Ubuntu
phablet-tools package

Ubuntu-emulator: Crash in new welcome wizard / browser

Bug #1565685 reported by Dave Morley
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Canonical System Image
Fix Released
Critical
Olivier Tilloy
Canonical System Image 10 "OTA10"
Oxide
Fix Released
High
Olivier Tilloy
Oxide branch-1.15
1.14
Fix Released
High
Olivier Tilloy
Oxide 1.14.6
oxide-qt (Ubuntu)
Fix Released
Undecided
Unassigned
phablet-tools (Ubuntu)
Confirmed
Undecided
Unassigned
unity8 (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

STEPS:
1. Install ubuntu-emulator
2. sudo ubuntu-emulator create --channel ubuntu-touch/rc-proposed/ubuntu rc-test
3. ubuntu-emulator run rc-test
4. Doesn't complete the welcome wizard

Also, in emulator:
1. mkdir ~/.config/ubuntu-system-settings/
2. touch ~/.config/ubuntu-system-settings/wizard-has-run
3. launch webbrowser-app
4. crashes on start up

See original description
Jean-Baptiste Lallement (jibel)
Changed in canonical-devices-system-image:
status: New → Confirmed
importance: Undecided → Critical
milestone: none → ww08-2016
assignee: nobody → Michał Sawicz (saviq)
tags: added: regression-proposed
Michał Sawicz (saviq)
Changed in unity8 (Ubuntu):
assignee: nobody → Lukáš Tinkl (lukas-kde)
Revision history for this message
Michał Sawicz (saviq) wrote :

Unity8 SIGABRTs with:

com.canonical.usensord.Error: open /sys/class/timed_output/vibrator/enable: no such file or directory
terminate called after throwing an instance of 'std::logic_error'
  what(): basic_string::_S_construct null not valid

Michał Sawicz (saviq)
Changed in unity8 (Ubuntu):
status: New → Incomplete
assignee: Lukáš Tinkl (lukas-kde) → nobody
Revision history for this message
Michał Sawicz (saviq) wrote :

This happens when unity8 tries to load the WebView to display some ToS. The abort seems to be coming from oxide:

[...]

#7 0xffffffff in std::__throw_logic_error(char const*) (__s=0xb601092c "basic_string::_S_construct null not valid")
    at ../../../../../src/libstdc++-v3/src/c++11/functexcept.cc:71
#8 0xffffffff in std::string::_S_construct<char const*>(char const*, char const*, std::allocator<char> const&, std::forward_iterator_tag) (__beg=0x0, __end=0xffffffff <error: Cannot access memory at address 0xffffffff>, __a=...)
    at /build/buildd/gcc-4.9-4.9.2/build/i686-linux-gnu/libstdc++-v3/include/bits/basic_string.tcc:133
#9 0xffffffff in std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (__a=..., __end=<optimized out>, __beg=0x0)
    at /build/buildd/gcc-4.9-4.9.2/build/i686-linux-gnu/libstdc++-v3/include/bits/basic_string.h:1743
#10 0xffffffff in std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (__a=..., __end=<optimized out>, __beg=0x0)
    at /build/buildd/gcc-4.9-4.9.2/build/i686-linux-gnu/libstdc++-v3/include/bits/basic_string.h:1764
#11 0xffffffff in std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (this=0xbfd1859c, __s=0x0, __a=...)
    at /build/buildd/gcc-4.9-4.9.2/build/i686-linux-gnu/libstdc++-v3/include/bits/basic_string.tcc:215
#12 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#13 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#14 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#15 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#16 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#17 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#18 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#19 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#20 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#21 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#22 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#23 0xffffffff in () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0
#24 0xffffffff in oxide::qt::EnsureChromiumStarted() () at /usr/lib/i386-linux-gnu/libOxideQtCore.so.0

[...]

I wasn't able to install oxide symbols, unfortunately... they're over 1GB and the emulator can't handle that.

summary: - Ubuntu-emulator: Crash in new welcome wizard cause the emulator to
- reboot
+ Ubuntu-emulator: Crash in new welcome wizard / web view
description: updated
description: updated
Michał Sawicz (saviq)
summary: - Ubuntu-emulator: Crash in new welcome wizard / web view
+ Ubuntu-emulator: Crash in new welcome wizard / browser
Changed in canonical-devices-system-image:
assignee: Michał Sawicz (saviq) → Olivier Tilloy (osomon)
Changed in unity8 (Ubuntu):
status: Incomplete → Invalid
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in oxide-qt (Ubuntu):
status: New → Confirmed
Changed in phablet-tools (Ubuntu):
status: New → Confirmed
Revision history for this message
Olivier Tilloy (osomon) wrote :
Download full text (11.3 KiB)

Here is a more complete backtrace:

#0 0xb7691424 in __kernel_vsyscall ()
#1 0xb56e8057 in raise () from /lib/i386-linux-gnu/libc.so.6
#2 0xb56e9699 in abort () from /lib/i386-linux-gnu/libc.so.6
#3 0xb592ee75 in __gnu_cxx::__verbose_terminate_handler() () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#4 0xb592c953 in ?? () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#5 0xb592c9cd in std::terminate() () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#6 0xb592cc90 in __cxa_throw () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#7 0xb5988d43 in std::__throw_logic_error(char const*) () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#8 0xb5996055 in char* std::string::_S_construct<char const*>(char const*, char const*, std::allocator<char> const&, std::forward_iterator_tag) () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#9 0xb59965f8 in std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) () from /usr/lib/i386-linux-gnu/libstdc++.so.6
#10 0xaa30b702 in oxide::(anonymous namespace)::CollectDriverInfo (gpu_info=0x0)
    at ../../../../shared/browser/oxide_gpu_info_collector_linux.cc:291
#11 0xaa30d023 in CollectBasicGraphicsInfoAndroid (gpu_info=<optimized out>)
    at ../../../../shared/browser/oxide_gpu_info_collector_linux.cc:319
#12 oxide::GpuInfoCollectorLinux::CollectBasicGraphicsInfo (this=0xb8bf0ec8, gpu_info=0xbfec4b7c)
    at ../../../../shared/browser/oxide_gpu_info_collector_linux.cc:636
#13 0xaae083ff in gpu::CollectBasicGraphicsInfo (gpu_info=0xbfec4b7c)
    at ../../../../shared/port/gpu_config/gpu_info_collector_oxide_linux.cc:41
#14 0xaa547d68 in content::GpuDataManagerImplPrivate::Initialize (this=0xb8bf1a78)
    at ../../../../third_party/chromium/src/content/browser/gpu/gpu_data_manager_impl_private.cc:533
#15 0xaa540ec7 in content::GpuDataManagerImpl::Initialize (this=0xb8bf1358)
    at ../../../../third_party/chromium/src/content/browser/gpu/gpu_data_manager_impl.cc:143
#16 0xaa45111e in content::BrowserMainLoop::PreCreateThreads (this=0xb8bc7be8)
    at ../../../../third_party/chromium/src/content/browser/browser_main_loop.cc:747
#17 0xaa2bd1a4 in Run (object=0xb8bc7be8, this=<synthetic pointer>)
    at ../../../../third_party/chromium/src/base/bind_internal.h:178
#18 MakeItSo (args#0=0xb8bc7be8, runnable=...) at ../../../../third_party/chromium/src/base/bind_internal.h:297
#19 base::internal::Invoker<base::IndexSequence<0u>, base::internal::BindState<base::internal::RunnableAdapter<void (OxideQCertificateErrorPrivate::*)()>, void (OxideQCertificateErrorPrivate*), base::internal::UnretainedWrapper<OxideQCertificateErrorPrivate> >, base::internal::TypeList<base::internal::UnwrapTraits<base::internal::UnretainedWrapper<OxideQCertificateErrorPrivate> > >, base::internal::InvokeHelper<false, void, base::internal::RunnableAdapter<void (OxideQCertificateErrorPrivate::*)()>, base::internal::TypeList<OxideQCertificateErrorPrivate*> >, void ()>::Run(base::internal::BindStateBase*) (base=0xb8bf8f90) at ../../../../third_party/chromium/src/base/bind_internal.h:350
#20 0xaa709bc7 in Run (this=0xb8bf8fb8) at ../../../../third_party/chromium/src/base/callback.h:394
#...

Revision history for this message
Olivier Tilloy (osomon) wrote :

And I’m attaching the corresponding crash file.

Revision history for this message
Olivier Tilloy (osomon) wrote :

The crash is happening here: https://bazaar.launchpad.net/~oxide-developers/oxide/1.13/view/head:/shared/browser/oxide_gpu_info_collector_linux.cc#L291.

Revision history for this message
Olivier Tilloy (osomon) wrote :

This most likely happens because glGetStringFn(GL_SHADING_LANGUAGE_VERSION) returns nullptr.

Revision history for this message
Olivier Tilloy (osomon) wrote :

According to https://www.opengl.org/wiki/GLAPI/glGetString, glGetString() may return a null pointer if an error is generated, and still according to the documentation, that error could only be GL_INVALID_ENUM, which implies that GL_SHADING_LANGUAGE_VERSION is not an accepted value for the GL driver used in the emulator. Adding a guard in oxide to recover from such an error and avoid the crash might help, but it’s not clear to me why the driver thinks GL_SHADING_LANGUAGE_VERSION is not a valid query.

Łukasz Zemczak (sil2100)
tags: added: lt-important
Revision history for this message
Olivier Tilloy (osomon) wrote :

Interestingly a similar issue was fixed in chrome on android 6 months ago: https://chromium.googlesource.com/chromium/src/+/4af61ccffa3d1af66d2f5c8df0028187ccfadd27%5E%21/#F0

Olivier Tilloy (osomon)
Changed in oxide:
assignee: nobody → Olivier Tilloy (osomon)
importance: Undecided → High
status: New → Fix Released
milestone: none → branch-1.15
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package oxide-qt - 1.14.7-0ubuntu0.14.04.1

---------------
oxide-qt (1.14.7-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Update to v1.14.7
    - Bump Chromium rev to 50.0.2661.87
    - Fix LP: #1565685 - Gracefully handle the case where
      glGetString(GL_SHADING_LANGUAGE_VERSION) returns a null pointer
    - Fix LP: #1543761 - Move fullscreen logic out of oxide::WebView
    - Fix LP: #1542119 - Rip input handling and compositing glue out of
      oxide::WebView
    - Fix LP: #1548996 - Fix device scaling mess
    - Fix LP: #1459830 - Support drag and drop
    - Fix LP: #1440863 - Support navigator.vibrate()
    - Fix LP: #1552376 - Ensure we disable the use of the share context on
      drivers where Chromium uses virtualized GL contexts
    - Fix LP: #1520537 - webbrowser-app crashes after 1 sec on unity8
    - Fix LP: #1459395 - Triple click doesn't work
    - Fix LP: #1459362 - SwipeArea lets touch events through before a drag is
      detected
    - Fix LP: #1426153 - Use a single-threaded webview compositor
    - Fix LP: #1543587 - Duplicate targets and random mis-builds due to
      Chromedriver
    - Fix LP: #1555122 - Startup crash when running in a VM
    - Fix LP: #1552825 - WebView.touchSelectionController.active remains true
      when navigating away
    - Fix LP: #1556323 - Fix SIGSEGV in oxide::InputMethodContext::SetImeBridge
    - Add support for scale factor retrieved from the Ubuntu QPA plugin
    - Switch from DelegatedRendererLayer to SurfaceLayer in
      RenderWidgetHostView, as the former has been deleted from Chromium

  * Refresh gross-hack-for-dual-ffmpeg-build.patch
  * Build-depend on qtfeedback5-dev
    - update debian/control

 -- Chris Coulson <email address hidden> Mon, 18 Apr 2016 16:28:53 +0100

Changed in oxide-qt (Ubuntu):
status: Confirmed → Fix Released
Pat McGowan (pat-mcgowan)
Changed in canonical-devices-system-image:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.