Issue metadata
Sign in to add a comment
|
StackSamplingProfiler crashes on 10.13 in browser_tests |
||||||||||||||||||||||||
Issue descriptionChrome Version: 35503439a8693b3e945122f8f383e188638f13f0 OS: macOS 10.13 What steps will reproduce the problem? (1) Run browser_tests on 10.13 (2) See crashes in linbunwind [ RUN ] PredictorBrowserTest.SingleLookupTest [48184:3843:0724/143105.348247:WARNING:notification_platform_bridge_mac.mm(514)] AlertNotificationService: XPC connection invalidated. BrowserTestBase received signal: Segmentation fault: 11. Backtrace: 0 browser_tests 0x000000010c98b48c base::debug::StackTrace::StackTrace(unsigned long) + 28 1 browser_tests 0x000000010d0a0698 content::(anonymous namespace)::DumpStackTraceSignalHandler(int) + 200 2 libsystem_platform.dylib 0x00007fffa5583f5a _sigtramp + 26 3 ??? 0x0000000000000000 0x0 + 0 4 libunwind.dylib 0x00007fffa55bb1a2 libunwind::DwarfInstructions<libunwind::LocalAddressSpace, libunwind::Registers_x86_64>::stepWithDwarf(libunwind::LocalAddressSpace&, unsigned long long, unsigned long long, libunwind::Registers_x86_64&) + 328 5 libunwind.dylib 0x00007fffa55ba222 libunwind::UnwindCursor<libunwind::LocalAddressSpace, libunwind::Registers_x86_64>::step() + 82 6 browser_tests 0x000000010c9d7232 _ZN4base12_GLOBAL__N_120WalkStackFromContextIZNS0_21NativeStackSamplerMac27SuspendThreadAndRecordStackEPNS_18NativeStackSampler11StackBufferEPNS_21StackSamplingProfiler6SampleEE3$_1EEbP13unw_context_tmPmRKT_ + 1250 7 browser_tests 0x000000010c9d6c7c base::(anonymous namespace)::NativeStackSamplerMac::RecordStackSample(base::NativeStackSampler::StackBuffer*, base::StackSamplingProfiler::Sample*) + 1228 8 browser_tests 0x000000010c9d8a43 base::StackSamplingProfiler::SamplingThread::RecordSample(base::StackSamplingProfiler::SamplingThread::CollectionContext*) + 803 9 browser_tests 0x000000010c9d8c7b base::StackSamplingProfiler::SamplingThread::PerformCollectionTask(int) + 123 10 browser_tests 0x000000010c98bc82 base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) + 242 11 browser_tests 0x000000010c9b32d0 base::MessageLoop::RunTask(base::PendingTask*) + 1120 12 browser_tests 0x000000010c9b3915 base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) + 213 13 browser_tests 0x000000010c9b3e12 base::MessageLoop::DoDelayedWork(base::TimeTicks*) + 354 14 browser_tests 0x000000010c9b6d13 base::MessagePumpCFRunLoopBase::RunWork() + 67 15 browser_tests 0x000000010c9a649a base::mac::CallWithEHFrame(void () block_pointer) + 10 16 browser_tests 0x000000010c9b661f base::MessagePumpCFRunLoopBase::RunWorkSource(void*) + 63 17 CoreFoundation 0x00007fff7e05cff1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 18 CoreFoundation 0x00007fff7e03fc3f __CFRunLoopDoSources0 + 271 19 CoreFoundation 0x00007fff7e03f1ef __CFRunLoopRun + 1039 20 CoreFoundation 0x00007fff7e03eb69 CFRunLoopRunSpecific + 409 21 browser_tests 0x000000010c9b706f base::MessagePumpCFRunLoop::DoRun(base::MessagePump::Delegate*) + 79 22 browser_tests 0x000000010c9b5f2c base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) + 92 23 browser_tests 0x000000010c9da603 base::RunLoop::Run() + 51 24 browser_tests 0x000000010ca0c039 base::Thread::ThreadMain() + 393 25 browser_tests 0x000000010ca05ff7 base::(anonymous namespace)::ThreadFunc(void*) + 87 26 libsystem_pthread.dylib 0x00007fffa558d87a _pthread_body + 286 27 libsystem_pthread.dylib 0x00007fffa558d75c _pthread_body + 0 28 libsystem_pthread.dylib 0x00007fffa558ce59 thread_start + 13 Slightly different stacktrace: Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00007fffa55eb000 VM Regions Near 0x7fffa55eb000: __TEXT 00007fffa55bf000-00007fffa55eb000 [ 176K] r-x/r-x SM=COW /usr/lib/system/libxpc.dylib --> unused shlib __DATA 00007fffa57eb000-00007fffa6932000 [ 17.3M] rw-/rw- SM=COW system shared lib __DATA not used by this process Thread 5 Crashed:: StackSamplingProfiler 0 libunwind.dylib 0x00007fffa55bd94c libunwind::CFI_Parser<libunwind::LocalAddressSpace>::findFDE(libunwind::LocalAddressSpace&, unsigned long long, unsigned long long, unsigned int, unsi gned long long, libunwind::CFI_Parser<libunwind::LocalAddressSpace>::FDE_Info*, libunwind::CFI_Parser<libunwind::LocalAddressSpace>::CIE_Info*) + 70 1 libunwind.dylib 0x00007fffa55bd768 libunwind::UnwindCursor<libunwind::LocalAddressSpace, libunwind::Registers_x86_64>::getInfoFromDwarfSection(unsigned long long, unsigned long long, un signed long long, unsigned int, unsigned int) + 86 2 libunwind.dylib 0x00007fffa55b9be2 libunwind::UnwindCursor<libunwind::LocalAddressSpace, libunwind::Registers_x86_64>::setInfoBasedOnIPRegister(bool) + 172 3 libunwind.dylib 0x00007fffa55b9b2b unw_init_local + 104 4 browser_tests 0x000000010c8dfd8a bool base::(anonymous namespace)::WalkStackFromContext<base::(anonymous namespace)::NativeStackSamplerMac::SuspendThreadAndRecordStack(base::NativeSta ckSampler::StackBuffer*, base::StackSamplingProfiler::Sample*)::$_1>(unw_context_t*, unsigned long, unsigned long*, base::(anonymous namespace)::NativeStackSamplerMac::SuspendThreadAndRecordStack(base::NativeS tackSampler::StackBuffer*, base::StackSamplingProfiler::Sample*)::$_1 const&) + 58 5 browser_tests 0x000000010c8dfc7c base::(anonymous namespace)::NativeStackSamplerMac::RecordStackSample(base::NativeStackSampler::StackBuffer*, base::StackSamplingProfiler::Sample*) + 1228 6 browser_tests 0x000000010c8e1a43 base::StackSamplingProfiler::SamplingThread::RecordSample(base::StackSamplingProfiler::SamplingThread::CollectionContext*) + 803 7 browser_tests 0x000000010c8e1c7b base::StackSamplingProfiler::SamplingThread::PerformCollectionTask(int) + 123 8 browser_tests 0x000000010c894c82 base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) + 242 9 browser_tests 0x000000010c8bc2d0 base::MessageLoop::RunTask(base::PendingTask*) + 1120 10 browser_tests 0x000000010c8bc915 base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) + 213 11 browser_tests 0x000000010c8bcbe9 base::MessageLoop::DoWork() + 425 12 browser_tests 0x000000010c8bfcfa base::MessagePumpCFRunLoopBase::RunWork() + 42 13 browser_tests 0x000000010c8af49a base::mac::CallWithEHFrame(void () block_pointer) + 10 14 browser_tests 0x000000010c8bf61f base::MessagePumpCFRunLoopBase::RunWorkSource(void*) + 63 15 com.apple.CoreFoundation 0x00007fff7e05cff1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 16 com.apple.CoreFoundation 0x00007fff7e03fc3f __CFRunLoopDoSources0 + 271 17 com.apple.CoreFoundation 0x00007fff7e03f1ef __CFRunLoopRun + 1039 18 com.apple.CoreFoundation 0x00007fff7e03eb69 CFRunLoopRunSpecific + 409 19 browser_tests 0x000000010c8c006f base::MessagePumpCFRunLoop::DoRun(base::MessagePump::Delegate*) + 79 20 browser_tests 0x000000010c8bef2c base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) + 92 21 browser_tests 0x000000010c8e3603 base::RunLoop::Run() + 51 22 browser_tests 0x000000010c915039 base::Thread::ThreadMain() + 393 23 browser_tests 0x000000010c90eff7 base::(anonymous namespace)::ThreadFunc(void*) + 87 24 libsystem_pthread.dylib 0x00007fffa558d87a _pthread_body + 286 25 libsystem_pthread.dylib 0x00007fffa558d75c _pthread_start + 400 26 libsystem_pthread.dylib 0x00007fffa558ce59 thread_start + 13 Job run: https://luci-milo.appspot.com/buildbot/chromium.fyi/Chromium%20Mac%2010.13/1 Logs: https://luci-logdog.appspot.com/v/?s=chromium%2Fbb%2Fchromium.fyi%2FChromium_Mac_10.13%2F1%2F%2B%2Frecipes%2Fsteps%2Fbrowser_tests%2F0%2Fstdout What is the expected result? No crashes in the stack sampler. What happens instead? The crash in the browser_tests test output log only has one symbolized trace inside libunwind from NativeStackSamplerMac::RecordStackSample. There are several other SEGV_MAPERR crashes in that run of browser_tests, but not all are symbolized in the test log. I ssh'd into the bot and pulled the second stack trace, and that is found in several crash reports. Please use labels and text to provide additional information. For graphics-related bugs, please copy/paste the contents of the about:gpu page at the end of this report.
,
Jul 24 2017
Do we have reason to believe that this is 10.13-specific? Should we disable generally?
,
Jul 25 2017
rsesek@ said yesterday it's a 100% repro on 10.13. Browser tests have been OK for me locally and the regular build bots are green.
,
Jul 25 2017
10.13 crash from the wild https://crash.corp.google.com/browse?q=product.name%3D%27Chrome_Mac%27%20AND%20product.Version%3D%2762.0.3165.0%27%20AND%20custom_data.ChromeCrashProto.channel%3D%27canary%27%20AND%20custom_data.ChromeCrashProto.ptype%3D%27%27%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D%27base%3A%3A%60anonymous%20namespace%5C%27%3A%3ANativeStackSamplerMac%3A%3ARecordStackSample%27%20OMIT%20RECORD%20IF%20SUM(CrashedStackTrace.StackFrame.FunctionName%20like%20%27%25StackSamplingProfiler%25%27)%20%3D%200%20OR%20SUM(third_party_modules.CodeFile%3D%27%2Fusr%2Flib%2Fsystem%2Flibsystem_secinit.dylib%27)%20%3D%200&ignore_case=false&enable_rewrite=false&omit_field_name=&omit_field_value=&omit_field_opt=&stbtiq=&reportid=85502ac188000000&index=0 Notably: also trying to read right off the end of libxpc (which is the last module loaded)
,
Jul 25 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c82d69893c39eb0c2834fa56e9e4cd6feba588ff commit c82d69893c39eb0c2834fa56e9e4cd6feba588ff Author: Leonard Grey <lgrey@chromium.org> Date: Tue Jul 25 17:02:49 2017 [Mac stack sampler] Disable for 10.13 Bug: 748254 Change-Id: I29e9850dc616afcdf2de42458b4e4737ae47bb56 Reviewed-on: https://chromium-review.googlesource.com/585168 Reviewed-by: Robert Sesek <rsesek@chromium.org> Reviewed-by: Nico Weber <thakis@chromium.org> Commit-Queue: Leonard Grey <lgrey@chromium.org> Cr-Commit-Position: refs/heads/master@{#489346} [modify] https://crrev.com/c82d69893c39eb0c2834fa56e9e4cd6feba588ff/chrome/common/stack_sampling_configuration.cc
,
Jul 27 2017
|
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by lgrey@chromium.org
, Jul 24 2017