Bug 1192310 – chromium general protection fault in libc upon start

Bug 1192310 - chromium general protection fault in libc upon start


Summary:	chromium general protection fault in libc upon start

Status:	REOPENED

Classification:	openSUSE
Product:	openSUSE Distribution
Classification:	openSUSE
Component:	Other
Version:	Leap 15.3
Hardware:	x86-64 openSUSE Leap 15.4

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assigned To:	Callum Farmer
QA Contact:	E-mail List

URL:
Whiteboard:
Keywords:

Depends on:	1192429
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2021-11-03 16:08 UTC by Kai Lappalainen
Modified:	2023-01-16 11:06 UTC (History)
CC List:	6 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kai Lappalainen 2021-11-03 16:08:35 UTC

Since some time (weeks/months?) when closing chromium browser I see general protection faults in libc.

On openSUSE Leap 15.3 dmesg shows:

[ 3095.177712] show_signal: 55 callbacks suppressed
[ 3095.177717] traps: chrome[6342] general protection fault ip:7f6da946b517 sp:7fff85c3af20 error:0 in libc-2.31.so[7f6da9430000+1cb000]
[ 3097.129713] traps: chrome[6380] general protection fault ip:7f6da946b517 sp:7fff85c3af20 error:0 in libc-2.31.so[7f6da9430000+1cb000]

CPU (lscpu):
Architecture:                    x86_64
CPU op-mode(s):                  32-bit, 64-bit
Byte Order:                      Little Endian
Address sizes:                   48 bits physical, 48 bits virtual
CPU(s):                          8
On-line CPU(s) list:             0-7
Thread(s) per core:              2
Core(s) per socket:              4
Socket(s):                       1
NUMA node(s):                    1
Vendor ID:                       AuthenticAMD
CPU family:                      21
Model:                           2
Model name:                      AMD FX(tm)-8350 Eight-Core Processor
Stepping:                        0
Frequency boost:                 enabled
CPU MHz:                         1400.000
CPU max MHz:                     4000.0000
CPU min MHz:                     1400.0000
BogoMIPS:                        8037.84
Virtualization:                  AMD-V
L1d cache:                       64 KiB
L1i cache:                       256 KiB
L2 cache:                        8 MiB
L3 cache:                        8 MiB
NUMA node0 CPU(s):               0-7
Vulnerability Itlb multihit:     Not affected
Vulnerability L1tf:              Not affected
Vulnerability Mds:               Not affected
Vulnerability Meltdown:          Not affected
Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl and seccomp
Vulnerability Spectre v1:        Mitigation; usercopy/swapgs barriers and __user pointer sanitization
Vulnerability Spectre v2:        Mitigation; Full AMD retpoline, IBPB conditional, STIBP disabled, RSB filling
Vulnerability Srbds:             Not affected
Vulnerability Tsx async abort:   Not affected
Flags:                           fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nons
                                 top_tsc cpuid extd_apicid aperfmperf pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 popcnt aes xsave avx f16c lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse
                                  3dnowprefetch osvw ibs xop skinit wdt fma4 tce nodeid_msr tbm topoext perfctr_core perfctr_nb cpb hw_pstate ssbd ibpb vmmcall bmi1 arat npt lbrv svm_lock nrip_save tsc_scale vm
                                 cb_clean flushbyasid decodeassists pausefilter pfthreshold

The same happens on other machines as well and in openSUSE Leap 15.2:

dmesg:
[Nov 3 09:51] traps: chrome[10538] general protection fault ip:7fb143397af4 sp:7fffa6936bd0 error:0 in libc-2.26.so[7fb14335d000+1b1000]
[Nov 3 10:25] traps: chrome[115913] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[ +32,092832] traps: chrome[117578] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[  +2,958182] traps: chrome[117663] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[Nov 3 10:26] traps: chrome[115903] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[Nov 3 10:27] traps: chrome[121555] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[  +8,946133] traps: chrome[122014] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[  +2,563519] traps: chrome[122179] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[Nov 3 10:28] traps: chrome[121543] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[ +31,635640] traps: chrome[126916] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[ +22,005454] traps: chrome[128192] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[Nov 3 10:29] traps: chrome[128286] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]
[ +31,039070] traps: chrome[126900] general protection fault ip:7f94ee4d9af4 sp:7fff13858c00 error:0 in libc-2.26.so[7f94ee49f000+1b1000]

CPU:
Architecture:        x86_64
CPU op-mode(s):      32-bit, 64-bit
Byte Order:          Little Endian
Address sizes:       43 bits physical, 48 bits virtual
CPU(s):              128
On-line CPU(s) list: 0-127
Thread(s) per core:  2
Core(s) per socket:  32
Socket(s):           2
NUMA node(s):        8
Vendor ID:           AuthenticAMD
CPU family:          23
Model:               1
Model name:          AMD EPYC 7601 32-Core Processor
Stepping:            2
CPU MHz:             2656.409
BogoMIPS:            4391.45
Virtualization:      AMD-V
L1d cache:           32K
L1i cache:           64K
L2 cache:            512K
L3 cache:            8192K
NUMA node0 CPU(s):   0,8,16,24,32,40,48,56,64,72,80,88,96,104,112,120
NUMA node1 CPU(s):   2,10,18,26,34,42,50,58,66,74,82,90,98,106,114,122
NUMA node2 CPU(s):   4,12,20,28,36,44,52,60,68,76,84,92,100,108,116,124
NUMA node3 CPU(s):   6,14,22,30,38,46,54,62,70,78,86,94,102,110,118,126
NUMA node4 CPU(s):   1,9,17,25,33,41,49,57,65,73,81,89,97,105,113,121
NUMA node5 CPU(s):   3,11,19,27,35,43,51,59,67,75,83,91,99,107,115,123
NUMA node6 CPU(s):   5,13,21,29,37,45,53,61,69,77,85,93,101,109,117,125
NUMA node7 CPU(s):   7,15,23,31,39,47,55,63,71,79,87,95,103,111,119,127
Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid amd_dcm aperfmperf pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb hw_pstate sme ssbd sev ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt sha_ni xsaveopt xsavec xgetbv1 xsaves clzero irperf xsaveerptr arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif overflow_recov succor smca

Comment 1 Andreas Stieger 2021-11-03 19:34:42 UTC

Please confirm if this is the distribution chromium or chrome? And if so which version?

Comment 2 Kai Lappalainen 2021-11-03 19:58:36 UTC

chromium-95.0.4638.54-bp153.2.37.1.x86_64

and:

chromium-95.0.4638.54-lp152.2.135.1.x86_64

Yes, distribution version.

Comment 3 Andreas Stieger 2021-11-04 08:23:53 UTC

Could you please try 95.0.4638.69 from one of the repos below?

network:chromium/chromium
http://download.opensuse.org/repositories/openSUSE:/Maintenance:/17133/

Comment 4 Kai Lappalainen 2021-11-04 17:58:06 UTC

Tried chromium-95.0.4638.69-bp153.2.40.1.x86_64.rpm in Leap 15.3:

[Nov 4 18:49] show_signal: 55 callbacks suppressed
[  +0,000004] traps: chrome[3656] general protection fault ip:7f50933ab517 sp:7ffe57cca600 error:0 in libc-2.31.so[7f5093370000+1cb000]
[  +1,155560] traps: chrome[3693] general protection fault ip:7f50933ab517 sp:7ffe57cca600 error:0 in libc-2.31.so[7f5093370000+1cb000]

Tried chromium-95.0.4638.69-lp152.2.138.1.x86_64.rpm in Leap 15.2:

[Nov 4 18:56] traps: chrome[96841] general protection fault ip:7f32b494daf4 sp:7ffcb7025bc0 error:0 in libc-2.26.so[7f32b4913000+1b1000]
[  +0,286229] traps: chrome[96855] general protection fault ip:7f32b494daf4 sp:7ffcb7025bc0 error:0 in libc-2.26.so[7f32b4913000+1b1000]

Just startet chromium, waited ~ 20 seconds, closed chromium.

Comment 5 Kai Lappalainen 2021-11-04 18:05:08 UTC

Under Leap 15.3 startet chromium from Konsole. It prints out:

[4874:4874:1104/190230.525843:ERROR:gpu_init.cc(453)] Passthrough is not supported, GL is swiftshader, ANGLE is 
[4839:4897:1104/190230.875563:ERROR:nss_util.cc(286)] After loading Root Certs, loaded==false: NSS error code: -8018
*** stack smashing detected ***: terminated
Received signal 6
#0 0x55f43389e279 base::debug::CollectStackTrace()
#1 0x55f4338022f6 base::debug::StackTrace::StackTrace()
#2 0x55f43389dd61 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x7f2cf7a6c050 (/lib64/libpthread-2.31.so+0x1404f)
#4 0x7f2cee70a18b __GI_raise
#5 0x7f2cee70b585 __GI_abort
#6 0x7f2cee74e2f7 __libc_message
#7 0x7f2cee7e0ad2 __GI___fortify_fail
#8 0x7f2cee7e0ab0 __stack_chk_fail_local
#9 0x55f43336b78e content::ContentMainRunnerImpl::Run()
#10 0x55f43336894f content::ContentMain()
#11 0x55f4300920fe ChromeMain
#12 0x7f2cee6f534d __libc_start_main
#13 0x55f42fc94e6a _start
  r8: 0000000000000000  r9: 00007ffeea096d40 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffeea096fc0 r13: 0000000000001000 r14: 0000000000000000 r15: 0000000000000001
  di: 0000000000000002  si: 00007ffeea096d40  bp: 00007ffeea0970f0  bx: 0000000000000006
  dx: 0000000000000000  ax: 0000000000000000  cx: 00007f2cee70a18b  sp: 00007ffeea096d40
  ip: 00007f2cee70a18b efl: 0000000000000246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
Received signal 11 <unknown> 03e800000001
#0 0x55f43389e279 base::debug::CollectStackTrace()
#1 0x55f4338022f6 base::debug::StackTrace::StackTrace()
#2 0x55f43389dd61 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x7f2cf7a6c050 (/lib64/libpthread-2.31.so+0x1404f)
#4 0x7f2cee70b517 __GI_abort
#5 0x7f2cee74e2f7 __libc_message
#6 0x7f2cee7e0ad2 __GI___fortify_fail
#7 0x7f2cee7e0ab0 __stack_chk_fail_local
#8 0x55f43336b78e content::ContentMainRunnerImpl::Run()
#9 0x55f43336894f content::ContentMain()
#10 0x55f4300920fe ChromeMain
#11 0x7f2cee6f534d __libc_start_main
#12 0x55f42fc94e6a _start
  r8: 0000000000000000  r9: 00007ffeea096d40 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffeea096fc0 r13: 0000000000001000 r14: 0000000000000000 r15: 0000000000000001
  di: 0000000000000002  si: 00007ffeea096d40  bp: 00007ffeea0970f0  bx: 00007f2cf8219c40
  dx: 0000000000000000  ax: 0000000000000004  cx: 0000000000000000  sp: 00007ffeea096e60
  ip: 00007f2cee70b517 efl: 0000000000010246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 000000000000000d msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
[4839:4864:1104/190233.743426:ERROR:chrome_browser_main_extra_parts_metrics.cc(230)] crbug.com/1216328: Checking Bluetooth availability started. Please report if there is no report that this ends.
[4839:4864:1104/190233.743447:ERROR:chrome_browser_main_extra_parts_metrics.cc(233)] crbug.com/1216328: Checking Bluetooth availability ended.
[4839:4864:1104/190233.743452:ERROR:chrome_browser_main_extra_parts_metrics.cc(236)] crbug.com/1216328: Checking default browser status started. Please report if there is no report that this ends.
[4839:4864:1104/190233.850328:ERROR:chrome_browser_main_extra_parts_metrics.cc(240)] crbug.com/1216328: Checking default browser status ended.
*** stack smashing detected ***: terminated
Received signal 6
#0 0x55f43389e279 base::debug::CollectStackTrace()
#1 0x55f4338022f6 base::debug::StackTrace::StackTrace()
#2 0x55f43389dd61 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x7f2cf7a6c050 (/lib64/libpthread-2.31.so+0x1404f)
#4 0x7f2cee70a18b __GI_raise
#5 0x7f2cee70b585 __GI_abort
#6 0x7f2cee74e2f7 __libc_message
#7 0x7f2cee7e0ad2 __GI___fortify_fail
#8 0x7f2cee7e0ab0 __stack_chk_fail_local
#9 0x55f43336b78e content::ContentMainRunnerImpl::Run()
#10 0x55f43336894f content::ContentMain()
#11 0x55f4300920fe ChromeMain
#12 0x7f2cee6f534d __libc_start_main
#13 0x55f42fc94e6a _start
  r8: 0000000000000000  r9: 00007ffeea096d40 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffeea096fc0 r13: 0000000000001000 r14: 0000000000000000 r15: 0000000000000001
  di: 0000000000000002  si: 00007ffeea096d40  bp: 00007ffeea0970f0  bx: 0000000000000006
  dx: 0000000000000000  ax: 0000000000000000  cx: 00007f2cee70a18b  sp: 00007ffeea096d40
  ip: 00007f2cee70a18b efl: 0000000000000246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
Received signal 11 <unknown> 03e800000001
#0 0x55f43389e279 base::debug::CollectStackTrace()
#1 0x55f4338022f6 base::debug::StackTrace::StackTrace()
#2 0x55f43389dd61 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x7f2cf7a6c050 (/lib64/libpthread-2.31.so+0x1404f)
#4 0x7f2cee70b517 __GI_abort
#5 0x7f2cee74e2f7 __libc_message
#6 0x7f2cee7e0ad2 __GI___fortify_fail
#7 0x7f2cee7e0ab0 __stack_chk_fail_local
#8 0x55f43336b78e content::ContentMainRunnerImpl::Run()
#9 0x55f43336894f content::ContentMain()
#10 0x55f4300920fe ChromeMain
#11 0x7f2cee6f534d __libc_start_main
#12 0x55f42fc94e6a _start
  r8: 0000000000000000  r9: 00007ffeea096d40 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffeea096fc0 r13: 0000000000001000 r14: 0000000000000000 r15: 0000000000000001
  di: 0000000000000002  si: 00007ffeea096d40  bp: 00007ffeea0970f0  bx: 00007f2cf8219c40
  dx: 0000000000000000  ax: 0000000000000004  cx: 0000000000000000  sp: 00007ffeea096e60
  ip: 00007f2cee70b517 efl: 0000000000010246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 000000000000000d msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]

Comment 6 Kai Lappalainen 2021-11-04 18:12:09 UTC

Leap 15.2 from Konsole:

Gtk-Message: 18:55:57.853: Failed to load module "colorreload-gtk-module"
Gtk-Message: 18:55:57.853: Failed to load module "window-decorations-gtk-module"
[96291:96291:1104/185558.071669:ERROR:viz_main_impl.cc(161)] Exiting GPU process due to errors during initialization
[96203:96447:1104/185558.101044:ERROR:object_proxy.cc(642)] Failed to call method: org.freedesktop.DBus.Properties.Get: object_path= /org/freedesktop/UPower: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.UPower was not provided by any .service files
[96203:96447:1104/185558.101251:ERROR:object_proxy.cc(642)] Failed to call method: org.freedesktop.UPower.GetDisplayDevice: object_path= /org/freedesktop/UPower: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.UPower was not provided by any .service files
[96203:96447:1104/185558.101436:ERROR:object_proxy.cc(642)] Failed to call method: org.freedesktop.UPower.EnumerateDevices: object_path= /org/freedesktop/UPower: org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.UPower was not provided by any .service files
[96448:96448:1104/185558.245641:ERROR:viz_main_impl.cc(161)] Exiting GPU process due to errors during initialization
[96553:96553:1104/185558.399710:ERROR:viz_main_impl.cc(161)] Exiting GPU process due to errors during initialization
[96620:96620:1104/185558.428946:ERROR:gpu_init.cc(453)] Passthrough is not supported, GL is swiftshader, ANGLE is 
[96509:7:1104/185558.451013:ERROR:command_buffer_proxy_impl.cc(125)] ContextResult::kTransientFailure: Failed to send GpuControl.CreateCommandBuffer.
[96203:96283:1104/185601.226934:ERROR:chrome_browser_main_extra_parts_metrics.cc(230)] crbug.com/1216328: Checking Bluetooth availability started. Please report if there is no report that this ends.
[96203:96283:1104/185601.226971:ERROR:chrome_browser_main_extra_parts_metrics.cc(233)] crbug.com/1216328: Checking Bluetooth availability ended.
[96203:96283:1104/185601.226976:ERROR:chrome_browser_main_extra_parts_metrics.cc(236)] crbug.com/1216328: Checking default browser status started. Please report if there is no report that this ends.
[96203:96283:1104/185601.344802:ERROR:chrome_browser_main_extra_parts_metrics.cc(240)] crbug.com/1216328: Checking default browser status ended.
*** stack smashing detected ***: <unknown> terminated
[1104/185602.421834:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq: No such file or directory (2)
[1104/185602.421919:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq: No such file or directory (2)
Received signal 6
#0 0x55e7aec41ef9 (/usr/lib64/chromium/chrome+0x8f7def8)
#1 0x55e7aeb88ee3 (/usr/lib64/chromium/chrome+0x8ec4ee2)
#2 0x55e7aec419e1 (/usr/lib64/chromium/chrome+0x8f7d9e0)
#3 0x7f32bdfa7310 (/lib64/libpthread-2.26.so+0x1330f)
#4 0x7f32b494c420 __GI_raise
#5 0x7f32b494da01 __GI_abort
#6 0x7f32b498f877 __libc_message
#7 0x7f32b4a2045e __GI___fortify_fail_abort
#8 0x7f32b4a20422 __stack_chk_fail_local
#9 0x55e7ae51d905 (/usr/lib64/chromium/chrome+0x8859904)
#10 0x55e7ae51e622 (/usr/lib64/chromium/chrome+0x885a621)
#11 0x55e7ae51bd1c (/usr/lib64/chromium/chrome+0x8857d1b)
#12 0x55e7ae51c66c (/usr/lib64/chromium/chrome+0x885866b)
#13 0x55e7a9c7c24e ChromeMain
#14 0x7f32b493734a __libc_start_main
#15 0x55e7a9c7c02a _start
  r8: 0000000000000000  r9: 00007ffcb7025aa0 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffcb7025d40 r13: 0000000000001000 r14: 0000000000000000 r15: 0000000000000001
  di: 0000000000000002  si: 00007ffcb7025aa0  bp: 00007ffcb7025ed0  bx: 0000000000000006
  dx: 0000000000000000  ax: 0000000000000000  cx: 00007f32b494c420  sp: 00007ffcb7025aa0
  ip: 00007f32b494c420 efl: 0000000000000246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
[1104/185602.431468:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq: No such file or directory (2)
[1104/185602.431493:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq: No such file or directory (2)
Received signal 11 <unknown> 03e800000001
#0 0x55e7aec41ef9 (/usr/lib64/chromium/chrome+0x8f7def8)
#1 0x55e7aeb88ee3 (/usr/lib64/chromium/chrome+0x8ec4ee2)
#2 0x55e7aec419e1 (/usr/lib64/chromium/chrome+0x8f7d9e0)
#3 0x7f32bdfa7310 (/lib64/libpthread-2.26.so+0x1330f)
#4 0x7f32b494daf4 __GI_abort
#5 0x7f32b498f877 __libc_message
#6 0x7f32b4a2045e __GI___fortify_fail_abort
#7 0x7f32b4a20422 __stack_chk_fail_local
#8 0x55e7ae51d905 (/usr/lib64/chromium/chrome+0x8859904)
#9 0x55e7ae51e622 (/usr/lib64/chromium/chrome+0x885a621)
#10 0x55e7ae51bd1c (/usr/lib64/chromium/chrome+0x8857d1b)
#11 0x55e7ae51c66c (/usr/lib64/chromium/chrome+0x885866b)
#12 0x55e7a9c7c24e ChromeMain
#13 0x7f32b493734a __libc_start_main
#14 0x55e7a9c7c02a _start
  r8: 0000000000000000  r9: 00007ffcb7025aa0 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffcb7025d40 r13: 0000000000001000 r14: 0000000000000000 r15: 0000000000000001
  di: 0000000000000002  si: 00007ffcb7025aa0  bp: 00007ffcb7025ed0  bx: 00007ffcb7025d40
  dx: 0000000000000000  ax: 0000000000000004  cx: 0000000000000000  sp: 00007ffcb7025bc0
  ip: 00007f32b494daf4 efl: 0000000000010246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 000000000000000d msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
*** stack smashing detected ***: <unknown> terminated
[1104/185602.706888:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq: No such file or directory (2)
[1104/185602.706917:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq: No such file or directory (2)
Received signal 6
#0 0x55e7aec41ef9 (/usr/lib64/chromium/chrome+0x8f7def8)
#1 0x55e7aeb88ee3 (/usr/lib64/chromium/chrome+0x8ec4ee2)
#2 0x55e7aec419e1 (/usr/lib64/chromium/chrome+0x8f7d9e0)
#3 0x7f32bdfa7310 (/lib64/libpthread-2.26.so+0x1330f)
#4 0x7f32b494c420 __GI_raise
#5 0x7f32b494da01 __GI_abort
#6 0x7f32b498f877 __libc_message
#7 0x7f32b4a2045e __GI___fortify_fail_abort
#8 0x7f32b4a20422 __stack_chk_fail_local
#9 0x55e7ae51d905 (/usr/lib64/chromium/chrome+0x8859904)
#10 0x55e7ae51e622 (/usr/lib64/chromium/chrome+0x885a621)
#11 0x55e7ae51bd1c (/usr/lib64/chromium/chrome+0x8857d1b)
#12 0x55e7ae51c66c (/usr/lib64/chromium/chrome+0x885866b)
#13 0x55e7a9c7c24e ChromeMain
#14 0x7f32b493734a __libc_start_main
#15 0x55e7a9c7c02a _start
  r8: 0000000000000000  r9: 00007ffcb7025aa0 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffcb7025d40 r13: 0000000000001000 r14: 0000000000000000 r15: 0000000000000001
  di: 0000000000000002  si: 00007ffcb7025aa0  bp: 00007ffcb7025ed0  bx: 0000000000000006
  dx: 0000000000000000  ax: 0000000000000000  cx: 00007f32b494c420  sp: 00007ffcb7025aa0
  ip: 00007f32b494c420 efl: 0000000000000246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
[1104/185602.717044:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq: No such file or directory (2)
[1104/185602.717067:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq: No such file or directory (2)
Received signal 11 <unknown> 03e800000001
#0 0x55e7aec41ef9 (/usr/lib64/chromium/chrome+0x8f7def8)
#1 0x55e7aeb88ee3 (/usr/lib64/chromium/chrome+0x8ec4ee2)
#2 0x55e7aec419e1 (/usr/lib64/chromium/chrome+0x8f7d9e0)
#3 0x7f32bdfa7310 (/lib64/libpthread-2.26.so+0x1330f)
#4 0x7f32b494daf4 __GI_abort
#5 0x7f32b498f877 __libc_message
#6 0x7f32b4a2045e __GI___fortify_fail_abort
#7 0x7f32b4a20422 __stack_chk_fail_local
#8 0x55e7ae51d905 (/usr/lib64/chromium/chrome+0x8859904)
#9 0x55e7ae51e622 (/usr/lib64/chromium/chrome+0x885a621)
#10 0x55e7ae51bd1c (/usr/lib64/chromium/chrome+0x8857d1b)
#11 0x55e7ae51c66c (/usr/lib64/chromium/chrome+0x885866b)
#12 0x55e7a9c7c24e ChromeMain
#13 0x7f32b493734a __libc_start_main
#14 0x55e7a9c7c02a _start
  r8: 0000000000000000  r9: 00007ffcb7025aa0 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffcb7025d40 r13: 0000000000001000 r14: 0000000000000000 r15: 0000000000000001
  di: 0000000000000002  si: 00007ffcb7025aa0  bp: 00007ffcb7025ed0  bx: 00007ffcb7025d40
  dx: 0000000000000000  ax: 0000000000000004  cx: 0000000000000000  sp: 00007ffcb7025bc0
  ip: 00007f32b494daf4 efl: 0000000000010246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 000000000000000d msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]

Comment 7 Kai Lappalainen 2021-11-04 18:19:45 UTC

Ok, I must correct my observation: The crash happens, when starting(!) chromium, not when closing. The browser itself seams not affected insofar, that there is no other (visible) error and it keeps running.

Comment 8 Callum Farmer 2021-11-05 18:35:19 UTC

CONF on own 15.3 VM

Comment 9 Callum Farmer 2021-11-05 19:10:31 UTC

Please try chromium-95.0.4638.69-bp153.1613.1.x86_64 from
https://download.opensuse.org/repositories/home:/gmbr3:/Chromium/openSUSE_Backports_SLE-15-SP3/home:gmbr3:Chromium.repo

Comment 10 Kai Lappalainen 2021-11-05 21:19:14 UTC

chromium-95.0.4638.69-bp153.1613.1.x86_64 looks good!
No more crashes. :)

Comment 11 Callum Farmer 2021-11-06 12:22:35 UTC

llvm12 likely needs adding to 15.2 & 15.3 to fix this.

Tested broken under llvm11
Tested fixed under llvm13
I will just confirm that this is definitely fixed with llvm12


Likely due to https://build.opensuse.org/package/view_file/home:gmbr3:Chromium/chromium/chromium-clang-nomerge.patch
which needs llvm12+

Comment 12 Callum Farmer 2021-11-07 13:17:09 UTC

Confirmed: I need llvm12 (or higher) in 15.2 (and higher)

Comment 13 Aaron Puchert 2021-11-07 23:10:07 UTC

(In reply to Callum Farmer from comment #11)
> Likely due to
> https://build.opensuse.org/package/view_file/home:gmbr3:Chromium/chromium/
> chromium-clang-nomerge.patch
> which needs llvm12+
Strange that this causes a crash. According to the attribute reference: "This attribute can be used to prevent the optimizer from obscuring the source location of certain calls. For example, it will prevent tail merging otherwise identical code sequences that raise an exception or terminate the program. Tail merging normally reduces the precision of source location information, making stack traces less useful for debugging." (https://clang.llvm.org/docs/AttributeReference.html)

So it seems this should only affect the quality of debug info, which in general should have been stripped anyway. (It's part of the *-debuginfo package.) But perhaps there is something else going on, some miscompilation maybe?

This isn't the first bug that would be fixed by a newer LLVM, bug 1192067 also would like llvm12 in Leap 15.3. So I opened bug 1192429 to discuss whether to bring a new major version of LLVM into 15.3 and which one.

Leap 15.2 is almost at the end of its lifetime (~Nov 2021), so should we bother?

Comment 14 Callum Farmer 2021-11-08 08:38:54 UTC

Yeah I had no idea what NOMERGE actually did so yeah sounds more like miscompilation. I'm fine with ignoring 15.2 and fixing this in 15.3 only

Comment 15 Aaron Puchert 2021-11-19 00:41:04 UTC

Request https://build.opensuse.org/request/show/932377 adds llvm12 to Leap 15.3. Not sure how staging works for Leap, but I read something about incident projects and maybe we can get the necessary changes to Chromium in there as well? (The metapackages like clang will continue to point to clang11, so you'll need to explicitly request clang12.)

Comment 16 OBSbugzilla Bot 2021-11-20 19:40:06 UTC

This is an autogenerated message for OBS integration:
This bug (1192310) was mentioned in
https://build.opensuse.org/request/show/932674 Backports:SLE-15-SP3 / chromium

Comment 17 OBSbugzilla Bot 2021-11-22 21:40:06 UTC

This is an autogenerated message for OBS integration:
This bug (1192310) was mentioned in
https://build.opensuse.org/request/show/933159 Factory / chromium

Comment 18 Swamp Workflow Management 2021-12-01 23:17:28 UTC

openSUSE-RU-2021:1516-1: An update that has two recommended fixes can now be installed.

Category: recommended (low)
Bug References: 1192310,1192429
CVE References: 
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP3 (src):    llvm12-12.0.1-bp153.3.1

Comment 19 Marcus Meissner 2021-12-03 14:24:21 UTC

15-sp3 chromium seems to build fine on x86_64 now, but fails on aarch64

Comment 20 OBSbugzilla Bot 2021-12-09 11:40:06 UTC

This is an autogenerated message for OBS integration:
This bug (1192310) was mentioned in
https://build.opensuse.org/request/show/937729 Backports:SLE-15-SP3 / chromium

Comment 21 Swamp Workflow Management 2021-12-13 23:17:26 UTC

openSUSE-SU-2021:1582-1: An update that fixes 36 vulnerabilities is now available.

Category: security (important)
Bug References: 1192310,1192734,1193519
CVE References: CVE-2021-38005,CVE-2021-38006,CVE-2021-38007,CVE-2021-38008,CVE-2021-38009,CVE-2021-38010,CVE-2021-38011,CVE-2021-38012,CVE-2021-38013,CVE-2021-38014,CVE-2021-38015,CVE-2021-38016,CVE-2021-38017,CVE-2021-38018,CVE-2021-38019,CVE-2021-38020,CVE-2021-38021,CVE-2021-38022,CVE-2021-4052,CVE-2021-4053,CVE-2021-4054,CVE-2021-4055,CVE-2021-4056,CVE-2021-4057,CVE-2021-4058,CVE-2021-4059,CVE-2021-4061,CVE-2021-4062,CVE-2021-4063,CVE-2021-4064,CVE-2021-4065,CVE-2021-4066,CVE-2021-4067,CVE-2021-4068,CVE-2021-4078,CVE-2021-4079
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP3 (src):    chromium-96.0.4664.93-bp153.2.45.2

Comment 22 OBSbugzilla Bot 2021-12-15 09:00:09 UTC

This is an autogenerated message for OBS integration:
This bug (1192310) was mentioned in
https://build.opensuse.org/request/show/940660 15.2 / chromium

Comment 23 OBSbugzilla Bot 2021-12-15 09:50:29 UTC

This is an autogenerated message for OBS integration:
This bug (1192310) was mentioned in
https://build.opensuse.org/request/show/940663 Backports:SLE-12-SP3 / chromium

Comment 24 OBSbugzilla Bot 2021-12-15 11:50:04 UTC

This is an autogenerated message for OBS integration:
This bug (1192310) was mentioned in
https://build.opensuse.org/request/show/940702 15.2 / chromium

Comment 25 OBSbugzilla Bot 2021-12-27 00:00:04 UTC

This is an autogenerated message for OBS integration:
This bug (1192310) was mentioned in
https://build.opensuse.org/request/show/942659 15.2 / chromium

Comment 26 Swamp Workflow Management 2021-12-28 11:17:07 UTC

openSUSE-SU-2021:1632-1: An update that fixes 41 vulnerabilities is now available.

Category: security (important)
Bug References: 1192310,1192734,1193519,1193713
CVE References: CVE-2021-38005,CVE-2021-38006,CVE-2021-38007,CVE-2021-38008,CVE-2021-38009,CVE-2021-38010,CVE-2021-38011,CVE-2021-38012,CVE-2021-38013,CVE-2021-38014,CVE-2021-38015,CVE-2021-38016,CVE-2021-38017,CVE-2021-38018,CVE-2021-38019,CVE-2021-38020,CVE-2021-38021,CVE-2021-38022,CVE-2021-4052,CVE-2021-4053,CVE-2021-4054,CVE-2021-4055,CVE-2021-4056,CVE-2021-4057,CVE-2021-4058,CVE-2021-4059,CVE-2021-4061,CVE-2021-4062,CVE-2021-4063,CVE-2021-4064,CVE-2021-4065,CVE-2021-4066,CVE-2021-4067,CVE-2021-4068,CVE-2021-4078,CVE-2021-4079,CVE-2021-4098,CVE-2021-4099,CVE-2021-4100,CVE-2021-4101,CVE-2021-4102
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    chromium-96.0.4664.110-lp152.2.143.1

Comment 27 Callum Farmer 2022-01-22 14:21:31 UTC

fixed

Comment 28 Kai Lappalainen 2022-10-28 18:45:52 UTC

This bug is back since some time, on openSUSE Leap 15.4 with distribution version of chromium I see with dmesg:

[ 1439.056448] traps: chrome[6451] general protection fault ip:7f2d1aa4c2e7 sp:7ffd97232be0 error:0 in libc-2.31.so[7f2d1aa00000+1e6000]
[ 1473.498530] traps: chrome[6502] general protection fault ip:7f2d1aa4c2e7 sp:7ffd97232be0 error:0 in libc-2.31.so[7f2d1aa00000+1e6000]
[ 1473.545892] traps: chrome[6491] general protection fault ip:7f2d1aa4c2e7 sp:7ffd97232be0 error:0 in libc-2.31.so[7f2d1aa00000+1e6000]
[ 1473.604637] traps: chrome[6496] general protection fault ip:7f2d1aa4c2e7 sp:7ffd97232be0 error:0 in libc-2.31.so[7f2d1aa00000+1e6000]
[ 1473.609384] traps: chrome[6508] general protection fault ip:7f2d1aa4c2e7 sp:7ffd97232be0 error:0 in libc-2.31.so[7f2d1aa00000+1e6000]
[ 1473.611024] traps: chrome[6514] general protection fault ip:7f2d1aa4c2e7 sp:7ffd97232be0 error:0 in libc-2.31.so[7f2d1aa00000+1e6000]
[ 1600.214485] traps: chrome[6770] general protection fault ip:7f2d1aa4c2e7 sp:7ffd97232be0 error:0 in libc-2.31.so[7f2d1aa00000+1e6000]
[ 2401.030397] traps: chrome[7368] general protection fault ip:7f2ab464c2e7 sp:7fff54da53d0 error:0 in libc-2.31.so[7f2ab4600000+1e6000]

This is chromium-106.0.5249.119-bp154.2.35.1.x86_64
(but started some versions before already)

Comment 29 Andreas Stieger 2022-12-17 20:18:35 UTC

Dear reporter, this is the 2022 end-of-year chromium bugzilla clean-up. The currently shipped version of chromium on all openSUSE distributions is 108.0.5359.124. It has moved on significantly since you reported the issue.

We are asking you to do the following:

Please upgrade to 108.0.5359.124 or later and confirm that the issue remains reproducible. If so please re-confirm clear reproduction steps in a comment and select the "I am providing the requested information..." option.

If the issue no longer occurs for you, or you are no longer interested, please close the issue.

If we do not hear from you issue will be closed in the next year. If you need more time let us know.

Comment 30 Kai Lappalainen 2022-12-19 18:29:05 UTC

chromium-108.0.5359.124-bp154.2.55.1.x86_64:

Start chromium, look with dmesg:

traps: chrome[12260] general protection fault ip:7f5ca004c2e7 sp:7ffe235b3d10 error:0 in libc-2.31.so[7f5ca0000000+1e6000]

Very easy reproducible.

Comment 31 Kai Lappalainen 2022-12-19 18:32:04 UTC

And for the sake of completeness for Leap 15.3 also:

chromium-108.0.5359.124-bp153.1752.1.x86_64

Start chromium, look with dmesg:

traps: chrome[83341] general protection fault ip:7f5fd81842e7 sp:7ffefaa7b3c0 error:0 in libc-2.31.so[7f5fd8138000+1e6000]