Opened on 01/12/2018 at 07:39:48 PM
Closed on 03/15/2018 at 07:06:52 AM
#6252 closed defect (fixed)
Random V8 crash
Reported by: | asmirnov | Assignee: | |
---|---|---|---|
Priority: | P2 | Milestone: | |
Module: | Adblock-Plus-for-Chromium | Keywords: | |
Cc: | Blocked By: | ||
Blocking: | Platform: | Android | |
Ready: | no | Confidential: | no |
Tester: | Unknown | Verified working: | no |
Review URL(s): |
Description (last modified by asmirnov)
Environment
It happens occasionally, frequently after downloading of notifications.
September 6 Chromium revision.
How to reproduce
- Just use the browser and navigate to different websites
- See the crash happens.
10-24 16:01:48.056 13390-13638 E/v8: # # Fatal error in ../../v8/src/compiler/verifier.cc, line 72 # 10-24 16:01:48.056 13390-13638 E/v8: TypeError: node #2:HeapConstant[0x90a04185 <undefined>] type HeapConstant(0x90a04185 <undefined>) must intersect OtherInternal 10-24 16:01:48.056 13390-13638 E/v8: # 10-24 16:01:48.086 13390-13638 E/chromium: #00 0x9bb551d5 /data/app/org.chromium.chrome-1/lib/arm/libgin.cr.so+0x000161d5 #01 0xafba7051 /data/app/org.chromium.chrome-1/lib/arm/libv8_libbase.cr.so+0x0000d051 #02 0x9cd5f29d /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x0035529d #03 0x9cd5cbc1 /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00352bc1 #04 0x9cd5f333 /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00355333 #05 0x9cd0b951 /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00301951 #06 0x9cd0a331 /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00300331 #07 0x9cd09eab /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x002ffeab #08 0x9cc38c4d /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x0022ec4d #09 0x9cc3ad8d /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00230d8d #10 0x9cc3b705 /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00231705 #11 0x9d00b9cf /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x006019cf #12 0x90708923 <unknown> 10-24 16:01:48.086 13390-13638 A/libc: Fatal signal 4 (SIGILL), code 1, fault addr 0xafba958e in tid 13638 (chromium.chrome) 10-24 16:01:48.156 313-30888 I/AudioPolicyManager: getAudioPolicyConfig: audioParam;outDevice
Observed behaviour
Chromium crashes
Expected behaviour
Chromium does not crash
Attachments (2)
Change History (9)
Changed on 01/12/2018 at 07:40:22 PM by asmirnov
Changed on 01/12/2018 at 07:40:29 PM by asmirnov
comment:1 Changed on 01/12/2018 at 07:40:59 PM by asmirnov
comment:3 Changed on 01/12/2018 at 07:41:43 PM by asmirnov
Does not happen for November 17 revision (and seems to be V8 issue).
Last edited on 01/12/2018 at 07:41:58 PM
by asmirnov
comment:4 Changed on 02/02/2018 at 10:56:59 AM by asmirnov
still happens in September 6 fork (forked from f7f2f63629747df4e59c6b63e02f9b02c518b33f):
02-02 15:54:15.261 4130-5856 E/v8: # # Fatal error in ../../v8/src/compiler/verifier.cc, line 72 # 02-02 15:54:15.261 4130-5856 E/v8: TypeError: node #2:HeapConstant[0x47c84185 <undefined>] type HeapConstant(0x47c84185 <undefined>) must intersect OtherInternal 02-02 15:54:15.261 4130-5856 E/v8: # 02-02 15:54:15.321 4130-5856 E/chromium: #00 0xcd2de1d5 /data/app/org.chromium.chrome-1/lib/arm/libgin.cr.so+0x000161d5 #01 0xde61c051 /data/app/org.chromium.chrome-1/lib/arm/libv8_libbase.cr.so+0x0000d051 #02 0xcdc8429d /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x0035529d #03 0xcdc81bc1 /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00352bc1 #04 0xcdc84333 /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00355333 #05 0xcdc30951 /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00301951 #06 0xcdc2f331 /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00300331 #07 0xcdc2eeab /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x002ffeab #08 0xcdb5dc4d /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x0022ec4d #09 0xcdb5fd8d /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00230d8d #10 0xcdb60705 /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x00231705 #11 0xcdf309cf /data/app/org.chromium.chrome-1/lib/arm/libv8.cr.so+0x006019cf #12 0x52588923 <unknown> --------- beginning of crash 02-02 15:54:15.321 4130-5856 A/libc: Fatal signal 4 (SIGILL), code 1, fault addr 0xde61e58e in tid 5856 (chromium.chrome) [ 02-02 15:54:15.323 422: 422 W/ ] debuggerd: handling request: pid=4130 uid=10235 gid=10235 tid=5856 02-02 15:54:15.457 5857-5857 A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** 02-02 15:54:15.457 5857-5857 A/DEBUG: Build fingerprint: 'ZTE/P840F10_RU/ZTE_BLADE_V0800:7.0/NRD90M/20170906.095203:user/release-keys' 02-02 15:54:15.457 5857-5857 A/DEBUG: Revision: '0' 02-02 15:54:15.457 5857-5857 A/DEBUG: ABI: 'arm' 02-02 15:54:15.457 5857-5857 A/DEBUG: pid: 4130, tid: 5856, name: chromium.chrome >>> org.chromium.chrome <<< 02-02 15:54:15.458 5857-5857 A/DEBUG: signal 4 (SIGILL), code 1 (ILL_ILLOPC), fault addr 0xde61e58e 02-02 15:54:15.458 5857-5857 A/DEBUG: r0 00000001 r1 00004001 r2 00000000 r3 000016e0 02-02 15:54:15.458 5857-5857 A/DEBUG: r4 ce12ec2a r5 00000048 r6 ce1630c6 r7 ec30e7c4 02-02 15:54:15.458 5857-5857 A/DEBUG: r8 de57ece4 r9 bfdaa2bc sl 0001ffff fp de57ee08 02-02 15:54:15.458 5857-5857 A/DEBUG: ip de627e08 sp de57ecc0 lr de61c063 pc de61e58e cpsr 800d0030 02-02 15:54:15.460 5857-5857 A/DEBUG: backtrace: 02-02 15:54:15.461 5857-5857 A/DEBUG: #00 pc 0000f58e /data/app/org.chromium.chrome-1/lib/arm/libv8_libbase.cr.so (_ZN2v84base2OS5AbortEv+13) 02-02 15:54:15.461 5857-5857 A/DEBUG: #01 pc 000fccd8 <anonymous:de482000>
Last edited on 02/02/2018 at 12:26:08 PM
by asmirnov
comment:5 Changed on 02/04/2018 at 11:00:41 AM by asmirnov
Seems not to happen in Chromium 64.0.3249.2 with updated v8 (6.4.102).
comment:6 Changed on 02/05/2018 at 07:20:18 AM by asmirnov
- Review URL(s) modified (diff)
- Status changed from new to reviewing
comment:7 Changed on 03/15/2018 at 07:06:52 AM by asmirnov
- Resolution set to fixed
- Status changed from reviewing to closed
Does not happen in https://gitlab.com/eyeo/adblockplus/chromium/tags/dev-64.0.3249.2_0.2
Note: See
TracTickets for help on using
tickets.
Symbolized stacktrace: