[Pkg-phototools-devel] Bug#682616: Chromium keeps crashing with segfaults

Emmanuel Bouthenot kolter at openics.org
Fri Jul 27 17:49:07 UTC 2012 

On Fri, Jul 27, 2012 at 04:39:10PM +0800, Eugenio Cano-Manuel Mendoza wrote:
> I don't know what happened.. It didn't even open the browser before the
> segmentation fault occurred. I'm attaching the gdb trace (bt full as you
> requested)
It seems to be a different bug.

When I start chromium browser with '--single-process', I also experienced
the segfault (attached is the gdb backtrace).

At a first glance, your backtrace seems very close to mine.

But, if I disabled all the extensions I've installed, it does not
segfault any more.

If you have some extensions installed, do you continue to experience the
segfault once all of them are disabled?

Thx

Regards,

M.

-- 
Emmanuel Bouthenot
  mail: kolter@{openics,debian}.org    gpg: 4096R/0x929D42C3
  xmpp: kolter at im.openics.org          irc: kolter@{freenode,oftc}

-------------- next part --------------
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/lib/chromium/chromium...Reading symbols from /usr/lib/debug/usr/lib/chromium/chromium...done.
done.
(gdb) run --single-process
Starting program: /usr/lib/chromium/chromium --single-process
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe94be700 (LWP 23795)]
[New Thread 0x7fffe8cbd700 (LWP 23796)]
[New Thread 0x7fffe84bc700 (LWP 23797)]
[New Thread 0x7ffff7fe7700 (LWP 23798)]
[New Thread 0x7fffe74f9700 (LWP 23799)]
[New Thread 0x7fffe6cf8700 (LWP 23800)]
[New Thread 0x7fffe64f7700 (LWP 23801)]
[New Thread 0x7fffe5cf6700 (LWP 23802)]
[New Thread 0x7fffe54f5700 (LWP 23803)]
[New Thread 0x7fffe4cf4700 (LWP 23804)]
[New Thread 0x7fffe44f3700 (LWP 23805)]
[23785:23804:369880068714:ERROR:proxy_service_factory.cc(84)] Cannot use V8 Proxy resolver in single process mode.
[New Thread 0x7fffdffff700 (LWP 23807)]
[New Thread 0x7fffe4022700 (LWP 23808)]
[New Thread 0x7fffdf2c2700 (LWP 23809)]
[New Thread 0x7fffdf2a1700 (LWP 23810)]
[23785:23804:369881118442:ERROR:proxy_service_factory.cc(84)] Cannot use V8 Proxy resolver in single process mode.
[New Thread 0x7fffde33b700 (LWP 23824)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe6cf8700 (LWP 23800)]
0x0000555556b18419 in WebCore::PlatformSupport::getTraceCategoryEnabledFlag (categoryName=0x5555584a2fb4 "webkit") at third_party/WebKit/Source/WebKit/chromium/src/PlatformSupport.cpp:818
818     third_party/WebKit/Source/WebKit/chromium/src/PlatformSupport.cpp: Aucun fichier ou dossier de ce type.
(gdb) bt full
#0  0x0000555556b18419 in WebCore::PlatformSupport::getTraceCategoryEnabledFlag (categoryName=0x5555584a2fb4 "webkit") at third_party/WebKit/Source/WebKit/chromium/src/PlatformSupport.cpp:818
No locals.
#1  0x0000555556e02a4c in WebCore::PNGImageDecoder::decode (this=this at entry=0x7fffd8264350, onlySize=onlySize at entry=true) at third_party/WebKit/Source/WebCore/platform/image-decoders/png/PNGImageDecoder.cpp:470
        trace_event_unique_catstatic470 = 0x0
        trace_event_unique_profileScope470 = {m_pdata = 0xe60, m_data = {categoryEnabled = 0x7fffe6cf6ef0 "PC&\330\377\177", name = 0x7fffd8268190 "\002"}}
#2  0x0000555556e02b6d in WebCore::PNGImageDecoder::isSizeAvailable (this=0x7fffd8264350) at third_party/WebKit/Source/WebCore/platform/image-decoders/png/PNGImageDecoder.cpp:195
No locals.
#3  0x0000555556b256a6 in WebKit::WebImage::fromData (data=..., desiredSize=...) at third_party/WebKit/Source/WebKit/chromium/src/WebImageSkia.cpp:54
        frameCount = <optimized out>
        source = {m_decoder = 0x7fffd8264350, m_alphaOption = WebCore::ImageSource::AlphaPremultiplied, m_gammaAndColorProfileOption = WebCore::ImageSource::GammaAndColorProfileApplied}
        index = <optimized out>
        frameAreaAtIndex = <optimized out>
#4  0x0000555557860d80 in webkit_glue::ImageDecoder::Decode (this=<optimized out>, data=<optimized out>, size=<optimized out>) at webkit/glue/image_decoder.cc:33
        image = <optimized out>
#5  0x00005555579ccb06 in ImageLoadingTracker::ImageLoader::LoadOnFileThread (this=0x55555a11b370, resource=..., max_size=..., id=0) at chrome/browser/extensions/image_loading_tracker.cc:101
        file_contents = {static npos = <optimized out>, _M_dataplus = {<std::allocator<char>> = {<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>}, _M_p = 0x7fffd8268ad8 "\211PNG\r\n\032\n"}}
        data = 0x7fffd8268ad8 "\211PNG\r\n\032\n"
        original_size = {<gfx::SizeBase<gfx::Size, int>> = {width_ = 1508244112, height_ = 21845}, <No data fields>}
        path = {static kSeparators = 0x55555856d25f "/", static kCurrentDirectory = <same as static member of an already seen type>, static kParentDirectory = <same as static member of an already seen type>, static kExtensionSeparator = 46 '.', path_ = {static npos = <optimized out>, 
            _M_dataplus = {<std::allocator<char>> = {<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>}, _M_p = 0x7fffd81391f8 "/home/manu/.config/chromium/Default/Extensions/oiigbmnaadbkfbmpbfijlflahbdbdgdf/1.0.6.2_0/img/IconForbidden.png"}}}
        decoder = {desired_icon_size_ = {<gfx::SizeBase<gfx::Size, int>> = {width_ = 0, height_ = 0}, <No data fields>}}
#6  0x00005555562ef5c2 in Run (this=0x7fffe6cf7498) at ./base/callback.h:272
        f = <optimized out>
#7  MessageLoop::RunTask (this=this at entry=0x7fffe6cf7a20, pending_task=...) at base/message_loop.cc:458
        trace_event_unique_atomic437 = 93825067985124
        trace_event_unique_catstatic437 = <optimized out>
        trace_event_unique_profileScope437 = {p_data_ = 0x0, data_ = {category_enabled = 0x7ffff09378ac "\203=Y\275\060", name = 0x1 <Address 0x1 out of bounds>}}
        program_counter = 0x5555579ce9b3
        start_time = {ms_ = 369882420}
#8  0x00005555562f0408 in MessageLoop::DeferOrRunPendingTask (this=this at entry=0x7fffe6cf7a20, pending_task=...) at base/message_loop.cc:470
No locals.
#9  0x00005555562f1f50 in DoWork (this=<optimized out>) at base/message_loop.cc:647
        pending_task = {<base::TrackingInfo> = {birth_tally = 0x55555a113f40, time_posted = {ticks_ = 369882420191}, delayed_run_time = {ticks_ = 0}}, task = {<base::internal::CallbackBase> = {bind_state_ = {ptr_ = 0x55555a113ed0}, 
              polymorphic_invoke_ = 0x5555579cc250 <base::internal::Invoker<4, base::internal::BindState<base::internal::RunnableAdapter<void (ImageLoadingTracker::ImageLoader::*)(ExtensionResource const&, gfx::Size const&, int)>, void (ImageLoadingTracker::ImageLoader*, ExtensionResource const&, gfx::Size const&, int), void (ImageLoadingTracker::ImageLoader*, ExtensionResource, gfx::Size, int)>, void (ImageLoadingTracker::ImageLoader*, ExtensionResource const&, gfx::Size const&, int)>::Run(base::internal::BindStateBase*)>}, <No data fields>}, posted_from = {function_name_ = 0x5555590a15c3 "LoadImage", 
            file_name_ = 0x5555590a1388 "chrome/browser/extensions/image_loading_tracker.cc", line_number_ = 78, program_counter_ = 0x5555579ce9b3}, sequence_num = 0, nestable = true}
#10 MessageLoop::DoWork (this=0x7fffe6cf7a20) at base/message_loop.cc:626
No locals.
#11 0x00005555562c88f1 in base::MessagePumpLibevent::Run (this=0x555559e491b0, delegate=0x7fffe6cf7a20) at base/message_pump_libevent.cc:242
        did_work = <optimized out>
        auto_reset_in_run = {scoped_variable_ = 0x555559e491bd, original_value_ = <optimized out>}
        timer_event = {ptr_ = 0x555559e4cd70}
#12 0x00005555562f3874 in MessageLoop::RunInternal (this=0x7fffe6cf7a20) at base/message_loop.cc:417
No locals.
#13 0x00005555562f39c0 in RunHandler (this=<optimized out>) at base/message_loop.cc:390
No locals.
#14 MessageLoop::Run (this=<optimized out>) at base/message_loop.cc:300
        save_state = {<MessageLoop::RunState> = {run_depth = 1, quit_received = false, dispatcher = 0x0}, loop_ = 0x7fffe6cf7a20, previous_state_ = 0x0}
#15 0x000055555631c7fc in base::Thread::ThreadMain (this=0x555559e49670) at base/threading/thread.cc:163
        message_loop = {<base::MessagePump::Delegate> = {_vptr.Delegate = 0x555559bbf590}, static kHighResolutionTimerModeLeaseTimeMs = 1000, type_ = MessageLoop::TYPE_IO, work_queue_ = {<std::queue<base::PendingTask, std::deque<base::PendingTask, std::allocator<base::PendingTask> > >> = {
              c = {<std::_Deque_base<base::PendingTask, std::allocator<base::PendingTask> >> = {_M_impl = {<std::allocator<base::PendingTask>> = {<__gnu_cxx::new_allocator<base::PendingTask>> = {<No data fields>}, <No data fields>}, _M_map = 0x555559e49270, _M_map_size = 8, _M_start = {_M_cur = 0x555559fc8870, 
                      _M_first = 0x555559fc8730, _M_last = 0x555559fc8910, _M_node = 0x555559e492a0}, _M_finish = {_M_cur = 0x555559fc8870, _M_first = 0x555559fc8730, _M_last = 0x555559fc8910, _M_node = 0x555559e492a0}}}, <No data fields>}}, <No data fields>}, delayed_work_queue_ = {
            c = {<std::_Vector_base<base::PendingTask, std::allocator<base::PendingTask> >> = {_M_impl = {<std::allocator<base::PendingTask>> = {<__gnu_cxx::new_allocator<base::PendingTask>> = {<No data fields>}, <No data fields>}, _M_start = 0x7fffd800dfa0, _M_finish = 0x7fffd800e090, 
                  _M_end_of_storage = 0x7fffd800e0e0}}, <No data fields>}, comp = {<std::binary_function<base::PendingTask, base::PendingTask, bool>> = {<No data fields>}, <No data fields>}}, recent_time_ = {ticks_ = 369881960641}, 
          deferred_non_nestable_work_queue_ = {<std::queue<base::PendingTask, std::deque<base::PendingTask, std::allocator<base::PendingTask> > >> = {c = {<std::_Deque_base<base::PendingTask, std::allocator<base::PendingTask> >> = {
                  _M_impl = {<std::allocator<base::PendingTask>> = {<__gnu_cxx::new_allocator<base::PendingTask>> = {<No data fields>}, <No data fields>}, _M_map = 0x555559e49220, _M_map_size = 8, _M_start = {_M_cur = 0x555559e4be60, _M_first = 0x555559e4be60, _M_last = 0x555559e4c040, _M_node = 0x555559e49238}, 
                    _M_finish = {_M_cur = 0x555559e4be60, _M_first = 0x555559e4be60, _M_last = 0x555559e4c040, _M_node = 0x555559e49238}}}, <No data fields>}}, <No data fields>}, pump_ = {ptr_ = 0x555559e491b0}, 
          destruction_observers_ = {<ObserverListBase<MessageLoop::DestructionObserver>> = {<base::SupportsWeakPtr<ObserverListBase<MessageLoop::DestructionObserver> >> = {weak_reference_owner_ = {flag_ = {ptr_ = 0x0}}}, 
              observers_ = {<std::_Vector_base<MessageLoop::DestructionObserver*, std::allocator<MessageLoop::DestructionObserver*> >> = {_M_impl = {<std::allocator<MessageLoop::DestructionObserver*>> = {<__gnu_cxx::new_allocator<MessageLoop::DestructionObserver*>> = {<No data fields>}, <No data fields>}, 
                    _M_start = 0x555559e647e0, _M_finish = 0x555559e64838, _M_end_of_storage = 0x555559e64860}}, <No data fields>}, notify_depth_ = 0, type_ = ObserverListBase<MessageLoop::DestructionObserver>::NOTIFY_ALL}, <No data fields>}, nestable_tasks_allowed_ = false, exception_restoration_ = false, 
          thread_name_ = {static npos = <optimized out>, _M_dataplus = {<std::allocator<char>> = {<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>}, _M_p = 0x555559e4b678 "Chrome_FileThread"}}, message_histogram_ = 0x0, 
          incoming_queue_ = {<std::queue<base::PendingTask, std::deque<base::PendingTask, std::allocator<base::PendingTask> > >> = {c = {<std::_Deque_base<base::PendingTask, std::allocator<base::PendingTask> >> = {
                  _M_impl = {<std::allocator<base::PendingTask>> = {<__gnu_cxx::new_allocator<base::PendingTask>> = {<No data fields>}, <No data fields>}, _M_map = 0x555559e48ee0, _M_map_size = 8, _M_start = {_M_cur = 0x7fffe013c1b0, _M_first = 0x7fffe013c020, _M_last = 0x7fffe013c200, _M_node = 0x555559e48f00}, 
                    _M_finish = {_M_cur = 0x55555a11f4a0, _M_first = 0x55555a11f400, _M_last = 0x55555a11f5e0, _M_node = 0x555559e48f08}}}, <No data fields>}}, <No data fields>}, incoming_queue_lock_ = {lock_ = {os_lock_ = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 0, __spins = 0, 
                  __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 39 times>, __align = 0}}}, state_ = 0x7fffe6cf7870, next_sequence_num_ = 3, task_observers_ = {<ObserverListBase<MessageLoop::TaskObserver>> = {<base::SupportsWeakPtr<ObserverListBase<MessageLoop::TaskObserver> >> = {
                weak_reference_owner_ = {flag_ = {ptr_ = 0x0}}}, observers_ = {<std::_Vector_base<MessageLoop::TaskObserver*, std::allocator<MessageLoop::TaskObserver*> >> = {
                  _M_impl = {<std::allocator<MessageLoop::TaskObserver*>> = {<__gnu_cxx::new_allocator<MessageLoop::TaskObserver*>> = {<No data fields>}, <No data fields>}, _M_start = 0x0, _M_finish = 0x0, _M_end_of_storage = 0x0}}, <No data fields>}, notify_depth_ = 0, 
              type_ = ObserverListBase<MessageLoop::TaskObserver>::NOTIFY_ALL}, <No data fields>}, message_loop_proxy_ = {ptr_ = 0x555559e493f0}}
#16 0x0000555556318ae3 in base::(anonymous namespace)::ThreadFunc (params=0x555559e4b070) at base/threading/platform_thread_posix.cc:65
        thread_params = 0x555559e4b070
        delegate = 0x555559e49670
#17 0x00007ffff20bbb50 in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
No symbol table info available.
#18 0x00007ffff099570d in clone () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#19 0x0000000000000000 in ?? ()
No symbol table info available.
(gdb)

More information about the Pkg-phototools-devel mailing list