New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 705649 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Dec 2017
Cc:
sandeepkumars@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Android
Pri: 2
Type: Bug



Sign in to add a comment

System WebView and Content Shell receives SIGSEGV (CrGpuMain)

Reported by adwig...@gmail.com, Mar 27 2017 
Steps to reproduce the problem:
1. Install Content Shell and System WebView on a ViewSonic VSD242.
2. Use sfgc.smrtapp.com for hours.

What is the expected behavior?

What went wrong?
signal 11 (SIGSEGV), code 1, fault addr 0x8 in tid 6770 (CrGpuMain)

Stack Trace:
  RELADDR   FUNCTION                                                                                                                      FILE:LINE
  000a2ded  ~LogMessage                                                                                                                   /home/mansion/Src/chromium/project/src/base/logging.cc:537
  00a68045  blink::LayoutBlockFlow::isSelfCollapsingBlock() const                                                                         /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:325
  00a6837b  blink::LayoutBlockFlow::checkIfIsSelfCollapsingBlock() const                                                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:389
  00a68019  blink::LayoutBlockFlow::isSelfCollapsingBlock() const                                                                         /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:325
  00a6837b  blink::LayoutBlockFlow::checkIfIsSelfCollapsingBlock() const                                                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:389
  00a68019  blink::LayoutBlockFlow::isSelfCollapsingBlock() const                                                                         /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:325
  00a6a279  blink::LayoutBlockFlow::layoutBlockChild(blink::LayoutBox&, blink::BlockChildrenLayoutInfo&)                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:806
  00a697e9  blink::LayoutBlockFlow::layoutBlockChildren(bool, blink::SubtreeLayoutScope&, blink::LayoutUnit, blink::LayoutUnit)           /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:1492
  00a688b5  blink::LayoutBlockFlow::layoutChildren(bool, blink::SubtreeLayoutScope&)                                                      /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:552
  00a68579  blink::LayoutBlockFlow::layoutBlock(bool)                                                                                     /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:431
  00a6012d  blink::LayoutBlock::layout()                                                                                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlock.cpp:427
  00a6a07b  blink::LayoutBlockFlow::positionAndLayoutOnceIfNeeded(blink::LayoutBox&, blink::LayoutUnit, blink::BlockChildrenLayoutInfo&)  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:739
  00a6a269  blink::LayoutBlockFlow::layoutBlockChild(blink::LayoutBox&, blink::BlockChildrenLayoutInfo&)                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:802
  00a697e9  blink::LayoutBlockFlow::layoutBlockChildren(bool, blink::SubtreeLayoutScope&, blink::LayoutUnit, blink::LayoutUnit)           /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:1492
  00a688b5  blink::LayoutBlockFlow::layoutChildren(bool, blink::SubtreeLayoutScope&)                                                      /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:552
  00a68579  blink::LayoutBlockFlow::layoutBlock(bool)                                                                                     /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:431
  00a6012d  blink::LayoutBlock::layout()                                                                                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlock.cpp:427
  00a6a07b  blink::LayoutBlockFlow::positionAndLayoutOnceIfNeeded(blink::LayoutBox&, blink::LayoutUnit, blink::BlockChildrenLayoutInfo&)  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:739
  00a6a269  blink::LayoutBlockFlow::layoutBlockChild(blink::LayoutBox&, blink::BlockChildrenLayoutInfo&)                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:802
  00a697e9  blink::LayoutBlockFlow::layoutBlockChildren(bool, blink::SubtreeLayoutScope&, blink::LayoutUnit, blink::LayoutUnit)           /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:1492
  00a688b5  blink::LayoutBlockFlow::layoutChildren(bool, blink::SubtreeLayoutScope&)                                                      /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:552
  00a68579  blink::LayoutBlockFlow::layoutBlock(bool)                                                                                     /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:431
  00a6012d  blink::LayoutBlock::layout()                                                                                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlock.cpp:427
  00a6a07b  blink::LayoutBlockFlow::positionAndLayoutOnceIfNeeded(blink::LayoutBox&, blink::LayoutUnit, blink::BlockChildrenLayoutInfo&)  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:739
  00a6a269  blink::LayoutBlockFlow::layoutBlockChild(blink::LayoutBox&, blink::BlockChildrenLayoutInfo&)                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:802
  00a697e9  blink::LayoutBlockFlow::layoutBlockChildren(bool, blink::SubtreeLayoutScope&, blink::LayoutUnit, blink::LayoutUnit)           /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:1492
  00a688b5  blink::LayoutBlockFlow::layoutChildren(bool, blink::SubtreeLayoutScope&)                                                      /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:552
  00a68579  blink::LayoutBlockFlow::layoutBlock(bool)                                                                                     /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:431
  00a6012d  blink::LayoutBlock::layout()                                                                                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlock.cpp:427
  v------>  blink::LayoutObject::layoutIfNeeded()                                                                                         /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutObject.h:1099
  00a611f7  blink::LayoutBlock::layoutPositionedObject(blink::LayoutBox*, bool, blink::LayoutBlock::PositionedLayoutBehavior)             /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlock.cpp:839
  00a60fc9  blink::LayoutBlock::layoutPositionedObjects(bool, blink::LayoutBlock::PositionedLayoutBehavior)                               /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlock.cpp:779
  00a60ad7  blink::LayoutBlock::simplifiedLayout()                                                                                        /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlock.cpp:655
  00a6848f  blink::LayoutBlockFlow::layoutBlock(bool)                                                                                     /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:402
  00a6012d  blink::LayoutBlock::layout()                                                                                                  /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutBlock.cpp:427
  00af7ac1  blink::LayoutView::layoutContent()                                                                                            /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutView.cpp:194
  00af7e47  blink::LayoutView::layout()                                                                                                   /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/layout/LayoutView.cpp:285
  0084561d  blink::FrameView::performLayout(bool)                                                                                         /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/frame/FrameView.cpp:1120
  00843dc5  blink::FrameView::layout()                                                                                                    /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/frame/FrameView.cpp:1288
  006a6109  blink::Document::updateStyleAndLayout()                                                                                       /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/dom/Document.cpp:2217
  v------>  blink::Document::updateStyleAndLayoutIgnorePendingStylesheets(blink::Document::RunPostLayoutTasks)                            /home/mansion/Src/chromium/project/src/third_party/WebKit/Source/core/dom/Document.cpp:2304
  006a6019  blink::Document::updateStyleAndLayoutIgnorePendingStylesheetsForNode(blink::Node*)

Crashed report ID: No

How much crashed? Whole browser

Is it a problem with a plugin? No 

Did this work before? N/A 

Chrome version: 59.0.3042.0  Channel: dev
OS Version: 5.1.1
Flash Version: 

I did a reset to origin/master again Mar 21 12:57:48 2017 -0700, latest commit 21e62ae7504024888b56ae4e42d810d94812e0ae without changes.

We've never seen this on any other device. Which is why I think it is a bug in its GPU.

It has a RK3288.

The bug is hard to reproduce. We are running it in our production environment on one monitored device and handle the signal with gdb.

The reason I am compiling System WebView and Content Shell is that we had a SIGSEGV without trace, pointed to
signal 11 (SIGSEGV), code 1, fault addr 0x8 in tid 1889 (Chrome_InProcGp)
I'm not sure if this is connected but when having gdb connected CrGpuMain seams to have replaced Chrome_InProcGp.

If anyone can pinpoint a direction how this could happen, it would be of huge help for me to find a workaround.

Comment 1 by sandeepkumars@chromium.org, Nov 20 2017

Cc: sandeepkumars@chromium.org
Labels: Needs-triage-Mobile Needs-Feedback
@adwigren: Could you please upgrade your Chrome or WebView to the latest version #62.0.3202.84 and check if you still face the issue?

Thanks!!

Comment 2 by dtapu...@chromium.org, Dec 19 2017

Components: Blink>Layout
Status: WontFix (was: Unconfirmed)
Closing issue due to lack of feedback requested but not provided. If the issue still exists please open a new issue with the details requested.

Sign in to add a comment