Opened 2 months ago

Last modified 2 months ago

#7028 new defect

Chromium tab crashes when loading smithsonianmag.com on Linux

Reported by: jidanni Assignee: kzar
Priority: P2 Milestone:
Module: Platform Keywords: externaldependency
Cc: sebastian, mjethani, kzar, jsonesen, jid, greiner Blocked By:
Blocking: Platform: Chrome
Ready: yes Confidential: no
Tester: Unknown Verified working: no
Review URL(s):

Description (last modified by kzar)

Environment

Debian Linux (testing)
Chromium 69.0.3497.92 (apt install chromium)
Adblock Plus 3.3.2
EasyList, AA, circumvention list

How to reproduce

  1. Browse to https://www.smithsonianmag.com/science-nature/true-story-kudzu-vine-ate-south-180956325

Observed behaviour

"Aw snap" tab crashed screen.

Expected behaviour

The tab does not crash.

Notes

libpng warning: iCCP: Not recognizing known sRGB profile that has been edited
Received signal 11 SEGV_MAPERR 000000000000
#0 0x562ec0487e4e <unknown>
#1 0x562ec048824b <unknown>
#2 0x562ec04888ce <unknown>
#3 0x7f71002e38e0 <unknown>
#4 0x562ec2deb4e7 <unknown>
#5 0x562ec2dff619 <unknown>
#6 0x562ebfb0dff2 <unknown>
#7 0x562ebfc14f61 <unknown>
#8 0x562ebff7f42e <unknown>
  r8: 0000562ec2dff899  r9: 0000000000000055 r10: 0000562ec732f450 r11: 00003ae31ed09ca9
 r12: 0000000000000000 r13: 00007ffd0ca23540 r14: 00007ffd0ca23550 r15: 00007ffd0ca23528
  di: 00007ffd0ca23550  si: 0000562ec3b0cce0  bp: 00007ffd0ca23740  bx: 0000036b0aa47d50
  dx: 0000562ec2deb4dc  ax: 0000000000000000  cx: 00000000000000e1  sp: 00007ffd0ca23500
  ip: 0000562ec2deb4e7 efl: 0000000000010206 cgf: 002b000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
Calling _exit(1). Core file will not be generated.

Attachments (1)

r.txt (28.8 KB) - added by jidanni 2 months ago.
OK I dug this info out of issue-reporter.html . Please see if this crashes it for you. No I have tons of memory.

Download all attachments as: .zip

Change History (20)

comment:1 Changed 2 months ago by mapx

  • Cc sebastian mjethani kzar added

comment:2 Changed 2 months ago by mjethani

  • Cc jsonesen added

comment:3 follow-up: Changed 2 months ago by mjethani

Are you able to reproduce this issue?

comment:4 in reply to: ↑ 3 Changed 2 months ago by jidanni

Replying to mjethani:

Are you able to reproduce this issue?

Yes. No matter regular or incognito window: aw snap.

comment:5 Changed 2 months ago by kzar

  • Cc jid added
  • Component changed from Unknown to Platform
  • Description modified (diff)

Thanks for filing the bug, I've updated it. Please could you confirm I got the details right? Also, please could you confirm the following for me?

  • Are you running Debian Linux? If so which version? If not, what are you running?
  • How have you installed Chromium?
  • Which version of Adblock Plus are you running?
  • Which filter subscriptions and custom filters (if any) do you have?
  • Can you still reproduce the problem when you remove all filter subscription? If not, which subscriptions / filters were the minimum required to trigger the bug?

comment:6 Changed 2 months ago by kzar

  • Summary changed from chromium linux crash to Chromium tab crashes when loading smithsonianmag.com on Linux

comment:7 Changed 2 months ago by greiner

  • Cc greiner added

I was unable to reproduce this issue on:

Ubuntu 16.04 (8GB RAM)
Chrome 69
Adblock Plus 3.3.2.2172 (default settings)

Could it be that the machine is running out of memory for some reason?

comment:8 Changed 2 months ago by philll

Unable to reproduce in an incognito tab with ABP enabled on

Debian 9
Chrome Version 68.0.3440.106 (Official Build) (64-bit)
ABP 3.3.2.2172
abp-filters-anti-cv
EasyList Germany+EasyList
AA enabled

comment:9 Changed 2 months ago by jidanni

Version
3.3.2

 Active
Adblock Warning Removal List
hours ago
 

 Active
ABP filters
minutes ago
 

 Active
EasyList
hours ago
 

 Active
Allow nonintrusive advertising
minutes ago
 

Package: chromium
Version: 69.0.3497.92-1

-- System Information:
Debian Release: buster/sid
  APT prefers experimental
  APT policy: (990, 'experimental'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.18.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=zh_TW.UTF-8, LC_CTYPE=zh_TW.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages chromium depends on:
ii  chromium-common      69.0.3497.92-1
ii  libasound2           1.1.6-1
ii  libatk-bridge2.0-0   2.30.0-2
ii  libatk1.0-0          2.30.0-1
ii  libatomic1           8.2.0-7
ii  libavcodec58         7:4.0.2-2+b1
ii  libavformat58        7:4.0.2-2+b1
ii  libavutil56          7:4.0.2-2+b1
ii  libc6                2.27-6
ii  libcairo-gobject2    1.15.12-1
ii  libcairo2            1.15.12-1
ii  libcups2             2.3~b5-2
ii  libdbus-1-3          1.13.6-1
ii  libdrm2              2.4.94-1
ii  libevent-2.1-6       2.1.8-stable-4
ii  libexpat1            2.2.6-1
ii  libflac8             1.3.2-3
ii  libfontconfig1       2.13.1-1
ii  libfreetype6         2.9.1-2
ii  libgcc1              1:8.2.0-7
ii  libgdk-pixbuf2.0-0   2.38.0+dfsg-6
ii  libglib2.0-0         2.58.1-2
ii  libgtk-3-0           3.24.1-2
ii  libharfbuzz0b        1.9.0-1
ii  libicu60             60.2-6
ii  libjpeg62-turbo      1:1.5.2-2+b1
ii  liblcms2-2           2.9-3
ii  libminizip1          1.1-8+b1
ii  libnspr4             2:4.20-1
ii  libnss3              2:3.39-1
ii  libopenjp2-7         2.3.0-1
ii  libopus0             1.3~beta+20180518-1
ii  libpango-1.0-0       1.42.4-3
ii  libpangocairo-1.0-0  1.42.4-3
ii  libpci3              1:3.5.2-1
ii  libpng16-16          1.6.34-2
ii  libpulse0            12.2-2
ii  libre2-4             20180901+dfsg-1
ii  libsnappy1v5         1.1.7-1
ii  libstdc++6           8.2.0-7
ii  libvpx5              1.7.0-3
ii  libwebp6             0.6.1-2
ii  libwebpdemux2        0.6.1-2
ii  libwebpmux3          0.6.1-2
ii  libx11-6             2:1.6.7-1
ii  libx11-xcb1          2:1.6.7-1
ii  libxcb1              1.13.1-1
ii  libxcomposite1       1:0.4.4-2
ii  libxcursor1          1:1.1.15-1
ii  libxdamage1          1:1.1.4-3
ii  libxext6             2:1.3.3-1+b2
ii  libxfixes3           1:5.0.3-1
ii  libxi6               2:1.7.9-1
ii  libxml2              2.9.8+dfsg-1
ii  libxrandr2           2:1.5.1-1
ii  libxrender1          1:0.9.10-1
ii  libxslt1.1           1.1.32-2
ii  libxss1              1:1.2.3-1
ii  libxtst6             2:1.2.3-1
ii  zlib1g               1:1.2.11.dfsg-1

chromium recommends no packages.

Versions of packages chromium suggests:
pn  chromium-driver  <none>
pn  chromium-l10n    <none>
pn  chromium-shell   <none>

-- no debconf information


Changed 2 months ago by jidanni

OK I dug this info out of issue-reporter.html . Please see if this crashes it for you. No I have tons of memory.

comment:10 Changed 2 months ago by kzar

  • Description modified (diff)

Thanks, I've updated the issue.

comment:11 Changed 2 months ago by kzar

  • Description modified (diff)
  • Priority changed from Unknown to P2
  • Ready set

I can reproduce as described with Debian testing, Chromium "Version 69.0.3497.92 (Developer Build) built on Debian buster/sid, running on Debian buster/sid (64-bit)", Adblock Plus 3.3.2.

When I disable all filter subscriptions the crash no longer happens, then when I enable just EasyList it starts again. Also I saw some output in the console, which I've added to the issue notes.

comment:12 Changed 2 months ago by kzar

  • Description modified (diff)

comment:13 Changed 2 months ago by kzar

  • Description modified (diff)

comment:14 Changed 2 months ago by kzar

  • Description modified (diff)

comment:15 follow-up: Changed 2 months ago by mjethani

Does this happen with an older version of Adblock Plus?

comment:16 in reply to: ↑ 15 Changed 2 months ago by jidanni

Replying to mjethani:

Does this happen with an older version of Adblock Plus?

I don't know.

comment:17 Changed 2 months ago by kzar

  • Owner set to kzar

I can reproduce this with only the filter ||imasdk.googleapis.com^$third-party (no subscriptions). FWIW, that blocks one request to https://imasdk.googleapis.com/js/sdkloader/ima3.js. Continuing to investigate...

comment:18 follow-up: Changed 2 months ago by kzar

  • Keywords externaldependency added

I can reproduce the problem with only a tiny extension which blocks that one request. I don't think there's anything we can fix our end therefore. I have posted a comment on the Chromium issue with lots more details, hopefully they will reopen it!

Thanks again for taking the time to report this, Dave.

comment:19 in reply to: ↑ 18 Changed 2 months ago by jidanni

Replying to kzar:
Now on Debian in chromium 70.0.3538.54-1
/usr/share/doc/chromium/README.Debian
has working instructions on how to get a stack trace.

Note: See TracTickets for help on using tickets.