Bug 200510
| Summary: | [www/chromium] Denying load of chrome extension (GMail) | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Rob Belics <robbelics> | ||||
| Component: | Individual Port(s) | Assignee: | freebsd-chromium (Nobody) <chromium> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | CC: | pete, rene, robbelics | ||||
| Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(chromium) |
||||
| Version: | Latest | ||||||
| Hardware: | amd64 | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
|
Description
Rob Belics
2015-05-29 01:56:49 UTC
I loaded Chromium again, with no tabs, and it did not crash. I loaded some web pages from recent history without issue. Then I loaded GMail which, after a few seconds, crashed with the reported error. I am seeing the same issue (a reproducible segfault when gmail loads).
I built chromium with debug flags enabled locally (make WITH_DEBUG=yes STRIP=) and was able to get the following info when running chromium via gdb:
> work/stage/usr/local/share/chromium/chrome-wrapper --gdb
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...
(gdb) run
Starting program: /usr/ports/www/chromium/work/stage/usr/local/share/chromium/chrome
[New LWP 101668]
[New Thread 815406400 (LWP 101668/chrome)]
[73385:357823488:0529/123228:ERROR:video_capture_device_factory.cc(58)] Not implemented reached in static media::VideoCaptureDeviceFactory *media::VideoCaptureDeviceFactory::CreateVideoCaptureDeviceFactory(scoped_refptr<base::SingleThreadTaskRunner>)
[New Thread 81553dc00 (LWP 101275/chrome)]
[73385:356541440:0529/123228:ERROR:url_pattern_set.cc(240)] Invalid url pattern: chrome://print/*
[New Thread 815540c00 (LWP 101585/chrome)]
[73385:357822464:0529/123230:ERROR:backend_impl.cc(2001)] Invalid cache (current) size
[New Thread 819056400 (LWP 101029/chrome)]
[New Thread 8198f2800 (LWP 101647/chrome)]
[New Thread 81553fc00 (LWP 101570/chrome)]
ALSA lib pcm_oss.c:835:(_snd_pcm_oss_open) Cannot open device /dev/dsp
ALSA lib pcm_oss.c:835:(_snd_pcm_oss_open) Cannot open device /dev/dsp
[New Thread 819056800 (LWP 100467/chrome)]
[New Thread 819056c00 (LWP 100941/chrome)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 81553fc00 (LWP 101570/chrome)]
0x0000000002ad67ec in _ZN4base8internal7InvokerI13IndexSequenceIJLm0ELm1EEENS0_9BindStateINS0_15RunnableAdapterIMN5media25VideoCaptureDeviceFactoryEFvRKNS_8CallbackIFv10scoped_ptrINSt3__14listINS6_18VideoCaptureDevice4NameENSA_9allocatorISD_EEEENS_14DefaultDeleterISG_EEEEEEEEEFvPS7_SN_ENS0_8TypeListIJNS0_17UnretainedWrapperIS7_EESL_EEEEENST_IJNS0_12UnwrapTraitsISV_EENSY_ISL_EEEEENS0_12InvokeHelperILb0EvSQ_NST_IJSR_SN_EEEEEFvvEE3RunEPNS0_13BindStateBaseE (base=<value optimized out>) at bind_internal.h:176
176 bind_internal.h: No such file or directory.
in bind_internal.h
(gdb) bt full
#0 0x0000000002ad67ec in _ZN4base8internal7InvokerI13IndexSequenceIJLm0ELm1EEENS0_9BindStateINS0_15RunnableAdapterIMN5media25VideoCaptureDeviceFactoryEFvRKNS_8CallbackIFv10scoped_ptrINSt3__14listINS6_18VideoCaptureDevice4NameENSA_9allocatorISD_EEEENS_14DefaultDeleterISG_EEEEEEEEEFvPS7_SN_ENS0_8TypeListIJNS0_17UnretainedWrapperIS7_EESL_EEEEENST_IJNS0_12UnwrapTraitsISV_EENSY_ISL_EEEEENS0_12InvokeHelperILb0EvSQ_NST_IJSR_SN_EEEEEFvvEE3RunEPNS0_13BindStateBaseE (base=<value optimized out>) at bind_internal.h:176
No locals.
#1 0x00000000009ee566 in base::debug::TaskAnnotator::RunTask (this=<value optimized out>, queue_function=<value optimized out>, run_function=<value optimized out>, pending_task=@0x7ffffe7f3df0)
at callback.h:396
trace_event_unique_category_group_enabled41 = <value optimized out>
trace_event_unique_atomic41 = 107966360
trace_event_unique_atomic53 = 107966352
stopwatch = {start_time_ = {ms_ = 1195509201}, wallclock_duration_ms_ = 0, current_thread_data_ = 0x81a03c100, excluded_duration_ms_ = 0, parent_ = 0x7ffffe7f3ec0}
queue_duration = {ms_ = 0}
trace_event_unique_tracer53 = {p_data_ = 0x0, data_ = {category_group_enabled = 0x10000474205cf <Error reading address 0x10000474205cf: Bad address>, name = 0x81a0b60f8 "É¢¦\004", event_handle = {
chunk_seq = 4269751536, chunk_index = 32767, event_index = 0}}}
program_counter = (const void *) 0x2ad288d
trace_event_unique_category_group_enabled53 = <value optimized out>
#2 0x000000000099db2f in base::MessageLoop::RunTask (this=0x81a00f140, pending_task=@0x7ffffe7f3df0) at ../../base/message_loop/message_loop.cc:444
No locals.
#3 0x000000000099e09f in base::MessageLoop::DoWork (this=0x81a00f140) at ../../base/message_loop/message_loop.cc:454
pending_task = {<base::TrackingInfo> = {birth_tally = 0x819a92a30, time_posted = {ms_ = 1195509201}, delayed_run_time = {ticks_ = 0}}, task = {<base::internal::CallbackBase> = {bind_state_ = {
ptr_ = 0x81b01edc0},
polymorphic_invoke_ = 0x2ad67d0 <_ZN4base8internal7InvokerI13IndexSequenceIJLm0ELm1EEENS0_9BindStateINS0_15RunnableAdapterIMN5media25VideoCaptureDeviceFactoryEFvRKNS_8CallbackIFv10scoped_ptrINSt3__14listINS6_18VideoCaptureDevice4NameENSA_9allocatorISD_EEEENS_14DefaultDeleterISG_EEEEEEEEEFvPS7_SN_ENS0_8TypeListIJNS0_17UnretainedWrapperIS7_EESL_EEEEENST_IJNS0_12UnwrapTraitsISV_EENSY_ISL_EEEEENS0_12InvokeHelperILb0EvSQ_NST_IJSR_SN_EEEEEFvvEE3RunEPNS0_13BindStateBaseE>}, <No data fields>}, posted_from = {function_name_ = 0x4a57417 "EnumerateDevices",
file_name_ = 0x4c35a93 "../../content/browser/renderer_host/media/video_capture_manager.cc", line_number_ = 204, program_counter_ = 0x2ad288d}, sequence_num = 372, nestable = true, is_high_res = false}
#4 0x000000000099fa79 in base::MessagePumpDefault::Run (this=0x81a018060, delegate=0x81a00f140) at ../../base/message_loop/message_pump_default.cc:32
No locals.
#5 0x00000000009ad543 in base::RunLoop::Run (this=0x7ffffe7f3f00) at ../../base/run_loop.cc:55
stopwatch = {start_time_ = {ms_ = 1195484820}, wallclock_duration_ms_ = 0, current_thread_data_ = 0x81a03c100, excluded_duration_ms_ = 263, parent_ = 0x0}
#6 0x000000000099d40d in base::MessageLoop::Run (this=<value optimized out>) at ../../base/message_loop/message_loop.cc:303
run_loop = {loop_ = 0x81a00f140, previous_run_loop_ = 0x0, run_depth_ = 1, run_called_ = true, quit_called_ = false, running_ = true, quit_when_idle_received_ = false, weak_factory_ = {
weak_reference_owner_ = {flag_ = {ptr_ = 0x0}}, ptr_ = 0x7ffffe7f3f00}}
#7 0x00000000009d2b3a in base::Thread::ThreadMain (this=0x815456ec0) at ../../base/threading/thread.cc:239
No locals.
#8 0x00000000009cd9e5 in base::(anonymous namespace)::ThreadFunc (params=<value optimized out>) at ../../base/threading/platform_thread_posix.cc:77
No locals.
#9 0x000000080d3004f5 in pthread_create () from /lib/libthr.so.3
No symbol table info available.
#10 0x0000000000000000 in ?? ()
No symbol table info available.
(gdb)
Created attachment 157446 [details]
Full gdb thread backtrace of segfault
This is a full dump of running chromium inside gdb, at the end I append the output of "thread apply all backtrace" which I think helps isolate where this bug is being triggered. See thread 20.
I am able to verify that the patch in 200601 addresses this crash for me: https://bugs.freebsd.org/bugzilla/attachment.cgi?id=157899&action=diff Fixed in r390673 |
