[Pkg-chromium-maint] Bug#766883: chromium: crashes at startup with "Illegal instruction"

Sun Oct 26 15:27:21 UTC 2014

Package: chromium
Version: 37.0.2062.120-2
Severity: grave
Justification: renders package unusable

chromium 37.0.2062.120-2 and newer crash at startup with "Illegal
instruction". See the attached gdb-chromium.txt file.

Version 35.0.1916.153-2 works OK. I was unable to check
versions 36.* due to dependencies, probably on some experimental
packages.

I'm suspecting clang bug #665499 is the cause (however I cannot confirm
it - even though the code using std::stack still crashes as I described
in #665499, the code using emplace_back() to vector of int pairs seems
to work).

Regards,
robert

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (200, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.16-3-686-pae (SMP w/1 CPU core)
Locale: LANG=pl_PL.UTF8, LC_CTYPE=pl_PL.UTF8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages chromium depends on:
ii  chromium-inspector   38.0.2125.101-3
ii  gconf-service        3.2.6-3
ii  libasound2           1.0.28-1
ii  libc6                2.19-12
ii  libcairo2            1.14.0-2
ii  libcap2              1:2.24-6
ii  libcups2             1.7.5-7
ii  libdbus-1-3          1.8.8-2
ii  libexpat1            2.1.0-6
ii  libfontconfig1       2.11.0-6.1
ii  libfreetype6         2.5.2-2
ii  libgcc1              1:4.9.1-19
ii  libgconf-2-4         3.2.6-3
ii  libgdk-pixbuf2.0-0   2.31.1-2+b1
ii  libglib2.0-0         2.42.0-2
ii  libgnome-keyring0    3.12.0-1+b1
ii  libgtk2.0-0          2.24.25-1
ii  libharfbuzz0b        0.9.35-1
ii  libjpeg8             8d1-2
ii  libnspr4             2:4.10.7-1
ii  libnss3              2:3.17.2-1
ii  libpango-1.0-0       1.36.8-2
ii  libpangocairo-1.0-0  1.36.8-2
ii  libspeechd2          0.8-6
ii  libspeex1            1.2~rc1.2-1
ii  libstdc++6           4.9.1-19
ii  libudev1             215-5+b1
ii  libx11-6             2:1.6.2-3
ii  libxcomposite1       1:0.4.4-1
ii  libxcursor1          1:1.1.14-1
ii  libxdamage1          1:1.1.4-2
ii  libxext6             2:1.3.3-1
ii  libxfixes3           1:5.0.1-2
ii  libxi6               2:1.7.4-1
ii  libxml2              2.9.2+dfsg1-1
ii  libxrandr2           2:1.4.2-1
ii  libxrender1          1:0.9.8-1
ii  libxslt1.1           1.1.28-2+b1
ii  libxss1              1:1.2.2-1
ii  libxtst6             2:1.2.2-1
ii  xdg-utils            1.1.0~rc1+git20111210-7.1

chromium recommends no packages.

Versions of packages chromium suggests:
pn  chromium-l10n  <none>
pn  mozplugger     <none>

-- no debconf information
-------------- next part --------------
# Env:
#     LD_LIBRARY_PATH=/usr/lib/chromium:/usr/lib/xulrunner-1.9.1
#                PATH=/usr/lib/chromium:/home/robert/bin:/home/robert/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games
#            GTK_PATH=
# CHROMIUM_USER_FLAGS=
#      CHROMIUM_FLAGS=--password-store=detect
/usr/bin/gdb /usr/lib/chromium/chromium -x /tmp/chromiumargs.X5xnCx
GNU gdb (Debian 7.7.1+dfsg-3) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i586-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/lib/chromium/chromium...Reading symbols from /usr/lib/debug//usr/lib/chromium/chromium...done.
done.
(gdb) r
Starting program: /usr/lib/chromium/chromium --password-store=detect 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1".

Program received signal SIGILL, Illegal instruction.
std::vector<std::pair<unsigned int, int>, std::allocator<std::pair<unsigned int, int> > >::_M_emplace_back_aux<std::pair<unsigned int, int> >(std::pair<unsigned int, int>&&) (this=0x85937dc8, 
    __args=<unknown type in /usr/lib/debug/usr/lib/chromium/chromium, CU 0x48c3d8c, DIE 0x48c7357>)
    at /usr/include//c++/4.9/bits/vector.tcc:416
warning: Source file is more recent than executable.
416		    _Alloc_traits::construct(this->_M_impl, __new_start + size(),
(gdb) bt
#0  std::vector<std::pair<unsigned int, int>, std::allocator<std::pair<unsigned int, int> > >::_M_emplace_back_aux<std::pair<unsigned int, int> >(std::pair<unsigned int, int>&&) (this=0x85937dc8, 
    __args=<unknown type in /usr/lib/debug/usr/lib/chromium/chromium, CU 0x48c3d8c, DIE 0x48c7357>)
    at /usr/include//c++/4.9/bits/vector.tcc:416
#1  0x80a5d29c in emplace_back<std::pair<unsigned int, int> > (__t=..., __args=<optimized out>, 
    this=<optimized out>, __args=<optimized out>) at /usr/include//c++/4.9/bits/vector.tcc:101
#2  make_pair<unsigned int&, int&> (__x=<optimized out>, __x=<optimized out>, __y=<optimized out>, 
    __x=<optimized out>, __y=<optimized out>) at /usr/include//c++/4.9/bits/stl_vector.h:932
#3  base::GlobalDescriptors::Set (this=0x0, key=<optimized out>, fd=<optimized out>)
    at base/posix/global_descriptors.cc:49
#4  0x80a1c5f4 in content::ContentMainRunnerImpl::Initialize (this=0x8594dc98, params=...)
    at content/app/content_main_runner.cc:545
#5  0x80a1b919 in content::ContentMain (params=...) at content/app/content_main.cc:15
#6  0x8032fd86 in ChromeMain (argc=<optimized out>, argv=0xbffff6f4) at chrome/app/chrome_main.cc:57
#7  0xb679fa63 in __libc_start_main (main=0x8032fd20 <main(int, char const**)>, argc=2, argv=0xbffff6f4, 
    init=0x84582ed0 <__libc_csu_init>, fini=0x84582f40 <__libc_csu_fini>, 
    rtld_fini=0xb7fedc90 <_dl_fini>, stack_end=0xbffff6ec) at libc-start.c:287
#8  0x8032fbcf in _start ()
(gdb) p *this
$1 = std::vector of length 0, capacity 0
(gdb) info threads
  Id   Target Id         Frame 
* 1    Thread 0xb5fc08c0 (LWP 12626) "chromium" std::vector<std::pair<unsigned int, int>, std::allocator<std::pair<unsigned int, int> > >::_M_emplace_back_aux<std::pair<unsigned int, int> >(std::pair<unsigned int, int>&&) (this=0x85937dc8, 
    __args=<unknown type in /usr/lib/debug/usr/lib/chromium/chromium, CU 0x48c3d8c, DIE 0x48c7357>)
    at /usr/include//c++/4.9/bits/vector.tcc:416
(gdb) q
A debugging session is active.

	Inferior 1 [process 12626] will be killed.

Quit anyway? (y or n) 