Bug#945920: Chromium segfaults - backtraces

Michel Meyers Sat, 21 Dec 2019 05:43:06 -0800

Thanks to Jaap Joris Vens for helping me figure out why my dumb asscouldn't find the debug package with apt-cache (they're in a separaterepo now as the README points out).

I've discovered two interesting things, the first one is possiblyunrelated:

1. I can reliably cause Chromium to SIGSEGV by opening the Task Manager(Ctrl+Esc). Here's a backtrace from such a crash:


----
Thread 1 "chromium" received signal SIGSEGV, Segmentation fault.

0x000055555a77cf87 inmemory_instrumentation::MemoryInstrumentation::RequestPrivateMemoryFootprint(int,base::OnceCallback<void (bool,std::unique_ptr<memory_instrumentation::GlobalMemoryDump,std::default_delete<memory_instrumentation::GlobalMemoryDump> >)>) ()

(gdb) bt

#0 0x000055555a77cf87 inmemory_instrumentation::MemoryInstrumentation::RequestPrivateMemoryFootprint(int,base::OnceCallback<void (bool,std::unique_ptr<memory_instrumentation::GlobalMemoryDump,std::default_delete<memory_instrumentation::GlobalMemoryDump> >)>) ()

#1  0x00005555591baaa9 in task_manager::TaskManagerImpl::Refresh() ()
#2  0x00005555593e7c76 in base::RepeatingTimer::RunUserTask() ()

#3 0x00005555593b5165 in base::TaskAnnotator::RunTask(char const*,base::PendingTask*) ()#4 0x00005555593c466b inbase::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::sequence_manager::LazyNow*,bool*) ()#5 0x00005555593c5fec inbase::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoSomeWork()()#6 0x0000555559376aca in base::(anonymousnamespace)::WorkSourceDispatch(_GSource*, int (*)(void*), void*) ()#7 0x00007ffff7064f2e in g_main_context_dispatch () at/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0#8 0x00007ffff70651c8 in () at/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0#9 0x00007ffff706525c in g_main_context_iteration () at/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0#10 0x0000555559376dd0 inbase::MessagePumpGlib::Run(base::MessagePump::Delegate*) ()#11 0x00005555593c62a9 inbase::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool,base::TimeDelta) ()

#12 0x00005555593a22fa in base::RunLoop::Run() ()

#13 0x0000555558ea8217 inChromeBrowserMainParts::MainMessageLoopRun(int*) ()#14 0x00005555571cd1c6 incontent::BrowserMainLoop::RunMainMessageLoopParts() ()

#15 0x00005555571cd375 in content::BrowserMainRunnerImpl::Run() ()

#16 0x00005555571a35f7 incontent::BrowserMain(content::MainFunctionParams const&) ()#17 0x0000555558e30101 incontent::RunBrowserProcessMain(content::MainFunctionParams const&,content::ContentMainDelegate*) ()#18 0x0000555558e30338 incontent::ContentMainRunnerImpl::RunServiceManager(content::MainFunctionParams&,bool) ()

#19 0x0000555558e306a7 in content::ContentMainRunnerImpl::Run(bool) ()

#20 0x0000555558e66802 inservice_manager::Main(service_manager::MainParams const&) ()#21 0x0000555558e2e0c6 incontent::ContentMain(content::ContentMainParams const&) ()

#22 0x000055555635c3e5 in ChromeMain ()
#23 0x00007ffff04a1bbb in __libc_start_main (main=

0x555556339f80 <main>, argc=1, argv=0x7fffffffe168, init=<optimizedout>, fini=<optimized out>, rtld_fini=<optimized out>,stack_end=0x7fffffffe158)

    at ../csu/libc-start.c:308
#24 0x000055555635c22a in _start ()
(gdb)
----

Might be an unrelated issue though.

2. While running in gbd and watching a YouTube video in full screen, Itried to pause it and couldn't (no cursor, YouTube UI not showing up),only to find it had segfaulted randomly. The video continued to playuntil I killed the process. This is that backtrace:


----
Thread 1 "chromium" received signal SIGSEGV, Segmentation fault.

0x000055555a77cee7 inmemory_instrumentation::MemoryInstrumentation::RequestGlobalDump(std::vector<std::__cxx11::basic_string<char,std::char_traits<char>, std::allocator<char> >,std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>,std::allocator<char> > > > const&, base::OnceCallback<void (bool,std::unique_ptr<memory_instrumentation::GlobalMemoryDump,std::default_delete<memory_instrumentation::GlobalMemoryDump> >)>) ()

(gdb) bt

#0 0x000055555a77cee7 inmemory_instrumentation::MemoryInstrumentation::RequestGlobalDump(std::vector<std::__cxx11::basic_string<char,std::char_traits<char>, std::allocator<char> >,std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>,std::allocator<char> > > > const&, base::OnceCallback<void (bool,std::unique_ptr<memory_instrumentation::GlobalMemoryDump,std::default_delete<memory_instrumentation::GlobalMemoryDump> >)>) ()#1 0x0000555558f8ddb0 inProcessMemoryMetricsEmitter::FetchAndEmitProcessMemoryMetrics() ()#2 0x0000555558f85e82 in (anonymous namespace)::RecordMemoryMetrics()()#3 0x00005555593b5165 in base::TaskAnnotator::RunTask(char const*,base::PendingTask*) ()#4 0x00005555593c466b inbase::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::sequence_manager::LazyNow*,bool*) ()#5 0x00005555593c5fec inbase::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoSomeWork()()#6 0x0000555559376aca in base::(anonymousnamespace)::WorkSourceDispatch(_GSource*, int (*)(void*), void*) ()#7 0x00007ffff7064f2e in g_main_context_dispatch () at/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0#8 0x00007ffff70651c8 in () at/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0#9 0x00007ffff706525c in g_main_context_iteration () at/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0#10 0x0000555559376dd0 inbase::MessagePumpGlib::Run(base::MessagePump::Delegate*) ()#11 0x00005555593c62a9 inbase::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool,base::TimeDelta) ()

#12 0x00005555593a22fa in base::RunLoop::Run() ()

#13 0x0000555558ea8217 inChromeBrowserMainParts::MainMessageLoopRun(int*) ()#14 0x00005555571cd1c6 incontent::BrowserMainLoop::RunMainMessageLoopParts() ()

#15 0x00005555571cd375 in content::BrowserMainRunnerImpl::Run() ()

#19 0x0000555558e306a7 in content::ContentMainRunnerImpl::Run(bool) ()

#20 0x0000555558e66802 inservice_manager::Main(service_manager::MainParams const&) ()#21 0x0000555558e2e0c6 incontent::ContentMain(content::ContentMainParams const&) ()

#22 0x000055555635c3e5 in ChromeMain ()
#23 0x00007ffff04a1bbb in __libc_start_main (main=

0x555556339f80 <main>, argc=1, argv=0x7fffffffe168, init=<optimizedout>, fini=<optimized out>, rtld_fini=<optimized out>,stack_end=0x7fffffffe158)

    at ../csu/libc-start.c:308
#24 0x000055555635c22a in _start ()
(gdb)
----

Finally, it crashed twice while I was composing this message, so here'sone of those:


----
Thread 1 "chromium" received signal SIGSEGV, Segmentation fault.

(gdb) bt

#12 0x00005555593a22fa in base::RunLoop::Run() ()

#13 0x0000555558ea8217 inChromeBrowserMainParts::MainMessageLoopRun(int*) ()#14 0x00005555571cd1c6 incontent::BrowserMainLoop::RunMainMessageLoopParts() ()

#15 0x00005555571cd375 in content::BrowserMainRunnerImpl::Run() ()

#19 0x0000555558e306a7 in content::ContentMainRunnerImpl::Run(bool) ()

#20 0x0000555558e66802 inservice_manager::Main(service_manager::MainParams const&) ()#21 0x0000555558e2e0c6 incontent::ContentMain(content::ContentMainParams const&) ()

#22 0x000055555635c3e5 in ChromeMain ()
#23 0x00007ffff04a1bbb in __libc_start_main (main=

0x555556339f80 <main>, argc=1, argv=0x7fffffffe168, init=<optimizedout>, fini=<optimized out>, rtld_fini=<optimized out>,stack_end=0x7fffffffe158)

    at ../csu/libc-start.c:308
#24 0x000055555635c22a in _start ()
(gdb)

----

- Michel

Bug#945920: Chromium segfaults - backtraces

Reply via email to