[regression] deja-dup-monitor crashed with SIGSEGV in Gigacage::<lambda()>::operator()

Bug #1751460 reported by starkus on 2018-02-24
This bug affects 313 people
Affects Status Importance Assigned to Milestone
Déjà Dup
Undecided
Unassigned
WebKit
Fix Released
Medium
deja-dup (Ubuntu)
High
Unassigned
Xenial
High
Unassigned
Artful
High
Unassigned
Bionic
High
Unassigned
webkit2gtk (Ubuntu)
High
Unassigned

Bug Description

Impact
------
webkit2gtk 2.20 adds a new security feature called the Gigacage that uses an extremely large virtual memory address space (much larger than available physical memory).

Deja Dup's monitor background service had "ulimit -v 1000000" (that's 1 GB) set as a workaround for a memory leak issue that the developer was unable to reproduce.

After upgrading to the new webkit2gtk version, Deja Dup's monitor service will crash because of that virtual memory limit.

Test Case
---------
Install the deja-dup update.
Install the webkit2gtk update from a PPA (not prepared yet).
Log out. Log in.
After a few minutes, check /var/crash/ for any Deja Dup crash reports.

Regression Potential
--------------------
This could reintroduce the memory leak bug, but otherwise this is a minimal fix. Even if that happens, it's better than the service refusing to run.

Other Info
----------
https://errors.ubuntu.com/problem/27441b78823246dd5392ee29ac30546f6464289e

ProblemType: Crash
DistroRelease: Ubuntu 18.04
Package: deja-dup 37.1-1fakesync1
ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3
Uname: Linux 4.15.0-10-generic x86_64
ApportVersion: 2.20.8-0ubuntu10
Architecture: amd64
CrashCounter: 1
CurrentDesktop: GNOME
Date: Sat Feb 24 14:30:47 2018
ExecutablePath: /usr/lib/deja-dup/deja-dup-monitor
InstallationDate: Installed on 2017-12-27 (59 days ago)
InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64 (20171018)
ProcCmdline: /usr/lib/deja-dup/deja-dup-monitor
ProcEnviron:
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=de_DE.UTF-8
 SHELL=/bin/bash
SegvAnalysis:
 Segfault happened at: 0x7ff1c3dda588: movl $0x0,(%rax)
 PC (0x7ff1c3dda588) ok
 source "$0x0" ok
 destination "(%rax)" (0xbbadbeef) not located in a known VMA region (needed writable region)!
SegvReason: writing unknown VMA
Signal: 11
SourcePackage: deja-dup
StacktraceTop:
 ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
 __pthread_once_slow (once_control=0x7ff1c404202c, init_routine=0x7ff1baec0490 <__once_proxy>) at pthread_once.c:116
 Gigacage::ensureGigacage() () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
 bmalloc::Heap::Heap(bmalloc::HeapKind, std::lock_guard<bmalloc::StaticMutex>&) () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
 bmalloc::PerProcess<bmalloc::PerHeapKind<bmalloc::Heap> >::getSlowCase() () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
Title: deja-dup-monitor crashed with SIGSEGV in __pthread_once_slow()
UpgradeStatus: Upgraded to bionic on 2018-02-24 (0 days ago)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo

starkus (starkus) wrote :

StacktraceTop:
 Gigacage::<lambda()>::operator() (__closure=<optimized out>) at ./Source/bmalloc/bmalloc/Gigacage.cpp:154
 std::__invoke_impl<void, Gigacage::ensureGigacage()::<lambda()> > (__f=...) at /usr/include/c++/7/bits/invoke.h:60
 std::__invoke<Gigacage::ensureGigacage()::<lambda()> > (__fn=...) at /usr/include/c++/7/bits/invoke.h:95
 std::<lambda()>::operator() (__closure=<optimized out>) at /usr/include/c++/7/mutex:672
 std::<lambda()>::operator() (__closure=0x0) at /usr/include/c++/7/mutex:677

Changed in deja-dup (Ubuntu):
importance: Undecided → Medium
summary: - deja-dup-monitor crashed with SIGSEGV in __pthread_once_slow()
+ deja-dup-monitor crashed with SIGSEGV in Gigacage::<lambda()
tags: removed: need-amd64-retrace

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in deja-dup (Ubuntu):
status: New → Confirmed
tags: added: bugpattern-needed
information type: Private → Public
Changed in deja-dup (Ubuntu):
importance: Medium → High
tags: added: rls-bb-incoming
summary: deja-dup-monitor crashed with SIGSEGV in Gigacage::<lambda()
+ Gigacage::<lambda()>::operator()
summary: - deja-dup-monitor crashed with SIGSEGV in Gigacage::<lambda()
+ deja-dup-monitor crashed with SIGSEGV in
Gigacage::<lambda()>::operator()
Jeremy Bicha (jbicha) on 2018-03-05
Changed in webkit2gtk (Ubuntu):
importance: Undecided → High
status: New → Confirmed
Changed in webkit-open-source:
importance: Unknown → Medium
status: Unknown → Confirmed

The journalctl log:

org.gnome.DejaDup.Monitor.desktop[2536]: FATAL: Could not allocate gigacage memory with maxAlignment = 34359738368, totalSize = 120259084288.

kernel: deja-dup-monito[2536]: segfault at bbadbeef ip 00007f067db65588 sp 00007ffff2df82c0 error 6 in libjavascriptcoregtk-4.0.so.18.7.6[7f067cdad000+fc4000

Will Cooke (willcooke) on 2018-03-06
tags: removed: rls-bb-incoming
SyKeY-XAM (ubuntu-xam) wrote :

z

tags: removed: bugpattern-needed
tags: added: bugpattern-written
summary: - deja-dup-monitor crashed with SIGSEGV in
+ [regression] deja-dup-monitor crashed with SIGSEGV in
Gigacage::<lambda()>::operator()
tags: added: regression-update
vasilisc (vasilisc) wrote :

[Ubuntu release]
Release: 18.04
Codename: bionic

[uname]
Linux vasilisc 4.15.0-12-generic #13-Ubuntu SMP Thu Mar 8 06:24:47 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

[Kernel command line]
BOOT_IMAGE=/vmlinuz-4.15.0-12-generic root=UUID=6d8ea6da-b2d9-406c-a812-2b21a2925731 ro rootflags=subvol=@ elevator=cfq

deja-dup:
  Installed: 37.1-1fakesync1
  Candidate: 37.1-1fakesync1
  Version table:
 *** 37.1-1fakesync1 500
        500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages
        100 /var/lib/dpkg/status

geez (geez) wrote :

This bug appears to be crashing nautilus every time I try to open a file (by double clicking). As such, it is quite critical for me, as it effectively rendered the machine with 18.04 beta impossible to work on. Is anyone else experiencing this?

Togo28 (togo28) wrote :

I confirm what geez has written, the crashing is reproduceable

cubells (cubells) wrote :

@geez I think they are two different bugs.

Today I've opened this:
https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1754564

The most reproduceable crash for my system is running Firefox, any version,
including ESR, with no extensions. Sometimes it last longer than others,
almost always the initial opening holds, it's when a a new tab is initiated
it goes down. Rest of OS seems to operate unaffected, but FF is
irretrievable , and the crash report is generated, Never happened with
Chrome, or from my little use, Brave.

On Fri, Mar 9, 2018 at 3:48 AM, Togo28 <email address hidden> wrote:

> I confirm what geez has written, the crashing is reproduceable
>
> --
> You received this bug notification because you are subscribed to a
> duplicate bug report (1753122).
> https://bugs.launchpad.net/bugs/1751460
>
> Title:
> [regression] deja-dup-monitor crashed with SIGSEGV in
> Gigacage::<lambda()>::operator()
>
> Status in Déjà Dup:
> New
> Status in WebKit:
> Confirmed
> Status in deja-dup package in Ubuntu:
> Confirmed
> Status in webkit2gtk package in Ubuntu:
> Confirmed
> Status in deja-dup source package in Bionic:
> Confirmed
> Status in webkit2gtk source package in Bionic:
> Confirmed
>
> Bug description:
> https://errors.ubuntu.com/problem/27441b78823246dd5392ee29ac3054
> 6f6464289e
>
> ProblemType: Crash
> DistroRelease: Ubuntu 18.04
> Package: deja-dup 37.1-1fakesync1
> ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3
> Uname: Linux 4.15.0-10-generic x86_64
> ApportVersion: 2.20.8-0ubuntu10
> Architecture: amd64
> CrashCounter: 1
> CurrentDesktop: GNOME
> Date: Sat Feb 24 14:30:47 2018
> ExecutablePath: /usr/lib/deja-dup/deja-dup-monitor
> InstallationDate: Installed on 2017-12-27 (59 days ago)
> InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64
> (20171018)
> ProcCmdline: /usr/lib/deja-dup/deja-dup-monitor
> ProcEnviron:
> PATH=(custom, no user)
> XDG_RUNTIME_DIR=<set>
> LANG=de_DE.UTF-8
> SHELL=/bin/bash
> SegvAnalysis:
> Segfault happened at: 0x7ff1c3dda588: movl $0x0,(%rax)
> PC (0x7ff1c3dda588) ok
> source "$0x0" ok
> destination "(%rax)" (0xbbadbeef) not located in a known VMA region
> (needed writable region)!
> SegvReason: writing unknown VMA
> Signal: 11
> SourcePackage: deja-dup
> StacktraceTop:
> ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
> __pthread_once_slow (once_control=0x7ff1c404202c,
> init_routine=0x7ff1baec0490 <__once_proxy>) at pthread_once.c:116
> Gigacage::ensureGigacage() () from /usr/lib/x86_64-linux-gnu/
> libjavascriptcoregtk-4.0.so.18
> bmalloc::Heap::Heap(bmalloc::HeapKind, std::lock_guard<bmalloc::StaticMutex>&)
> () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
> bmalloc::PerProcess<bmalloc::PerHeapKind<bmalloc::Heap>
> >::getSlowCase() () from /usr/lib/x86_64-linux-gnu/
> libjavascriptcoregtk-4.0.so.18
> Title: deja-dup-monitor crashed with SIGSEGV in __pthread_once_slow()
> UpgradeStatus: Upgraded to bionic on 2018-02-24 (0 days ago)
> UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/deja-dup/+bug/1751460/+subscriptions
>

--
stephen saines
cell 647 631 0711

dino99 (9d9) wrote :

Feedback

Until now, deja-dup was crashing every time a session was opened (after cold boot). But it have stopped crashing on my system with a gnome-shell on xorg session, since you got that upgrade:

sane-backends (1.0.27-1~experimental3ubuntu2) bionic; urgency=medium

  * debian/rules: Drop timestamps from conflicting multiarch:same files
    hwdb.d/20-sane.hwdb and rules.d/60-libsane1.rules (closes: #880391)

 -- Adam Conrad <email address hidden> Sat, 03 Feb 2018 14:26:39 -0700

I cant see the relationship with that report, but the fact is the crash is gone. If there is no relationship at all, then only new gcc-7 & 8 have been upgraded and could explain that.

Is there still something to fix here, does not know !!!

Ubuntu QA Website (ubuntuqa) wrote :

This bug has been reported on the Ubuntu ISO testing tracker.

A list of all reports related to this bug can be found here:
http://iso.qa.ubuntu.com/qatracker/reports/bugs/1751460

tags: added: iso-testing

This bug happens every time I startup the PC. I've a notice that dejadup crash, than nautilus double click is no more able to to open a file with appropriate appplication.

Nautilus do not open the file with right click and choosing the app.

A-

dino99 (9d9) wrote :

Feedback2

commenting on #15 above:
in fact crash happens again but not every time; so we have now a random failure, shortly after opening a session (gnome on org). Does that suggest a race loading process, or a missing event answer ?

Norbert (nrbrtx) wrote :

Got this bug on fresh installation of Ubuntu 18.04 LTS with MATE DE.

tags: removed: third-party-packages
Luca Ciavatta (cialu) wrote :

Installation of Ubuntu 18.04 LTS updating from 17.10.

This bug usually happens (but not every time) when I turn on the PC.
Dejadup crash by itself, last time I was only browsing some sites, no other activities.

h9000 (h9000) wrote :

after every reboot it did crash here

Same as #17

Manfred Hampl (m-hampl) wrote :

@venturia: The issue of not being able to start an executable from within nautilus has nothing to do with this deja-dup failure. That problem has been reported as Bug #1747711

Kain Centeno (tenshinoneko) wrote :

just happened to me again. deja-dup running on the background, no backup setup

Daniel van Vugt (vanvugt) wrote :

Workaround:

sudo apt remove deja-dup

Luca Ciavatta (cialu) wrote :

> Nautilus do not open the file with right click and choosing the app.

In my case, if I use the 'Open With Other Application' option (also if I select the same app of the 'Open With App' option), it works.

Still not working with the double-click or with 'Open With App' option.

emk2203 (emk2203) wrote :

Am 13.03.2018 9:26 vorm. schrieb "Daniel van Vugt" <
<email address hidden>>:

Workaround:

sudo apt remove deja-dup

Best idea so far. This program crashes consistently in every Ubuntu
distribution for years. I won't touch it with a ten-foot pole. Who would
trust it for something important like a backup?

Manfred Hampl (m-hampl) wrote :

@Luca Ciavatta:
Also your problem has nothing to do with deja-dup and webkit and is probably caused by bug #1754564

tachiorz (tachiorz) wrote :

temp workaround GIGACAGE_ENABLED=no environment variable

Shahab (shahab178) wrote :

System monitor is crashing.

deja-dup monitor crash in start ubuntu mate 18.04

Jeremy Bicha (jbicha) wrote :

Please do not add comments here saying that you are affected by this bug.

Instead, you can click the button at the top of this page that says "This bug affects ___ people".

Andy (dj23rus) wrote :

SAME PROBLEM

stephen saines (stephensaines) wrote :
Download full text (3.1 KiB)

Supply a link! I like many others offered to help. I'm suddenly getting
emails that I might have inadvertently signed up for, but lacks specificity
in how to respond. May I suggest you find a way to link these responses to
your "page" wherever that is? Or do I just block the incoming emails?

On Tue, Mar 13, 2018 at 10:31 PM, Jeremy Bicha <email address hidden> wrote:

> Please do not add comments here saying that you are affected by this
> bug.
>
> Instead, you can click the button at the top of this page that says
> "This bug affects ___ people".
>
> --
> You received this bug notification because you are subscribed to a
> duplicate bug report (1753122).
> https://bugs.launchpad.net/bugs/1751460
>
> Title:
> [regression] deja-dup-monitor crashed with SIGSEGV in
> Gigacage::<lambda()>::operator()
>
> Status in Déjà Dup:
> New
> Status in WebKit:
> Confirmed
> Status in deja-dup package in Ubuntu:
> Confirmed
> Status in webkit2gtk package in Ubuntu:
> Confirmed
> Status in deja-dup source package in Bionic:
> Confirmed
> Status in webkit2gtk source package in Bionic:
> Confirmed
>
> Bug description:
> https://errors.ubuntu.com/problem/27441b78823246dd5392ee29ac3054
> 6f6464289e
>
> ProblemType: Crash
> DistroRelease: Ubuntu 18.04
> Package: deja-dup 37.1-1fakesync1
> ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3
> Uname: Linux 4.15.0-10-generic x86_64
> ApportVersion: 2.20.8-0ubuntu10
> Architecture: amd64
> CrashCounter: 1
> CurrentDesktop: GNOME
> Date: Sat Feb 24 14:30:47 2018
> ExecutablePath: /usr/lib/deja-dup/deja-dup-monitor
> InstallationDate: Installed on 2017-12-27 (59 days ago)
> InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64
> (20171018)
> ProcCmdline: /usr/lib/deja-dup/deja-dup-monitor
> ProcEnviron:
> PATH=(custom, no user)
> XDG_RUNTIME_DIR=<set>
> LANG=de_DE.UTF-8
> SHELL=/bin/bash
> SegvAnalysis:
> Segfault happened at: 0x7ff1c3dda588: movl $0x0,(%rax)
> PC (0x7ff1c3dda588) ok
> source "$0x0" ok
> destination "(%rax)" (0xbbadbeef) not located in a known VMA region
> (needed writable region)!
> SegvReason: writing unknown VMA
> Signal: 11
> SourcePackage: deja-dup
> StacktraceTop:
> ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
> __pthread_once_slow (once_control=0x7ff1c404202c,
> init_routine=0x7ff1baec0490 <__once_proxy>) at pthread_once.c:116
> Gigacage::ensureGigacage() () from /usr/lib/x86_64-linux-gnu/
> libjavascriptcoregtk-4.0.so.18
> bmalloc::Heap::Heap(bmalloc::HeapKind, std::lock_guard<bmalloc::StaticMutex>&)
> () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
> bmalloc::PerProcess<bmalloc::PerHeapKind<bmalloc::Heap>
> >::getSlowCase() () from /usr/lib/x86_64-linux-gnu/
> libjavascriptcoregtk-4.0.so.18
> Title: deja-dup-monitor crashed with SIGSEGV in __pthread_once_slow()
> UpgradeStatus: Upgraded to bionic on 2018-02-24 (0 days ago)
> UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/deja-dup/+bug/1751460/+subscriptions
>

--
stephen saines
cell 647 63...

Read more...

Download full text (6.1 KiB)

I'm just trying to contribute to system development by reporting bugs. I do
not work with programming

2018-03-14 9:30 GMT-03:00 stephen saines <email address hidden>:

> Supply a link! I like many others offered to help. I'm suddenly getting
> emails that I might have inadvertently signed up for, but lacks specificity
> in how to respond. May I suggest you find a way to link these responses to
> your "page" wherever that is? Or do I just block the incoming emails?
>
> On Tue, Mar 13, 2018 at 10:31 PM, Jeremy Bicha <email address hidden> wrote:
>
> > Please do not add comments here saying that you are affected by this
> > bug.
> >
> > Instead, you can click the button at the top of this page that says
> > "This bug affects ___ people".
> >
> > --
> > You received this bug notification because you are subscribed to a
> > duplicate bug report (1753122).
> > https://bugs.launchpad.net/bugs/1751460
> >
> > Title:
> > [regression] deja-dup-monitor crashed with SIGSEGV in
> > Gigacage::<lambda()>::operator()
> >
> > Status in Déjà Dup:
> > New
> > Status in WebKit:
> > Confirmed
> > Status in deja-dup package in Ubuntu:
> > Confirmed
> > Status in webkit2gtk package in Ubuntu:
> > Confirmed
> > Status in deja-dup source package in Bionic:
> > Confirmed
> > Status in webkit2gtk source package in Bionic:
> > Confirmed
> >
> > Bug description:
> > https://errors.ubuntu.com/problem/27441b78823246dd5392ee29ac3054
> > 6f6464289e
> >
> > ProblemType: Crash
> > DistroRelease: Ubuntu 18.04
> > Package: deja-dup 37.1-1fakesync1
> > ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3
> > Uname: Linux 4.15.0-10-generic x86_64
> > ApportVersion: 2.20.8-0ubuntu10
> > Architecture: amd64
> > CrashCounter: 1
> > CurrentDesktop: GNOME
> > Date: Sat Feb 24 14:30:47 2018
> > ExecutablePath: /usr/lib/deja-dup/deja-dup-monitor
> > InstallationDate: Installed on 2017-12-27 (59 days ago)
> > InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64
> > (20171018)
> > ProcCmdline: /usr/lib/deja-dup/deja-dup-monitor
> > ProcEnviron:
> > PATH=(custom, no user)
> > XDG_RUNTIME_DIR=<set>
> > LANG=de_DE.UTF-8
> > SHELL=/bin/bash
> > SegvAnalysis:
> > Segfault happened at: 0x7ff1c3dda588: movl $0x0,(%rax)
> > PC (0x7ff1c3dda588) ok
> > source "$0x0" ok
> > destination "(%rax)" (0xbbadbeef) not located in a known VMA region
> > (needed writable region)!
> > SegvReason: writing unknown VMA
> > Signal: 11
> > SourcePackage: deja-dup
> > StacktraceTop:
> > ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
> > __pthread_once_slow (once_control=0x7ff1c404202c,
> > init_routine=0x7ff1baec0490 <__once_proxy>) at pthread_once.c:116
> > Gigacage::ensureGigacage() () from /usr/lib/x86_64-linux-gnu/
> > libjavascriptcoregtk-4.0.so.18
> > bmalloc::Heap::Heap(bmalloc::HeapKind, std::lock_guard<bmalloc::
> StaticMutex>&)
> > () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
> > bmalloc::PerProcess<bmalloc::PerHeapKind<bmalloc::Heap>
> > >::getSlowCase() () from /usr/lib/x86_64-linux-gnu/
> > libjavascriptcoregtk-4.0.so.18
> > Title: deja-d...

Read more...

Jeremy Bicha (jbicha) wrote :

Stephen, there is a link in the sidebar of https://launchpad.net/bugs/1751460 to mute bug mail for this bug. Or you can edit your subscription there to stop receiving comments for this bug.

Marcos Nascimento (wstlmn) wrote :

This error message is often displayed after the system restarts ubuntu 18.04.

Changed in deja-dup (Ubuntu Bionic):
status: Confirmed → New
Jeremy Bicha (jbicha) on 2018-03-15
Changed in deja-dup (Ubuntu Bionic):
status: New → Triaged
Changed in webkit2gtk (Ubuntu Bionic):
status: Confirmed → Triaged
tachiorz (tachiorz) wrote :

Gigacage::ensureGigacage() will crash if virtual memory (ulimit -v) isn't unlimited or overcommit (vm.overcommit_memory) disabled.

Wild Man (wildmanne39) wrote :

Deja-dub crashes on startup every time I boot my laptop, I upgraded from Ubuntu 17.10 to 18.04. I am using kernel 4.16rc4.

prettoc (prettoc07) on 2018-03-16
Changed in deja-dup:
assignee: nobody → prettoc (prettoc07)
status: New → Confirmed
dino99 (9d9) on 2018-03-16
Changed in deja-dup:
assignee: prettoc (prettoc07) → nobody
status: Confirmed → New
Jeremy Bicha (jbicha) on 2018-03-17
Changed in deja-dup (Ubuntu Xenial):
importance: Undecided → High
status: New → Triaged
Changed in deja-dup (Ubuntu Artful):
importance: Undecided → High
status: New → Triaged
Changed in deja-dup (Ubuntu Bionic):
status: Triaged → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package deja-dup - 37.1-2fakesync1

---------------
deja-dup (37.1-2fakesync1) bionic-proposed; urgency=medium

  * Fake sync due to mismatching orig tarball.

deja-dup (37.1-2) experimental; urgency=medium

  * Add 0002-don-t-use-ulimit.patch:
    - Stop using ulimit since it is incompatible with webkit2gtk 2.20
      (LP: #1751460)

 -- Jeremy Bicha <email address hidden> Fri, 16 Mar 2018 19:31:21 -0400

Changed in deja-dup (Ubuntu Bionic):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in webkit2gtk (Ubuntu Artful):
status: New → Confirmed
Changed in webkit2gtk (Ubuntu Xenial):
status: New → Confirmed
Changed in webkit-open-source:
status: Confirmed → Fix Released
Kain Centeno (tenshinoneko) wrote :

Thank you for releasing a fix

Vej (vej) wrote :

You fixed by removing a fix without taking measurements to prevent the problem the fix was for?
Are you going to handle that as well or are we just going to see the OOM bugs again?

If you are handling this in another bug: Please link it here.

Thanks

Vej

Jeremy Bicha (jbicha) wrote :

Vej, please file a separate bug if you can reproduce the original memory consumption bug.

Jeremy Bicha (jbicha) wrote :

I am closing the webkit2gtk part of this bug.

It was mentioned that someone might set a virtual memory limit for their entire system. I don't think setting that makes sense on a desktop and it's my understanding that doing so will also break Java apps for a similar reason.

To test the impact of this, I added this to my ~/.profile

ulimit -v 4000000

After logging out and logging back in, I was still able to run GNOME Shell (although presumably the Captive Portal feature won't work). Any webkit using apps won't work (and that includes Epiphany, gnome-control-center, evolution, etc.).

At least the systemd journal records this basic error message:

org.gnome.Epiphany.desktop[12949]: FATAL: Could not allocate gigacage
memory with maxAlignment = 34359738368, totalSize = 103079215104.

.

The next upstream release of webkit2gtk will also add this to that error message: "Make sure you have not set a virtual memory limit."

So the remaining task here is to provide a deja-dup update to all supported Ubuntu releases so that we can safely provide webkit2gtk security updates there.

no longer affects: webkit2gtk (Ubuntu Bionic)
Changed in webkit2gtk (Ubuntu):
status: Triaged → Invalid
no longer affects: webkit2gtk (Ubuntu Xenial)
no longer affects: webkit2gtk (Ubuntu Artful)
Jeremy Bicha (jbicha) on 2018-03-21
description: updated
Manfred Hampl (m-hampl) wrote :

Looking at Jeremy Bicha's error message

org.gnome.Epiphany.desktop[12949]: FATAL: Could not allocate gigacage memory with maxAlignment = 34359738368, totalSize = 103079215104.

"totalSize = 103079215104" stands for a memory allocation of 96 GiB.
What the heck is webkit2gtk doing with so much memory?

Jeremy Bicha (jbicha) wrote :

Manfred, it is virtual memory space for an ASLR type security hardening feature. It doesn't actually allocate that much memory at all.

It is really a sad affair here. As far as I know Linux does not provide a explicit means to limit the amount of memory an application can use. The only reliable ulimit one can set is the virtual size limit. It feels also strange that DejaDup pulls a full web-browser into its background daemon. And furthermore that this web browser is not initialized on demand, but unconditionally.

Vej (vej) wrote :

Hello!

I noticed that the recent duplicate bug #1760233 does use deja-dup 37.1-2fakesync1, although this bug had been marked as fixed for this package.

Should we reset this to "Triaged"?

Vej (vej) wrote :

Resetting to Triaged, because the duplicates bug #1756817 and bug #1756776 show the same characteristics as described in comment #50.

Changed in deja-dup (Ubuntu Bionic):
status: Fix Released → Triaged
JGuire (jdmcguire) wrote :
Download full text (3.9 KiB)

I think this one is all good now for me, thanks!

On Sat, Mar 31, 2018, 7:20 AM Vej, <email address hidden> wrote:

> Hello!
>
> I noticed that the recent duplicate bug #1760233 does use deja-dup
> 37.1-2fakesync1, although this bug had been marked as fixed for this
> package.
>
> Should we reset this to "Triaged"?
>
> --
> You received this bug notification because you are subscribed to a
> duplicate bug report (1754195).
> https://bugs.launchpad.net/bugs/1751460
>
> Title:
> [regression] deja-dup-monitor crashed with SIGSEGV in
> Gigacage::<lambda()>::operator()
>
> Status in Déjà Dup:
> New
> Status in WebKit:
> Fix Released
> Status in deja-dup package in Ubuntu:
> Fix Released
> Status in webkit2gtk package in Ubuntu:
> Invalid
> Status in deja-dup source package in Xenial:
> Triaged
> Status in deja-dup source package in Artful:
> Triaged
> Status in deja-dup source package in Bionic:
> Fix Released
>
> Bug description:
> Impact
> ------
> webkit2gtk 2.20 adds a new security feature called the Gigacage that
> uses an extremely large virtual memory address space (much larger than
> available physical memory).
>
> Deja Dup's monitor background service had "ulimit -v 1000000" (that's
> 1 GB) set as a workaround for a memory leak issue that the developer
> was unable to reproduce.
>
> After upgrading to the new webkit2gtk version, Deja Dup's monitor
> service will crash because of that virtual memory limit.
>
> Test Case
> ---------
> Install the deja-dup update.
> Install the webkit2gtk update from a PPA (not prepared yet).
> Log out. Log in.
> After a few minutes, check /var/crash/ for any Deja Dup crash reports.
>
> Regression Potential
> --------------------
> This could reintroduce the memory leak bug, but otherwise this is a
> minimal fix. Even if that happens, it's better than the service refusing to
> run.
>
> Other Info
> ----------
>
> https://errors.ubuntu.com/problem/27441b78823246dd5392ee29ac30546f6464289e
>
> ProblemType: Crash
> DistroRelease: Ubuntu 18.04
> Package: deja-dup 37.1-1fakesync1
> ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3
> Uname: Linux 4.15.0-10-generic x86_64
> ApportVersion: 2.20.8-0ubuntu10
> Architecture: amd64
> CrashCounter: 1
> CurrentDesktop: GNOME
> Date: Sat Feb 24 14:30:47 2018
> ExecutablePath: /usr/lib/deja-dup/deja-dup-monitor
> InstallationDate: Installed on 2017-12-27 (59 days ago)
> InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Release amd64
> (20171018)
> ProcCmdline: /usr/lib/deja-dup/deja-dup-monitor
> ProcEnviron:
> PATH=(custom, no user)
> XDG_RUNTIME_DIR=<set>
> LANG=de_DE.UTF-8
> SHELL=/bin/bash
> SegvAnalysis:
> Segfault happened at: 0x7ff1c3dda588: movl $0x0,(%rax)
> PC (0x7ff1c3dda588) ok
> source "$0x0" ok
> destination "(%rax)" (0xbbadbeef) not located in a known VMA region
> (needed writable region)!
> SegvReason: writing unknown VMA
> Signal: 11
> SourcePackage: deja-dup
> StacktraceTop:
> ?? () from /usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
> __pthread_once_slow (once_control=0x7ff1c404202c,
> init_routine=...

Read more...

Jeremy Bicha (jbicha) wrote :

Vej, I'm reclosing this bug for bionic. Maybe you just hadn't rebooted since applying the update. Apport sometimes reports bugs late too.

Changed in deja-dup (Ubuntu Bionic):
status: Triaged → Fix Released
Jeremy Bicha (jbicha) wrote :

deja-dup 38.0 was released with the ulimit workaround removed for compatibility with the latest webkit release.

Changed in deja-dup:
status: New → Fix Released
Changed in webkit-open-source:
status: Fix Released → Confirmed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package deja-dup - 36.3-0ubuntu0.2

---------------
deja-dup (36.3-0ubuntu0.2) artful-security; urgency=medium

  * Add 0002-don-t-use-ulimit.patch:
    - Stop using ulimit since it is incompatible with webkit2gtk 2.20
      (LP: #1751460)

 -- Marc Deslauriers <email address hidden> Fri, 27 Apr 2018 07:48:04 -0400

Changed in deja-dup (Ubuntu Artful):
status: Triaged → Fix Released
Jeremy Bicha (jbicha) on 2018-05-08
Changed in deja-dup (Ubuntu Xenial):
status: Triaged → Invalid
Jeremy Bicha (jbicha) wrote :

I closed the Xenial task since deja-dup in Xenial doesn't use ulimit.

Changed in webkit-open-source:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.