Ubuntu-emulator: Crash in new welcome wizard / browser

Bug #1565685 reported by Dave Morley on 2016-04-04
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Canonical System Image
Critical
Olivier Tilloy
Oxide
High
Olivier Tilloy
1.14
High
Olivier Tilloy
oxide-qt (Ubuntu)
Undecided
Unassigned
phablet-tools (Ubuntu)
Undecided
Unassigned
unity8 (Ubuntu)
Undecided
Unassigned

Bug Description

STEPS:
1. Install ubuntu-emulator
2. sudo ubuntu-emulator create --channel ubuntu-touch/rc-proposed/ubuntu rc-test
3. ubuntu-emulator run rc-test
4. Doesn't complete the welcome wizard

Also, in emulator:
1. mkdir ~/.config/ubuntu-system-settings/
2. touch ~/.config/ubuntu-system-settings/wizard-has-run
3. launch webbrowser-app
4. crashes on start up

Changed in canonical-devices-system-image:
status: New → Confirmed
importance: Undecided → Critical
milestone: none → ww08-2016
assignee: nobody → Michał Sawicz (saviq)
tags: added: regression-proposed
Michał Sawicz (saviq) on 2016-04-04
Changed in unity8 (Ubuntu):
assignee: nobody → Lukáš Tinkl (lukas-kde)
Michał Sawicz (saviq) wrote :

Unity8 SIGABRTs with:

com.canonical.usensord.Error: open /sys/class/timed_output/vibrator/enable: no such file or directory
terminate called after throwing an instance of 'std::logic_error'
  what(): basic_string::_S_construct null not valid

Michał Sawicz (saviq) on 2016-04-04
Changed in unity8 (Ubuntu):
status: New → Incomplete
assignee: Lukáš Tinkl (lukas-kde) → nobody
Michał Sawicz (saviq) wrote :

This happens when unity8 tries to load the WebView to display some ToS. The abort seems to be coming from oxide:

[...]

#7 0xffffffff in std::__throw_logic_error(char const*) (__s=0xb601092c "basic_string::_S_construct null not valid")
    at ../../../../../src/libstdc++-v3/src/c++11/functexcept.cc:71
#8 0xffffffff in std::string::_S_construct<char const*>(char const*, char const*, std::allocator<char> const&, std::forward_iterator_tag) (__beg=0x0, __end=0xffffffff <error: Cannot access memory at address 0xffffffff>, __a=...)
    at /build/buildd/gcc-4.9-4.9.2/build/i686-linux-gnu/libstdc++-v3/include/bits/basic_string.tcc:133
#9 0xffffffff in std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (__a=..., __end=<optimized out>, __beg=0x0)
    at /build/buildd/gcc-4.9-4.9.2/build/i686-linux-gnu/libstdc++-v3/include/bits/basic_string.h:1743
#10 0xffffffff in std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (__a=..., __end=<optimized out>, __beg=0x0)
    at /build/buildd/gcc-4.9-4.9.2/build/i686-linux-gnu/libstdc++-v3/include/bits/basic_string.h:1764
#11 0xffffffff in std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (this=0xbfd1859c, __s=0x0, __a=...)
    at /build/buildd/gcc-4.9-4.9.2/build/i686-linux-gnu/libstdc++-v3/include/bits/basic_string.tcc:215
#12 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#13 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#14 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#15 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#16 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#17 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#18 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#19 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#20 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#21 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#22 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#23 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#24 0xffffffff in oxide::qt::EnsureChromiumStarted() () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0

[...]

I wasn't able to install oxide symbols, unfortunately... they're over 1GB and the emulator can't handle that.

summary: - Ubuntu-emulator: Crash in new welcome wizard cause the emulator to
- reboot
+ Ubuntu-emulator: Crash in new welcome wizard / web view
description: updated
description: updated
Michał Sawicz (saviq) on 2016-04-04
summary: - Ubuntu-emulator: Crash in new welcome wizard / web view
+ Ubuntu-emulator: Crash in new welcome wizard / browser
Changed in canonical-devices-system-image:
assignee: Michał Sawicz (saviq) → Olivier Tilloy (osomon)
Changed in unity8 (Ubuntu):
status: Incomplete → Invalid
description: updated
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in oxide-qt (Ubuntu):
status: New → Confirmed
Changed in phablet-tools (Ubuntu):
status: New → Confirmed
Olivier Tilloy (osomon) wrote :
Download full text (11.3 KiB)

Here is a more complete backtrace:

#0 0xb7691424 in __kernel_vsyscall ()
#1 0xb56e8057 in raise () from /lib/i386-linux-gnu/libc.so.6
#2 0xb56e9699 in abort () from /lib/i386-linux-gnu/libc.so.6
#3 0xb592ee75 in __gnu_cxx::__verbose_terminate_handler() () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#4 0xb592c953 in ?? () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#5 0xb592c9cd in std::terminate() () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#6 0xb592cc90 in __cxa_throw () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#7 0xb5988d43 in std::__throw_logic_error(char const*) () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#8 0xb5996055 in char* std::string::_S_construct<char const*>(char const*, char const*, std::allocator<char> const&, std::forward_iterator_tag) () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#9 0xb59965f8 in std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#10 0xaa30b702 in oxide::(anonymous namespace)::CollectDriverInfo (gpu_info=0x0)
    at ../../../../shared/browser/oxide_gpu_info_collector_linux.cc:291
#11 0xaa30d023 in CollectBasicGraphicsInfoAndroid (gpu_info=<optimized out>)
    at ../../../../shared/browser/oxide_gpu_info_collector_linux.cc:319
#12 oxide::GpuInfoCollectorLinux::CollectBasicGraphicsInfo (this=0xb8bf0ec8, gpu_info=0xbfec4b7c)
    at ../../../../shared/browser/oxide_gpu_info_collector_linux.cc:636
#13 0xaae083ff in gpu::CollectBasicGraphicsInfo (gpu_info=0xbfec4b7c)
    at ../../../../shared/port/gpu_config/gpu_info_collector_oxide_linux.cc:41
#14 0xaa547d68 in content::GpuDataManagerImplPrivate::Initialize (this=0xb8bf1a78)
    at ../../../../third_party/chromium/src/content/browser/gpu/gpu_data_manager_impl_private.cc:533
#15 0xaa540ec7 in content::GpuDataManagerImpl::Initialize (this=0xb8bf1358)
    at ../../../../third_party/chromium/src/content/browser/gpu/gpu_data_manager_impl.cc:143
#16 0xaa45111e in content::BrowserMainLoop::PreCreateThreads (this=0xb8bc7be8)
    at ../../../../third_party/chromium/src/content/browser/browser_main_loop.cc:747
#17 0xaa2bd1a4 in Run (object=0xb8bc7be8, this=<synthetic pointer>)
    at ../../../../third_party/chromium/src/base/bind_internal.h:178
#18 MakeItSo (args#0=0xb8bc7be8, runnable=...) at ../../../../third_party/chromium/src/base/bind_internal.h:297
#19 base::internal::Invoker<base::IndexSequence<0u>, base::internal::BindState<base::internal::RunnableAdapter<void (OxideQCertificateErrorPrivate::*)()>, void (OxideQCertificateErrorPrivate*), base::internal::UnretainedWrapper<OxideQCertificateErrorPrivate> >, base::internal::TypeList<base::internal::UnwrapTraits<base::internal::UnretainedWrapper<OxideQCertificateErrorPrivate> > >, base::internal::InvokeHelper<false, void, base::internal::RunnableAdapter<void (OxideQCertificateErrorPrivate::*)()>, base::internal::TypeList<OxideQCertificateErrorPrivate*> >, void ()>::Run(base::internal::BindStateBase*) (base=0xb8bf8f90) at ../../../../third_party/chromium/src/base/bind_internal.h:350
#20 0xaa709bc7 in Run (this=0xb8bf8fb8) at ../../../../third_party/chromium/src/base/callback.h:394
#...

Olivier Tilloy (osomon) wrote :

And I’m attaching the corresponding crash file.

Olivier Tilloy (osomon) wrote :

This most likely happens because glGetStringFn(GL_SHADING_LANGUAGE_VERSION) returns nullptr.

Olivier Tilloy (osomon) wrote :

According to https://www.opengl.org/wiki/GLAPI/glGetString, glGetString() may return a null pointer if an error is generated, and still according to the documentation, that error could only be GL_INVALID_ENUM, which implies that GL_SHADING_LANGUAGE_VERSION is not an accepted value for the GL driver used in the emulator. Adding a guard in oxide to recover from such an error and avoid the crash might help, but it’s not clear to me why the driver thinks GL_SHADING_LANGUAGE_VERSION is not a valid query.

tags: added: lt-important
Olivier Tilloy (osomon) wrote :

Interestingly a similar issue was fixed in chrome on android 6 months ago: https://chromium.googlesource.com/chromium/src/+/4af61ccffa3d1af66d2f5c8df0028187ccfadd27%5E%21/#F0

Olivier Tilloy (osomon) on 2016-04-18
Changed in oxide:
assignee: nobody → Olivier Tilloy (osomon)
importance: Undecided → High
status: New → Fix Released
milestone: none → branch-1.15
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package oxide-qt - 1.14.7-0ubuntu0.14.04.1

---------------
oxide-qt (1.14.7-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Update to v1.14.7
    - Bump Chromium rev to 50.0.2661.87
    - Fix LP: #1565685 - Gracefully handle the case where
      glGetString(GL_SHADING_LANGUAGE_VERSION) returns a null pointer
    - Fix LP: #1543761 - Move fullscreen logic out of oxide::WebView
    - Fix LP: #1542119 - Rip input handling and compositing glue out of
      oxide::WebView
    - Fix LP: #1548996 - Fix device scaling mess
    - Fix LP: #1459830 - Support drag and drop
    - Fix LP: #1440863 - Support navigator.vibrate()
    - Fix LP: #1552376 - Ensure we disable the use of the share context on
      drivers where Chromium uses virtualized GL contexts
    - Fix LP: #1520537 - webbrowser-app crashes after 1 sec on unity8
    - Fix LP: #1459395 - Triple click doesn't work
    - Fix LP: #1459362 - SwipeArea lets touch events through before a drag is
      detected
    - Fix LP: #1426153 - Use a single-threaded webview compositor
    - Fix LP: #1543587 - Duplicate targets and random mis-builds due to
      Chromedriver
    - Fix LP: #1555122 - Startup crash when running in a VM
    - Fix LP: #1552825 - WebView.touchSelectionController.active remains true
      when navigating away
    - Fix LP: #1556323 - Fix SIGSEGV in oxide::InputMethodContext::SetImeBridge
    - Add support for scale factor retrieved from the Ubuntu QPA plugin
    - Switch from DelegatedRendererLayer to SurfaceLayer in
      RenderWidgetHostView, as the former has been deleted from Chromium

  * Refresh gross-hack-for-dual-ffmpeg-build.patch
  * Build-depend on qtfeedback5-dev
    - update debian/control

 -- Chris Coulson <email address hidden> Mon, 18 Apr 2016 16:28:53 +0100

Changed in oxide-qt (Ubuntu):
status: Confirmed → Fix Released
Changed in canonical-devices-system-image:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers