Open right click menu + fast scroll crashes chromium with traps: chromium-browse[14023] trap int3
Reported by
andi.wen...@gmail.com,
Feb 20 2018
|
||||||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/64.0.3282.140 Chrome/64.0.3282.140 Safari/537.36 Steps to reproduce the problem: 1. open chromium 2. open right click menu by right clicking anywhere on the page 3. position the mouse pointer outside of the menu (It does not crash if the mouse pointer is still inside of the menu) 4. use fast scroll (for example with a mouse that doesn't lock the scroll wheel) What is the expected behavior? No crash What went wrong? chromium crashes with "traps: chromium-browse[14023] trap int3" Crashed report ID: How much crashed? Whole browser Is it a problem with a plugin? N/A Did this work before? N/A Chrome version: 64.0.3282.140 Channel: n/a OS Version: Ubuntu 17.10 (64-bit) Flash Version: - happens independently which page is displayed - This also happens if I use Google Chrome with "Version 64.0.3282.167 (Official Build) (64-bit)"
,
Feb 21 2018
Tested in chrome # 64.0.3282.140, Stable #64.0.3282.167 and Canary #66.0.3350.0 on Linux Debian system and not able to reproduce the issue.Please find the screen shots for your reference. @andi: Could you please let me know if i have missed anything and if possible,Please create new profile without extensions and apps.Re-check once and let us know the observations and please provide the crash id from chrome://crashes of the issue which would help us to triage the issue further. Thanks in Advance.
,
Feb 21 2018
I can't see were you had your mouse pointer while scrolling fast. But this is exactly the right click menu I was talking about. I just enabled crash reporting and generated a report with this id: d26b7951d7fef35b I'll try a few things to see if it changes the behavior and report back.
,
Feb 21 2018
Thank you for providing more feedback. Adding the requester to the cc list. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 21 2018
As I mentioned before I'm running Ubuntu 17.10, and I just noticed that the crash is not reproducible if I run chrome/chromium in a Xorg session. Within a Wayland session it happens every time: https://itsfoss.com/switch-xorg-wayland/ Maybe this already helps to pinpoint the cause?
,
Mar 7 2018
Thanks for the update!! @andi: Could you please update your Chrome to the latest version #65.0.3325.146 and check if you still face the issue? If so attach a one more Crash I'd from chrome://crashes? Crash I'd: d26b7951d7fef35b Stack trace: ============ Thread 0 (id: 8159) CRASHED [SIGILL @ 0x000055572389c581 ] MAGIC SIGNATURE THREAD Stack Quality79%Show frame trust levels 0x000055572389c581 (chrome -event.cc:300 ) ui::Event::AsLocatedEvent() 0x000055572423eace (chrome -desktop_window_tree_host_x11.cc:1775 ) views::DesktopWindowTreeHostX11::DispatchMouseEvent(ui::MouseEvent*) 0x0000555724240590 (chrome -desktop_window_tree_host_x11.cc:2099 ) views::DesktopWindowTreeHostX11::DispatchEvent(_XEvent* const&) 0x000055572424078f (chrome -desktop_window_tree_host_x11.cc ) non-virtual thunk to views::DesktopWindowTreeHostX11::DispatchEvent(_XEvent* const&) 0x00005557239a7934 (chrome -platform_event_source.cc:93 ) ui::PlatformEventSource::DispatchEvent(_XEvent*) 0x0000555723b2e191 (chrome -x11_event_source.cc:238 ) ui::X11EventSource::DispatchXEvents() 0x0000555723b313cb (chrome -x11_event_source_glib.cc:41 ) ui::(anonymous namespace)::XSourceDispatch(_GSource*, int (*)(void*), void*) 0x00007f207d7d3e24 (libglib-2.0.so.0.5400.1 + 0x0004ae24 ) 0x0000555723b313bf (chrome + 0x041003bf ) 0x00007f207d7e363f (libglib-2.0.so.0.5400.1 + 0x0005a63f ) 0x00007f207d7d41ef (libglib-2.0.so.0.5400.1 + 0x0004b1ef ) 0x00007f207d7d427b (libglib-2.0.so.0.5400.1 + 0x0004b27b ) 0x0000555722bf84e2 (chrome -message_pump_glib.cc:305 ) base::MessagePumpGlib::Run(base::MessagePump::Delegate*) 0x0000555722c18a23 (chrome -run_loop.cc:114 ) <name omitted> 0x00005557229195b8 (chrome -chrome_browser_main.cc:1939 ) ChromeBrowserMainParts::MainMessageLoopRun(int*) 0x0000555722bfe852 (chrome -new:234 ) base::Histogram::FactoryTimeGet(char const*, base::TimeDelta, base::TimeDelta, unsigned int, int) 0x0000555722c46e1b (chrome -category_registry.cc:88 ) <name omitted> 0x0000555722c5d8d6 (chrome -trace_log.cc:421 ) base::trace_event::TraceLog::GetCategoryGroupEnabled(char const*) 0x00005557218e81a0 (chrome -browser_main_loop.cc:1199 ) content::BrowserMainLoop::RunMainMessageLoopParts() 0x00005557218ea569 (chrome -browser_main_runner.cc:62 ) content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) 0x0000555726b83b0c (chrome -tcmalloc.cc ) tc_malloc 0x00005557218ea591 (chrome -browser_main_runner.cc:140 ) content::BrowserMainRunnerImpl::Run() 0x00005557218e3519 (chrome -browser_main.cc:46 ) content::BrowserMain(content::MainFunctionParams const&) 0x0000555722bd6a4e (chrome -command_line.cc:289 ) base::CommandLine::GetSwitchValueASCII(base::BasicStringPiece<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > const&) const 0x000055572120950b (chrome -__string:217 ) ChromeMainDelegate::RunProcess(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&) 0x00005557228f9bf7 (chrome -content_main_runner.cc:427 ) content::ContentMainRunnerImpl::Run() 0x00005557216b6f5f (chrome + 0x01c85f5f ) 0x00005557228f84f0 (chrome -__string:217 ) content::ContentServiceManagerMainDelegate::IsEmbedderSubprocess() 0x0000555722903614 (chrome -main.cc:456 ) service_manager::Main(service_manager::MainParams const&) 0x00007f207f8a7fef (libpthread-2.26.so + 0x00000fef ) 0x00007f2079449557 (libc-2.26.so + 0x00011557 ) 0x00007f207943be47 (libc-2.26.so + 0x00003e47 ) 0x0000555726b83b0c (chrome -tcmalloc.cc ) tc_malloc 0x0000555726b83b0c (chrome -tcmalloc.cc ) tc_malloc 0x0000555722c6e06d (chrome + 0x0323d06d ) operator new(unsigned long) 0x0000555726b83b0c (chrome -tcmalloc.cc ) tc_malloc 0x00005557210f5fff (chrome + 0x016c4fff ) 0x0000555722c6e06d (chrome + 0x0323d06d ) operator new(unsigned long) 0x00005557228f8f4f (chrome -content_main_runner.cc:449 ) content::ContentMainRunner::Create() 0x00005557210f5fff (chrome + 0x016c4fff ) 0x00005557228f89b0 (chrome -content_main.cc:19 ) content::ContentMain(content::ContentMainParams const&) 0x00005557212083fb (chrome -chrome_main.cc:130 ) ChromeMain 0x00007f207f8b718f (libpthread-2.26.so + 0x0001018f ) 0x00005557211fbd4f (chrome + 0x017cad4f ) vpx_filter_block1d4_v8_avg_ssse3 0x00007f20794591c0 (libc-2.26.so + 0x000211c0 ) 0x000055572120835f (chrome + 0x017d735f ) 0x00005557210f5fff (chrome + 0x016c4fff ) 0x00007f207fad6bea (ld-2.26.so + 0x00010bea ) 0x00005557210f5fff (chrome + 0x016c4fff ) 0x00005557210f6029 (chrome + 0x016c5029 ) _start 0x00007fff3f63f937 Unable to find the culprit from the above stack trace. Thanks!!
,
Mar 8 2018
Nice, it looks like the update fixed it > Chrome: Version 65.0.3325.146 (Official Build) (64-bit) I'm not able to reproduce the crash in this Chrome version > Chromium: Version 64.0.3282.167 (Official Build) Built on Ubuntu , running on Ubuntu 17.10 (64-bit) Looks like the chromium build in the repo is not updated yet, and I still can reproduce the crash here.
,
Mar 8 2018
Thank you for providing more feedback. Adding the requester to the cc list. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Mar 9 2018
Closing this issue as per comment #7. Thanks!! |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by manoranj...@chromium.org
, Feb 21 2018