Opened 11 months ago

Closed 4 months ago

#7028 closed defect (fixed)

Chromium tab crashes when loading smithsonianmag.com on Linux

Reported by: jidanni Assignee: kzar
Priority: P2 Milestone:
Module: Platform Keywords: externaldependency
Cc: sebastian, mjethani, kzar, jsonesen, jid, greiner Blocked By:
Blocking: Platform: Chrome
Ready: yes Confidential: no
Tester: Unknown Verified working: no
Review URL(s):

Description (last modified by kzar)

Environment

Debian Linux (testing)
Chromium 69.0.3497.92 (apt install chromium)
Adblock Plus 3.3.2
EasyList, AA, circumvention list

How to reproduce

  1. Browse to https://www.smithsonianmag.com/science-nature/true-story-kudzu-vine-ate-south-180956325

Observed behaviour

"Aw snap" tab crashed screen.

Expected behaviour

The tab does not crash.

Notes

libpng warning: iCCP: Not recognizing known sRGB profile that has been edited
Received signal 11 SEGV_MAPERR 000000000000
#0 0x562ec0487e4e <unknown>
#1 0x562ec048824b <unknown>
#2 0x562ec04888ce <unknown>
#3 0x7f71002e38e0 <unknown>
#4 0x562ec2deb4e7 <unknown>
#5 0x562ec2dff619 <unknown>
#6 0x562ebfb0dff2 <unknown>
#7 0x562ebfc14f61 <unknown>
#8 0x562ebff7f42e <unknown>
  r8: 0000562ec2dff899  r9: 0000000000000055 r10: 0000562ec732f450 r11: 00003ae31ed09ca9
 r12: 0000000000000000 r13: 00007ffd0ca23540 r14: 00007ffd0ca23550 r15: 00007ffd0ca23528
  di: 00007ffd0ca23550  si: 0000562ec3b0cce0  bp: 00007ffd0ca23740  bx: 0000036b0aa47d50
  dx: 0000562ec2deb4dc  ax: 0000000000000000  cx: 00000000000000e1  sp: 00007ffd0ca23500
  ip: 0000562ec2deb4e7 efl: 0000000000010206 cgf: 002b000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
Calling _exit(1). Core file will not be generated.

Attachments (1)

r.txt (28.8 KB) - added by jidanni 11 months ago.
OK I dug this info out of issue-reporter.html . Please see if this crashes it for you. No I have tons of memory.

Download all attachments as: .zip

Change History (21)

comment:1 Changed 11 months ago by mapx

  • Cc sebastian mjethani kzar added

comment:2 Changed 11 months ago by mjethani

  • Cc jsonesen added

comment:3 follow-up: Changed 11 months ago by mjethani

Are you able to reproduce this issue?

comment:4 in reply to: ↑ 3 Changed 11 months ago by jidanni

Replying to mjethani:

Are you able to reproduce this issue?

Yes. No matter regular or incognito window: aw snap.

comment:5 Changed 11 months ago by kzar

  • Cc jid added
  • Component changed from Unknown to Platform
  • Description modified (diff)

Thanks for filing the bug, I've updated it. Please could you confirm I got the details right? Also, please could you confirm the following for me?

  • Are you running Debian Linux? If so which version? If not, what are you running?
  • How have you installed Chromium?
  • Which version of Adblock Plus are you running?
  • Which filter subscriptions and custom filters (if any) do you have?
  • Can you still reproduce the problem when you remove all filter subscription? If not, which subscriptions / filters were the minimum required to trigger the bug?

comment:6 Changed 11 months ago by kzar

  • Summary changed from chromium linux crash to Chromium tab crashes when loading smithsonianmag.com on Linux

comment:7 Changed 11 months ago by greiner

  • Cc greiner added

I was unable to reproduce this issue on:

Ubuntu 16.04 (8GB RAM)
Chrome 69
Adblock Plus 3.3.2.2172 (default settings)

Could it be that the machine is running out of memory for some reason?

comment:8 Changed 11 months ago by philll

Unable to reproduce in an incognito tab with ABP enabled on

Debian 9
Chrome Version 68.0.3440.106 (Official Build) (64-bit)
ABP 3.3.2.2172
abp-filters-anti-cv
EasyList Germany+EasyList
AA enabled

comment:9 Changed 11 months ago by jidanni

Version
3.3.2

 Active
Adblock Warning Removal List
hours ago
 

 Active
ABP filters
minutes ago
 

 Active
EasyList
hours ago
 

 Active
Allow nonintrusive advertising
minutes ago
 

Package: chromium
Version: 69.0.3497.92-1

-- System Information:
Debian Release: buster/sid
  APT prefers experimental
  APT policy: (990, 'experimental'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.18.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=zh_TW.UTF-8, LC_CTYPE=zh_TW.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages chromium depends on:
ii  chromium-common      69.0.3497.92-1
ii  libasound2           1.1.6-1
ii  libatk-bridge2.0-0   2.30.0-2
ii  libatk1.0-0          2.30.0-1
ii  libatomic1           8.2.0-7
ii  libavcodec58         7:4.0.2-2+b1
ii  libavformat58        7:4.0.2-2+b1
ii  libavutil56          7:4.0.2-2+b1
ii  libc6                2.27-6
ii  libcairo-gobject2    1.15.12-1
ii  libcairo2            1.15.12-1
ii  libcups2             2.3~b5-2
ii  libdbus-1-3          1.13.6-1
ii  libdrm2              2.4.94-1
ii  libevent-2.1-6       2.1.8-stable-4
ii  libexpat1            2.2.6-1
ii  libflac8             1.3.2-3
ii  libfontconfig1       2.13.1-1
ii  libfreetype6         2.9.1-2
ii  libgcc1              1:8.2.0-7
ii  libgdk-pixbuf2.0-0   2.38.0+dfsg-6
ii  libglib2.0-0         2.58.1-2
ii  libgtk-3-0           3.24.1-2
ii  libharfbuzz0b        1.9.0-1
ii  libicu60             60.2-6
ii  libjpeg62-turbo      1:1.5.2-2+b1
ii  liblcms2-2           2.9-3
ii  libminizip1          1.1-8+b1
ii  libnspr4             2:4.20-1
ii  libnss3              2:3.39-1
ii  libopenjp2-7         2.3.0-1
ii  libopus0             1.3~beta+20180518-1
ii  libpango-1.0-0       1.42.4-3
ii  libpangocairo-1.0-0  1.42.4-3
ii  libpci3              1:3.5.2-1
ii  libpng16-16          1.6.34-2
ii  libpulse0            12.2-2
ii  libre2-4             20180901+dfsg-1
ii  libsnappy1v5         1.1.7-1
ii  libstdc++6           8.2.0-7
ii  libvpx5              1.7.0-3
ii  libwebp6             0.6.1-2
ii  libwebpdemux2        0.6.1-2
ii  libwebpmux3          0.6.1-2
ii  libx11-6             2:1.6.7-1
ii  libx11-xcb1          2:1.6.7-1
ii  libxcb1              1.13.1-1
ii  libxcomposite1       1:0.4.4-2
ii  libxcursor1          1:1.1.15-1
ii  libxdamage1          1:1.1.4-3
ii  libxext6             2:1.3.3-1+b2
ii  libxfixes3           1:5.0.3-1
ii  libxi6               2:1.7.9-1
ii  libxml2              2.9.8+dfsg-1
ii  libxrandr2           2:1.5.1-1
ii  libxrender1          1:0.9.10-1
ii  libxslt1.1           1.1.32-2
ii  libxss1              1:1.2.3-1
ii  libxtst6             2:1.2.3-1
ii  zlib1g               1:1.2.11.dfsg-1

chromium recommends no packages.

Versions of packages chromium suggests:
pn  chromium-driver  <none>
pn  chromium-l10n    <none>
pn  chromium-shell   <none>

-- no debconf information


Changed 11 months ago by jidanni

OK I dug this info out of issue-reporter.html . Please see if this crashes it for you. No I have tons of memory.

comment:10 Changed 11 months ago by kzar

  • Description modified (diff)

Thanks, I've updated the issue.

comment:11 Changed 11 months ago by kzar

  • Description modified (diff)
  • Priority changed from Unknown to P2
  • Ready set

I can reproduce as described with Debian testing, Chromium "Version 69.0.3497.92 (Developer Build) built on Debian buster/sid, running on Debian buster/sid (64-bit)", Adblock Plus 3.3.2.

When I disable all filter subscriptions the crash no longer happens, then when I enable just EasyList it starts again. Also I saw some output in the console, which I've added to the issue notes.

comment:12 Changed 11 months ago by kzar

  • Description modified (diff)

comment:13 Changed 11 months ago by kzar

  • Description modified (diff)

comment:14 Changed 11 months ago by kzar

  • Description modified (diff)

comment:15 follow-up: Changed 11 months ago by mjethani

Does this happen with an older version of Adblock Plus?

comment:16 in reply to: ↑ 15 Changed 11 months ago by jidanni

Replying to mjethani:

Does this happen with an older version of Adblock Plus?

I don't know.

comment:17 Changed 11 months ago by kzar

  • Owner set to kzar

I can reproduce this with only the filter ||imasdk.googleapis.com^$third-party (no subscriptions). FWIW, that blocks one request to https://imasdk.googleapis.com/js/sdkloader/ima3.js. Continuing to investigate...

comment:18 follow-up: Changed 11 months ago by kzar

  • Keywords externaldependency added

I can reproduce the problem with only a tiny extension which blocks that one request. I don't think there's anything we can fix our end therefore. I have posted a comment on the Chromium issue with lots more details, hopefully they will reopen it!

Thanks again for taking the time to report this, Dave.

comment:19 in reply to: ↑ 18 Changed 10 months ago by jidanni

Replying to kzar:
Now on Debian in chromium 70.0.3538.54-1
/usr/share/doc/chromium/README.Debian
has working instructions on how to get a stack trace.

comment:20 Changed 4 months ago by kzar

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.