New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 672670 link

Starred by 1 user
Status: Duplicate
Owner:
amineer@chromium.org
Last visit > 30 days ago
Closed: Dec 2016
Cc:
torne@chromium.org
wnwen@chromium.org
candr...@chromium.org
primiano@chromium.org
jbudorick@chromium.org
EstimatedDays: ----
NextAction: ----
OS: Android
Pri: 0
Type: Bug



Sign in to add a comment

Massive x86 JB browser stability regression in M55

Project Member Reported by amineer@chromium.org, Dec 9 2016 
UMA: https://uma.googleplex.com/p/chrome/timeline_v2?sid=68fa2cbd0b84e9118e56cee6ae4970b0

From 1,000 CPM -> 55,000 (!!!) CPM right after release.  It comes down after that, but my guess is that we're losing users, rather than having improved anything substantially.

We can use the last M54 dev -> first M55 dev as the regression range, which is sadly massive (can't wait for canary to catch up...) @ 3800 commits.

https://chromium.googlesource.com/chromium/src/+log/54.0.2840.0..55.0.2860.0?pretty=fuller&n=10000

wnwen@, since you're stability sheriff, please take a first crack at this tonight.  More details coming...

Comment 1 by candr...@chromium.org, Dec 9 2016 

I've been looking into  issue 672351 , where Chrome has been crashing soon after launch.

55.0.2853.3(GOOD)
55.0.2854.3(BAD)

https://chromium.googlesource.com/chromium/src/+log/55.0.2853.3..55.0.2854.3?pretty=fuller&n=10000

Comment 2 by amineer@chromium.org, Dec 9 2016

Cc: primiano@chromium.org torne@chromium.org
In that range: https://chromium.googlesource.com/chromium/src/+/e6932bfdd0696ad971e8eb7a7ffd57755b7a4193

This all seems eerily reminiscent of issue 655248.  I asked candrada@ to to test using 57.0.2939.0 (which is the first release torne@'s patch https://crrev.com/7be1137994eecca6c54831e4c3d3d4f934ea8602 landed) and she notes it is not crashing there.  Let's test with 2938; if we see the crash restart there then odds are good that the patch fixes this issue.

Comment 3 by amineer@chromium.org, Dec 9 2016 

Further evidence is that canary got way more stable with 2939: https://uma.googleplex.com/p/chrome/timeline_v2?sid=5cf8ef2fbf18ea71de45b4a610594f4c

Comment 4 by candr...@chromium.org, Dec 9 2016 

It crashes in 2938.
Project Member

Comment 5 by bugdroid1@chromium.org, Dec 9 2016

Labels: merge-merged-2883
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/01a46f06cc1a85d62abd4fd83e13ff3c07c91262

commit 01a46f06cc1a85d62abd4fd83e13ff3c07c91262
Author: Alex Mineer <amineer@chromium.org>
Date: Fri Dec 09 03:17:50 2016

android: Realign stack pointer on JNI entry.

M55 merge

Dalvik JIT generated code doesn't always align the stack to a 16 byte
boundary when calling into native, causing crashes in code that expects
16 byte alignment. Force the compiler to realign the stack when entering
native from Java, so that other code can assume 16 byte alignment as
expected by the ABI.

Move the function attributes into a macro so that the generated header
file is less repetitive (this also makes the generator less repetitive
as a bonus).

Also, to stop presubmit complaining about golden_sample_for_tests_jni.h
not being correctly clang-formatted, rename it to .golden like the other
test files.

BUG=655248, 672670 

Review-Url: https://codereview.chromium.org/2531273002
Cr-Commit-Position: refs/heads/master@{#435632}
(cherry picked from commit 7be1137994eecca6c54831e4c3d3d4f934ea8602)

Review URL: https://codereview.chromium.org/2556723008 .

Cr-Commit-Position: refs/branch-heads/2883@{#728}
Cr-Branched-From: 614d31daee2f61b0180df403a8ad43f20b9f6dd7-refs/heads/master@{#423768}

[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/BUILD.gn
[rename] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/SampleForTests_jni.golden
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/jni_generator.py
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/jni_generator_helper.h
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/jni_generator_tests.py
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/testInnerClassNatives.golden
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/testInnerClassNativesBothInnerAndOuter.golden
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/testInnerClassNativesMultiple.golden
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/testMultipleJNIAdditionalImport.golden
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/testNativeExportsOnlyOption.golden
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/testNatives.golden
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/testNativesLong.golden
[modify] https://crrev.com/01a46f06cc1a85d62abd4fd83e13ff3c07c91262/base/android/jni_generator/testSingleJNIAdditionalImport.golden

Comment 6 by amineer@chromium.org, Dec 9 2016

Cc: wnwen@chromium.org jbudorick@chromium.org
Owner: amineer@chromium.org
Given the evidence (started crashing with new NDK, stops crashing in the first build with torne@'s patch) I am going to assume that this is due to stack relocation issues.  As you can see above, I CPed the patch to M55 and will spin a build that we can qualify tonight, and hopefully release tomorrow morning.

torne@, primiano@ - can you verify my CP (had to manually resolve conflicts in jni_generator.py by hand), and please also let me know if you think this merge is safe for M55 in general?

Test team, please note that  issue 672351  talks about a repro, though I'm not sure if you'll have the same device - if not, try other JB (4.3) x86 devices.

Also, I verified this is causing a major loss of users: https://uma.googleplex.com/p/chrome/timeline_v2?sid=9887ca90b6f5f9e4df3ff321b908222d (almost an entire population gone)

Examples of crash reports caused by this can be found all over here, most of top 10 signatures are this issue: https://crash.corp.google.com/browse?q=product.name%3D%27Chrome_Android%27%20AND%20product.version%3D%2755.0.2883.84%27%20AND%20custom_data.ChromeCrashProto.ptype%3D%27browser%27&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D

Comment 7 by amineer@chromium.org, Dec 9 2016 

Also meant to note that jbudorick@ came up with another potential alternative - rolling back the NDK only for the x86 builders.  torne@, primiano@ - if that'd be safer than the CP above, please let me know.
Project Member

Comment 8 by bugdroid1@chromium.org, Dec 9 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/366e9038733510ba1e448b056870d55a1b5d11a5

commit 366e9038733510ba1e448b056870d55a1b5d11a5
Author: Alex Mineer <amineer@chromium.org>
Date: Fri Dec 09 05:10:25 2016

android: Realign stack pointer on JNI entry.

M55 merge

Dalvik JIT generated code doesn't always align the stack to a 16 byte
boundary when calling into native, causing crashes in code that expects
16 byte alignment. Force the compiler to realign the stack when entering
native from Java, so that other code can assume 16 byte alignment as
expected by the ABI.

Move the function attributes into a macro so that the generated header
file is less repetitive (this also makes the generator less repetitive
as a bonus).

Also, to stop presubmit complaining about golden_sample_for_tests_jni.h
not being correctly clang-formatted, rename it to .golden like the other
test files.

BUG=655248, 672670 

Review-Url: https://codereview.chromium.org/2531273002
Cr-Commit-Position: refs/heads/master@{#435632}
(cherry picked from commit 7be1137994eecca6c54831e4c3d3d4f934ea8602)

Review URL: https://codereview.chromium.org/2556723008 .

Committed: https://chromium.googlesource.com/chromium/src/+/01a46f06cc1a85d62abd4fd83e13ff3c07c91262
Cr-Commit-Position: refs/branch-heads/2883@{#730}
Cr-Branched-From: 614d31daee2f61b0180df403a8ad43f20b9f6dd7-refs/heads/master@{#423768}

[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/BUILD.gn
[rename] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/golden_sample_for_tests_jni.h
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/jni_generator.py
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/jni_generator_helper.h
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/jni_generator_tests.py
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/testInnerClassNatives.golden
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/testInnerClassNativesBothInnerAndOuter.golden
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/testInnerClassNativesMultiple.golden
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/testMultipleJNIAdditionalImport.golden
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/testNativeExportsOnlyOption.golden
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/testNatives.golden
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/testNativesLong.golden
[modify] https://crrev.com/366e9038733510ba1e448b056870d55a1b5d11a5/base/android/jni_generator/testSingleJNIAdditionalImport.golden

Comment 9 by amineer@chromium.org, Dec 9 2016

Mergedinto: 655248
Status: Duplicate (was: Assigned)
For the record: c#8 is mislabeled, it's actually a revert :(

Will track this in issue 655248.

Sign in to add a comment