Issue metadata
Sign in to add a comment
|
v8.infinite_scroll/v8.infinite_scroll-ignition failure on chromium.perf on Win/Mac |
||||||||||||||||||||
Issue descriptionRevision range first seen: Link to failing step log: https://build.chromium.org/p/chromium.perf/builders/Win%207%20ATI%20GPU%20Perf%20%285%29 https://build.chromium.org/p/chromium.perf/builders/Win%207%20Intel%20GPU%20Perf%20%285%29 https://build.chromium.org/p/chromium.perf/builders/Win%207%20Nvidia%20GPU%20Perf%20%285%29 https://build.chromium.org/p/chromium.perf/builders/Win%207%20Low-End%20Perf%20%282%29 https://build.chromium.org/p/chromium.perf/builders/Mac%2010.11%20Perf%20%281%29 https://build.chromium.org/p/chromium.perf/builders/Mac%2010.11%20Perf%20%285%29 https://build.chromium.org/p/chromium.perf/builders/Mac%2010.10%20Perf%20%281%29 Pretty much all the bots, going to disable and start a bisect. +ulan owner
,
Jun 8 2016
Found Minidump: True Stack Trace: ******************************************************************************** ChildEBP RetAddr 0037e504 6d56b0ab chrome_child!cc::ElementAnimations::RemovePlayer+0x3 0037e51c 6d56d884 chrome_child!cc::AnimationHost::UnregisterPlayerForElement+0x2b 0037e540 6d56d81d chrome_child!cc::AnimationPlayer::UnregisterPlayer+0x54 0037e550 6def73b1 chrome_child!cc::AnimationPlayer::DetachElement+0x1d 0037e558 6def6de0 chrome_child!blink::Animation::destroyCompositorPlayer+0x21 0037e564 6def97eb chrome_child!blink::Animation::setCompositorPending+0x30 0037e58c 6def97aa chrome_child!blink::AnimationTimeline::setAllCompositorPending+0x3b 0037e5b8 6e0f54f9 chrome_child!blink::AnimationTimeline::setPlaybackRate+0xaa 0037e62c 6e0f4b5f chrome_child!blink::InspectorAnimationAgent::setPlaybackRate+0x49 0037e688 6e12d15a chrome_child!blink::InspectorAnimationAgent::didCommitLoadForLocalFrame+0x11f 0037e6a0 6eed4381 chrome_child!blink::InspectorSession::didCommitLoadForLocalFrame+0x2a 0037e6b8 6e153f26 chrome_child!blink::FrameLoaderClientImpl::dispatchDidCommitLoad+0xe6 0037e6f8 6e149fb9 chrome_child!blink::FrameLoader::receivedFirstData+0xc6 0037e718 6e1497f4 chrome_child!blink::DocumentLoader::createWriterFor+0x99 0037e7b0 6e149865 chrome_child!blink::DocumentLoader::ensureWriter+0x114 0037e818 6e149ab3 chrome_child!blink::DocumentLoader::commitData+0x25 0037e830 6e149907 chrome_child!blink::DocumentLoader::processData+0x83 0037e85c 6e08e5ca chrome_child!blink::DocumentLoader::dataReceived+0x47 0037e890 6e09b0dd chrome_child!blink::RawResource::appendData+0x3a 0037e8a8 6ed8574e chrome_child!blink::ResourceLoader::didReceiveData+0x4d 0037e8e8 6ed857a3 chrome_child!content::WebURLLoaderImpl::Context::OnReceivedData+0xb1 0037e8f4 6ed782c9 chrome_child!content::WebURLLoaderImpl::RequestPeerImpl::OnReceivedData+0x17 0037e930 6ed76b49 chrome_child!content::ResourceDispatcher::OnReceivedData+0x126 0037e974 6ed77e64 chrome_child!IPC::MessageT<ResourceMsg_DataReceived_Meta,std::tuple<int,int,int,int>,void>::Dispatch<content::ResourceDispatcher,content::ResourceDispatcher,void,void (__thiscall content::ResourceDispatcher::*)(int,int,int,int)>+0x85 0037e9c0 6ed7816e chrome_child!content::ResourceDispatcher::DispatchMessageW+0x242 0037e9e8 6ed79de0 chrome_child!content::ResourceDispatcher::OnMessageReceived+0xae 0037e9f8 6ed92ba8 chrome_child!std::_Tree<std::_Tmap_traits<int,std::unique_ptr<extensions::DisplaySourceSession,std::default_delete<extensions::DisplaySourceSession> >,std::less<int>,std::allocator<std::pair<int const ,std::unique_ptr<extensions::DisplaySourceSession,std::default_delete<extensions::DisplaySourceSession> > > >,0> >::erase+0x7b 0037ea00 6eae26c3 chrome_child!scheduler::WebTaskRunnerImpl::runTask+0xb 0037ea14 6e3b430f chrome_child!base::internal::Invoker<base::IndexSequence<0>,base::internal::BindState<base::internal::RunnableAdapter<void (__cdecl*)(std::unique_ptr<webcrypto::`anonymous namespace'::DeriveBitsState,std::default_delete<webcrypto::`anonymous namespace'::DeriveBitsState> >)>,void __cdecl(std::unique_ptr<webcrypto::`anonymous namespace'::DeriveBitsState,std::default_delete<webcrypto::`anonymous namespace'::DeriveBitsState> >),base::internal::PassedWrapper<std::unique_ptr<webcrypto::`anonymous namespace'::DeriveBitsState,std::default_delete<webcrypto::`anonymous namespace'::DeriveBitsState> > > >,0,void __cdecl(void)>::Run+0x1f 0037ea7c 6ed8e8bd chrome_child!base::debug::TaskAnnotator::RunTask+0x16f 0037eb2c 6ed8e2f6 chrome_child!scheduler::TaskQueueManager::ProcessTaskFromWorkQueue+0x1e7 0037ec58 6ed8dad5 chrome_child!scheduler::TaskQueueManager::DoWork+0x126 0037ec6c 6ed8ead4 chrome_child!base::internal::InvokeHelper<1,void>::MakeItSo<base::internal::RunnableAdapter<void (__thiscall scheduler::TaskQueueManager::*)(base::TimeTicks,bool)> &,base::WeakPtr<scheduler::TaskQueueManager>,base::TimeTicks const &,bool const &>+0x3b 0037ec94 6e3b430f chrome_child!base::internal::Invoker<base::IndexSequence<0,1,2>,base::internal::BindState<base::internal::RunnableAdapter<void (__thiscall scheduler::TaskQueueManager::*)(base::TimeTicks,bool)>,void __cdecl(scheduler::TaskQueueManager *,base::TimeTicks,bool),base::WeakPtr<scheduler::TaskQueueManager>,base::TimeTicks &,bool>,1,void __cdecl(void)>::Run+0x2f 0037ecf8 6e3660cd chrome_child!base::debug::TaskAnnotator::RunTask+0x16f 0037f864 6e366d6e chrome_child!base::MessageLoop::RunTask+0x2cd 0037f970 6e3b7026 chrome_child!base::MessageLoop::DoWork+0x42e 0037f99c 6e3b25b9 chrome_child!base::MessagePumpDefault::Run+0xc6 0037f9c8 6e365663 chrome_child!base::RunLoop::Run+0x49 0037f9f0 6f17494d chrome_child!base::MessageLoop::Run+0x23 0037fabc 6f2ed10d chrome_child!content::RendererMain+0x1f8 0037fad0 6f2ed07b chrome_child!content::RunNamedProcessTypeMain+0x61 0037fb24 6f2ec72a chrome_child!content::ContentMainRunnerImpl::Run+0x91 0037fb34 6e483c19 chrome_child!content::ContentMain+0x23 *** WARNING: Unable to verify checksum for chrome.exe 0037fb94 01005a79 chrome_child!ChromeMain+0x6c 0037fc30 01005170 chrome!MainDllLoader::Launch+0x1e8 0037fd54 01048810 chrome!wWinMain+0x16d *** WARNING: Unable to verify checksum for kernel32.dll *** ERROR: Symbol file could not be found. Defaulted to export symbols for kernel32.dll - (Inline) -------- chrome!invoke_main+0x1a ******************************************************************************** Standard output: ******************************************************************************** ********************************************************************************
,
Jun 8 2016
+vollick Might be this? Looks like there's a revert so will keep an eye out.
,
Jun 9 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6183950024441856 Fuzzer: meacer_chromebot_extensions Job Type: mac_asan_chrome Platform Id: mac Crash Type: UNKNOWN READ Crash Address: 0x000000000008 Crash State: cc::ElementAnimations::RemovePlayer cc::AnimationHost::UnregisterPlayerForElement cc::AnimationPlayer::DetachElement Regressed: https://cluster-fuzz.appspot.com/revisions?job=mac_asan_chrome&range=398351:398496 Minimized Testcase (293.15 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96R60-XWKs9U6325J0pYrjNLa0gzFJTtKMA6pAE_PnpbKUhiyT1uR0ra4lZ7bZsuyPAqNbZK-PrgNZ67eNASgq5fJVNV0N3MLhS2ebVedcd2GPuewyFC15LiKVBAmHzWdFsSXKWp_tBPpYo-F4x3R2xWUReQTtVTe9XZu6puuwJ5hhK5WI Filer: ashejole See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jun 9 2016
Looks like the revert cleared things up.
,
Jun 9 2016
ClusterFuzz has detected this issue as fixed in range 398532:398544. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6183950024441856 Fuzzer: meacer_chromebot_extensions Job Type: mac_asan_chrome Platform Id: mac Crash Type: UNKNOWN READ Crash Address: 0x000000000008 Crash State: cc::ElementAnimations::RemovePlayer cc::AnimationHost::UnregisterPlayerForElement cc::AnimationPlayer::DetachElement Regressed: https://cluster-fuzz.appspot.com/revisions?job=mac_asan_chrome&range=398351:398496 Fixed: https://cluster-fuzz.appspot.com/revisions?job=mac_asan_chrome&range=398532:398544 Minimized Testcase (293.15 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96R60-XWKs9U6325J0pYrjNLa0gzFJTtKMA6pAE_PnpbKUhiyT1uR0ra4lZ7bZsuyPAqNbZK-PrgNZ67eNASgq5fJVNV0N3MLhS2ebVedcd2GPuewyFC15LiKVBAmHzWdFsSXKWp_tBPpYo-F4x3R2xWUReQTtVTe9XZu6puuwJ5hhK5WI See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by simonhatch@chromium.org
, Jun 8 2016Summary: v8.infinite_scroll/v8.infinite_scroll-ignition failure on chromium.perf on Win/Mac (was: v8.infinite_scroll/v8.infinite_scroll-ignition failure on chromium.perf)