Ubuntu
chromium-browser package

chromium 59.0.3071.86 crashes at startup on x86

Bug #1697496 reported by Olivier Tilloy
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Fix Released
Critical
Olivier Tilloy

Bug Description

Chromium 59.0.3071.86 was promoted to the stable release channel last week, and I have built packages for all supported ubuntu releases at https://launchpad.net/~osomon/+archive/ubuntu/chromium-stable.

The packages appear to work fine on 64bit versions of ubuntu, but the application crash when run on x86. This is what I’m seeing in an up-to-date xenial i386 VM:

ubuntu@xenialvm:~$ chromium-browser
Received signal 11 SEGV_MAPERR 0000031d9a20
#0 0x0000b75daee3 base::debug::StackTrace::StackTrace()
#1 0x0000b75da767 base::debug::StackTrace::StackTrace()
#2 0x0000b75db2fe <unknown>
#3 0x0000b7727cfc ([vdso]+0xcfb)
#4 0x00008113ac1c <unknown>
#5 0x00008113b9d8 <unknown>
#6 0x000080e432e8 <unknown>
#7 0x000080e3b5c3 <unknown>
#8 0x000080e3ea72 <unknown>
#9 0x0000b2bc499c BrowserContextKeyedServiceFactory::BuildServiceInstanceFor()
#10 0x0000b3282146 KeyedServiceFactory::GetServiceForContext()
#11 0x000080e3eb66 <unknown>
#12 0x000080d80e3e <unknown>
#13 0x000080d81738 <unknown>
#14 0x0000819fa25e <unknown>
#15 0x000080d6bdc6 <unknown>
#16 0x000080eed5e2 <unknown>
#17 0x000080eedac5 <unknown>
#18 0x0000b50adfcc content::StoragePartitionImplMap::Get()
#19 0x0000b4d47259 <unknown>
#20 0x0000b4d47ba7 content::BrowserContext::GetStoragePartition()
#21 0x0000b4d47dc7 content::BrowserContext::GetDefaultStoragePartition()
#22 0x000080eea99e <unknown>
#23 0x000080eeb284 <unknown>
#24 0x000080eeb641 <unknown>
#25 0x000080eec537 <unknown>
#26 0x000080eec7ab <unknown>
#27 0x000080d70ba3 <unknown>
#28 0x000080d764bd <unknown>
#29 0x000080d7678c <unknown>
#30 0x000081a49be0 <unknown>
#31 0x000080fb3148 <unknown>
#32 0x000080fb408c <unknown>
#33 0x0000b4d4b0d9 content::BrowserMainLoop::PreMainMessageLoopRun()
#34 0x0000b50a5657 content::StartupTaskRunner::RunAllTasksNow()
#35 0x0000b4d4c76e content::BrowserMainLoop::CreateStartupTasks()
#36 0x0000b4d517a3 <unknown>
#37 0x0000b4d4a252 content::BrowserMain()
#38 0x0000b54875ee <unknown>
#39 0x0000b01d3adb service_manager::Main()
#40 0x0000b5486140 content::ContentMain()
#41 0x0000808dbab7 <unknown>
#42 0x0000808da08b <unknown>
#43 0x0000b0323637 __libc_start_main
#44 0x0000808db8fe <unknown>
  gs: 00000033 fs: 00000000 es: 0000007b ds: 0000007b
 edi: 84f352bc esi: 84f35120 ebp: bfd54c08 esp: bfd54ad0
 ebx: 84f34f68 edx: 00000006 ecx: 00000026 eax: bfd54c20
 trp: 0000000e err: 00000004 ip: 8113ac1c cs: 00000073
 efl: 00210282 usp: bfd54ad0 ss: 0000007b
[end of stack trace]
Calling _exit(1). Core file will not be generated.

Revision history for this message
Olivier Tilloy (osomon) wrote :

Stack trace with debug symbols installed:

#0 0x81130c1c in re2::RE2::Init ()
#1 0x811319d8 in re2::RE2::RE2 ()
#2 0x80e392e8 in SupervisedUserURLFilter::SupervisedUserURLFilter ()
#3 0x80e315c3 in SupervisedUserService::SupervisedUserService ()
#4 0x80e34a72 in SupervisedUserServiceFactory::BuildServiceInstanceFor ()
#5 0xb347699c in BrowserContextKeyedServiceFactory::BuildServiceInstanceFor ()
   from /usr/lib/chromium-browser/./libkeyed_service_content.so
#6 0xb3b34146 in KeyedServiceFactory::GetServiceForContext () from /usr/lib/chromium-browser/./libkeyed_service_core.so
#7 0x80e34b66 in SupervisedUserServiceFactory::GetForProfile ()
#8 0x80d76e3e in IsURLAllowedForSupervisedUser ()
#9 0x80d77738 in search::GetNewTabPageURL ()
#10 0x819f025e in NewTabPageInterceptorService::CreateInterceptor ()
#11 0x80d61dc6 in ProfileIOData::InitializeOnUIThread ()
#12 0x80ee35e2 in LazyInitialize ()
#13 0x80ee3ac5 in ProfileImplIOData::Handle::GetResourceContext ()
#14 0xb595ffcc in content::StoragePartitionImplMap::Get () from /usr/lib/chromium-browser/./libcontent.so
#15 0xb55f9259 in GetStoragePartitionFromConfig () from /usr/lib/chromium-browser/./libcontent.so
#16 0xb55f9ba7 in content::BrowserContext::GetStoragePartition () from /usr/lib/chromium-browser/./libcontent.so
#17 0xb55f9dc7 in content::BrowserContext::GetDefaultStoragePartition () from /usr/lib/chromium-browser/./libcontent.so
#18 0x80ee099e in ProfileImpl::DoFinalInit ()
#19 0x80ee1284 in ProfileImpl::OnLocaleReady ()
#20 0x80ee1641 in ProfileImpl::OnPrefsLoaded ()
#21 0x80ee2537 in ProfileImpl::ProfileImpl ()
#22 0x80ee27ab in Profile::CreateProfile ()
#23 0x80d66ba3 in ProfileManager::CreateProfileHelper ()
#24 0x80d6c4bd in ProfileManager::CreateAndInitializeProfile ()
#25 0x80d6c78c in ProfileManager::GetProfile ()
#26 0x81a3fbe0 in GetStartupProfile ()
#27 0x80fa9148 in ChromeBrowserMainParts::PreMainMessageLoopRunImpl ()
#28 0x80faa08c in ChromeBrowserMainParts::PreMainMessageLoopRun ()
#29 0xb55fd0d9 in content::BrowserMainLoop::PreMainMessageLoopRun () from /usr/lib/chromium-browser/./libcontent.so
#30 0xb5957657 in content::StartupTaskRunner::RunAllTasksNow () from /usr/lib/chromium-browser/./libcontent.so
#31 0xb55fe76e in content::BrowserMainLoop::CreateStartupTasks () from /usr/lib/chromium-browser/./libcontent.so
#32 0xb56037a3 in content::BrowserMainRunnerImpl::Initialize () from /usr/lib/chromium-browser/./libcontent.so
#33 0xb55fc252 in content::BrowserMain () from /usr/lib/chromium-browser/./libcontent.so
#34 0xb5d395ee in content::ContentMainRunnerImpl::Run () from /usr/lib/chromium-browser/./libcontent.so
#35 0xb0a85adb in service_manager::Main () from /usr/lib/chromium-browser/./libembedder.so
#36 0xb5d38140 in content::ContentMain () from /usr/lib/chromium-browser/./libcontent.so
#37 0x808d1ab7 in ChromeMain ()
#38 0x808d008b in main ()

Revision history for this message
Olivier Tilloy (osomon) wrote :

Version 58.0.3029.110 from the archive doesn't crash at startup, so this is a regression introduced in the chromium 59 packages.

zesty and artful are not affected (packages for those releases are built with clang). I'm starting to suspect http://bazaar.launchpad.net/~chromium-team/chromium-browser/xenial-beta/revision/1279 (verifying that now).
That patch could easily be gotten rid of in xenial and yakkety where gcc >= 5 is available, but not on trusty (where the default is 4.8 and 4.9 is available).

Revision history for this message
Olivier Tilloy (osomon) wrote :

That patch was added to fix the following build failure:

FAILED: g++-4.8 -MMD -MF obj/third_party/swiftshader/src/Common/swiftshader_common/CPUID.o.d -DV8_DEPRECATION_WARNINGS -DUSE_UDEV -DUSE_AURA=1 -DUSE_PANGO=1 -DUSE_CAIRO=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -DNO_TCMALLOC -DDISABLE_NACL -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD -DSAFE_BROWSING_DB_LOCAL -DCHROMIUM_BUILD -DENABLE_MEDIA_ROUTER=1 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D_FORTIFY_SOURCE=2 -DCOMPONENT_BUILD -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -DLOG_TAG=\"swiftshader_common\" -I../.. -Igen -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__= -funwind-tables -fPIC -pipe -m32 -msse2 -mfpmath=sse -mmmx -pthread -Wall -Wno-unused-local-typedefs -Wno-maybe-uninitialized -Wno-missing-field-initializers -Wno-unused-parameter -O2 -fno-ident -fdata-sections -ffunction-sections -fomit-frame-pointer -g1 -fvisibility=hidden -msse2 -fvisibility-inlines-hidden -std=gnu++11 -Wno-narrowing -fno-rtti -fno-exceptions -c ../../third_party/swiftshader/src/Common/CPUID.cpp -o obj/third_party/swiftshader/src/Common/swiftshader_common/CPUID.o
../../third_party/swiftshader/src/Common/CPUID.cpp: In static member function ‘static bool sw::CPUID::detectMMX()’:
../../third_party/swiftshader/src/Common/CPUID.cpp:170:123: error: inconsistent operand constraints in an ‘asm’
    __asm volatile("cpuid": "=a" (registers[0]), "=b" (registers[1]), "=c" (registers[2]), "=d" (registers[3]): "a" (info));
                                                                                                                           ^

(full build log at https://launchpadlibrarian.net/316816355/buildlog_ubuntu-trusty-i386.chromium-browser_59.0.3071.15-0ubuntu0.14.04.1173_BUILDING.txt.gz)

On trusty we might need to revert https://chromium.googlesource.com/chromium/src/+/d85baf0b71c69bbd181aaefc8a803611e03c8eed. Or pass enabled_swiftshader=false as a build flag.

Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu):
assignee: nobody → Olivier Tilloy (osomon)
importance: Undecided → Critical
status: New → In Progress
Revision history for this message
Olivier Tilloy (osomon) wrote :

Fixed the issue by getting rid of no-fPIC.patch and building with gcc 5 on xenial, gcc 6 on yakkety, and disabling swiftshader on x86 on trusty.

Changed in chromium-browser (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 59.0.3071.109-0ubuntu0.16.10.1357

---------------
chromium-browser (59.0.3071.109-0ubuntu0.16.10.1357) yakkety; urgency=medium

  * Upstream release: 59.0.3071.109

 -- Olivier Tilloy <email address hidden> Wed, 21 Jun 2017 06:45:30 +0200

Changed in chromium-browser (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 59.0.3071.109-0ubuntu0.16.04.1289

---------------
chromium-browser (59.0.3071.109-0ubuntu0.16.04.1289) xenial; urgency=medium

  * Upstream release: 59.0.3071.109

 -- Olivier Tilloy <email address hidden> Wed, 21 Jun 2017 06:47:10 +0200

Changed in chromium-browser (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.