Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Taking heap snapshot crashes renderer #66

Closed
kevinsawicki opened this issue Aug 26, 2013 · 5 comments
Closed

Taking heap snapshot crashes renderer #66

kevinsawicki opened this issue Aug 26, 2013 · 5 comments

Comments

@kevinsawicki
Copy link
Contributor

Clicked the Take Snapshot button and Atom crashed.

screen shot 2013-08-26 at 12 12 29 pm

Process:         Atom Helper [50797]
Path:            /Applications/Atom.app/Contents/Frameworks/Atom Helper.app/Contents/MacOS/Atom Helper
Identifier:      com.github.atom.helper
Version:         5640f57 (5640f57)
Code Type:       X86 (Native)
Parent Process:  Atom [49659]
User ID:         501

Date/Time:       2013-08-26 12:11:14.640 -0700
OS Version:      Mac OS X 10.8.4 (12E55)
Report Version:  10

Crashed Thread:  0  CrRendererMain  Dispatch queue: com.apple.main-thread

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000000

VM Regions Near 0:
--> __PAGEZERO             0000000000000000-0000000000001000 [    4K] ---/--- SM=NUL  /Applications/Atom.app/Contents/Frameworks/Atom Helper.app/Contents/MacOS/Atom Helper
    VM_ALLOCATE            0000000000001000-0000000000082000 [  516K] ---/--- SM=NUL  

Thread 0 Crashed:: CrRendererMain  Dispatch queue: com.apple.main-thread
0   ???                             0000000000 0 + 0
1   libchromiumcontent.dylib        0x0055cf4d v8::Testing::DeoptimizeAll() + 505261
2   libchromiumcontent.dylib        0x0056ca02 v8::Testing::DeoptimizeAll() + 569442
3   libchromiumcontent.dylib        0x00570123 v8::Testing::DeoptimizeAll() + 583555
4   libchromiumcontent.dylib        0x00556372 v8::Testing::DeoptimizeAll() + 477650
5   libchromiumcontent.dylib        0x0056c490 v8::Testing::DeoptimizeAll() + 568048
6   libchromiumcontent.dylib        0x0056cca8 v8::Testing::DeoptimizeAll() + 570120
7   libchromiumcontent.dylib        0x0055cfcc v8::Testing::DeoptimizeAll() + 505388
8   libchromiumcontent.dylib        0x0055d0a8 v8::Testing::DeoptimizeAll() + 505608
9   libchromiumcontent.dylib        0x004e1538 v8::HeapProfiler::TakeHeapSnapshot(v8::Handle<v8::String>, v8::ActivityControl*, v8::HeapProfiler::ObjectNameResolver*) + 40
10  libchromiumcontent.dylib        0x0246823c DerSignData(PLArenaPool*, SECItemStr*, SECItemStr*, SECKEYPrivateKeyStr*, SECOidTag) + 2566828
11  libchromiumcontent.dylib        0x01c7e2ee gpu_info_collector::CollectGraphicsInfoGL(content::GPUInfo*) + 2438190
12  libchromiumcontent.dylib        0x01c7e42b gpu_info_collector::CollectGraphicsInfoGL(content::GPUInfo*) + 2438507
13  libchromiumcontent.dylib        0x025153c2 webkit::SetIsValidWindowContext(bool (*)(v8::Handle<v8::Context>)) + 634370
14  libchromiumcontent.dylib        0x0251d0be webkit::SetIsValidWindowContext(bool (*)(v8::Handle<v8::Context>)) + 666366
15  libchromiumcontent.dylib        0x01c597af gpu_info_collector::CollectGraphicsInfoGL(content::GPUInfo*) + 2287855
16  libchromiumcontent.dylib        0x010722de WebKit::WebDatabase::closeDatabaseImmediately(WebKit::WebString const&, WebKit::WebString const&) + 7886
17  libchromiumcontent.dylib        0x01f77958 content::ActiveNotificationTracker::OnPermissionRequestComplete(int) + 18136
18  libchromiumcontent.dylib        0x01fe8087 content::RenderViewImpl::OnMessageReceived(IPC::Message const&) + 615
19  libchromiumcontent.dylib        0x0219abfd content::StreamDeviceInfo::IsEqual(content::StreamDeviceInfo const&, content::StreamDeviceInfo const&) + 1917
20  libchromiumcontent.dylib        0x0219ab04 content::StreamDeviceInfo::IsEqual(content::StreamDeviceInfo const&, content::StreamDeviceInfo const&) + 1668
21  libchromiumcontent.dylib        0x020a3b92 content::ChildThread::OnMessageReceived(IPC::Message const&) + 962
22  libchromiumcontent.dylib        0x01ee83cc IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const&) + 636
23  libchromiumcontent.dylib        0x01eea259 IPC::ChannelProxy::GetPeerEuid(unsigned int*) const + 2569
24  libchromiumcontent.dylib        0x01113768 base::MessageLoop::RunTask(base::PendingTask const&) + 1016
25  libchromiumcontent.dylib        0x01113c9a base::MessageLoop::DoWork() + 522
26  libchromiumcontent.dylib        0x010c7c15 base::MessagePumpLibevent::OnWakeup(int, short, void*) + 4325
27  com.apple.CoreFoundation        0x94c1c04f __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 15
28  com.apple.CoreFoundation        0x94c1ba79 __CFRunLoopDoSources0 + 233
29  com.apple.CoreFoundation        0x94c41826 __CFRunLoopRun + 934
30  com.apple.CoreFoundation        0x94c4101a CFRunLoopRunSpecific + 378
31  com.apple.CoreFoundation        0x94c40e8b CFRunLoopRunInMode + 123
32  com.apple.HIToolbox             0x9510af5a RunCurrentEventLoopInMode + 242
33  com.apple.HIToolbox             0x9510acc9 ReceiveNextEventCommon + 374
34  com.apple.HIToolbox             0x9510ab44 BlockUntilNextEventMatchingListInMode + 88
35  com.apple.AppKit                0x9749d93a _DPSNextEvent + 724
36  com.apple.AppKit                0x9749d16c -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 119
37  com.apple.AppKit                0x974935cc -[NSApplication run] + 855
38  libchromiumcontent.dylib        0x010c8137 base::MessagePumpNSRunLoop::MessagePumpNSRunLoop() + 951
39  libchromiumcontent.dylib        0x010c7b0c base::MessagePumpLibevent::OnWakeup(int, short, void*) + 4060
40  libchromiumcontent.dylib        0x011130e8 base::MessageLoop::RunInternal() + 280
41  libchromiumcontent.dylib        0x0113356e base::RunLoop::Run() + 30
42  libchromiumcontent.dylib        0x0111265a base::MessageLoop::Run() + 26
43  libchromiumcontent.dylib        0x0201e1aa content::RenderWidget::HasTouchEventHandlersAt(gfx::Point const&) const + 15626
44  libchromiumcontent.dylib        0x026437f3 content::ContentMain(int, char const**, content::ContentMainDelegate*) + 691
45  libchromiumcontent.dylib        0x02644649 content::ContentMain(int, char const**, content::ContentMainDelegate*) + 4361
46  libchromiumcontent.dylib        0x02643580 content::ContentMain(int, char const**, content::ContentMainDelegate*) + 64
47  Atom                            0x00089af9 AtomMain + 41
48  libdyld.dylib                   0x94962725 start + 1
@nathansobo
Copy link

If you can, it would be great if you prioritize this above any other efforts. We think memory leaks are contributing to performance issues that are blocking the next release, but we need the heap profiler to find and fix them. Thanks!

@zcbenz
Copy link
Member

zcbenz commented Aug 27, 2013

I can reproduce it, but the whole stack trace seems rather strange to me, I'll update to Chrome 29 first.

@zcbenz
Copy link
Member

zcbenz commented Aug 27, 2013

Updating to Chrome 29 is a much larger work than I have thought, I'm now looking into this crash.

zcbenz added a commit that referenced this issue Aug 27, 2013
@zcbenz
Add spec for heap snapshot crash (#66).
018a487
@aroben
Copy link
Contributor

aroben commented Aug 27, 2013

@zcbenz Yeah, the V8 API changes in Chrome 29 are a little cumbersome to adapt to. Let me know if you'd like any help/advice.

@zcbenz zcbenz closed this as completed in d2b4b76 Aug 27, 2013
@zcbenz
Copy link
Member

zcbenz commented Aug 27, 2013

The V8 allows setting a wrapper for native class to provide extra information like how much memory the object has consumed, and both node and WebKit made use of it. However WebKit assumes only itself would make use of this feature (it's used for optimizing GC for DOM nodes), and node uses a very large ID for the wrapper, which makes V8 fill the wrapper list with many NULLs (the V8's underlying wrapper list works like C array), both issues contribute to the crash when taking heap snapshot.

I chose to disable setting wrapper class in node, so we don't have to patch both WebKit and V8.

@ArneGockeln ArneGockeln mentioned this issue Oct 21, 2016
Closed
kevinsawicki pushed a commit that referenced this issue May 9, 2017
@zcbenz
Merge pull request #66 from brightray/crash-closing-devtools
8f80b9c 
mac: Close devtools when web contents is destroyed.
kevinsawicki pushed a commit that referenced this issue May 9, 2017
@zcbenz
Merge pull request #66 from brightray/crash-closing-devtools
488f7d1 
mac: Close devtools when web contents is destroyed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@nathansobo @zcbenz @kevinsawicki @aroben