Issue metadata
Sign in to add a comment
|
Regression: Tab crash is seen on loading a trace in chrome://tracing page |
||||||||||||||||||||||
Issue description
Chrome Version: 61.0.3123.0/9628.0.0 dev-channel Peppy,Daisy,Jerry
OS: Chrome OS
What steps will reproduce the problem?
(1)Sign in to chrome >> Navigate to chrome://tracing page
(2)Click “Record” button(Leave the default “Web Developer”category selected) >> Wait until buffer usage is 100% and Stop
(3)Click on Save button
(4)Click “load” button >> In the file dialog, open the file saved above and Observe
Expected: Should be able to load the saved file successfully.
Actual: Instead, tab crash is seen.
This is regression issue as no crash in seen in 59.0.3071.91/9460.60.0 beta channel peppy.
Crash ids: 8c0737e9f0000000,10fa0fe9f0000000
Stack Trace:
Thread 0 (id: 20712) CRASHED [SIGILL @ 0x00007f62e1823d74 ] MAGIC SIGNATURE THREAD
Stack Quality
72%Show frame trust levels
0x00007f62e1823d74
(chrome+ 0x06e72d74)
blink::ReportOOMErrorInMainThread(char const*, bool)
0x00007f62dcd07505
(chrome+ 0x02356505)
v8::Utils::ReportOOMFailure(char const*, bool)
0x00007f62dcd074a8
(chrome+ 0x023564a8)
v8::internal::V8::FatalProcessOutOfMemory(char const*, bool)
0x00007f62db845d9f
(chrome+ 0x00e94d9f)
v8::internal::EvacuateNewSpaceVisitor::Visit(v8::internal::HeapObject*)
0x00007f62dd08869a
(chrome+ 0x026d769a)
bool v8::internal::LiveObjectVisitor::VisitBlackObjects<v8::internal::EvacuateNewSpaceVisitor>(v8::internal::MemoryChunk*, v8::internal::MarkingState const&, v8::internal::EvacuateNewSpaceVisitor*, v8::internal::LiveObjectVisitor::IterationMode)
0x00007f62dd0883fd
(chrome+ 0x026d73fd)
v8::internal::FullEvacuator::RawEvacuatePage(v8::internal::Page*, long*)
0x00007f62dd088283
(chrome+ 0x026d7283)
v8::internal::Evacuator::EvacuatePage(v8::internal::Page*)
0x00007f62dd0969a5
(chrome+ 0x026e59a5)
v8::internal::PageParallelJob<v8::internal::EvacuationJobTraits>::Task::RunInternal()
0x00007f62dd095fb1
(chrome+ 0x026e4fb1)
void v8::internal::PageParallelJob<v8::internal::EvacuationJobTraits>::Run<void v8::internal::MarkCompactCollectorBase::CreateAndExecuteEvacuationTasks<v8::internal::FullEvacuator, v8::internal::MarkCompactCollector>(v8::internal::MarkCompactCollector*, v8::internal::PageParallelJob<v8::internal::EvacuationJobTraits>*, v8::internal::RecordMigratedSlotVisitor*, v8::internal::MigrationObserver*, long)::{lambda(int)#1}>(int, void v8::internal::MarkCompactCollectorBase::CreateAndExecuteEvacuationTasks<v8::internal::FullEvacuator, v8::internal::MarkCompactCollector>(v8::internal::MarkCompactCollector*, v8::internal::PageParallelJob<v8::internal::EvacuationJobTraits>*, v8::internal::RecordMigratedSlotVisitor*, v8::internal::MigrationObserver*, long)::{lambda(int)#1})
0x00007f62dd0893bb
(chrome+ 0x026d83bb)
Note:
1. This is issue is not seen on Candy and Minnie devices of same build
2. Issue is also not seen on windows and Linux.
Attaching screenshot for reference.
,
Aug 31 2017
jbanavatu@ ajha@ can you please confirm this still repros on M61 latest build? The issue hasn't been updated since July 10th.
,
Aug 31 2017
I'm not seeing a crash but now I get:
While importing:
RangeError: Inflated gzip data too long to fit into a string (511825959).
at Function.GzipImporter.inflateGzipData_ (chrome://tracing/tracing.js:4513:52)
at GzipImporter.extractSubtraces (chrome://tracing/tracing.js:4516:262)
at addImportStage (chrome://tracing/tracing.js:1160:66)
at Task.run (chrome://tracing/tracing.js:2207:95)
at runAnother (chrome://tracing/tracing.js:2210:371)
at runTask (chrome://tracing/tracing.js:2186:57)
at processIdleWork (chrome://tracing/tracing.js:2191:116)
at window.requestIdleCallback.timeout (chrome://tracing/tracing.js:2184:81)
When trying to save or load a trace. 61.0.3163.51
,
Sep 1 2017
Over to people who have touched GzipImporter recently. Saving and loading of traces appears to be completely broken on Chrome OS ATM.
,
Sep 2 2017
The trace viewer was never able to load a too long trace (https://github.com/catapult-project/catapult/issues/3071). Your trace size (~500 MB) seems to be way over the limit. That said, recent changes are supposed to mitigate the problem. I will take a look next week. Also, I'll change this to P2; please change it back to P1 if you see the crash for small traces too (try to stop tracing before the buffer is full).
,
Sep 5 2017
abodenha@ should we make this non-RBS till we get a good repro and traces?
,
Sep 6 2017
,
Sep 8 2017
Update: landed https://codereview.chromium.org/3006253002/ to hopefully resolve the OOM in #1 and have https://codereview.chromium.org/3006253002/ under review to get rid of the "Inflated gzip data too long to fit into a string" error in #3.
,
Sep 8 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/26fb4b048caf1e43a88884b63b4406f0c5fabb7b commit 26fb4b048caf1e43a88884b63b4406f0c5fabb7b Author: catapult-deps-roller@chromium.org <catapult-deps-roller@chromium.org> Date: Fri Sep 08 21:10:44 2017 Roll src/third_party/catapult/ 911a5566b..cd2d1cccb (4 commits) https://chromium.googlesource.com/external/github.com/catapult-project/catapult.git/+log/911a5566baf9..cd2d1cccba76 $ git log 911a5566b..cd2d1cccb --date=short --no-merges --format='%ad %ae %s' 2017-09-08 chiniforooshan Avoid String.fromCharCode in building TraceStreams 2017-09-08 dtu [pinpoint] Convert chart to new exception data format. 2017-09-08 dtu [pinpoint] Change Job.exception from a StringProperty to a TextProperty. 2017-09-08 dtu [pinpoint] Expose execution.completed through AsDict(). Created with: roll-dep src/third_party/catapult BUG= 731047 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, see: http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.android:android_optional_gpu_tests_rel TBR=sullivan@chromium.org Change-Id: I80472a77a0fafb4b47f4c4127f13c92d7637aafc Reviewed-on: https://chromium-review.googlesource.com/657801 Reviewed-by: <catapult-deps-roller@chromium.org> Commit-Queue: <catapult-deps-roller@chromium.org> Cr-Commit-Position: refs/heads/master@{#500665} [modify] https://crrev.com/26fb4b048caf1e43a88884b63b4406f0c5fabb7b/DEPS
,
Sep 9 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c06c7130fbfc6ed8d46b9fff995367232f5a86e3 commit c06c7130fbfc6ed8d46b9fff995367232f5a86e3 Author: catapult-deps-roller@chromium.org <catapult-deps-roller@chromium.org> Date: Sat Sep 09 02:01:42 2017 Roll src/third_party/catapult/ 7a80ad340..e3fe21f50 (6 commits) https://chromium.googlesource.com/external/github.com/catapult-project/catapult.git/+log/7a80ad3406d1..e3fe21f5029c $ git log 7a80ad340..e3fe21f50 --date=short --no-merges --format='%ad %ae %s' 2017-09-08 dtu [pinpoint] Remove JobResults object. 2017-09-08 dtu [pinpoint] Fix mistake in posting bug comment. 2017-09-08 achuith Disable testWebPageReplay on chromeos. 2017-09-08 dtu [pinpoint] Collapse 'state' into top-level in AsDict(). 2017-09-08 chiniforooshan Use trace streams if input is too long 2017-09-08 dtu [pinpoint] Add "pending" status to execution status boxes. Created with: roll-dep src/third_party/catapult BUG= 762819 , 731047 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, see: http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.android:android_optional_gpu_tests_rel TBR=sullivan@chromium.org Change-Id: I39bfa117e930f9ea13737f80053f5697b190a673 Reviewed-on: https://chromium-review.googlesource.com/658490 Reviewed-by: <catapult-deps-roller@chromium.org> Commit-Queue: <catapult-deps-roller@chromium.org> Cr-Commit-Position: refs/heads/master@{#500779} [modify] https://crrev.com/c06c7130fbfc6ed8d46b9fff995367232f5a86e3/DEPS
,
Sep 11 2017
chiniforooshan@ canyou please comment on the status for this bug? When can we get the fix in M61?
,
Sep 11 2017
Both patches are landed on master. I don't know how I can land them on M61 safely. The changes are in the catapult repository. If I just roll the DEPS file I will be merging a lot of other CLs too and I'm afraid I may break something. What do you recommend? I dont' know if the risk worth it since I think this is not really a regression as I explained in #5; we were not able to load long traces in chrome://tracing before.
,
Sep 13 2017
+ TPMs
,
Sep 15 2017
if this is not a regression this is not RBS. please try to get this in the safest way possible.
,
Feb 12 2018
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by jbanavatu@chromium.org
, Jul 10 2017