Comment #12 on issue 16359 by [email protected]: Crash - v8::internal::Deserializer::GetObject() http://code.google.com/p/chromium/issues/detail?id=16359
I cant find the source revision that went into 193.1. It's possible that updating V8 could introduce crashes with this stack signature merely by changing where/when we do allocation at startup. It doesn't look like this was introduced with 193.1 anyway. I see it on 193.0: http://crash/reportview?product=Chrome&version=3.0.193.0&date=&signature=memcpy- 223E5E0 and http://crash/reportview?product=Chrome&version=3.0.193.0&date=&signature=memcpy- 223D6D0 Along with a lot of other crashes, not all in V8, that look like allocation failures at or close to startup: http://crash/reportview? product=Chrome&version=3.0.193.0&date=&signature=std::vector%3CUserScript,std::alloca tor%3CUserScript%3E+%3E::size()-11C9DCD http://crash/reportview?product=Chrome&version=3.0.193.0&date=&signature=memcpy- CEE7FE http://crash/reportview? product=Chrome&version=3.0.193.0&date=&signature=tcmalloc::CentralFreeList::FetchFrom Spans()-1331608 http://crash/reportview? product=Chrome&version=3.0.193.0&date=&signature=WebCore::reportFatalErrorInV8-DEE24B http://crash/reportview? product=Chrome&version=3.0.193.0&date=&signature=v8::internal::Context::global_contex t()-DFF775 http://crash/reportview? product=Chrome&version=3.0.193.0&date=&signature=skia::CanvasPaintT%3Cgfx::Canvas%3E: :init(bool)-1C8D189 http://crash/reportview? product=Chrome&version=3.0.193.0&date=&signature=skia::CanvasPaintT%3Cgfx::Canvas%3E: :init(bool)-1DCD2BE -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
