nd time the related video are working -For now seen on only M devices (checked on android N/Dolphin is crashing ) -----------------------logcat------------- 05-25 11:38:13.681 29621 29751 F libc : Fatal signal 11 (SIGSEGV), code 1, fault addr 0xddff1000 in tid 29751 (Compositor) 05-25 11:38:13.711 652 669 I SurfaceFlinger: id=220 Removed uhumbnail a (8/15) 05-25 11:38:13.711 652 2224 I SurfaceFlinger: id=220 Removed uhumbnail a (-2/15) 05-25 11:38:13.721 1368 1520 I Timeline: Timeline: Activity_windows_visible id: ActivityRecord{c68e8f4 u0 mobi.mgeek.TunnyBrowser/.BrowserActivity t88} time:4514216 05-25 11:38:13.721 1368 1520 D CustomFrequencyManagerService: releaseDVFSLockLocked : Getting Lock type frm List : DVFS_MIN_LIMIT frequency : 1555200 uid : 1000 pid : 1368 tag : ACTIVITY_RESUME_BOOSTER@18 05-25 11:38:13.721 1368 1520 D ActivityManager: mDVFSHelper.release() 05-25 11:38:13.731 652 652 D libEGL : eglTerminate EGLDisplay = 0x7fea150208 05-25 11:38:13.741 1368 1520 D KnoxTimeoutHandler: notifyActivityDrawn [MsgParam] userId: 0 fullscreen is true showWhenlocked is false 05-25 11:38:13.741 1368 1368 D KnoxTimeoutHandler: activityDrawn [MsgParam] userId: 0 fullscreen is true showWhenlocked is false 05-25 11:38:13.741 1368 1368 I KnoxTimeoutHandler: SD activityfalse 05-25 11:38:13.741 1368 1460 D CustomFrequencyManagerService: acquireDVFSLockLocked : type : DVFS_MIN_LIMIT frequency : 1555200 uid : 1000 pid : 1368 pkgName : ACTIVITY_RESUME_BOOSTER@24 05-25 11:38:13.761 652 3477 D libEGL : eglTerminate EGLDisplay = 0x7f98f7fea8 05-25 11:38:13.761 652 669 I SurfaceFlinger: id=217 Removed TeparatedRe (4/14) 05-25 11:38:13.761 652 3251 I SurfaceFlinger: id=217 Removed TeparatedRe (-2/14) 05-25 11:38:13.761 652 652 D libEGL : eglTerminate EGLDisplay = 0x7fea150208 05-25 11:38:13.761 652 652 D libEGL : eglTerminate EGLDisplay = 0x7fea1501d8 05-25 11:38:13.761 2349 2349 D Recents_RecentsActivity: onStop 05-25 11:38:13.791 938 938 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** 05-25 11:38:13.791 938 938 F DEBUG : Build fingerprint: 'samsung/hero2qlteuc/hero2qlteatt:6.0.1/MMB29M/G935AUCS2APE1:user/release-keys' 05-25 11:38:13.791 938 938 F DEBUG : Revision: '14' 05-25 11:38:13.791 938 938 F DEBUG : ABI: 'arm' 05-25 11:38:13.791 938 938 F DEBUG : pid: 29621, tid: 29751, name: Compositor >>> mobi.mgeek.TunnyBrowser <<< 05-25 11:38:13.791 938 938 F DEBUG : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xddff1000 05-25 11:38:13.811 938 938 F DEBUG : r0 d6ef9e74 r1 00000000 r2 00000000 r3 00000000 05-25 11:38:13.811 938 938 F DEBUG : r4 d967d400 r5 d6ef9ebc r6 d6ef9f14 r7 00000001 05-25 11:38:13.811 938 938 F DEBUG : r8 ddff1000 r9 00000000 sl 0000000f fp d8306420 05-25 11:38:13.811 938 938 F DEBUG : ip daad6030 sp d6ef9ea0 lr e1e10167 pc e1e136dc cpsr 200b0030 05-25 11:38:13.821 938 938 F DEBUG : 05-25 11:38:13.821 938 938 F DEBUG : backtrace: 05-25 11:38:13.821 938 938 F DEBUG : #00 pc 009896dc /data/app/com.google.android.webview-1/lib/arm/libwebviewchromium.so 05-25 11:38:14.031 1368 2200 D MdnieScenarioControlService: packageName : mobi.mgeek.TunnyBrowser className : mobi.mgeek.TunnyBrowser.BrowserActivity 05-25 11:38:14.051 1368 1368 D CustomFrequencyManagerService: releaseDVFSLockLocked : Getting Lock type frm List : DVFS_MIN_LIMIT frequency : 1555200 uid : 1000 pid : 1368 tag : ACTIVITY_RESUME_BOOSTER@24 05-25 11:38:14.111 2349 2349 D Recents : onTaskStackChanged 05-25 11:38:14.131 1368 2200 I MdnieScenarioControlService: mGameModeLauncher : false 05-25 11:38:14.131 1368 2200 I MdnieScenarioControlService: setUIMode
,
May 25 2016
log & screen shot -> go/chrome-androidlogs1/6/614773
,
May 25 2016
Operating system: Android
samsung/hero2qlteuc/hero2qlteatt:6.0.1/MMB29M/G935AUCS2APE1:user/release-keys
CPU: arm
4 CPUs
GPU: OpenGL ES 3.1 V@145.0 (GIT@I241dab1ec4)
Qualcomm
Adreno (TM) 530
Crash reason:
Crash address: 0x0
Process uptime: not available
Thread 0 (crashed)
0 libwebviewchromium.so!gpu::gles2::GLES2Implementation::GetBucketContents [gles2_implementation.cc : 618 + 0x0]
r0 = 0xd6ef9e74 r1 = 0x00000000 r2 = 0x00000000 r3 = 0x00000000
r4 = 0xd967d400 r5 = 0xd6ef9ebc r6 = 0xd6ef9f14 r7 = 0x00000001
r8 = 0xddff1000 r9 = 0x00000000 r10 = 0x0000000f r12 = 0xdaad6030
fp = 0xd8306420 sp = 0xd6ef9ea0 lr = 0xe1e10167 pc = 0xe1e136dc
Found by: given as instruction pointer in context
1 libwebviewchromium.so!gpu::gles2::ProgramInfoManager::GetProgramInfo [program_info_manager.cc : 619 + 0xb]
r4 = 0xd5d1a82c r5 = 0xd83105ec r6 = 0xd6ef9f14 r7 = 0x00000000
r8 = 0xd967d400 r9 = 0xd83105d8 r10 = 0x00000002 fp = 0xd6ef9fc0
sp = 0xd6ef9f08 pc = 0xe1e23a13
Found by: call frame info
2 libwebviewchromium.so!gpu::gles2::ProgramInfoManager::GetUniformLocation [program_info_manager.cc : 748 + 0xb]
r4 = 0xf7104ec0 r5 = 0xd6ef9f3c r6 = 0x0000005b r7 = 0xd72feca8
r8 = 0xd967d400 r9 = 0xd83105d8 r10 = 0x00000002 fp = 0xd6ef9fc0
sp = 0xd6ef9f38 pc = 0xe1e23c61
Found by: call frame info
3 libwebviewchromium.so!gpu::gles2::GLES2Implementation::GetUniformLocation [gles2_implementation.cc : 1644 + 0xb]
r4 = 0xe37626f0 r5 = 0xe377b487 r6 = 0x00000000 r7 = 0xd967d400
r8 = 0xd72feca8 r9 = 0x0000005b r10 = 0x00000002 fp = 0xd6ef9fc0
sp = 0xd6ef9f70 pc = 0xe1e0e105
Found by: call frame info
4 libwebviewchromium.so!GrGLUniformHandler::getUniformLocations [functional : 1756 + 0x7]
r4 = 0xd6efac40 r5 = 0x00000000 r6 = 0x00000000 r7 = 0x0000005b
r8 = 0x00000008 r9 = 0x00000003 r10 = 0x00000002 fp = 0xd6ef9fc0
sp = 0xd6ef9fb8 pc = 0xe1944ea5
Found by: call frame info
5 libwebviewchromium.so!GrGLProgramBuilder::resolveProgramResourceLocations [GrGLProgramBuilder.cpp : 201 + 0x3]
r4 = 0xd6efa0a8 r5 = 0xd6efa0a8 r6 = 0x0000005b r7 = 0xd6efa05c
r8 = 0xd8771e78 r9 = 0x00000003 r10 = 0xd6efa050 fp = 0xd6efa04c
sp = 0xd6ef9ff8 pc = 0xe1946c81
Found by: call frame info
6 libwebviewchromium.so!GrGLProgramBuilder::finalize [GrGLProgramBuilder.cpp : 143 + 0x7]
r4 = 0x00000001 r5 = 0xd6efa0a8 r6 = 0x0000005b r7 = 0xd6efa05c
r8 = 0xd8771e78 r9 = 0x00000003 r10 = 0xd6efa050 fp = 0xd6efa04c
sp = 0xd6efa038 pc = 0xe1946f11
Found by: call frame info
7 libwebviewchromium.so!GrGLProgramBuilder::CreateProgram [GrGLProgramBuilder.cpp : 52 + 0x3]
r4 = 0xf7104ec0 r5 = 0xd6efa0a8 r6 = 0xd6efa0a0 r7 = 0xd6efa098
r8 = 0xd6efa09c r9 = 0xd6efa0a4 r10 = 0x00000002 fp = 0xd5b02068
sp = 0xd6efa090 pc = 0xe19479e3
Found by: call frame info
8 libwebviewchromium.so!GrGLGpu::ProgramCache::refProgram [GrGLGpuProgramCache.cpp : 151 + 0xd]
r4 = 0xd70f1000 r5 = 0xfffffff9 r6 = 0x00000000 r7 = 0xf7104ec0
r8 = 0xd70f101c r9 = 0xd6efacf8 r10 = 0xd8771e78 fp = 0xd5b02068
sp = 0xd6eface8 pc = 0xe193e343
Found by: call frame info
9 libwebviewchromium.so!GrGLGpu::flushGLState [GrGLGpu.cpp : 1991 + 0xd]
r4 = 0xd9a0cd00 r5 = 0xd5b02068 r6 = 0xd8771d98 r7 = 0xd8771e78
r8 = 0xd5b02108 r9 = 0xd6efade4 r10 = 0x00000000 fp = 0xd6efaef8
sp = 0xd6efade0 pc = 0xe1939edb
Found by: call frame info
10 libwebviewchromium.so!GrGLGpu::onDraw [GrGLGpu.cpp : 2703 + 0x3]
r4 = 0xd9a0cd00 r5 = 0xe193cfb1 r6 = 0xd9a0cd00 r7 = 0xd5b02108
r8 = 0xd5b02108 r9 = 0xd5b02068 r10 = 0x00000000 fp = 0xd6efaef8
sp = 0xd6efae18 pc = 0xe193cfc3
Found by: call frame info
11 libwebviewchromium.so!GrGpu::draw [GrGpu.cpp : 504 + 0x11]
r4 = 0xd9a0cd00 r5 = 0xe193cfb1 r6 = 0xd5b02068 r7 = 0xd5b02108
r8 = 0x00000000 r9 = 0xd5b02068 r10 = 0x00000000 fp = 0xd6efaef8
sp = 0xd6efaeb0 pc = 0xe18e3aeb
Found by: call frame info
12 libwebviewchromium.so!GrVertexBatch::onDraw [GrVertexBatch.cpp : 79 + 0xf]
r4 = 0xdae6dcf0 r5 = 0xd5b021d8 r6 = 0x00000000 r7 = 0xd5b02028
r8 = 0x00000000 r9 = 0xd5b02068 r10 = 0x00000000 fp = 0xd6efaef8
sp = 0xd6efaed0 pc = 0xe190d6fb
Found by: call frame info
13 libwebviewchromium.so!GrDrawTarget::drawBatches [GrBatch.h : 113 + 0x7]
r4 = 0xd5b02028 r5 = 0x00000000 r6 = 0xd5a96a00 r7 = 0xdae6dcf0
r8 = 0xd6efaf48 r9 = 0x00004650 r10 = 0x00000000 fp = 0xd5a96a28
sp = 0xd6efaf40 pc = 0xe18e0e2b
Found by: call frame info
14 libwebviewchromium.so!GrDrawingManager::flush [GrDrawingManager.cpp : 84 + 0x9]
r4 = 0xdae6dcc0 r5 = 0x00000000 r6 = 0xdae6dcf0 r7 = 0xd6efaf94
r8 = 0x00000000 r9 = 0xd728ec14 r10 = 0xd728eb80 fp = 0xd6efb065
sp = 0xd6efaf90 pc = 0xe18e05d5
Found by: call frame info
15 libwebviewchromium.so!GrContext::flush [GrContext.cpp : 238 + 0x3]
r4 = 0xdab8af00 r5 = 0xdab8af00 r6 = 0xd728ec10 r7 = 0x00000001
r8 = 0x00000000 r9 = 0xd728ec14 r10 = 0xd728eb80 fp = 0xd6efb065
sp = 0xd6efafb8 pc = 0xe18daf09
Found by: call frame info
16 libwebviewchromium.so!GrContext::readSurfacePixels [GrContext.cpp : 445 + 0xb]
r4 = 0xf7104ec0 r5 = 0xdab8af00 r6 = 0xd728ec10 r7 = 0x00000001
r8 = 0x00000000 r9 = 0xd728ec14 r10 = 0xd728eb80 fp = 0xd6efb065
sp = 0xd6efafc0 pc = 0xe18db91f
Found by: call frame info
17 libwebviewchromium.so!GrSurface::readPixels [GrSurface.cpp : 116 + 0x21]
r4 = 0xd5cbda70 r5 = 0x00000000 r6 = 0x00000000 r7 = 0xd565646c
r8 = 0x0000033c r9 = 0x00000064 r10 = 0x00000000 fp = 0xd6efb494
sp = 0xd6efb108 pc = 0xe18f5817
Found by: call frame info
18 libwebviewchromium.so!SkImage_Gpu::getROPixels [SkImage_Gpu.cpp : 61 + 0x1d]
r4 = 0xd5cbda70 r5 = 0x00000000 r6 = 0xd6efb19c r7 = 0xd0480000
r8 = 0x00000000 r9 = 0x00000064 r10 = 0x00000000 fp = 0xd6efb494
sp = 0xd6efb138 pc = 0xe1956e7f
Found by: call frame info
19 libwebviewchromium.so!SkBaseDevice::drawImageRect [SkDevice.cpp : 163 + 0x9]
r4 = 0xd6efb19c r5 = 0xe1956de5 r6 = 0xd72ccb00 r7 = 0xd6efb494
r8 = 0xd6efb368 r9 = 0xeaa93ab8 r10 = 0xd5cbda70 fp = 0xd6efb494
sp = 0xd6efb188 pc = 0xe17d39b3
Found by: call frame info
20 libwebviewchromium.so!SkCanvas::onDrawImageRect [SkCanvas.cpp : 2333 + 0x11]
r4 = 0xe17d3991 r5 = 0xd6efb368 r6 = 0x00000001 r7 = 0xd6efb328
r8 = 0xd6efb210 r9 = 0xeaa93ab8 r10 = 0xd5cbda70 fp = 0xd6efb494
sp = 0xd6efb1e8 pc = 0xe17c7f93
Found by: call frame info
21 libwebviewchromium.so!SkCanvas::legacy_drawImageRect [SkCanvas.cpp : 2023 + 0xb]
r4 = 0x00000000 r5 = 0x00000000 r6 = 0xd6efc940 r7 = 0xd5cbda70
r8 = 0xd6efb494 r9 = 0xeaa93ab8 r10 = 0xd6efc938 fp = 0x00000000
sp = 0xd6efb428 pc = 0xe17c9a0f
Found by: call frame info
22 libwebviewchromium.so!SkNWayCanvas::onDrawImageRect [SkNWayCanvas.cpp : 221 + 0x11]
r4 = 0x00000000 r5 = 0x00000000 r6 = 0xd6efc940 r7 = 0xd5cbda70
r8 = 0xd6efb494 r9 = 0xeaa93ab8 r10 = 0xd6efc938 fp = 0x00000000
sp = 0xd6efb448 pc = 0xe18caf25
Found by: call frame info
23 libwebviewchromium.so!cc::ImageHijackCanvas::onDrawImageRect [image_hijack_canvas.cc : 146 + 0x13]
r4 = 0xd6efb494 r5 = 0xf7104ec0 r6 = 0xd5cbda70 r7 = 0xd6efb4b4
r8 = 0xd6efb82c r9 = 0xd6efb4c4 r10 = 0xeaa93ab8 fp = 0xeaa93a5c
sp = 0xd6efb478 pc = 0xe174a6c3
Found by: call frame info
24 libwebviewchromium.so!SkCanvas::legacy_drawImageRect [SkCanvas.cpp : 2023 + 0xb]
r4 = 0x00000000 r5 = 0xeaa93a5c r6 = 0xd49a2880 r7 = 0xeaa93aac
r8 = 0xd6efb640 r9 = 0xd6efb82c r10 = 0x00000000 fp = 0x00000000
sp = 0xd6efb5c8 pc = 0xe17c9a0f
Found by: call frame info
25 libwebviewchromium.so!SkRecords::Draw::draw<SkRecords::DrawImageRect> [SkRecordDraw.cpp : 102 + 0xf]
r4 = 0x00000000 r5 = 0xeaa93a5c r6 = 0xd49a2880 r7 = 0xeaa93aac
r8 = 0xd6efb640 r9 = 0xd6efb82c r10 = 0x00000000 fp = 0x00000000
sp = 0xd6efb5e8 pc = 0xe183f323
Found by: call frame info
26 libwebviewchromium.so!SkRecordDraw [SkRecordDraw.h : 62 + 0x7]
r4 = 0x00000003 r5 = 0x00000000 r6 = 0xd49a2880 r7 = 0xeaa93aac
r8 = 0xd6efb640 r9 = 0xd6efb82c r10 = 0x00000000 fp = 0x00000000
sp = 0xd6efb600 pc = 0xe183ff01
Found by: call frame info
27 libwebviewchromium.so!SkBigPicture::playback [SkBigPicture.cpp : 43 + 0xd]
r4 = 0xd5ac5bc0 r5 = 0xd6efb82c r6 = 0x00000000 r7 = 0xd6efb6d0
r8 = 0xd6efb6f8 r9 = 0x00000000 r10 = 0x00000001 fp = 0xd6efb7c0
sp = 0xd6efb6a0 pc = 0xe17b1dd9
Found by: call frame info
28 libwebviewchromium.so!SkCanvas::onDrawPicture [SkCanvas.cpp : 2971 + 0xb]
r4 = 0x00000000 r5 = 0xd5ac5bc0 r6 = 0xd6efb82c r7 = 0x00000000
r8 = 0xd6efb6f8 r9 = 0x00000000 r10 = 0x00000001 fp = 0xd6efb7c0
sp = 0xd6efb6e8 pc = 0xe17cbda3
Found by: call frame info
29 libwebviewchromium.so!SkCanvas::drawPicture [SkCanvas.cpp : 2942 + 0x11]
r4 = 0xe17484a9 r5 = 0x00000000 r6 = 0xe36e1b10 r7 = 0x00000000
r8 = 0xd6efb82c r9 = 0x00000000 r10 = 0x00000001 fp = 0xd6efb7c0
sp = 0xd6efb720 pc = 0xe17cbe15
Found by: call frame info
30 libwebviewchromium.so!cc::DisplayItemList::Raster [SkCanvas.h : 1007 + 0xb]
r4 = 0xd5950700 r5 = 0x40800000 r6 = 0xd6efb82c r7 = 0x00000000
r8 = 0x40800000 r9 = 0x00000000 r10 = 0x00000001 fp = 0xd6efb7c0
sp = 0xd6efb790 pc = 0xe17488bf
Found by: call frame info
31 libwebviewchromium.so!cc::RasterSource::RasterCommon [raster_source.cc : 205 + 0xd]
r3 = 0xd6efb7d0 r4 = 0x00000001 r5 = 0xd6efb7d0 r6 = 0xd707e2e0
r7 = 0xd6efb82c r8 = 0x40800000 r9 = 0x00000000 r10 = 0x00000001
fp = 0xd6efb7c0 sp = 0xd6efb7b0 pc = 0xe174ad07
Found by: call frame info
32 libwebviewchromium.so!cc::RasterSource::PlaybackToCanvas [raster_source.cc : 93 + 0x1d]
r4 = 0xd6efe4ec r5 = 0x00000000 r6 = 0xd707e2e0 r7 = 0xd38d2070
r8 = 0xd38d2070 r9 = 0xd6efb82c r10 = 0xd6efb828 fp = 0xd6efb818
sp = 0xd6efb808 pc = 0xe174af49
Found by: call frame info
33 libwebviewchromium.so!cc::SoftwareRenderer::DrawPictureQuad [software_renderer.cc : 387 + 0x1b]
r4 = 0xe174ae95 r5 = 0xd6efc9f0 r6 = 0xd6efc9d4 r7 = 0xd6efca10
r8 = 0xd6efc9d0 r9 = 0x00000000 r10 = 0xd6efc9bc fp = 0x00000000
sp = 0xd6efc970 pc = 0xe1743c2d
Found by: call frame info
34 libwebviewchromium.so!cc::SoftwareRenderer::DoDrawQuad [software_renderer.cc : 300 + 0x5]
r4 = 0xd38d2000 r5 = 0xd6facc00 r6 = 0x00000000 r7 = 0xd9a0ed90
r8 = 0xd6efdf34 r9 = 0xd6efdbb0 r10 = 0xd6facca8 fp = 0x00000000
sp = 0xd6efdb58 pc = 0xe1745367
Found by: call frame info
35 libwebviewchromium.so!cc::DirectRenderer::DrawRenderPass [direct_renderer.cc : 515 + 0x11]
r4 = 0xe1744f41 r5 = 0xd6efddb8 r6 = 0xd6efdda8 r7 = 0x00000000
r8 = 0x00000000 r9 = 0xd6efdd98 r10 = 0xd6facc00 fp = 0xd5ce6f9c
sp = 0xd6efdd08 pc = 0xe172dfb1
Found by: call frame info
36 libwebviewchromium.so!cc::DirectRenderer::DrawRenderPassAndExecuteCopyRequests [direct_renderer.cc : 413 + 0x3]
r4 = 0xd6efe000 r5 = 0xd6efe1c8 r6 = 0xd6facc00 r7 = 0xd5ce6f20
r8 = 0xd6efdf34 r9 = 0xd5ce6f20 r10 = 0xd6efded0 fp = 0xd6efdebc
sp = 0xd6efde28 pc = 0xe172e141
Found by: call frame info
37 libwebviewchromium.so!cc::DirectRenderer::DrawFrame [direct_renderer.cc : 272 + 0x9]
r4 = 0xd6efe000 r5 = 0xd6efe1c8 r6 = 0xd6facc00 r7 = 0xd5ce6f20
r8 = 0xd6efdf34 r9 = 0xd4df3284 r10 = 0xd6efded0 fp = 0xd6efdebc
sp = 0xd6efde58 pc = 0xe172e3a9
Found by: call frame info
38 libwebviewchromium.so!cc::LayerTreeHostImpl::DrawLayers [layer_tree_host_impl.cc : 1678 + 0xf]
r4 = 0xd6efe0f0 r5 = 0xd9a0ec80 r6 = 0xe172e191 r7 = 0xd6efe1ac
r8 = 0xd6facc00 r9 = 0x00000000 r10 = 0x40800000 fp = 0xd6efe1c8
sp = 0xd6efe048 pc = 0xe1788ba3
Found by: call frame info
39 libwebviewchromium.so!cc::ProxyImpl::DrawAndSwapInternal [proxy_impl.cc : 647 + 0x5]
r4 = 0xdafce180 r5 = 0xd6efe1ac r6 = 0xd6efe198 r7 = 0x00000001
r8 = 0x00000000 r9 = 0x00000000 r10 = 0xd6efe2d4 fp = 0x00000000
sp = 0xd6efe198 pc = 0xe179b311
Found by: call frame info
40 libwebviewchromium.so!cc::ProxyImpl::ScheduledActionDrawAndSwapIfPossible [proxy_impl.cc : 531 + 0x5]
r4 = 0x00000000 r5 = 0xd86d7b78 r6 = 0x00000000 r7 = 0xe377b465
r8 = 0x00000001 r9 = 0xdafce180 r10 = 0xd6efe2d4 fp = 0x00000000
sp = 0xd6efe208 pc = 0xe179b361
Found by: call frame info
41 libwebviewchromium.so!cc::Scheduler::DrawAndSwapIfPossible [scheduler.cc : 618 + 0x7]
r4 = 0xd86d7a40 r5 = 0xd86d7b78 r6 = 0x00000000 r7 = 0xd86d7b78
r8 = 0x00000001 r9 = 0xd6efe2f8 r10 = 0xd6efe2d4 fp = 0x00000000
sp = 0xd6efe288 pc = 0xe1761519
Found by: call frame info
42 libwebviewchromium.so!cc::Scheduler::ProcessScheduledActions [scheduler.cc : 698 + 0x5]
r4 = 0xd86d7a40 r5 = 0x00000004 r6 = 0x00000000 r7 = 0xd86d7b78
r8 = 0xe36ddef0 r9 = 0xd6efe2f8 r10 = 0xd6efe2d4 fp = 0x00000000
sp = 0xd6efe2a8 pc = 0xe17624cf
Found by: call frame info
43 libwebviewchromium.so!cc::Scheduler::OnDrawForOutputSurface [scheduler.cc : 339 + 0x5]
r4 = 0xd86d7b78 r5 = 0xd86d7a40 r6 = 0xdafce180 r7 = 0xe17994dd
r8 = 0x00000001 r9 = 0xd6efe414 r10 = 0xd6efe37c fp = 0x00000000
sp = 0xd6efe338 pc = 0xe1762f57
Found by: call frame info
44 libwebviewchromium.so!cc::LayerTreeHostImpl::OnDraw [layer_tree_host_impl.cc : 1551 + 0xb]
r3 = 0xe17993d1 r4 = 0xd9a0ec80 r5 = 0x00000000 r6 = 0xdafce180
r7 = 0xe17994dd r8 = 0x00000001 r9 = 0xd6efe414 r10 = 0xd6efe37c
fp = 0x00000000 sp = 0xd6efe348 pc = 0xe1784fa3
Found by: call frame info
45 libwebviewchromium.so!content::SynchronousCompositorOutputSurface::InvokeComposite [synchronous_compositor_output_surface.cc : 249 + 0x11]
r4 = 0xe1785041 r5 = 0xd8358040 r6 = 0xd6efe3bc r7 = 0xd6efe414
r8 = 0xd6efe37c r9 = 0xd6efe414 r10 = 0xd6eff7e0 fp = 0xe3312e3c
sp = 0xd6efe370 pc = 0xe2ddc17b
Found by: call frame info
46 libwebviewchromium.so!content::SynchronousCompositorOutputSurface::DemandDrawSw [synchronous_compositor_output_surface.cc : 238 + 0xf]
r4 = 0xd6efe4ec r5 = 0xd8358040 r6 = 0x00000001 r7 = 0xd6efe414
r8 = 0x00000000 r9 = 0xd6efe424 r10 = 0xd6eff7e0 fp = 0xe3312e3c
sp = 0xd6efe3e0 pc = 0xe2ddc255
Found by: call frame info
47 libwebviewchromium.so!content::SynchronousCompositorOutputSurface::FallbackTickFired [synchronous_compositor_output_surface.cc : 182 + 0x5]
r4 = 0xd6efe4b8 r5 = 0xd6efe4ec r6 = 0x00000001 r7 = 0xd8358040
r8 = 0x00000000 r9 = 0xd6efe4a4 r10 = 0xd6eff7e0 fp = 0xe3312e3c
sp = 0xd6efe488 pc = 0xe2ddc997
Found by: call frame info
48 libwebviewchromium.so!base::internal::Invoker<base::IndexSequence<0u>, base::internal::BindState<base::internal::RunnableAdapter<void (IPC::ChannelMojo::*)()>, void(IPC::ChannelMojo*), base::WeakPtr<IPC::ChannelMojo> >, base::internal::InvokeHelper<true, void, base::internal::RunnableAdapter<void (IPC::ChannelMojo::*)()> >, void()>::Run [bind_internal.h : 186 + 0x1]
r4 = 0xd38d95d8 r5 = 0xd6eff618 r6 = 0xd6eff6a0 r7 = 0xe377b45a
r8 = 0xdc4e17a0 r9 = 0x00000000 r10 = 0xd6eff7e0 fp = 0xe3312e3c
sp = 0xd6eff618 pc = 0xe16eb1f9
Found by: call frame info
49 libwebviewchromium.so!base::debug::TaskAnnotator::RunTask [callback.h : 397 + 0x5]
r4 = 0xd6eff7e0 r5 = 0xd6eff6a8 r6 = 0xd6eff6a0 r7 = 0xe377b45a
r8 = 0xdc4e17a0 r9 = 0x00000000 r10 = 0xd6eff7e0 fp = 0xe3312e3c
sp = 0xd6eff638 pc = 0xe2ecfa13
Found by: call frame info
50 libwebviewchromium.so!base::MessageLoop::RunTask [message_loop.cc : 478 + 0xd]
r4 = 0xd6eff7e0 r5 = 0xdc4e16e0 r6 = 0xe377b450 r7 = 0xe377b3d0
r8 = 0xe323fbd0 r9 = 0x00000001 r10 = 0xd6eff7e0 fp = 0xe2ef8689
sp = 0xd6eff6f8 pc = 0xe2edc4b1
Found by: call frame info
51 libwebviewchromium.so!base::MessageLoop::DeferOrRunPendingTask [message_loop.cc : 487 + 0x7]
r4 = 0xdc4e16e0 r5 = 0x00000001 r6 = 0xd6eff7e0 r7 = 0xdab6a978
r8 = 0x00000001 r9 = 0x00000001 r10 = 0xd6eff7e0 fp = 0xe2ef8689
sp = 0xd6eff7a0 pc = 0xe2edc947
Found by: call frame info
52 libwebviewchromium.so!base::MessageLoop::DoDelayedWork [message_loop.cc : 642 + 0x7]
r3 = 0xd842b600 r4 = 0xd842b600 r5 = 0xdc4e16e0 r6 = 0xd842b600
r7 = 0xdab6a978 r8 = 0x00000001 r9 = 0x00000001 r10 = 0xd6eff7e0
fp = 0xe2ef8689 sp = 0xd6eff7c0 pc = 0xe2edd37f
Found by: call frame info
53 libwebviewchromium.so!base::MessagePumpDefault::Run [message_pump_default.cc : 37 + 0x9]
r4 = 0x00000001 r5 = 0xdc4e16e0 r6 = 0x0d0d49f2 r7 = 0x00000001
r8 = 0xdab6a968 r9 = 0xdab6a978 r10 = 0xd6e01000 fp = 0xe2ef8689
sp = 0xd6eff868 pc = 0xe2edd991
Found by: call frame info
54 libwebviewchromium.so!base::RunLoop::Run [run_loop.cc : 35 + 0x5]
r4 = 0xd6eff8c0 r5 = 0xd6eff89c r6 = 0xd83d48b8 r7 = 0xdc4e16e0
r8 = 0xd7ff0980 r9 = 0xd7ff048c r10 = 0xd6e01000 fp = 0xe2ef8689
sp = 0xd6eff898 pc = 0xe2ee9745
Found by: call frame info
55 libwebviewchromium.so!base::MessageLoop::Run [message_loop.cc : 294 + 0x5]
r4 = 0xd83d48b0 r5 = 0xf7104ec0 r6 = 0xd83d48b8 r7 = 0xdc4e16e0
r8 = 0xd7ff0980 r9 = 0xd7ff048c r10 = 0xd6e01000 fp = 0xe2ef8689
sp = 0xd6eff8c0 pc = 0xe2edbd1d
Found by: call frame info
56 libwebviewchromium.so!base::Thread::ThreadMain [thread.cc : 202 + 0x3]
r4 = 0xd83d48b0 r5 = 0xf7104ec0 r6 = 0xd83d48b8 r7 = 0xdc4e16e0
r8 = 0xd7ff0980 r9 = 0xd7ff048c r10 = 0xd6e01000 fp = 0xe2ef8689
sp = 0xd6eff8e0 pc = 0xe2efab29
Found by: call frame info
57 libwebviewchromium.so!ThreadFunc [platform_thread_posix.cc : 70 + 0x7]
r4 = 0xd6eff930 r5 = 0xd83d48b0 r6 = 0xdd642db0 r7 = 0x00000078
r8 = 0xd7ff0980 r9 = 0xd7ff048c r10 = 0xd6e01000 fp = 0xe2ef8689
sp = 0xd6eff908 pc = 0xe2ef86bd
Found by: call frame info
58 libc.so + 0x3fa2b
r4 = 0xd6eff930 r5 = 0xd6eff970 r6 = 0xd6eff930 r7 = 0x00000078
r8 = 0xd7ff0980 r9 = 0xd7ff048c r10 = 0xd6e01000 fp = 0xe2ef8689
sp = 0xd6eff918 pc = 0xf70caa2d
Found by: call frame info
59 libc.so + 0x3fa0b
sp = 0xd6eff91c pc = 0xf70caa0d
Found by: stack scanning
60 libc.so + 0x3fa0b
sp = 0xd6eff924 pc = 0xf70caa0d
Found by: stack scanning
61 libc.so + 0x1a075
sp = 0xd6eff928 pc = 0xf70a5077
Found by: stack scanning
62 libwebviewchromium.so!base::PlatformThread::SetCurrentThreadPriority(base::ThreadPriority) + 0x22
sp = 0xd6eff964 pc = 0xe2ef8689
Found by: stack scanning
,
May 25 2016
,
May 25 2016
dneelamegam@ Is chromecrash_bugreport51.txt in the link you provided related somehow?
,
May 25 2016
sgurun@ that was wrong log file, I have uploaded the correct one "dolphine_logcat.txt" Thanks
,
May 31 2016
How did DemandDrawSw, ie a resourceless software draw, end up doing GL stuff, wat? vmpstr: does this have anything to do with the recent image refactor?
,
May 31 2016
We do know of a case where we're running in gpu mode, usinga gpu image decode controller. However, then we do a resourceless software draw but still end up using a gpu image decode controller. I believe ericrk@ is looking at fixing that.
,
May 31 2016
Issue 613546 has been merged into this issue.
,
May 31 2016
ericrk are you looking at this already? If not, can you assign back? This will block m52 beta soon.
,
Jun 1 2016
[Bulk edit] This issue is marked as a blocker for the Android M52 beta promotion. We need *all* blockers fixed on trunk and merged back to the M52 branch by Monday, 5 PM Pacific at the absolute latest. Sure this bug shouldn't block the beta release? Change the tag to ReleaseBlock-Stable, or remove it entirely (if appropriate). Not sure if it should block the release, or know you won't be able to land a fix in time? CC me to the bug and ask for assistance on how to proceed. Thanks for your help!
,
Jun 2 2016
Working on a fix now.
,
Jun 2 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/2af3e47380eb2a2a4ebb3b22c654b1881c722ccc commit 2af3e47380eb2a2a4ebb3b22c654b1881c722ccc Author: ericrk <ericrk@chromium.org> Date: Thu Jun 02 23:55:58 2016 Prevent use of GPU IDC in Resourceless Software Draw An ImageDecodeController is created once for the lifetime of a Layer tree host impl (LTHI). Normally this is fine, as a SW ImageDecodeController (IDC) is created for SW raster and a GPU IDC is created for GPU raster. However, when a GPU Raster LTHI temporarily goes into a resourceless software draw, we may incorrectly use the GPU IDC during SW raster, leading to crashes. This change Adds a parameter to SoftwareRenderer, |use_image_hijack_canvas|, which indicates whether or not the renderer should use the ImageHijackCanvas and IDC. When we are using a GPU enabled LayerTreeHostImpl for resourceless software draw, we set this value to false. BUG= 614773 CQ_INCLUDE_TRYBOTS=tryserver.blink:linux_blink_rel Review-Url: https://codereview.chromium.org/2035913002 Cr-Commit-Position: refs/heads/master@{#397547} [modify] https://crrev.com/2af3e47380eb2a2a4ebb3b22c654b1881c722ccc/cc/output/software_renderer.cc [modify] https://crrev.com/2af3e47380eb2a2a4ebb3b22c654b1881c722ccc/cc/output/software_renderer.h [modify] https://crrev.com/2af3e47380eb2a2a4ebb3b22c654b1881c722ccc/cc/output/software_renderer_unittest.cc [modify] https://crrev.com/2af3e47380eb2a2a4ebb3b22c654b1881c722ccc/cc/surfaces/display.cc [modify] https://crrev.com/2af3e47380eb2a2a4ebb3b22c654b1881c722ccc/cc/test/pixel_test.cc [modify] https://crrev.com/2af3e47380eb2a2a4ebb3b22c654b1881c722ccc/cc/test/pixel_test.h [modify] https://crrev.com/2af3e47380eb2a2a4ebb3b22c654b1881c722ccc/cc/trees/layer_tree_host_impl.cc
,
Jun 6 2016
,
Jun 6 2016
,
Jun 6 2016
Approved for branch 2743.
,
Jun 6 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/6b6095a611dc659fa5e3dc6d98f20fc63ab510c6 commit 6b6095a611dc659fa5e3dc6d98f20fc63ab510c6 Author: Eric Karl <ericrk@chromium.org> Date: Mon Jun 06 18:32:35 2016 Prevent use of GPU IDC in Resourceless Software Draw An ImageDecodeController is created once for the lifetime of a Layer tree host impl (LTHI). Normally this is fine, as a SW ImageDecodeController (IDC) is created for SW raster and a GPU IDC is created for GPU raster. However, when a GPU Raster LTHI temporarily goes into a resourceless software draw, we may incorrectly use the GPU IDC during SW raster, leading to crashes. This change Adds a parameter to SoftwareRenderer, |use_image_hijack_canvas|, which indicates whether or not the renderer should use the ImageHijackCanvas and IDC. When we are using a GPU enabled LayerTreeHostImpl for resourceless software draw, we set this value to false. BUG= 614773 CQ_INCLUDE_TRYBOTS=tryserver.blink:linux_blink_rel Review-Url: https://codereview.chromium.org/2035913002 Cr-Commit-Position: refs/heads/master@{#397547} (cherry picked from commit 2af3e47380eb2a2a4ebb3b22c654b1881c722ccc) Review URL: https://codereview.chromium.org/2041093002 . Cr-Commit-Position: refs/branch-heads/2743@{#243} Cr-Branched-From: 2b3ae3b8090361f8af5a611712fc1a5ab2de53cb-refs/heads/master@{#394939} [modify] https://crrev.com/6b6095a611dc659fa5e3dc6d98f20fc63ab510c6/cc/output/software_renderer.cc [modify] https://crrev.com/6b6095a611dc659fa5e3dc6d98f20fc63ab510c6/cc/output/software_renderer.h [modify] https://crrev.com/6b6095a611dc659fa5e3dc6d98f20fc63ab510c6/cc/output/software_renderer_unittest.cc [modify] https://crrev.com/6b6095a611dc659fa5e3dc6d98f20fc63ab510c6/cc/surfaces/display.cc [modify] https://crrev.com/6b6095a611dc659fa5e3dc6d98f20fc63ab510c6/cc/test/pixel_test.cc [modify] https://crrev.com/6b6095a611dc659fa5e3dc6d98f20fc63ab510c6/cc/test/pixel_test.h [modify] https://crrev.com/6b6095a611dc659fa5e3dc6d98f20fc63ab510c6/cc/trees/layer_tree_host_impl.cc
,
Jun 7 2016
Verified/Fixed on latest webview M52/Galaxy S7/ATT/MMB29M
,
Jun 7 2016
|
|||||||||||
►
Sign in to add a comment |
|||||||||||
Comment 1 by satyavat...@chromium.org
, May 25 2016