chromium-browser crashed with SIGSEGV in malloc(), when downloading files

Bug #565309 reported by AlunJ on 2010-04-17
50
This bug affects 11 people
Affects Status Importance Assigned to Milestone
Chromium Browser
Unknown
Unknown
chromium-browser (Ubuntu)
Undecided
hutuleaccristian@yahoo.it

Bug Description

Binary package hint: chromium-browser

When downloading any files (all file types) and installing chrome extensions, browser crashes with sigsegv fault. Download appears on the download bar, but after a few seconds the browser crashes and disappears, I am unable to download any files or extensions.

Same issue in google-chrome-beta, google-chrome-dev and chromium-browser.

ProblemType: Crash
DistroRelease: Ubuntu 10.04
Package: chromium-browser 5.0.342.9~r43360-0ubuntu1
ProcVersionSignature: Ubuntu 2.6.32-21.32-generic 2.6.32.11+drm33.2
Uname: Linux 2.6.32-21-generic x86_64
Architecture: amd64
Date: Sat Apr 17 11:54:04 2010
ExecutablePath: /usr/lib/chromium-browser/chromium-browser
InstallationMedia: Ubuntu 10.04 "Lucid Lynx" - Beta amd64 (20100406.1)
ProcCmdline: /usr/lib/chromium-browser/chromium-browser
ProcEnviron:
 PATH=(custom, no user)
 LANG=en_GB.UTF-8
 SHELL=/bin/bash
SegvAnalysis:
 Segfault happened at: 0x7fabc70ac589 <malloc+105>: callq 0x7fabc70aadf0
 PC (0x7fabc70ac589) ok
 source "0x7fabc70aadf0" (0x7fabc70aadf0) ok
 destination "(%rsp)" (0x7fabc0939fe0) in non-writable VMA region: 0x7fabc0939000-0x7fabc093a000 ---p None
SegvReason: writing VMA None
Signal: 11
SourcePackage: chromium-browser
StacktraceTop:
 malloc () from /lib/libc.so.6
 malloc ()
 operator new(unsigned long) ()
 std::string::_Rep::_S_create(unsigned long, unsigned long, std::allocator<char> const&) () from /usr/lib/libstdc++.so.6
 std::string::_M_mutate(unsigned long, unsigned long, unsigned long) () from /usr/lib/libstdc++.so.6
Title: chromium-browser crashed with SIGSEGV in malloc()
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare

AlunJ (alunjames) wrote :
Fabien Tassin (fta) wrote :

Could you please upgrade and retry so we have a core file and a usable retraced stacktrace? thanks.

Fabien Tassin (fta) on 2010-04-23
Changed in chromium-browser (Ubuntu):
status: New → Incomplete
FauZt (dmitry-kharchenko) wrote :

Don't even need to download something. Just switching between tabs or any chromium window..

Ubuntu 10.04 LTS 2.6.32-22-generic
chromium-browser 6.0.398.0~svn20100507r46652-0ubuntu1~ucd1
(Same issue in chromium-browser 5.0.342.9~r43360-0ubuntu2)

[New Thread 0xaf5a7b70 (LWP 5229)]
[Switching to Thread 0xb6ce5b70 (LWP 5108)]
0x00e83cab in std::string::_Rep::_S_create(unsigned int, unsigned int, std::allocator<char> const&) () from /usr/lib/libstdc++.so.6
(gdb) bt
#0 0x00e83cab in std::string::_Rep::_S_create(unsigned int, unsigned int, std::allocator<char> const&) () from /usr/lib/libstdc++.so.6
#1 0x00e84978 in std::string::_Rep::_M_clone(std::allocator<char> const&, unsigned int) () from /usr/lib/libstdc++.so.6
#2 0x00e857ad in std::string::reserve(unsigned int) ()
   from /usr/lib/libstdc++.so.6
#3 0x00e85930 in std::string::append(unsigned int, char) ()
   from /usr/lib/libstdc++.so.6
#4 0x08622d13 in ?? ()
#5 0x0863598c in ?? ()
#6 0x08635e94 in ?? ()
#7 0x08636013 in ?? ()
#8 0x08636013 in ?? ()
#9 0x08636013 in ?? ()
#10 0x08636013 in ?? ()
...

Fabien Tassin (fta) wrote :

@FauZt: the trace is useless, please install the -dbg package(s) and try to obtain a fully resolved trace.
Thanks.

FauZt (dmitry-kharchenko) wrote :
Download full text (5.7 KiB)

still crushing after update..

ver. 6.0.400.0~svn20100510r46805-0ubuntu1~ucd1

(gdb) backtrace full
#0 0x00e83cab in std::string::_Rep::_S_create(unsigned int, unsigned int, std::allocator<char> const&) () from /usr/lib/libstdc++.so.6
No symbol table info available.
#1 0x00e84978 in std::string::_Rep::_M_clone(std::allocator<char> const&, unsigned int) () from /usr/lib/libstdc++.so.6
No symbol table info available.
#2 0x00e857ad in std::string::reserve(unsigned int) () from /usr/lib/libstdc++.so.6
No symbol table info available.
#3 0x00e85930 in std::string::append(unsigned int, char) () from /usr/lib/libstdc++.so.6
No symbol table info available.
#4 0x08624e53 in FilePath::Append (this=0xa97da08, component=...) at base/file_path.cc:409
        new_path = {static kSeparators = 0x94fd198 "/", static kCurrentDirectory = 0x94fd19a ".", static kParentDirectory = 0x94fd19c "..",
          static kExtensionSeparator = 46 '.', path_ = {static npos = 4294967295,
            _M_dataplus = {<std::allocator<char>> = {<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>},
              _M_p = 0xa687cfc "/usr/share/icons/Bamboo-zen"}}}
#5 0x08637b44 in GetIconPathUnderSubdir (this=<value optimized out>, icon_name=<value optimized out>, subdir=...) at base/mime_util_xdg.cc:239
        i = 0
        icon_path = {static kSeparators = 0x94fd198 "/", static kCurrentDirectory = 0x94fd19a ".", static kParentDirectory = 0x94fd19c "..",
          static kExtensionSeparator = 46 '.', path_ = {static npos = 4294967295,
            _M_dataplus = {<std::allocator<char>> = {<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>}, _M_p = 0xa30d59c ""}}}
#6 0x08638044 in GetIconPath (this=0xa6676c0, icon_name=<value optimized out>, size=16, inherits=true) at base/mime_util_xdg.cc:184
        icon_path = {static kSeparators = 0x94fd198 "/", static kCurrentDirectory = 0x94fd19a ".", static kParentDirectory = 0x94fd19c "..",
          static kExtensionSeparator = 46 '.', path_ = {static npos = 4294967295,
            _M_dataplus = {<std::allocator<char>> = {<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>}, _M_p = 0xa30d59c ""}}}
        min_delta_seen = 182847692
        theme = <value optimized out>
#7 0x086381c3 in GetIconPath (this=<value optimized out>, icon_name=<value optimized out>, size=16, inherits=true) at base/mime_util_xdg.cc:211
        icon_path = {static kSeparators = 0x94fd198 "/", static kCurrentDirectory = 0x94fd19a ".", static kParentDirectory = 0x94fd19c "..",
          static kExtensionSeparator = 46 '.', path_ = {static npos = 4294967295,
            _M_dataplus = {<std::allocator<char>> = {<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>}, _M_p = 0xa30d59c ""}}}
        min_delta_seen = 9999
        theme = <value optimized out>
#8 0x086381c3 in GetIconPath (this=<value optimized out>, icon_name=<value optimized out>, size=16, inherits=true) at base/mime_util_xdg.cc:211
        icon_path = {static kSeparators = 0x94fd198 "/", static kCurrentDirectory = 0x94fd19a ".", static kParentDirectory = 0x94fd19c "..",
          static kExtensionSeparator = 46 ...

Read more...

Changed in chromium-browser (Ubuntu):
status: Incomplete → Fix Released
Changed in chromium-browser (Ubuntu):
status: Fix Released → New
assignee: nobody → hutuleaccristian@yahoo.it (hutuleaccristian)
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in chromium-browser (Ubuntu):
status: New → Confirmed
Olivier Tilloy (osomon) wrote :

Closing now as this report wasn’t investigated timely and is now too old to be meaningful.
Please do not hesitate to report crashes occurring with recent releases of chromium-browser, they will hopefully be investigated and acted upon in a more timely manner.

Changed in chromium-browser (Ubuntu):
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.