Forked from http://crosbug.com/p/54259
Chrome Version: 53.0.2785.80
Chrome OS Version: 8530.68.0
Chrome OS Platform: veyron_minnie
Also reproed on: oak 8689.0.0 / 54.0.2824.0
Also reproed on: samsung chromebook with 8350 R52 image
Did *not* repro on: samus R52-8350.60.0 ... however it does look like the first "crop" operation failed.
Please specify Cr-* of the system to which this bug/feature applies (add
the label below).
Steps To Reproduce:
1. open BMP file with resolution 5000x4000:
https://drive.google.com/open?id=0Bxjf1SB_fPhXaC1xRW9DWVA2Mm8
2. Edit Brightness to add more light
3. Click "Crop"
Note: Step 2 (edit brightness) is must
Note: This issue occur in resolution:5000x4000
Expected Result:
Gallery stays open and can crop image.
Actual Result:
Gallery closes.
How frequently does this problem reproduce? (Always, sometimes, hard to
reproduce?)
Always
What is the impact to the user, and is there a workaround? If so, what is
it?
Please provide any additional information below. Attach a screen shot or
log if possible.
/var/log/ui/ui.LATEST & /var/log/messages indicate a chrome crash:
_sys_cr_finished
System crash-reporter failed to process crash report.
Report Id:
2016-08-24T21:36:41.652718-07:00 WARNING crash_reporter[17319]: [user] Received crash notification for chrome[17282] sig 11, user 1000 (ignoring call by kernel - chrome crash; waiting for chrome to call us directly)
Comment 1 by jcliang@chromium.org
, Aug 25 2016Just reproduced this on my elm using chromeos version: 8530.49.0 (Official Build) dev-channel elm test chrome version: Google Chrome 53.0.2785.55 unknown When the crop started it consumed all the free memory on my device nearly instantly. I noticed that Chrome spawned a large number of CompositorTileWorker threads at the same time. Stacktrace on the core file I got: (gdb) core-file chrome.20160825.123155.7744.core [New LWP 1] [New LWP 4] [New LWP 8] [New LWP 18] [New LWP 29] [New LWP 5] [New LWP 23] [New LWP 2] [New LWP 14] [New LWP 7] [New LWP 26] [New LWP 3] [New LWP 27] [New LWP 28] [New LWP 6] Core was generated by `/opt/google/chrome/chrome --type=renderer --enable-logging --log-level=1 --use-'. Program terminated with signal SIGSEGV, Segmentation fault. #0 getCachedCanvas (this=<optimized out>) at ../../../../../../../home/chrome-bot/chrome_root/src/third_party/skia/src/image/SkSurface_Base.h:108 108 in ../../../../../../../home/chrome-bot/chrome_root/src/third_party/skia/src/image/SkSurface_Base.h (gdb) bt #0 getCachedCanvas (this=<optimized out>) at ../../../../../../../home/chrome-bot/chrome_root/src/third_party/skia/src/image/SkSurface_Base.h:108 #1 SkSurface::getCanvas (this=<optimized out>) at ../../../../../../../home/chrome-bot/chrome_root/src/third_party/skia/src/image/SkSurface.cpp:163 #2 0xf5c65a6e in blink::RecordingImageBufferSurface::fallBackToRasterCanvas (this=<optimized out>, reason=<optimized out>) at ../../../../../../../home/chrome-bot/chrome_root/src/third_party/WebKit/Source/platform/graphics/RecordingImageBufferSurface.cpp:94 #3 0xf3d478bc in blink::BaseRenderingContext2D::drawImage (this=<optimized out>, executionContext=<optimized out>, imageSource=<optimized out>, sx=<optimized out>, sy=<optimized out>, sw=<optimized out>, sh=<optimized out>, dx=<optimized out>, dy=<optimized out>, dw=<optimized out>, dh=<optimized out>, exceptionState=...) at ../../../../../../../home/chrome-bot/chrome_root/src/third_party/WebKit/Source/modules/canvas2d/BaseRenderingContext2D.cpp:1050 #4 0xf3d48876 in blink::BaseRenderingContext2D::drawImage (this=<optimized out>, executionContext=<optimized out>, imageSource=..., x=<optimized out>, y=<optimized out>, exceptionState=...) at ../../../../../../../home/chrome-bot/chrome_root/src/third_party/WebKit/Source/modules/canvas2d/BaseRenderingContext2D.cpp:893 #5 0xf3ce9d18 in drawImage1Method (info=...) at gen/blink/bindings/modules/v8/V8CanvasRenderingContext2D.cpp:1852 #6 drawImageMethod (info=...) at gen/blink/bindings/modules/v8/V8CanvasRenderingContext2D.cpp:1949 #7 blink::CanvasRenderingContext2DV8Internal::drawImageMethodCallback (info=...) at gen/blink/bindings/modules/v8/V8CanvasRenderingContext2D.cpp:1985 #8 0xf28e6ea4 in v8::internal::FunctionCallbackArguments::Call (this=<optimized out>, f=<optimized out>) at ../../../../../../../home/chrome-bot/chrome_root/src/v8/src/api-arguments.cc:19 #9 0xf27d4402 in HandleApiCallHelper<false> (args=..., receiver=..., fun_data=..., new_target=..., function=..., isolate=<optimized out>) at ../../../../../../../home/chrome-bot/chrome_root/src/v8/src/builtins.cc:5311 #10 Builtin_Impl_HandleApiCall (isolate=<optimized out>, args=...) at ../../../../../../../home/chrome-bot/chrome_root/src/v8/src/builtins.cc:5341 #11 v8::internal::Builtin_HandleApiCall (args_length=<optimized out>, args_object=<optimized out>, isolate=<optimized out>) at ../../../../../../../home/chrome-bot/chrome_root/src/v8/src/builtins.cc:5329 #12 0x3d40a11c in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?) (gdb)