Crash when using WebRTC possibly related to recording
Reported by
jonstew1...@gmail.com,
Feb 16 2017
|
|||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Steps to reproduce the problem: I really wish I could reproduce this at will but it is not a deterministic crash. It does occur fairly regularly (once every few days) and and I have been able to catch the exception with WinDBG What is the expected behavior? The tab doesn't crash. What went wrong? I have a "full minidump" of the crash as well if needed, it's ~600MB uncompressed though. 00 ntdll!RtlReportCriticalFailure+0x2f 01 ntdll!RtlpReportHeapFailure+0x26 02 ntdll!RtlpHeapHandleError+0x12 03 ntdll!RtlpLogHeapFailure+0xa4 04 ntdll!RtlFreeHeap+0x90 05 KERNEL32!HeapFree+0xa 06 chrome_child!free(void * ptr = 0xc708ac36`08de24b3)+0x38 [c:\b\build\slave\win64-pgo\build\src\base\allocator\allocator_shim.cc @ 244] 07 chrome_child!mkvmuxer::Frame::~Frame(void)+0x12 [c:\b\build\slave\win64-pgo\build\src\third_party\libwebm\source\mkvmuxer\mkvmuxer.cc @ 182] 08 chrome_child!mkvmuxer::Frame::`scalar deleting destructor'(void)+0xe 09 chrome_child!mkvmuxer::Segment::~Segment(void)+0xec [c:\b\build\slave\win64-pgo\build\src\third_party\libwebm\source\mkvmuxer\mkvmuxer.cc @ 2860] 0a chrome_child!media::WebmMuxer::~WebmMuxer(void)+0x57 [c:\b\build\slave\win64-pgo\build\src\media\muxers\webm_muxer.cc @ 125] 0b chrome_child!media::WebmMuxer::`scalar deleting destructor'(void)+0x14 0c chrome_child!content::MediaRecorderHandler::stop(void)+0x70 [c:\b\build\slave\win64-pgo\build\src\content\renderer\media\media_recorder_handler.cc @ 231] 0d chrome_child!blink::MediaRecorder::stopRecording(void)+0x22 [c:\b\build\slave\win64-pgo\build\src\third_party\webkit\source\modules\mediarecorder\mediarecorder.cpp @ 376] 0e chrome_child!blink::MediaRecorder::stop(class blink::ExceptionState * exceptionState = 0x00000000`0028b960)+0xf6 [c:\b\build\slave\win64-pgo\build\src\third_party\webkit\source\modules\mediarecorder\mediarecorder.cpp @ 241] 0f chrome_child!blink::MediaRecorderV8Internal::stopMethod(class v8::FunctionCallbackInfo<v8::Value> * info = <Value unavailable error>)+0x8a [c:\b\build\slave\win64-pgo\build\src\out\release_x64\gen\blink\bindings\modules\v8\v8mediarecorder.cpp @ 385] 10 chrome_child!v8::internal::FunctionCallbackArguments::Call(<function> * f = 0x000007fe`d214cd78, <Type information missing error> that = <Type information missing error>)+0xc4 [c:\b\build\slave\win64-pgo\build\src\v8\src\api-arguments.cc @ 20] 11 chrome_child!v8::internal::`anonymous namespace'::HandleApiCallHelper<0>(class v8::internal::Isolate * isolate = 0x00000000`003c3270, class v8::internal::Handle<v8::internal::HeapObject> function = class v8::internal::Handle<v8::internal::HeapObject>, class v8::internal::Handle<v8::internal::HeapObject> new_target = class v8::internal::Handle<v8::internal::HeapObject>, class v8::internal::Handle<v8::internal::FunctionTemplateInfo> fun_data = class v8::internal::Handle<v8::internal::FunctionTemplateInfo>, class v8::internal::Handle<v8::internal::Object> receiver = class v8::internal::Handle<v8::internal::Object>, class v8::internal::BuiltinArguments * args = 0x00000000`0028bc40)+0x11e [c:\b\build\slave\win64-pgo\build\src\v8\src\builtins\builtins-api.cc @ 108] 12 chrome_child!v8::internal::Builtin_Impl_HandleApiCall(class v8::internal::BuiltinArguments * args = 0x00000000`0028bcb0, class v8::internal::Isolate * isolate = 0x00000000`003c3270, int i = <Value unavailable error>)+0xcd [c:\b\build\slave\win64-pgo\build\src\v8\src\builtins\builtins-api.cc @ 135] 13 chrome_child!v8::internal::Builtin_HandleApiCall(int args_length = <Value unavailable error>, class v8::internal::Object ** args_object = <Value unavailable error>, class v8::internal::Isolate * isolate = 0x00000000`00000000)+0x32 [c:\b\build\slave\win64-pgo\build\src\v8\src\builtins\builtins-api.cc @ 123] 14 0x21`3cc843ab 15 0x115`13895209 16 0x4 17 0x21`3fa5fee1 18 0x28bca0 19 0x3`00000000 1a 0x21`3cc842e1 1b 0x21`3cc842e1 1c 0x28bcd0 1d 0x3`00000000 Did this work before? N/A Does this work in other browsers? N/A Chrome version: 56.0.2924.87 Channel: stable OS Version: 7 Flash Version:
,
Feb 16 2017
,
Feb 16 2017
mcasas@: Could you please take a look?
,
Feb 16 2017
jonstew1983@, could you paste your crash id from chrome://crashes? Thanks
,
Feb 16 2017
Unfortunately this one doesn't seem to show up in chrome://crashes I even went to chrome://crash and that one appeared in crashes but not this one. If the full dump is too much is there a way to convert it to a minidump?
,
Feb 16 2017
#5: yeah, probably the whole browser didn't crash and instead you only got the sad tab. Try launching Chrome with --single-process to force a crash to be logged. Also, I see you're using stable Chrome/56.0.2924.87, could you give it a go with the latest Canary? We rolled libwebm a few weeks ago and that might solve a use-after-free in libwebm that might be related.
,
Feb 20 2017
,
Feb 20 2017
,
Feb 20 2017
I tried --single-process this morning but got "chrome single process is not supported in chrome multiple dll browser" I do have Chrome Canary installed on the system with the debugger and have it running under the debugger now. It should also be getting installed on another system by the client but won't be running under the debugger there.
,
Feb 27 2017
Thank you for providing more feedback. Adding "Needs-Review" label for tracking. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 28 2017
Tested in chrome # 56.0.2924.87 and Canary #58.0.3026.0 on win 10.0 and not able to reproduce the issue.Please find the screen shots for your reference. @ jonstew1983: Could you please let me know if i have missed anything and if possible, Create new profile without extensions apps.Re-check once and let us know the observations and provide us with a sample steps of the issue which would help us to triage the issue further. Thanks in Advance.
,
Mar 6 2017
@jonstew1983 any more info here?
,
Mar 6 2017
I've been told that my client hasn't seen any new crashes for about a week now that they are running Canary. If you want to close the bug until I hear otherwise I'm fine with that.
,
Mar 6 2017
Thank you for providing more feedback. Adding requester "rbasuvula@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Mar 6 2017
Marking it as WontFix per #13, we'll stay alert, thanks @jonstew1983 ! |
|||||||||
►
Sign in to add a comment |
|||||||||
Comment 1 by phistuck@chromium.org
, Feb 16 2017Labels: Stability-Crash