Issue metadata
Sign in to add a comment
|
WebView crashes on page_cycler.top_10_mobile |
||||||||||||||||||||||
Issue descriptionAfter a number of iterations WebView eventually crashes with: : Fatal signal 6 (SIGABRT), code -6 in tid 5088 (Chrome_InProcRe) : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** : Build fingerprint: 'Android/aosp_bullhead/bullhead:6.0.1/MOB30K/2787339:userdebug/test-keys' : Revision: 'rev_1.0' : ABI: 'arm64' : pid: 5056, tid: 5088, name: Chrome_InProcRe >>> org.chromium.webview_shell <<< : signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr -------- : x0 0000000000000000 x1 00000000000013e0 x2 0000000000000006 x3 0000000000000000 : x4 0000000000000000 x5 0000000000000001 x6 0000000000000000 x7 0000000000000000 : x8 0000000000000083 x9 0000007f651ac9e2 x10 0000007f651ac998 x11 0000007f651accbb : x12 0000007f651ac9e1 x13 0000000000000054 x14 0000007f6af294b8 x15 0000007f7d558000 : x16 0000007f7d558568 x17 0000007f7d4eb13c x18 0000007f7d569f50 x19 0000007f651ae500 : x20 0000007f651ae440 x21 000000000000006e x22 0000000000000006 x23 00000010df2802a0 : x24 0000000000000048 x25 000000106e001a78 x26 00000010df2802c8 x27 0000007f6b2c8000 : x28 0000000000000010 x29 0000007f651acce0 x30 0000007f7d4e88d8 : sp 0000007f651acce0 pc 0000007f7d4eb144 pstate 0000000020000000 : : backtrace: : #00 pc 000000000006a144 /system/lib64/libc.so (tgkill+8) : #01 pc 00000000000678d4 /system/lib64/libc.so (pthread_kill+68) : #02 pc 0000000000023838 /system/lib64/libc.so (raise+28) : #03 pc 000000000001dfd8 /system/lib64/libc.so (abort+60) : #04 pc 0000000002e8da6c /data/app/com.android.webview-1/lib/arm64/libwebviewchromium.so : : Tombstone written to: /data/tombstones/tombstone_00 There is also microdump and tombstones on the log; to get to the interesting bits search for "beginning of crash" on: https://build.chromium.org/p/chromium.perf/builders/Android%20Nexus5X%20WebView%20Perf%20%283%29/builds/396/steps/page_cycler.top_10_mobile/logs/stdio The crash also reproduces on internal bots. If I got the blamelists right, the offending CL that introduced the crash should be in: https://chromium.googlesource.com/chromium/src.git/+log/b5967d26258387e60497d9b26fb30764bc18db85..fbf7f01ae80f666a5b37acf0ef38fd174443787f
,
Jun 14 2016
That run was using the following build: gs://chrome-perf/android_perf_rel_arm64/full-build-linux_d2ceafd1c8eee547e63e88d7f5da2adb2da78ba1.zip
,
Jun 14 2016
4 libwebviewchromium.so!BreakDebugger [debugger_posix.cc : 219 + 0x0]
Found by: previous frame's frame pointer
5 libwebviewchromium.so!sweep [HeapPage.cpp : 1195 + 0x10]
Found by: call frame info
6 libwebviewchromium.so!sweepUnsweptPage [HeapPage.cpp : 301 + 0xc]
Found by: call frame info
7 libwebviewchromium.so!completeSweep [HeapPage.cpp : 353 + 0x4]
Found by: call frame info
8 libwebviewchromium.so!completeSweep [ThreadState.cpp : 1084 + 0x4]
Found by: call frame info
9 libwebviewchromium.so!collectGarbage [SafePoint.h : 29 + 0x4]
Found by: call frame info
10 libwebviewchromium.so!gcEpilogue [V8GCController.cpp : 384 + 0xc]
Found by: call frame info
11 libwebviewchromium.so!CallGCEpilogueCallbacks [heap.cc : 1404 + 0x0]
Found by: call frame info
12 libwebviewchromium.so!PerformGarbageCollection [heap.cc : 1360 + 0x0]
,
Jun 14 2016
So I guess it's the V8 roll. :(
,
Jun 15 2016
,
Jun 16 2016
Problem seems to have fixed itself, perhaps due to the next v8 roll? https://chromium.googlesource.com/chromium/src/+/efed1615b228e96260e0322544c58d34a4044593 |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by tobiasjs@chromium.org
, Jun 14 2016