Chromium keeps crashing on Samsung S9
196 views
Skip to first unread message
Debin Zhang
Jul 3, 2019, 12:11:56 PM7/3/19
to Chromium-dev
I keep getting Chromium crash on Samsung S9 (with Android 8.0.0). This happens on Chromium 72, 74, and 76 builds. The crash seems specific to the Samsung phones (at least for Galaxy S8 and S9). I do not observe the crash on other brand phones. The crash happens almost immediately after chromium is launched. Looks like some thing in FirstRun.FirstRunActivity code triggers the crash. The following is the crash stack trace:
Stack Trace:
RELADDR FUNCTION FILE:LINE
0000ade2 <UNKNOWN> /system/lib/libutils.so
02653e59 base::MessagePumpForUI::MessagePumpForUI() ../../base/message_loop/message_pump_android.cc:105:3
026532c9 base::MessageLoop::CreateMessagePumpForType(base::MessageLoopBase::Type) ../../base/message_loop/message_loop.cc:0:0
015c93ff content::BrowserUIThreadScheduler::BrowserUIThreadScheduler() ../../content/browser/scheduler/browser_ui_thread_scheduler.cc:53:7
015c8b43 std::__1::__unique_if<content::BrowserUIThreadScheduler>::__unique_single std::__1::make_unique<content::BrowserUIThreadScheduler>() ../../buildtools/third_party/libc++/trunk/include/memory:3131:32
015c8af3 content::BrowserTaskExecutor::Create() ../../content/browser/scheduler/browser_task_executor.cc:167:31
025e8e2d content::ContentMainRunnerImpl::RunServiceManager(content::MainFunctionParams&, bool) ../../content/app/content_main_runner_impl.cc:916:5
025e8d57 content::ContentMainRunnerImpl::Run(bool) ../../content/app/content_main_runner_impl.cc:876:12
035cb381 service_manager::Main(service_manager::MainParams const&) ../../services/service_manager/embedder/main.cc:416:29
v------> content::JNI_ContentMain_Start(_JNIEnv*, unsigned char) ../../content/app/android/content_main.cc:52:10
025e851d Java_org_chromium_content_app_ContentMain_nativeStart gen/content/public/android/content_jni_headers/content/jni/ContentMain_jni.h:47:0
0006aca3 <UNKNOWN>
Have anyone observed the same crash?
Thanks
Debin
Dave Tapuska
Jul 3, 2019, 12:19:39 PM7/3/19
to debin...@gmail.com, Chromium-dev
It does sound like others are seeing it. It was also reported as issue 980304 but I don't believe the Android team has triaged it yet.
--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev
---
You received this message because you are subscribed to the Google Groups "Chromium-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-dev...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/8f75c15b-a1c9-44e3-b39d-20ad8e36a193%40chromium.org.
Jarle Antonsen
Jul 4, 2019, 3:45:04 AM7/4/19
to Chromium-dev
The Vivaldi browser crashed as well on the mentioned devices, and we decided to bisect the problem. We found this offending commit:
https://chromium.googlesource.com/chromium/src/+/774b2fbf9b878fb20d557bc820987bcd12382bf0
https://chromium.googlesource.com/chromium/src/+/774b2fbf9b878fb20d557bc820987bcd12382bf0
Hope this helps.
--
Jarle Antonsen
Senior Developer & Engineering Lead
Vivaldi Technologies AS
Senior Developer & Engineering Lead
Vivaldi Technologies AS
Egor Pasko
Jul 4, 2019, 9:07:21 AM7/4/19
to antonse...@gmail.com, Chromium-dev
let's continue the discussion on the bug
--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev
---
You received this message because you are subscribed to the Google Groups "Chromium-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-dev...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/61967d3d-b06d-4208-be69-3bebf6ce188c%40chromium.org.
Debin Zhang
Jul 5, 2019, 9:48:00 AM7/5/19
to Chromium-dev
Hi Jarle,
Thank you for pointing that out. After removing that commit, crashed went away on our browsers.
Debin
Pradeep H
Jan 18, 2021, 5:57:31 AM1/18/21
to Chromium-dev, antonse...@gmail.com
Hi,
Currently we are using 86 chromium version and same crash is observed even in 86 version . For earlier versions as you mentioned changing of the commit was working. Have you encountered the same issue in latest chromium version and any idea how to fix it?Thanks,
Pradeep
Primiano Tucci
Jan 18, 2021, 1:54:28 PM1/18/21
to h.pra...@gmail.com, Chromium-dev, antonse...@gmail.com
Which kernel version does that phone run?
You can check that with adb shell cat /proc/version.
The problem there seems that the kernel seems to fail around timerfd_create, which then causes a crash here.
The weird thing is that timerfd_create was introduced around 2.6.25 (circa 2008) which is quite old. I'd be surprised if that phone ran anything lower.
Do you also happen to have the line printed in logcat for that CHECK? the errno could help narrow down the root cause.
I can't think of too many reasons why timerfd_create(CLOCK_MONOTONIC) would fail.
--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev
---
You received this message because you are subscribed to the Google Groups "Chromium-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-dev...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/8812e074-88d5-42cd-8d2e-5cdaa636d342n%40chromium.org.
Primiano Tucci
Jan 18, 2021, 1:58:49 PM1/18/21
to h.pra...@gmail.com, Chromium-dev, antonse...@gmail.com
Ah nvm ignore the comment above.
The line I was looking at just moved around over time. There is no reason why syscall(NR_timerfd... would end up in libutils.so.
Pradeep H
Jan 18, 2021, 7:06:47 PM1/18/21
to Chromium-dev, Primiano Tucci, Chromium-dev, antonse...@gmail.com, Pradeep H
Hi,
Here is the stacktrace obtained from the crash
Stack Trace:
RELADDR FUNCTION FILE:LINE
0000ade2 _ZNK7android7RefBase9incStrongEPKv+3 /system/lib/libutils.so
022e9e45 base::MessagePumpForUI::MessagePumpForUI() ../../base/message_loop/message_pump_android.cc:107:3
02293ae1 base::MessagePump::Create(base::MessagePumpType) ../../base/message_loop/message_pump.cc:0:0
0186f69f content::BrowserUIThreadScheduler::BrowserUIThreadScheduler() ../../content/browser/scheduler/browser_ui_thread_scheduler.cc:52:7
0186ee13 std::__1::__unique_if<content::BrowserUIThreadScheduler>::__unique_single std::__1::make_unique<content::BrowserUIThreadScheduler>() ../../buildtools/third_party/libc++/trunk/include/memory:3043:32
0186ed7b content::BrowserTaskExecutor::Create() ../../content/browser/scheduler/browser_task_executor.cc:172:18
0224627d content::ContentMainRunnerImpl::RunServiceManager(content::MainFunctionParams&, bool) ../../content/app/content_main_runner_impl.cc:926:5
022461d3 content::ContentMainRunnerImpl::Run(bool) ../../content/app/content_main_runner_impl.cc:881:12
0308f521 service_manager::Main(service_manager::MainParams const&) ../../services/service_manager/embedder/main.cc:453:29
v------> content::JNI_ContentMain_Start(_JNIEnv*, unsigned char) ../../content/app/android/content_main.cc:62:10
02245b2d Java_J_N_M1Y_1XVCN gen/content/public/android/content_jni_headers/ContentMain_jni.h:34:10
00044a33 offset 0x40000 /data/app/jp.toolbar.raws-r2hEWRnjT_qvbQKcRZVjwA==/oat/arm/base.odex
As you mentioned crash happens at /message_pump_android.cc
I am currently using 86.0.4240.114 version of chromium
MessagePumpForUI::MessagePumpForUI()
: env_(base::android::AttachCurrentThread()) {
// The Android native ALooper uses epoll to poll our file descriptors and wake
// us up. We use a simple level-triggered eventfd to signal that non-delayed
// work is available, and a timerfd to signal when delayed work is ready to
// be run.
non_delayed_fd_ = eventfd(0, EFD_NONBLOCK | EFD_CLOEXEC);
CHECK_NE(non_delayed_fd_, -1);
DCHECK_EQ(TimeTicks::GetClock(), TimeTicks::Clock::LINUX_CLOCK_MONOTONIC);
// We can't create the timerfd with TFD_NONBLOCK | TFD_CLOEXEC as we can't
// include timerfd.h. See comments above on __NR_timerfd_create. It looks like
// they're just aliases to O_NONBLOCK and O_CLOEXEC anyways, so this should be
// fine.
delayed_fd_ = timerfd_create(CLOCK_MONOTONIC, O_NONBLOCK | O_CLOEXEC);
CHECK_NE(delayed_fd_, -1);
looper_ = ALooper_prepare(0);
DCHECK(looper_);
// Add a reference to the looper so it isn't deleted on us.
ALooper_acquire(looper_);
ALooper_addFd(looper_, non_delayed_fd_, 0, ALOOPER_EVENT_INPUT,
&NonDelayedLooperCallback, reinterpret_cast<void*>(this));
ALooper_addFd(looper_, delayed_fd_, 0, ALOOPER_EVENT_INPUT,
&DelayedLooperCallback, reinterpret_cast<void*>(this));
}
: env_(base::android::AttachCurrentThread()) {
// The Android native ALooper uses epoll to poll our file descriptors and wake
// us up. We use a simple level-triggered eventfd to signal that non-delayed
// work is available, and a timerfd to signal when delayed work is ready to
// be run.
non_delayed_fd_ = eventfd(0, EFD_NONBLOCK | EFD_CLOEXEC);
CHECK_NE(non_delayed_fd_, -1);
DCHECK_EQ(TimeTicks::GetClock(), TimeTicks::Clock::LINUX_CLOCK_MONOTONIC);
// We can't create the timerfd with TFD_NONBLOCK | TFD_CLOEXEC as we can't
// include timerfd.h. See comments above on __NR_timerfd_create. It looks like
// they're just aliases to O_NONBLOCK and O_CLOEXEC anyways, so this should be
// fine.
delayed_fd_ = timerfd_create(CLOCK_MONOTONIC, O_NONBLOCK | O_CLOEXEC);
CHECK_NE(delayed_fd_, -1);
looper_ = ALooper_prepare(0);
DCHECK(looper_);
// Add a reference to the looper so it isn't deleted on us.
ALooper_acquire(looper_);
ALooper_addFd(looper_, non_delayed_fd_, 0, ALOOPER_EVENT_INPUT,
&NonDelayedLooperCallback, reinterpret_cast<void*>(this));
ALooper_addFd(looper_, delayed_fd_, 0, ALOOPER_EVENT_INPUT,
&DelayedLooperCallback, reinterpret_cast<void*>(this));
}
ALooper_acquire(looper_); This code points to the crash(line 107) .
I could not check Kernel version as I am running this on remote device. But this crash happens in all Samsung s9 android 8.0 devices.
Jarle Antonsen
Jan 19, 2021, 3:50:00 AM1/19/21
to Pradeep H, Chromium-dev
Hi,
For the record, we don't see the Galaxy S9 crash, neither on Chromium 87 nor 88.
Best regards,
Jarle Antonsen
Vivaldi Technologies AS
uazo
Feb 5, 2022, 3:19:57 AM2/5/22
to Chromium-dev, antonse...@gmail.com, Chromium-dev, h.pra...@gmail.com
encountered the same problem, identical stack. chrome doesn't have the crash while chromium does
here a possible solution updated to v98
the user has confirmed that it works
here a possible solution updated to v98
the user has confirmed that it works
The Woodpecker
Feb 5, 2022, 5:49:49 AM2/5/22
to carmelo...@gmail.com, Chromium-dev, antonse...@gmail.com, h.pra...@gmail.com
What is this?
On 05/02/2022, uazo <carmelo...@gmail.com> wrote:
> encountered the same problem, identical stack. chrome doesn't have the
> crash while chromium does
> here
> <https://github.com/uazo/bromite/blob/ad6d7ff0037c148be5db74e26b37fc1d8298bb42/build/patches/Fix-Note9-startup-crash.patch>
>>>>> <https://source.chromium.org/chromium/chromium/src/+/master:base/message_loop/message_pump_android.cc;l=105?q=MessagePumpForUI&ss=chromium>
>>>>> .
>>>>>> <https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/8812e074-88d5-42cd-8d2e-5cdaa636d342n%40chromium.org?utm_medium=email&utm_source=footer>
>>>>>> .
>
On 05/02/2022, uazo <carmelo...@gmail.com> wrote:
> encountered the same problem, identical stack. chrome doesn't have the
> crash while chromium does
> here
>>>>> .
>>>>>> .
>>>>>>
>>>>>
>
> --
> --
> Chromium Developers mailing list: chromi...@chromium.org
> View archives, change email options, or unsubscribe:
> http://groups.google.com/a/chromium.org/group/chromium-dev
> ---
> You received this message because you are subscribed to the Google Groups
> "Chromium-dev" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to chromium-dev...@chromium.org.
> To view this discussion on the web visit
> https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/ae26e8de-867b-4773-ac0a-6be0e1a3d993n%40chromium.org.
>>>>>
>
> --
> --
> Chromium Developers mailing list: chromi...@chromium.org
> View archives, change email options, or unsubscribe:
> http://groups.google.com/a/chromium.org/group/chromium-dev
> ---
> You received this message because you are subscribed to the Google Groups
> "Chromium-dev" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to chromium-dev...@chromium.org.
> To view this discussion on the web visit
>
Reply all
Reply to author
Forward
0 new messages