Startup crash after upgrading to 59.0.3071.109 on trusty/xenial/yakkety

Bug #1702407 reported by Gareth Evans on 2017-07-05
184
This bug affects 36 people
Affects Status Importance Assigned to Milestone
chromium-browser (Debian)
Fix Released
Unknown
chromium-browser (Ubuntu)
Critical
Olivier Tilloy

Bug Description

$ apt-cache policy chromium-browser
chromium-browser:
  Installed: 59.0.3071.109-0ubuntu0.16.04.1289
  Candidate: 59.0.3071.109-0ubuntu0.16.04.1289
  Version table:
 *** 59.0.3071.109-0ubuntu0.16.04.1289 500
        500 http://archive.ubuntu.com/ubuntu xenial-updates/universe amd64 Packages
        500 http://archive.ubuntu.com/ubuntu xenial-security/universe amd64 Packages
        100 /var/lib/dpkg/status
     49.0.2623.108-0ubuntu1.1233 500
        500 http://archive.ubuntu.com/ubuntu xenial/universe amd64 Packages

$ chromium-browser
Using PPAPI flash.
 --ppapi-flash-path=/usr/lib/adobe-flashplugin/libpepflashplayer.so --ppapi-flash-version=
Received signal 11 SEGV_MAPERR 000000000010
#0 0x7f8cc1af5425 base::debug::StackTrace::StackTrace()
#1 0x7f8cc1af580b <unknown>
#2 0x7f8cc1e20390 <unknown>
#3 0x5619ce286dc8 <unknown>
#4 0x5619ce289656 <unknown>
#5 0x5619ce289df9 <unknown>
#6 0x5619ce28a143 <unknown>
#7 0x7f8cc1b70821 <unknown>
#8 0x7f8cc1af6eea base::debug::TaskAnnotator::RunTask()
#9 0x7f8cc1b1fe90 base::MessageLoop::RunTask()
#10 0x7f8cc1b2197d base::MessageLoop::DeferOrRunPendingTask()
#11 0x7f8cc1b2283d <unknown>
#12 0x7f8cc1b23300 base::MessagePumpLibevent::Run()
#13 0x7f8cc1b1ef15 base::MessageLoop::RunHandler()
#14 0x7f8cc1b49628 base::RunLoop::Run()
#15 0x7f8cc1b75e36 base::Thread::ThreadMain()
#16 0x7f8cc1b70726 <unknown>
#17 0x7f8cc1e166ba start_thread
#18 0x7f8cab4c53dd clone
  r8: 000000000000002e r9: 00005619cfcdd6ec r10: 0000000000000000 r11: 00007f8cab552f50
 r12: 00007f8c1b0d1ff0 r13: 0000000000000008 r14: 0000000000000008 r15: 00007f8c1b0d1eb0
  di: 0000000000000000 si: 00007f8c1b0d1eb0 bp: 00007f8c1b0d1f00 bx: 00007f8c1b0d1eb0
  dx: 0000000000000061 ax: 0000000000000000 cx: 00007f8bf0047070 sp: 00007f8c1b0d1e60
  ip: 00005619ce286dc8 efl: 0000000000010206 cgf: 0000000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000010
[end of stack trace]

Quits <1s after starting on desktop. Output from terminal-based launch is above.
Worked earlier today before updating.

tags: added: xenial
Gareth Evans (garethevans-9) wrote :

This problem appears to be fixable by closing chromium and renaming ~/.config/chromium/ so a new set of config files is created by chromium when it is opened again.

Then cp ~/.config/chromium_old/Default/Bookmarks ~/.config/chromium/Default/

This update introduced the new settings interface so perhaps something to do with that.

Giuseppe_M (giuseppem) wrote :

@Gareth Evans

Your suggestion, and without copying back the old Bookmarks, works only the first time, when you close and reopen the browser it crashes again, with:

Received signal 11 SEGV_MAPERR 000000000008
#0 0x0000b762af0a base::debug::StackTrace::StackTrace()
#1 0x0000b762a83a base::debug::StackTrace::StackTrace()
#2 0x0000b762b388 <unknown>
#3 0x0000b77bec20 ([vdso]+0xc1f)
#4 0x00008055948a <unknown>
#5 0x00008055c01b <unknown>
#6 0x00008055c7d4 <unknown>
#7 0x00008055cb1b <unknown>
#8 0x000080555586 <unknown>
#9 0x0000b76afe2e <unknown>
#10 0x0000b76afdb3 <unknown>
#11 0x0000b762c80b base::debug::TaskAnnotator::RunTask()
#12 0x0000b7658f3b base::MessageLoop::RunTask()
#13 0x0000b765a292 base::MessageLoop::DeferOrRunPendingTask()
#14 0x0000b765b399 base::MessageLoop::DoWork()
#15 0x0000b765bfbd base::MessagePumpLibevent::Run()
#16 0x0000b7658304 base::MessageLoop::RunHandler()
#17 0x0000b76855dd base::RunLoop::Run()
#18 0x0000b76b5c61 base::Thread::ThreadMain()
#19 0x0000b76afcdf <unknown>
#20 0x0000b7786295 start_thread
#21 0x0000afd6705e clone
  gs: 00000033 fs: 00000000 es: 0000007b ds: 0000007b
 edi: 00000000 esi: a824bd60 ebp: 8f1507f8 esp: 8f150780
 ebx: 835cb528 edx: 8f150714 ecx: a824bcb0 eax: 00000000
 trp: 0000000e err: 00000004 ip: 8055948a cs: 00000073
 efl: 00210282 usp: 8f150780 ss: 0000007b
[end of stack trace]

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in chromium-browser (Ubuntu):
status: New → Confirmed
Download full text (4.8 KiB)

Sorry I didn't tell the whole story...

close chromium
$ sudo apt-get purge chromium
rename ~/.config/chromium (which remained after purge, not sure if it should?)
reboot
$ sudo apt-get install chromium
copy old Bookmarks to new ~/.config/chromium/Default/

Before this, I tried upgrading a VM with 16.04.1 to the latest version of chromium, which worked perfectly, and still worked after dist-upgrade to 16.04.2 - but the VM (and certainly its version of chromium) was pretty much otherwise unused, so I wondered aloud about potential causes.

I don't see why a reboot should make a difference but I hope that works for you - mine is now working normally again. I should have explained more fully before.

Gareth

On Wed, 5 Jul 2017, at 14:05, Giuseppe_M wrote:
> @Gareth Evans
>
> Your suggestion, and without copying back the old Bookmarks, works only
> the first time, when you close and reopen the browser it crashes again,
> with:
>
> Received signal 11 SEGV_MAPERR 000000000008
> #0 0x0000b762af0a base::debug::StackTrace::StackTrace()
> #1 0x0000b762a83a base::debug::StackTrace::StackTrace()
> #2 0x0000b762b388 <unknown>
> #3 0x0000b77bec20 ([vdso]+0xc1f)
> #4 0x00008055948a <unknown>
> #5 0x00008055c01b <unknown>
> #6 0x00008055c7d4 <unknown>
> #7 0x00008055cb1b <unknown>
> #8 0x000080555586 <unknown>
> #9 0x0000b76afe2e <unknown>
> #10 0x0000b76afdb3 <unknown>
> #11 0x0000b762c80b base::debug::TaskAnnotator::RunTask()
> #12 0x0000b7658f3b base::MessageLoop::RunTask()
> #13 0x0000b765a292 base::MessageLoop::DeferOrRunPendingTask()
> #14 0x0000b765b399 base::MessageLoop::DoWork()
> #15 0x0000b765bfbd base::MessagePumpLibevent::Run()
> #16 0x0000b7658304 base::MessageLoop::RunHandler()
> #17 0x0000b76855dd base::RunLoop::Run()
> #18 0x0000b76b5c61 base::Thread::ThreadMain()
> #19 0x0000b76afcdf <unknown>
> #20 0x0000b7786295 start_thread
> #21 0x0000afd6705e clone
> gs: 00000033 fs: 00000000 es: 0000007b ds: 0000007b
> edi: 00000000 esi: a824bd60 ebp: 8f1507f8 esp: 8f150780
> ebx: 835cb528 edx: 8f150714 ecx: a824bcb0 eax: 00000000
> trp: 0000000e err: 00000004 ip: 8055948a cs: 00000073
> efl: 00210282 usp: 8f150780 ss: 0000007b
> [end of stack trace]
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1702407
>
> Title:
> Update breaks chromium-browser on Ubuntu Mate 16.04.2
>
> Status in chromium-browser package in Ubuntu:
> Confirmed
>
> Bug description:
> $ apt-cache policy chromium-browser
> chromium-browser:
> Installed: 59.0.3071.109-0ubuntu0.16.04.1289
> Candidate: 59.0.3071.109-0ubuntu0.16.04.1289
> Version table:
> *** 59.0.3071.109-0ubuntu0.16.04.1289 500
> 500 http://archive.ubuntu.com/ubuntu xenial-updates/universe amd64 Packages
> 500 http://archive.ubuntu.com/ubuntu xenial-security/universe amd64 Packages
> 100 /var/lib/dpkg/status
> 49.0.2623.108-0ubuntu1.1233 500
> 500 http://archive.ubuntu.com/ubuntu xenial/universe amd64 Packages
>
> $ chromium-browser
> Using PPAPI flash.
> --ppapi-flash-path=/usr/lib/adobe-flashplugin/libpepflashplayer.so --ppapi-flash-version=
...

Read more...

Olivier Tilloy (osomon) wrote :

@Gareth: glad to know that you managed to sort out the crash, although it is worrisome and we should get to the bottom of it. No tinkering with the config directory should ever be needed.

@Giuseppe: if you can still reproduce the crash reliably, would you mind installing the debug symbols for chromium-browser (following the instructions at https://wiki.ubuntu.com/Debug%20Symbol%20Packages#Debug_Symbol_Packages) and see if you get a more complete stacktrace?

Changed in chromium-browser (Ubuntu):
importance: Undecided → High

Thought I'd have a go out of interest - Replacing my new config dir with the old one reproduces the bug, but -dbg seems to require a previous verison of chromium-browser (had the the same problem trying to install -dbg from synaptic):

===
$ echo "deb http://ddebs.ubuntu.com $(lsb_release -cs) main restricted universe multiverse
> deb http://ddebs.ubuntu.com $(lsb_release -cs)-updates main restricted universe multiverse
> deb http://ddebs.ubuntu.com $(lsb_release -cs)-proposed main restricted universe multiverse" | \
> sudo tee -a /etc/apt/sources.list.d/ddebs.list
[sudo] password for user:
deb http://ddebs.ubuntu.com xenial main restricted universe multiverse
deb http://ddebs.ubuntu.com xenial-updates main restricted universe multiverse
deb http://ddebs.ubuntu.com xenial-proposed main restricted universe multiverse

$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 428D7C01 C8CAB6595FDFF622
Executing: /tmp/tmp.WR8LuQinDY/gpg.1.sh --keyserver
keyserver.ubuntu.com
--recv-keys
428D7C01
C8CAB6595FDFF622
gpg: requesting key 428D7C01 from hkp server keyserver.ubuntu.com
gpg: requesting key 5FDFF622 from hkp server keyserver.ubuntu.com
gpg: key 428D7C01: public key "Ubuntu Debug Symbol Archive Automatic Signing Key <email address hidden>" imported
gpg: key 5FDFF622: public key "Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <email address hidden>" imported
gpg: Total number processed: 2
gpg: imported: 2 (RSA: 1)

$ sudo apt-get update

...
...

$ sudo apt-get install chromium-browser-dbg
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies.
 chromium-browser-dbg : Depends: chromium-browser (= 51.0.2704.79-0ubuntu0.16.04.1.1242) but 59.0.3071.109-0ubuntu0.16.04.1289 is to be installed
E: Unable to correct problems, you have held broken packages.
====

In case it helps, the version I had installed previously (at least according to my update logs) was chromium-browser (58.0.3029.110-0ubuntu0.16.04.1281)

Happy to help further if I can.

Gareth Evans (garethevans-9) wrote :

Also I can switch config dirs to reproduce the bug and back again with no reboot necessary to result in normal operation.

Done. Is this okay?

Thanks Giuseppe, that's very useful. I extracted a full backtrace from the crash, attaching it here.

summary: - Update breaks chromium-browser on Ubuntu Mate 16.04.2
+ Startup crash after upgrading to 59.0.3071.109 on xenial
Changed in chromium-browser (Ubuntu):
assignee: nobody → Olivier Tilloy (osomon)
importance: High → Critical
Olivier Tilloy (osomon) wrote :

To everyone affected by the crash (I haven't managed to reproduce it locally yet): can you please disable networking on your computer (turn off wifi) and check whether that makes chromium start normally?

Giuseppe_M (giuseppem) wrote :

So, I have been using the browser normally all morning without disabling the extensions. As soon I turned on TV, which has a Chromecast dongle attached, the browser crashed. Turned off TV, but the browser continued crashing. So I ran `sudo network-manager stop` and I could open the browser again, without crashes. Enabling network again and the browser does not crash.

togs (togs) wrote :

Have the same issue here on Ubuntu 14.04.5 LTS with the following packets installed:

dpkg -l | grep chromium
ii chromium-browser 59.0.3071.109-0ubuntu0.14.04.1186 amd64 Chromium web browser, open-source version of Chrome
ii chromium-browser-l10n 59.0.3071.109-0ubuntu0.14.04.1186 all chromium-browser language packages
ii chromium-codecs-ffmpeg-extra 59.0.3071.109-0ubuntu0.14.04.1186 amd64 Extra ffmpeg codecs for the Chromium Browser
ii unity-scope-chromiumbookmarks 0.1+13.10.20130723-0ubuntu1 all Chromium bookmarks scope for Unity

@osomon The issue seems to be unrelated to whether you are online or offline.

I can get the issue to disappear and reappear with the following actions though:

Run "chromium-browser" in terminal
..error appears. Close chromium again.

Run "chromium-browser --disable-extensions" in terminal
..no error. Close chromium again.

Run chromium-browser
..no error. Close chromium again.

Run chromium-browser
..no error. Close chromium again.

Run chromium-browser
..no error. Close chromium again.

(..tried up to 8 times)

Run chromium-browser
..no error.
Open a webpage like https://heise.de/newsticker.
..Page loads. Close chromium again.

Run chromium-browser
..The error appears.

I have run the above cycle several times and this works reliably. Have disabled my extensions; at first some, finally all of them, but that has no impact on reproducibility. Only deviation: sometimes you have to open more than one website and close the browser to find the error reappearing upon next start.

Let me know when I can contribute more information.

Olivier Tilloy (osomon) wrote :

The crash happens on the following line:

    NetworkMap::iterator existing_access_point_iter = network_map->find(ssid);

in extensions::NetworkingPrivateLinux::AddOrUpdateAccessPoint(…)

Olivier Tilloy (osomon) wrote :

@togs: it would be useful if you could verify whether turning off wifi makes the issue go away. If not, that might be a different issue.

togs (togs) wrote :

@osomon: The issue seems to be unrelated to whether you are online or offline via wifi.

togs (togs) wrote :

To clarify:

togs@nb03:~$ iwconfig
vmnet8 no wireless extensions.

eth0 no wireless extensions.

lo no wireless extensions.

virbr0 no wireless extensions.

wlan0 IEEE 802.11abgn ESSID:off/any
          Mode:Managed Access Point: Not-Associated Tx-Power=22 dBm
          Retry long limit:7 RTS thr:off Fragment thr:off
          Power Management:off

vmnet1 no wireless extensions.

togs@nb03:~$ chromium-browser
Received signal 11 SEGV_MAPERR 000000000010
#0 0x7f3bf1aedd47 base::debug::StackTrace::StackTrace()
#1 0x7f3bf1aee133 <unknown>
#2 0x7f3bf17fa330 <unknown>
#3 0x7f3bf240b9f8 <unknown>
#4 0x7f3bf240cfb1 <unknown>
#5 0x7f3bf240d633 <unknown>
#6 0x7f3bf240dbc7 <unknown>
#7 0x7f3bf1b62b91 <unknown>
#8 0x7f3bf1aef269 base::debug::TaskAnnotator::RunTask()
#9 0x7f3bf1b16040 base::MessageLoop::RunTask()
#10 0x7f3bf1b1797d base::MessageLoop::DeferOrRunPendingTask()
#11 0x7f3bf1b1879d <unknown>
#12 0x7f3bf1b19250 base::MessagePumpLibevent::Run()
#13 0x7f3bf1b15422 base::MessageLoop::RunHandler()
#14 0x7f3bf1b3ddf8 base::RunLoop::Run()
#15 0x7f3bf1b67d56 base::Thread::ThreadMain()
#16 0x7f3bf1b62a96 <unknown>
#17 0x7f3bf17f2184 start_thread
#18 0x7f3be7c43ffd clone
  r8: 0000000000000000 r9: 0000000000000003 r10: 00007f3b43cd3d18 r11: 00007f3be7cd0110
 r12: 00007f3b43cd3fe0 r13: 0000000000000008 r14: 0000000000000008 r15: 00007f3b43cd3fe0
  di: 0000000000000000 si: 00007f3b43cd3fe0 bp: 0000000000000000 bx: 00007f3b43cd40f0
  dx: 00007f3be872f3d8 ax: 00007f3be872f3d8 cx: 0000000000000000 sp: 00007f3b43cd3f90
  ip: 00007f3bf240b9f8 efl: 0000000000010206 cgf: 0000000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000010
[end of stack trace]
Calling _exit(1). Core file will not be generated.

Just an FYI, this can be worked around by disabling the media router extension.

1) Start chromium on the command line with: chromium-browser --disable-extensions
2) Navigate to chrome://flags
3) Search for "media router" and set it to "Disabled"

I have tested 59.0.3071.109-0ubuntu0.16.04.1289 on two systems, but only one seems to exhibit the crash.

1) Intel i7-4770, Ubuntu 14.04.5 fully up-to-date, wired network: Does NOT exhibit the crash.
2) Intel Celeron N2840, Ubuntu 16.04.2 fully up-to-date, wireless network: DOES exhibit the crash. Resolved with the above workaround.

System #2 will even exhibit the crash while running with --temp-profile. I think it is related to wireless network scan updates and probably caused by a function parameter order-of-execution assumption that relies on side-effects (SEI CERT EXP50-CPP) as described in https://bugs.chromium.org/p/chromium/issues/detail?id=409318. More details and a patch I don't seem to be able to download ATM at https://bugs.chromium.org/p/chromium/issues/detail?id=572539.

I was able to wget the diff from https://bugs.chromium.org/p/chromium/issues/attachment?aid=116063. I believe adapting it to the current code base should resolve the crash. However I do not have a 16.04 build env to test on my system with wifi nor a wifi adapter to test on my 14.04 system. Besides, the N2480 would probably take a week to compile. ;)

Turned off WiFi, Chromium browser comes up with home page (google). Seems OK. Turn on WiFi, and it crashes.

---------- Original Message ----------
From: Olivier Tilloy <email address hidden>
To: <email address hidden>
Subject: [Bug 1702407] Re: Startup crash after upgrading to 59.0.3071.109 on xenial
Date: Thu, 06 Jul 2017 09:30:50 -0000

To everyone affected by the crash (I haven't managed to reproduce it
locally yet): can you please disable networking on your computer (turn
off wifi) and check whether that makes chromium start normally?

--
You received this bug notification because you are subscribed to a
duplicate bug report (1702501).
https://bugs.launchpad.net/bugs/1702407

Title:
  Startup crash after upgrading to 59.0.3071.109 on xenial

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1702407/+subscriptions
____________________________________________________________
How To Lose Weight Fast (Drink This Daily)
Celebrity Local
http://thirdpartyoffers.juno.com/TGL3131/595e29a1d367629a10cd6st04vuc

Rohan,

Confirmed. I did have to interact with the cast extension after enabling wifi to get it to crash though. It may have just been coincidence though (wireless network list was probably cached).

I also tried plugging and unplugging the ethernet cable with wifi off, which did not seem to trigger the crash (not unsurprising given the above stacktrace and patch).

Olivier Tilloy (osomon) wrote :

If I understand correctly https://bugs.chromium.org/p/chromium/issues/detail?id=409318 and if that information is still current, packages built with clang are not affected. Which would explain why all the reports affect xenial and trusty (haven't been getting reports for yakkety, but assuming not many people run it, as it will be EOL in 2 weeks). That would also explain why chrome is not affected, only chromium-browser.
I'll give a go at patching networking_private_linux.cc and building packages in a PPA so people affected by the crash can try it out.

Andrew Teal (andrew-teal) wrote :

Linux Mint 17.2 Rafaela "Ubuntu" VERSION="14.04.2 LTS, Trusty Tahr"

The upgrade to 59.0.3071.109 stopped chrome from starting;

Purging, etc. had no effect; likewise turning off wi-fi; also:

andrew@andrew-desktop ~/.config $ chromium-browser --disable-extension
Using PPAPI flash.
 --ppapi-flash-path=/usr/lib/adobe-flashplugin/libpepflashplayer.so --ppapi-flash-version=
Received signal 11 SEGV_MAPERR 000000000008
#0 0x0000b4afd23f base::debug::StackTrace::StackTrace()
#1 0x0000b4afca63 base::debug::StackTrace::StackTrace()
#2 0x0000b4afd717 <unknown>
#3 0x0000b4c58d38 ([vdso]+0xd37)
#4 0x0000b5150ff6 <unknown>
#5 0x0000b515284b <unknown>
#6 0x0000b5152f56 <unknown>
#7 0x0000b515356b <unknown>
#8 0x0000b514c4d2 <unknown>
#9 0x0000b4b7e8e3 <unknown>
#10 0x0000b4b7e8a2 <unknown>
#11 0x0000b4afe8b7 base::debug::TaskAnnotator::RunTask()
#12 0x0000b4b2a18f base::MessageLoop::RunTask()
#13 0x0000b4b2ba14 base::MessageLoop::DeferOrRunPendingTask()
#14 0x0000b4b2c90b base::MessageLoop::DoWork()
#15 0x0000b4b2d53d base::MessagePumpLibevent::Run()
#16 0x0000b4b29d9f base::MessageLoop::RunHandler()
#17 0x0000b4b55e76 base::RunLoop::Run()
#18 0x0000b4b83f7b base::Thread::Run()
#19 0x0000b4b8405f base::Thread::ThreadMain()
#20 0x0000b4b7e79a <unknown>
#21 0x0000b4c27f72 start_thread
#22 0x0000adf3b3ee clone
  gs: 00000033 fs: 00000000 es: 0000007b ds: 0000007b
 edi: 94659938 esi: 946599c4 ebp: 94659968 esp: 946598b0
 ebx: b78f5ba8 edx: 00000000 ecx: 8e8892e8 eax: 00000000
 trp: 0000000e err: 00000004 ip: b5150ff6 cs: 00000073
 efl: 00210282 usp: 946598b0 ss: 0000007b
[end of stack trace]
Calling _exit(1). Core file will not be generated.

Can I help any other way?

Olivier Tilloy (osomon) on 2017-07-06
Changed in chromium-browser (Ubuntu):
status: Confirmed → In Progress

Andrew,

Try the workaround in #19.

Note: --disable-extensions with an S, not --disable-extension.

Andrew Teal (andrew-teal) wrote :

Ouch! I have been known to boast about my proofreading skills ... confirmed that #19 does in fact work, thanks.

Olivier Tilloy (osomon) wrote :

Packages with a tentative fix are currently building in https://launchpad.net/~osomon/+archive/ubuntu/chromium-fix-1702407/+packages. Once built (in a few hours), that should allow people affected by the crash to test the fix.

I only use chromium to run signal and since the last update, on 59.0.3071.109-0u, if I start it without extensions and then with the app-id:

chromium-browser --disable-extensions && \
/usr/bin/chromium-browser --profile-directory=Default --app-id=bikioccmkafdpakkkcpdbppfkghcmihk

it does run for a few minutes before crashing in the same way...
Maybe it can help someone debug it!

(16.04.2 with mainline 4.9.35)

Cheers.

Test builds seem to work here! Casting didn't even break :)

Thanks Olivier!

Olivier Tilloy (osomon) wrote :

Thanks for the quick feedback Trent!
To everyone affected by the crash, could you please try the packages in that PPA, and see if the crash goes away?

    sudo add-apt-repository -y ppa:osomon/chromium-fix-1702407
    sudo apt update
    sudo apt dist-upgrade

Note that packages for trusty haven't finished building yet, but should be done soon.

That seems to have fixed the problem - Chromium is running as before the update.

---------- Original Message ----------
From: Olivier Tilloy <email address hidden>
To: <email address hidden>
Subject: [Bug 1702407] Re: Startup crash after upgrading to 59.0.3071.109 on xenial
Date: Thu, 06 Jul 2017 20:48:42 -0000

Thanks for the quick feedback Trent!
To everyone affected by the crash, could you please try the packages in that PPA, and see if the crash goes away?

    sudo add-apt-repository -y ppa:osomon/chromium-fix-1702407
    sudo apt update
    sudo apt dist-upgrade

Note that packages for trusty haven't finished building yet, but should
be done soon.

--
You received this bug notification because you are subscribed to a
duplicate bug report (1702501).
https://bugs.launchpad.net/bugs/1702407

Title:
  Startup crash after upgrading to 59.0.3071.109 on xenial

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1702407/+subscriptions
____________________________________________________________
Police Urge Americans to Carry This With Them at All Times
The Observer
http://thirdpartyoffers.juno.com/TGL3131/595ea8dd137d28dc70eest03vuc

> To everyone affected by the crash, could you please try the packages in that PPA, and see if the crash goes away?

Done. On xenial it works fine.
Thanks Olivier! :)

PPA updates fix the problem for me on 16.04.2

I'm curious as to why I couldn't install the debug symbols though - can anyone advise?

Thanks

Tested chromium-fix-1702407 ppa with
-ubuntu 16.0.4
-setting the Media Router option to default again.
-copied over original chromium config file.

Everything's working so far no crashes.

Re comment #23:
- This happened to me on both xenial and also on zesty (though it took a while to trigger on the later)
=> disabling media router (or clearing the profile) fixed it.

Also linking https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833477 as it says:
   * Disable builtin media router since it only works with official Google
     Chrome builds, not chromium (closes: #833477).

Changed in chromium-browser (Debian):
status: Unknown → Fix Released
Olivier Tilloy (osomon) wrote :

@Gareth: did you try installing the dbgsym ddeb packages, as instructed there: https://wiki.ubuntu.com/Debug%20Symbol%20Packages#Getting_-dbgsym.ddeb_packages ?

Olivier Tilloy (osomon) wrote :

@Björn: that crash on zesty, did it have a similar backtrace?

Regarding that debian bug, the media router component extension is indeed disabled by default on chromium, but we have a patch to re-enable it, and it seems to work well: http://bazaar.launchpad.net/~chromium-team/chromium-browser/xenial-stable/view/head:/debian/patches/enable-chromecast-by-default.patch

When will this patch be available via Ubuntu's normal update program?

Olivier Tilloy (osomon) wrote :

@Lonnie: as soon as technically possible (this might be early next week). Have you tested the packages in the PPA? Could you confirm whether they solve the issue for you? The more confirmations we get from individual testers, the more confidence we can have in the validity of the patch, which means it will be delivered as an update sooner.

> @Björn: that crash on zesty, did it have a similar backtrace?

Ups, I miswrote: I saw that issue on xenial and on _yakkety_, not on zesty. Forgot that I punted that. So NO report from zesty yet (but there might as well be). Stacktrace looked similar from memory, and esp. revitalizing with disable-extensions/disable-media-router worked.

Updating bug title as such.

summary: - Startup crash after upgrading to 59.0.3071.109 on xenial
+ Startup crash after upgrading to 59.0.3071.109 on trusty/xenial/yakkety
Mathieupasse (mathieupasse) wrote :

Fix works fine here too, Xenial
Thank you

Olivier Tilloy (osomon) wrote :

Thanks for the feedback Björn. That seems to confirm that clang builds are not affected. At the moment only zesty and artful chromium packages are built with clang. Once clang 4.0 gets SRU’d to xenial (bug #1687981) and yakkety is EOL'd that will leave only trusty builds with gcc.

Tim (m-tim-smith) wrote :

PPA packages work for me on 16.04.02. Thank you!

David Rodriguez (rodrigda) wrote :

I just updated and I am getting this crash. I am running on a Raspberry Pi using Ubuntu Mate 16.04.2 LTS

liveview@liveview-pi-2:~$ chromium-browser http://localhost:3000
Gkr-Message: secret service operation failed: Failed to execute program org.freedesktop.secrets: No such file or directory
Received signal 4 <unknown> 00007620af76
#0 0x000076e5ed12 base::debug::StackTrace::StackTrace()
#1 0x000076e5e952 base::debug::StackTrace::StackTrace()
#2 0x000076e5effc <unknown>
#3 0x000072253270 <unknown>
[end of stack trace]
Calling _exit(1). Core file will not be generated.
Received signal 4 <unknown> 00007620af76
#0 0x000076e5ed12 base::debug::StackTrace::StackTrace()
#1 0x000076e5e952 base::debug::StackTrace::StackTrace()
#2 0x000076e5effc <unknown>
#3 0x000072253270 <unknown>
[end of stack trace]
Calling _exit(1). Core file will not be generated.
Received signal 4 <unknown> 00007620af76
#0 0x000076e5ed12 base::debug::StackTrace::StackTrace()
#1 0x000076e5e952 base::debug::StackTrace::StackTrace()
#2 0x000076e5effc <unknown>
#3 0x000072253270 <unknown>
[end of stack trace]
Calling _exit(1). Core file will not be generated.
[3954:3954:0707/082236.792580:ERROR:sandbox_linux.cc(343)] InitializeSandbox() called with multiple threads in process gpu-process.
[3870:3919:0707/082236.822238:ERROR:browser_gpu_channel_host_factory.cc(103)] Failed to launch GPU process.
[3870:3919:0707/082236.823858:ERROR:browser_gpu_channel_host_factory.cc(103)] Failed to launch GPU process.
[3870:3919:0707/082236.824314:ERROR:browser_gpu_channel_host_factory.cc(103)] Failed to launch GPU process.
[3870:3919:0707/082236.824888:ERROR:browser_gpu_channel_host_factory.cc(103)] Failed to launch GPU process.
[3870:3919:0707/082236.825063:ERROR:browser_gpu_channel_host_factory.cc(103)] Failed to launch GPU process.
Received signal 4 <unknown> 0000761bdf76
#0 0x000076e11d12 base::debug::StackTrace::StackTrace()
#1 0x000076e11952 base::debug::StackTrace::StackTrace()
#2 0x000076e11ffc <unknown>
#3 0x000072206270 <unknown>
[end of stack trace]
Calling _exit(1). Core file will not be generated.
liveview@liveview-pi-2:~$

David Rodriguez (rodrigda) wrote :

Alright I added a couple other flags.

liveview@liveview-pi-2:~$ chromium-browser http://localhost:3000 --disable-extensions --disable-gpu
Gkr-Message: secret service operation failed: Failed to execute program org.freedesktop.secrets: No such file or directory
Received signal 4 <unknown> 000076219f76
#0 0x000076e6dd12 base::debug::StackTrace::StackTrace()
#1 0x000076e6d952 base::debug::StackTrace::StackTrace()
#2 0x000076e6dffc <unknown>
#3 0x000072262270 <unknown>
[end of stack trace]
Calling _exit(1). Core file will not be generated.
Received signal 4 <unknown> 00007621ff76
liveview@liveview-pi-2:~$

David,

That looks to be totally unrelated to the issue addressed in this bug report. You should start a new one.

Olivier,

I've had the same chromium process running for several hours now, intermittently messing with the cast extension and cycling wifi. Still going strong. I think this one is finally licked! Thanks again!

Olivier Tilloy (osomon) wrote :

@David: indeed that’s most likely a separate issue, maybe bug #1702633 ? Could you please try to install debug symbols (see https://wiki.ubuntu.com/Debug%20Symbol%20Packages#Getting_-dbgsym.ddeb_packages) for chromium-browser and see if you get a more complete stacktrace? If you do, please update that other bug report.

@Trent: thanks for the confirmation, it looks like that patch does the job indeed. I'm rebuilding updated packages in https://launchpad.net/~canonical-chromium-builds/+archive/ubuntu/stage/+packages, and from there they should make their way to the archive early next week, if everything goes well.

David Rodriguez (rodrigda) wrote :

@olivier : Thank you. I tried installing the debug symbols but I get an error saying the package requires an earlier version of chromium-browser. I saw somebody else had the issue earlier but I didn't see the fix. I think it was @garth that had the issue.

liveview@liveview-pi-2:~$ sudo apt-get install chromium-browser-dbg
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 chromium-browser-dbg : Depends: chromium-browser (= 51.0.2704.79-0ubuntu0.16.04.1.1242) but 59.0.3071.109-0ubuntu0.16.04.1291 is to be installed
E: Unable to correct problems, you have held broken packages.
liveview@liveview-pi-2:~$ sudo apt-get install chromium-browser-dbgsym
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 chromium-browser-dbgsym : Depends: chromium-browser (= 59.0.3071.109-0ubuntu0.16.04.1289) but 59.0.3071.109-0ubuntu0.16.04.1291 is to be installed
E: Unable to correct problems, you have held broken packages.
liveview@liveview-pi-2:~$

Olivier Tilloy (osomon) wrote :

@David: the link I provided mentions dbgsym ddebs. So you need to install chromium-browser-dbgsym.

David Rodriguez (rodrigda) wrote :

@olivier I tried that too and it gave me the same issue.

Julian Paredes (jparedes) wrote :

@David: In order to avoid that conflict you need to disable the 'backport' packages archive (it often introduce hidden conflicts).

Using GUI: 'Software & Updates' -> Updates -> Unsupported Updates

Then try installing chromium-browser-dbgsym. It worked for me.

Julian Paredes (jparedes) wrote :

@David: Or perhaps is because osomom PPA installed a new version and it does not have a symbol package for that version.

What if you install symbols package first and then upgrade chromium from PPA?

@osomon : The most obvious "patch" (the one requiring the least verification), is to have Ubuntu's Software Updater roll back Chromium to the version prior to the current version.

Comment 19 was the work-around that helped me:
https://askubuntu.com/a/932799/256054

David Rodriguez (rodrigda) wrote :

@julian I tried you suggestion and still nothing. I will keep monkeying with it. Any other thoughts? Appreciate the help.

@olivier I did update the bug you referenced with the current trace I have. Thanks.

David Rodriguez (rodrigda) wrote :

Seems like a new chromium-browser-dbgsym needs to be release for the version of chromium I installed. Does that make sense?

David Rodriguez (rodrigda) wrote :

@julian I tried to install the symbol package and it said it wouldn't install the correct version of chrome so it stopped. I think I will try to remove the osomon repo all together remove chrome, install the debug package. Have it install chrome than upgrade it. See where I end up. Thanks.

Olivier Tilloy (osomon) wrote :

@David: please continue this discussion on bug #1702633.

If you don't manage to install the dbgsym package, you can still download it manually and install it (with `sudo dpkg -i`) from there: https://launchpad.net/~canonical-chromium-builds/+archive/ubuntu/stage/+build/12789789

David Rodriguez (rodrigda) wrote :

ok I have the debug package installed. Thank you all I will continue on the other bug report.

Christian Wilken (drwilken) wrote :

@osomon: Fix confirmed (Xenial) and casting works. Thanks! :)

I tried this so as to be ready for the next problem, but install does not like the armhf bit - wants amd64.

---------- Original Message ----------
From: Olivier Tilloy <email address hidden>
To: <email address hidden>
Subject: [Bug 1702407] Re: Startup crash after upgrading to 59.0.3071.109 on trusty/xenial/yakkety
Date: Fri, 07 Jul 2017 15:18:35 -0000

@David: please continue this discussion on bug #1702633.

If you don't manage to install the dbgsym package, you can still
download it manually and install it (with `sudo dpkg -i`) from there:
https://launchpad.net/~canonical-chromium-
builds/+archive/ubuntu/stage/+build/12789789

--
You received this bug notification because you are subscribed to a
duplicate bug report (1702501).
https://bugs.launchpad.net/bugs/1702407

Title:
  Startup crash after upgrading to 59.0.3071.109 on
  trusty/xenial/yakkety

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1702407/+subscriptions
____________________________________________________________
Police Urge Americans to Carry This With Them at All Times
The Observer
http://thirdpartyoffers.juno.com/TGL3131/595fd5e12543d55e13807st02vuc

@Olivier, re #7,33,36 I see my mistake thanks to further posts and replies. I had spotted chromium-browser-dbg in synaptic and then had this package name in mind while misreading the more detailed instructions in the wiki link - it makes perfect sense on a calm reading!

Anyway thanks again.

Seth Tregenna (sethtregenna) wrote :

Confirm fixed for me too - Ubuntu Gnome 16.04.2 LTS

Nathan (nsg3) wrote :

Is there a particular reason Ubuntu takes longer to patch than Debian?

Nathan,

The linked Debian bug is unrelated to this crash. It disabled the internal media router component, which was initially broken on Linux and conflicted with the external cast plugin. With the fixes here, Debian should be able to re-enable the internal media router component in their packages too.

Depends which release and update model you mean, in Debian

Junaid Fatehi (jhfatehi) wrote :

I was experiencing the same big and chromium fix update in #30 worked for me.

Rune Philosof (olberd) wrote :

PPA fix in #30 worked for me in xenial.
Thanks osomon

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 59.0.3071.109-0ubuntu0.14.04.1188

---------------
chromium-browser (59.0.3071.109-0ubuntu0.14.04.1188) trusty; urgency=medium

  * debian/patches/fix-argument-evaluation-order.patch: added (LP: #1702407)

 -- Olivier Tilloy <email address hidden> Fri, 07 Jul 2017 10:57:00 +0200

Changed in chromium-browser (Ubuntu):
status: In Progress → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 59.0.3071.109-0ubuntu0.16.04.1291

---------------
chromium-browser (59.0.3071.109-0ubuntu0.16.04.1291) xenial; urgency=medium

  * debian/patches/fix-argument-evaluation-order.patch: added (LP: #1702407)

 -- Olivier Tilloy <email address hidden> Fri, 07 Jul 2017 10:53:25 +0200

Changed in chromium-browser (Ubuntu):
status: In Progress → Fix Released

I'm still having the exact same problem with chromium-browser (59.0.3071.109-0ubuntu0.16.10.1357).

Received signal 11 SEGV_MAPERR 000000000010
#0 0x7fbf377680c6 base::debug::StackTrace::StackTrace()
#1 0x7fbf377684ab <unknown>
#2 0x7fbf37a95630 <unknown>
#3 0x560ced1a6fd8 <unknown>
#4 0x560ced1a9866 <unknown>
#5 0x560ced1aa00e <unknown>
#6 0x560ced1aa33f <unknown>
#7 0x7fbf377e5831 <unknown>
#8 0x7fbf37769b4a base::debug::TaskAnnotator::RunTask()
#9 0x7fbf377941e0 base::MessageLoop::RunTask()
#10 0x7fbf37795c9d base::MessageLoop::DeferOrRunPendingTask()
#11 0x7fbf37796b3d <unknown>
#12 0x7fbf37797612 base::MessagePumpLibevent::Run()
#13 0x7fbf37793235 base::MessageLoop::RunHandler()
#14 0x7fbf377bdef8 base::RunLoop::Run()
#15 0x7fbf377eadc6 base::Thread::ThreadMain()
#16 0x7fbf377e56b6 <unknown>
#17 0x7fbf37a8b6ca start_thread
#18 0x7fbf21210caf clone
  r8: 0000000000000001 r9: 0000560ceec653ac r10: 0000560ceec653b0 r11: 00007fbf2129b330
 r12: 00007fbe8b559fb0 r13: 0000000000000008 r14: 0000000000000008 r15: 00007fbe8b559e70
  di: 0000000000000000 si: 00007fbe8b559e70 bp: 00007fbe8b559ec0 bx: 00007fbe8b559e70
  dx: 00007fbe6c107420 ax: 0000000000000000 cx: 0000000044495547 sp: 00007fbe8b559e20
  ip: 0000560ced1a6fd8 efl: 0000000000010202 cgf: 002b000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000010
[end of stack trace]
Calling _exit(1). Core file will not be generated.

Patrik Kullman (nomego) wrote :

Also experiencing this.

Olivier Tilloy (osomon) wrote :

@Jean-Marc & Patrik: Yakkety (Ubuntu 16.10) has recently reached its end of life, it is no longer supported. You are strongly encouraged to upgrade to Zesty (17.04). Chromium for yakkety won't receive further updates.

I got a similar problem.

Olivier Tilloy (osomon) wrote :

@kingsting: can you please elaborate? Which version of chromium? On which version of Ubuntu? Which CPU architecture?

The browser is an example demo from QtWebengine 5.9.1. I cross compile it and run it on my arm linux board. The version of the linux kernel is 3.6.5 ,which not support sandbox ,so i disabled it. The browser's build arguments is march=armv7a, mfpu=vfpv3, mfloat-abi=softfp. But the linux kernel was built with soft float(When i build it with vfp ,it cann't start up). The arm cpu is contex-A9 with VFPv3 and NEON, without gpu(I use mesa library instead).

Everytime when i run the browser, the render process will exit with some code ,such as 9,11,256.

I got the error logs:
The first type is "[2109:2111:0901/175748.014628:FATAL:picture_layer_impl.cc(1254)] Check failed: min_contents_scale > 0.f (0.0625 vs. 0)"
The second type is " Received signal 11 SEGV_MAPERR 000000000000".

I debug the browser found that the error may occur in module cc, or module blink, or module base.

I guess the basic error is the float calculation error which check 0.0625 > 0.f get false or calculate log(1000) get a mistake.

Additionally, the QtWebKit browser can run normally on my board. I build the two browser together. The difference is the QtWebEngine browser use FPU, GPU and sandbox which QtWebKit not use.

Maybe the error was caused by my board, not the QtWebEngine browser. I try many times but don't know how to solve it.

Thank you.

Olivier Tilloy (osomon) wrote :

@kingsting: then that's not the right place to ask for help or report issues, this is a bug report for the chromium-browser package in ubuntu. You might be able to get help from the QtWebengine team.

Oh,got it, sorry.

tagMacher (tagmacher) wrote :

I have just reported bug #1717473 with version 60.0.3112.113-0ubuntu0.16.04.1298, where the original bug reported here is happening again except that I get "SEGV_MAPERR 000000000028" instead of "SEGV_MAPERR 000000000010"

enyone (enyone) wrote :

Version 61.0.3163.100 (Developer Build) built on Debian 9.1, running on Debian 9.2 (64-bit)

Linux - 4.9.0-4-amd64 #1 SMP Debian 4.9.51-1 (2017-09-28) x86_64 GNU/Linux

Debian GNU/Linux 9 \n \l

Received signal 11 SEGV_MAPERR 000000000010
#0 0x55f1d1943cc6 <unknown>
#1 0x55f1cfeddef4 <unknown>
#2 0x55f1d194406d <unknown>
#3 0x7fdc5fe480c0 <unknown>
#4 0x55f1d0afd9c8 <unknown>
#5 0x55f1d0b00256 <unknown>
#6 0x55f1d0b00a0b <unknown>
#7 0x55f1d0b00d3f <unknown>
#8 0x55f1d19a68e7 <unknown>
#9 0x55f1d19d9199 <unknown>
#10 0x55f1d1964680 <unknown>
#11 0x55f1d1965ddf <unknown>
#12 0x55f1d196632b <unknown>
#13 0x55f1d19677a2 <unknown>
#14 0x55f1d198ca6a <unknown>
#15 0x55f1d19ab506 <unknown>
#16 0x55f1d19a67f2 <unknown>
#17 0x7fdc5fe3e494 start_thread
#18 0x7fdc54be1aff clone
  r8: 0000000000000001 r9: 000055f1d5c01cec r10: 000055f1d5c01cf0 r11: 00007fdc54c62ee0
 r12: 00007fdc23a4af78 r13: 0000000000000008 r14: 0000000000000008 r15: 00007fdc23a4ae40
  di: 0000000000000000 si: 00007fdc23a4ae40 bp: 00007fdc23a4ae90 bx: 00007fdc23a4ae40
  dx: 0000000000000004 ax: 000019f1f12bd9f0 cx: 0000000000000000 sp: 00007fdc23a4adf0
  ip: 000055f1d0afd9c8 efl: 0000000000010206 cgf: 002b000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000010
[end of stack trace]
Calling _exit(1). Core file will not be generated.

Starts with 'chromium --disable-extensions'

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.