While trying to reproduce the issue with Marcos’ stripped down example,
I got a crash (not sure it’s related as it happened when I was brining
the system settings apps to the foreground. Anyway, here is the
backtrace:
#0 0xb5dd8e64 in malloc_consolidate (av=av@entry=0xb5e727a8 <main_arena>) at
malloc.c:4142
#1 0xb5dda1e0 in _int_malloc (av=av@entry=0xb5e727a8 <main_arena>,
bytes=bytes@entry=512) at malloc.c:3417
#2 0xb5ddb95e in __GI___libc_malloc (bytes=512) at malloc.c:2895
#3 0xb5f35090 in operator new(unsigned int) () from
/usr/lib/arm-linux-gnueabihf/libstdc++.so.6
#4 0xac93ea18 in allocate (__n=128, this=<optimized out>) at
/usr/include/c++/4.9/ext/new_allocator.h:104
#5 _M_allocate_node (this=<optimized out>) at
/usr/include/c++/4.9/bits/stl_deque.h:538
#6 _M_create_nodes (this=0xbef4b360, __nfinish=0xa45258, __nstart=0xa45254)
at /usr/include/c++/4.9/bits/stl_deque.h:632
#7 std::_Deque_base<oxide::FetchTextureResourcesTaskInfo*,
std::allocator<oxide::FetchTextureResourcesTaskInfo*> >::_M_initialize_map
(this=0xbef4b360, __num_elements=0) at /usr/include/c++/4.9/bits/stl_deque.h:606
#8 0xaca8612e in _Deque_base (this=0xbef4b360) at
/usr/include/c++/4.9/bits/stl_deque.h:458
#9 deque (this=0xbef4b360) at /usr/include/c++/4.9/bits/stl_deque.h:788
#10 content::FrameTree::ForEach(base::Callback<bool (content::FrameTreeNode*)>
const&, content::FrameTreeNode*) const (
this=this@entry=0xa39748, on_node=...,
skip_this_subtree=skip_this_subtree@entry=0x0)
at
../../../../third_party/chromium/src/content/browser/frame_host/frame_tree.cc:182
#11 0xaca864c4 in ForEach (on_node=..., this=0xa39748)
at
../../../../third_party/chromium/src/content/browser/frame_host/frame_tree.cc:176
#12 content::FrameTree::UpdateLoadProgress (this=0xa39748)
at
../../../../third_party/chromium/src/content/browser/frame_host/frame_tree.cc:431
#13 0xaca86c6a in content::FrameTreeNode::DidChangeLoadProgress
(this=<optimized out>, load_progress=<optimized out>)
at
../../../../third_party/chromium/src/content/browser/frame_host/frame_tree_node.cc:380
#14 0xaca942be in content::RenderFrameHostImpl::OnDidChangeLoadProgress
(this=this@entry=0xa416d8,
load_progress=<optimized out>)
at
../../../../third_party/chromium/src/content/browser/frame_host/render_frame_host_impl.cc:1719
#15 0xaca9cb70 in DispatchToMethodImpl<content::RenderFrameHostImpl, void
(content::RenderFrameHostImpl::*)(double), double, 0u> (arg=..., method=
(void (content::RenderFrameHostImpl::*)(content::RenderFrameHostImpl *
const, double)) 0xaca942b9
<content::RenderFrameHostImpl::OnDidChangeLoadProgress(double)>, obj=0xa416d8)
at ../../../../third_party/chromium/src/base/tuple.h:252
#16 DispatchToMethod<content::RenderFrameHostImpl, void
(content::RenderFrameHostImpl::*)(double), double> (arg=...,
method=
(void (content::RenderFrameHostImpl::*)(content::RenderFrameHostImpl *
const, double)) 0xaca942b9
<content::RenderFrameHostImpl::OnDidChangeLoadProgress(double)>, obj=0xa416d8)
at ../../../../third_party/chromium/src/base/tuple.h:259
#17 Dispatch<content::RenderFrameHostImpl, content::RenderFrameHostImpl, void,
void (content::RenderFrameHostImpl::*)(double)> (sender=0xa416d8,
parameter=0x0, func=
(void (content::RenderFrameHostImpl::*)(content::RenderFrameHostImpl *
const, double)) 0xaca942b9
<content::RenderFrameHostImpl::OnDidChangeLoadProgress(double)>, obj=0xa416d8,
msg=0xaa2d6f58)
at ../../../../third_party/chromium/src/content/common/frame_messages.h:898
#18 content::RenderFrameHostImpl::OnMessageReceived (this=0xa416d8, msg=...)
at
../../../../third_party/chromium/src/content/browser/frame_host/render_frame_host_impl.cc:560
#19 0xacb69b04 in content::RenderProcessHostImpl::OnMessageReceived
(this=0xa3dd78, msg=...)
at
../../../../third_party/chromium/src/content/browser/renderer_host/render_process_host_impl.cc:1721
#20 0xad28eb9c in IPC::ChannelProxy::Context::OnDispatchMessage (this=0xa453f8,
message=...)
at ../../../../third_party/chromium/src/ipc/ipc_channel_proxy.cc:293
#21 0xac97d86e in Run (this=0xbef4b9c8) at
../../../../third_party/chromium/src/base/callback.h:394
#22 base::debug::TaskAnnotator::RunTask (this=this@entry=0x9550e0,
queue_function=0xaecec060 "MessageLoop::PostTask",
pending_task=...) at
../../../../third_party/chromium/src/base/debug/task_annotator.cc:51
#23 0xac992bca in base::MessageLoop::RunTask (this=this@entry=0x955020,
pending_task=...)
at
../../../../third_party/chromium/src/base/message_loop/message_loop.cc:486
#24 0xac992e42 in base::MessageLoop::DeferOrRunPendingTask
(this=this@entry=0x955020, pending_task=...)
at
../../../../third_party/chromium/src/base/message_loop/message_loop.cc:495
#25 0xac9933d4 in base::MessageLoop::DoWork (this=0x955020)
at
../../../../third_party/chromium/src/base/message_loop/message_loop.cc:607
#26 0xac9295a6 in oxide::qt::MessagePump::RunOneTask (this=0x954a68)
at ../../../../qt/core/browser/oxide_qt_message_pump.cc:108
#27 0xb61a4a2a in QObject::event(QEvent*) () from
/usr/lib/arm-linux-gnueabihf/libQt5Core.so.5
#28 0xb66f9ef4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) ()
from /usr/lib/arm-linux-gnueabihf/libQt5Widgets.so.5
#29 0xb66fdde4 in QApplication::notify(QObject*, QEvent*) () from
/usr/lib/arm-linux-gnueabihf/libQt5Widgets.so.5
#30 0x007fed60 in ?? ()
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1559428
Title:
requesting location updates in oxide webview triggers memory
corruption
To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-devices-system-image/+bug/1559428/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
