MISC-22: Chrome SEGV_MAPERR Crash

Issue Information

Issue Type: Bug
 
Priority: Major
Status: Closed

Reported By:
Ben Tasker
Assigned To:
Ben Tasker
Project: Miscellaneous (MISC)
Resolution: Fixed (2017-07-19 09:06:11)
Affects Version: Chrome Issues,
Target version: Chrome Issues,
Labels: Chrome, Chromium, Crash, Segfault,

Created: 2017-07-10 13:33:52
Time Spent Working


Description
Tried launching Chromium-Browser and it crashed out immediately. Launching in a terminal gives the following 

~$ chromium-browser 
Received signal 11 SEGV_MAPERR 000000000010
#0 0x7fef7f67b425 base::debug::StackTrace::StackTrace()
#1 0x7fef7f67b80b <unknown>
#2 0x7fef7f9a6390 <unknown>
#3 0x5623b39c9dc8 <unknown>
#4 0x5623b39cc656 <unknown>
#5 0x5623b39ccdf9 <unknown>
#6 0x5623b39cd143 <unknown>
#7 0x7fef7f6f6821 <unknown>
#8 0x7fef7f67ceea base::debug::TaskAnnotator::RunTask()
#9 0x7fef7f6a5e90 base::MessageLoop::RunTask()
#10 0x7fef7f6a797d base::MessageLoop::DeferOrRunPendingTask()
#11 0x7fef7f6a883d <unknown>
#12 0x7fef7f6a9300 base::MessagePumpLibevent::Run()
#13 0x7fef7f6a4f15 base::MessageLoop::RunHandler()
#14 0x7fef7f6cf628 base::RunLoop::Run()
#15 0x7fef7f6fbe36 base::Thread::ThreadMain()
#16 0x7fef7f6f6726 <unknown>
#17 0x7fef7f99c6ba start_thread
#18 0x7fef6904b3dd clone
  r8: 000000000000002e  r9: 00005623b54206ec r10: 0000000000000000 r11: 00007fef690d8f50
 r12: 00007feede76aff0 r13: 0000000000000008 r14: 0000000000000008 r15: 00007feede76aeb0
  di: 0000000000000000  si: 00007feede76aeb0  bp: 00007feede76af00  bx: 00007feede76aeb0
  dx: 0000000000000067  ax: 0000000000000000  cx: 00007feeb4010190  sp: 00007feede76ae60
  ip: 00005623b39c9dc8 efl: 0000000000010206 cgf: 0000000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000010
[end of stack trace]
Calling _exit(1). Core file will not be generated.


Chrome version is
Version 59.0.3071.109 (Developer Build) Built on Ubuntu , running on Ubuntu 16.04 (64-bit)


and it looks like it's recently updated

Distro is Xubuntu Xenial 
ben@thor:~$ lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 16.04.1 LTS
Release:	16.04
Codename:	xenial


Issue Links

Launchpad 1702501
Launchpad 1702407
Toggle State Changes

Activity


2017-07-10 13:35:36
It seems to be because the update has re-enabled hardware acceleration.

The following fixes 
chromium-browser --disable-extensions


Settings -> Burger Menu -> Advanced -> System

Toggle off "Use Hardware acceleration where available"

I don't like the new settings layout, it looks shit :(

2017-07-10 13:36:17
btasker changed Project from 'Home LAN' to 'Miscellaneous'

2017-07-10 13:36:17
btasker changed Key from 'LAN-104' to 'MISC-22'

2017-07-10 13:37:32
btasker added 'Chrome Issues' to Version

2017-07-10 13:37:37
btasker added 'Chrome Issues' to Fix Version

2017-07-10 13:37:48
btasker changed status from 'Open' to 'Resolved'

2017-07-10 13:37:48
btasker added 'Fixed' to resolution

2017-07-10 13:37:52
btasker changed status from 'Resolved' to 'Closed'

2017-07-10 14:54:05
Re-opening. It only seemed to work. Went to youtube and it shat itself again (on the homepage, not even trying to play anything....)

2017-07-10 14:54:05
btasker removed 'Fixed' from resolution

2017-07-10 14:54:05
btasker changed status from 'Closed' to 'Reopened'

2017-07-10 14:55:49
Same issue: 
$ chromium-browser
[6650:6650:0710/145432.137879:ERROR:CONSOLE(0)] "Error in event handler for (unknown): TypeError: Cannot read property 'trace' of undefined
    at ext.backgroundPage.sendMessage.response (chrome-extension://cfhdojbkjhnklbpkdaibdccddilifddb/include.preload.js:562:19)", source: https://www.google.co.uk/_/chrome/newtab?espv=2&ie=UTF-8&client=ubuntu (0)
Received signal 11 SEGV_MAPERR 000000000010
#0 0x7f8deb132425 base::debug::StackTrace::StackTrace()
#1 0x7f8deb13280b <unknown>
#2 0x7f8deb45d390 <unknown>
#3 0x55a5ed345dc8 <unknown>
#4 0x55a5ed348656 <unknown>
#5 0x55a5ed348df9 <unknown>
#6 0x55a5ed349143 <unknown>
#7 0x7f8deb1ad821 <unknown>
#8 0x7f8deb133eea base::debug::TaskAnnotator::RunTask()
#9 0x7f8deb15ce90 base::MessageLoop::RunTask()
#10 0x7f8deb15e97d base::MessageLoop::DeferOrRunPendingTask()
#11 0x7f8deb15f83d <unknown>
#12 0x7f8deb160300 base::MessagePumpLibevent::Run()
#13 0x7f8deb15bf15 base::MessageLoop::RunHandler()
#14 0x7f8deb186628 base::RunLoop::Run()
#15 0x7f8deb1b2e36 base::Thread::ThreadMain()
#16 0x7f8deb1ad726 <unknown>
#17 0x7f8deb4536ba start_thread
#18 0x7f8dd4b023dd clone
  r8: 000000000000002e  r9: 000055a5eed9c6ec r10: 0000000000000000 r11: 00007f8dd4b8ff50
 r12: 00007f8d1d3f7ff0 r13: 0000000000000008 r14: 0000000000000008 r15: 00007f8d1d3f7eb0
  di: 0000000000000000  si: 00007f8d1d3f7eb0  bp: 00007f8d1d3f7f00  bx: 00007f8d1d3f7eb0
  dx: 0000000000000067  ax: 0000000000000000  cx: 00007f8d7800a5c0  sp: 00007f8d1d3f7e60
  ip: 000055a5ed345dc8 efl: 0000000000010206 cgf: 0000000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000010
[end of stack trace]
Calling _exit(1). Core file will not be generated.


Took a few seconds to trigger that time

2017-07-10 14:59:33
Launchpad 170251 looks very related.

Running the exact same build as the reporter.

Looks like there's a fix inbound in 1702407

2017-07-10 15:04:32
Giving the workaround from https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1702407/comments/19 a go 

chromium-browser --disable-extensions


- Browse to chrome://flags
- Search for "Media Router" (should give "Load Media Router Component Extension")
- Set to Disabled

Exit and then start Chrome normally

Hitting a youtube video doesn't seem to have killed it this time. Lets see how that goes then

2017-07-10 15:15:17
Other than that it isn't caught and silently surpressed, the following console error shouldn't be too surprising 
[7739:7739:0710/150838.452560:ERROR:CONSOLE(1)] "Uncaught ReferenceError: media_router is not defined", source:  (1)


But at least it confirm's the bugger is turned off :)

Looks like Debian disable media router by default - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833477

2017-07-19 09:06:03
The workaround seems to have done the job, so closing this off.

2017-07-19 09:06:11
btasker changed status from 'Reopened' to 'Resolved'

2017-07-19 09:06:11
btasker added 'Fixed' to resolution

2017-07-19 09:06:17
btasker changed status from 'Resolved' to 'Closed'