Chromium 56.0.2924.87 (Built on OS X) Crashes on http_util.cc

[Bobo]

I think this might be a bug in Chromium. I tried throwing my whole repo out and fetching the source code from scratch, and building again, same crashes are happening.

Specifically, it happens when the uBlock Origin extension is running. I filed a report with uBlock Origin, who told me this was a problem with Chromium not their extension ("no browser should crash running HTML/CSS/JS"):

This error seems to occur reliably right before the crash:
FATAL:http_util.cc(61)] Check failed: url.is_valid() && (url.SchemeIsHTTPOrHTTPS() || url.SchemeIs("ftp") || url.SchemeIsWSOrWSS()).





Here are two URL's where the crash will happen:
1) https://www.youtube.com/watch?v=cmdFne7LnuA
2) https://www.chromium.org/developers/version-numbers

I have tried opening Chromium in the following two ways, in both cases the crash still happens:

1. chromium/src/out/Default/Chromium.app/Contents/MacOS/Chromium --usr-data-dir=/tmp
2. open ./chromium/src/out/Default/Chromium.app

Browser/version: Chromium / 56.0.2924.87
uBlock Origin version: 1.11.0

OS: OS X 10.11

The args.gn file I used to build:
symbol_level=1
enable_stripping=true
ffmpeg_branding="Chrome"
is_official_build=true

I also notice the following warning, even without uBlock Origin running:

ERROR:render_process_impl.cc(112)] WebFrame LEAKED 2 TIMES

Finally, looking a bit closer at the FATAL http_util.cc crash on the Chromium versions URL, it appears like this SecurityError comes before it (this does not happen on the Youtube link that crashes):

[52616:1295:0301/223324.981631:INFO:CONSOLE(2)] "Uncaught SecurityError: Failed to read the 'localStorage' property from 'Window': Access is denied for this document.", source:  (2)
[52616:1295:0301/223325.254439:INFO:CONSOLE(2)] "Uncaught SecurityError: Failed to read the 'localStorage' property from 'Window': Access is denied for this document.", source:  (2)
[52616:40707:0301/223325.656785:FATAL:http_util.cc(61)] Check failed: url.is_valid() && (url.SchemeIsHTTPOrHTTPS() || url.SchemeIs("ftp") || url.SchemeIsWSOrWSS()).

On an older Chromium version (52.0.2743.116) this crash does not happen.

On Tue, Feb 7, 2017 at 10:56 AM, Nico Weber <tha...@chromium.org> wrote:

Maybe you were just unlucky when you synced. Have you tried syncing again?

Also try `out/gn/Chromium.app/Contents/MacOS/Chromium --user-data-dir=/tmp` to run with a clear user data dir, to check if it's due to extensions.

On Sun, Jan 29, 2017 at 11:14 AM, Bobo <the....@gmail.com> wrote:

Hi All,

(cc: Nico)

Updated my OSX build script (https://github.com/the-bobo/easychromium/) to use GN instead of GYP, successfully built, but the build is extremely unstable, with the browser crashing without any warning.

Here's what the last few lines of the build output look like:
[27402/27407] COPY_BUNDLE_DATA 'Chromium Framework.framework' 'Chromium.app/Contents/Versions/56.0.2924.76/Chromium Framework.framework'
[27403/27407] CC obj/chrome/chrome_app_executable/chrome_exe_main_mac.o
[27404/27407] LINK obj/chrome/chrome_app_executable/Chromium
[27405/27407] COPY_BUNDLE_DATA obj/chrome/chrome_app_executable/Chromium Chromium.app/Contents/MacOS/Chromium
[27406/27407] STAMP obj/chrome/chrome_app.stamp
[27407/27407] STAMP obj/chrome/chrome.stamp

When I opened Chromium for the first time I noticed that it tried to connect to fansshare.com, which I found very odd. I don't think I've ever heard of that site before.

It also tries to connect to eff.map.fastly.net, and chromium-i18n.appspot.com. I'm guessing the eff.map.fastly.net request is related to the HTTPS Everywhere extension. Not sure about fansshare.com and chromium-i18n.appspot.com, though the latter looks related to some kind of Chromium internationalization stuff.

When I try to play video from youtube it plays for a second and then crashes.

This is the args.gn file I used:
symbol_level=1
enable_stripping=true
ffmpeg_branding="Chrome"
proprietary_codecs=1
is_official_build=true

Any idea what is wrong?

(Latest code here: https://github.com/the-bobo/easychromium/ - you can ignore lines 229-234, I was debugging a change directory failure before I realized GYP was deprecated)

Thanks,

Bobo

On Sun, Dec 4, 2016 at 6:52 PM, Bobo <the....@gmail.com> wrote:

No worries - actually what happens for me is my script checks out a new branch specific to the TARGET version it will be building. So in that new git branch there is no out/Release folder.

Finishing up some other work at the moment, but will post back with results as I update my script to use GN.

On Sun, Dec 4, 2016 at 6:39 PM, Nico Weber <tha...@chromium.org> wrote:

I'm guessing your build deletes out/? DEPS no longer contains a hook to call build/gyp_chromium; our bots later call `gn gen` in a separate step. I suppose we could've added a hook that checks if out/Release or out/Debug exist, and if not, run `gn gen` twice to create those two (with is_debug=false for Release). That would've made the transition easier. I'm not sure that it's still worth doing though, not that most people are on gn already and have adopted the new way of generating build dirs already.

On Sun, Dec 4, 2016 at 6:07 PM, Bobo <the....@gmail.com> wrote:

Thanks Nico - will be trying this once I get xcode upgraded. Can't believe how quick and awesome the help is in this community!

FYI, it would have been nice to see a more descriptive error message. My build just started failing with:

ninja: fatal: chdir to 'out/Release' - No such file or directory
ninja: Entering directory `out/Release'

I imagine this is because GYP is no longer building a build directory for ninja to use. Would it be possible for a more descriptive error message to hint that the root cause might be moving from GYP to GN? Not sure if that should go in some GYP runhooks subroutine or here in ninja when the chdir fails and throws a fatal error.

I realize this might not be desirable - I'm sure there are other ways to cause a fatal chdir error in ninja.

Thanks,

Bobo

On Sun, Dec 4, 2016 at 5:41 PM, Nico Weber <tha...@chromium.org> wrote:

1) Yes, args.gn is the best replacement. `gn args out/foo` just opens out/foo/args.gn in $EDITOR and then runs`gn gen out/foo`; if you want you can do those two steps separately (say, if you don't have $EDITOR set to your favorite editor). (Besides args.gn, there's also --args, so instead of putting e.g. "is_debug = false" in args.gn, you could also run `gn gen "--args=is_debug = false" out/foo`, but args.gn is more convenient.)

2) It's just a newline-separated list of "lhs = rhs" assignments. lhs are config vars, rhs are values. See `gn help buildargs` (doesn't require Xcode)

3) We used to have a conversion cookbook, looks like it got deleted recently though. You can see it here: https://chromium.googlesource.com/chromium/src/tools/gn/+/5924882f31dcc5ae2197beb1dd804b322f83f4c9%5E%21/#F1

From there:

fastbuild=1 => symbol_level=1

mac_strip_release=1 => enable_stripping=true (but this is enabled by default in official builds, so you don't need to explicitly pass this)

ffmpeg_branding=Chrome => ffmpeg_branding="Chrome" (not mentioned in the cookbook; found via cs at https://cs.chromium.org/chromium/src/third_party/ffmpeg/ffmpeg_options.gni?q=ffmpeg_branding&sq=package:chromium&l=11&dr=C)

proprietary_codecs=1 => I think this is already implied by ffmpeg_branding="Chrome" now, but I'm not sure

buildtype=Official => is_official_build=true

Good luck!

On Sun, Dec 4, 2016 at 5:27 PM, Bobo B. <the....@gmail.com> wrote:

Hello,

I have a script that builds Chromium from source on OS X. I'd like to update from GYP to GN.

I have a line in the script that does the following:

export GYP_DEFINES="fastbuild=1 mac_strip_release=1 ffmpeg_branding=Chrome proprietary_codecs=1 buildtype=Official"

What is the equivalent method for accomplishing this with gn?

I understand I'll need to:

cd src
gn gen out/foo
ninja -C out/foo chrome

to generate a gn build directory and kick the build off, but am not sure how to convert my GYP_DEFINES into gn arguments. I'm waiting to update Xcode right now so can't run

gn args out/foo --list

to see what is available.

I've tried looking at https://chromium.googlesource.com/chromium/src/+/master/tools/gn/docs/reference.md and https://www.chromium.org/developers/gn-build-configuration but did not find what I was looking for. I think I need to learn:

1) What GN uses instead of "GYP_DEFINES" (I think it's the args.gn file that gets placed in out/foo and is normally invoked with gn args out/foo ??)
2) What that args.gn file looks like so I can write my own instead of requiring interaction (this is an automated script)
3) How to set the options I've listed above in the export GYP_DEFINES line in the GN file

Thank you,
Bobo

--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev

[Bruce]

Have you tried debugging? The best first step when a version of Chrome that you have built is to run it under a debugger. Using symbol_level = 1 will make debugging difficult, as will is_official_build=true. Consider using symbol_level = 2 and is_debug = true instead, while investigating the crash?

[Nico Weber]

We shouldn't hit DCHECKs and that we do is a bug, but it sounds like you just want a browser for personal use, not development -- so just adding `is_debug = false` to your args.gn will make this problem go away (or, rather, paper over it so that chromium no longer crashes).

Nico

[Bobo]

Anyone?

[Nico Weber]

Did you see my reply? Try adding `is_debug = false` to your args.gn.

[Bobo]

Thanks Nico - no I didn't see your reply! For some reason it never arrived. I will try adding `is_debug=false` to args.gn and report back.

[Bobo]

H Nico,

Seeing your earlier statements now. What does it mean that web frames are leaking? And what is the security error with the window object?

I do want a browser for personal use, but I'd like it to be secure!

Thanks,

Bobo

[Bobo B.]

Can anyone help me assess the security implications of these warnings? It sounds like a DCHECK is put in place to force a fatal error if some assertion that should not fail does fail. Should I feel comfortable running a browser that fails a DCHECK and outputs security errors to the console? What is the actual significance of the Web Frames Leaked and Security Error I'm seeing?

There's not much point in compiling a browser from source if you're asked to suppress security errors the codebase thinks should be fatal. I realize I may be missing context about how important these warning actually are, please advise.

[Torne (Richard Coles)]

DCHECKs are only enabled in debug builds; this means that the actual Chrome browser we ship has them disabled, since we ship release builds. So, you shouldn't feel like you're putting yourself in some dangerous position by disabling them - if they were vital security checks then they would be CHECK() instead, which is enabled in release builds. End users are never expected to run builds with DCHECKs enabled.

---
You received this message because you are subscribed to the Google Groups "Chromium-dev" group.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/d3341373-3b8f-40eb-80f6-9a7e3992dbe1%40chromium.org.

[Daniel Cheng]

I don't know why you're seeing these DCHECKs, but the messages about SecurityError are unrelated: they are a standard JS exception thrown when violating the same-origin policy: https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy.

For your specific issue, I'd recommend seeing what the actual value of |url| is, and working backwards from there.

Daniel

[Bobo]

Thanks all, I appreciate the extra context around DCHECKs and SecurityError, Torne and Daniel. I tried the same build, adding is_debug=false to the args.gn file. Unfortunately the same error occurs.

On https://www.youtube.com/watch?v=cmdFne7LnuA I see the following error before Chromium hard exits:

[56083:35587:0329/013057.133223:FATAL:http_util.cc(61)] Check failed: url.is_valid() && (url.SchemeIsHTTPOrHTTPS() || url.SchemeIs("ftp") || url.SchemeIsWSOrWSS()).

This looks like the same problem as before. This is unfortunate. I would like to be able to use Chromium! For reference, this problem is occurring on version 57.0.2987.110.

This seems like a persistent issue carrying over from Chromium 56.0.2924.87.

Any advice on how to proceed?

Thanks,

Bobo

[Lei Zhang]

If you added "is_debug = false" and rebuilt, then DCHECKs should be
turned off and there is no way for that same error to occur.

> https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/CAM920XSDqW1y0HK%3D_mAuTEi51-RG9fadHnptZZ%2B63J2tf_mHBg%40mail.gmail.com.

[Bobo]

and yet it does?

cat chromium/src/args.gn

symbol_level=1
enable_stripping=true
ffmpeg_branding="Chrome"
is_official_build=true

is_debug=false

[Lei Zhang]

Try putting args.gn in the right place? If your build is in
chromium/src/out/Default/Chromium.app, then args.gn should be
chromium/src/out/Default/args.gn, not chromium/src/args.gn.

As a sanity check, if you touch base/logging.cc and rebuild with ninja
-v, you should see -DNDEBUG on the command line when recompiling
logging.cc.

[Bobo]

Hi All,

Tried Lei's suggestion regarding placement of args.gn file with attempt to build Chromium 57.0.2987.133 a couple weeks ago, met with the same error and spontaneous crashes.

Has anyone been able to build a stable release candidate of Chromium on OS X since 56.0.2924.87? Any other suggestions on what to try?

Please cc me on reply, thanks.

Yours,

Bobo