Chromium 90 (32-bit) crashes on startup... unless I use "--disable-seccomp-filter-sandbox"

35 views
Skip to first unread message

Eric Hameleers

unread,
Apr 24, 2021, 2:52:41 PMApr 24
to chromium-packagers
Thanks to patches provided by Matt Denton I was able to get my Chromium 88 and 89 32-bit Slackware builds running issue-free on Slackware 14.2 and -current.
Now we are on to the next major release... and again I am confronted with breakage of the 32-bit binaries.
I can prevent an immediate crash, in fact the browser will run just fine when I supply the command-line parameter "--disable-seccomp-filter-sandbox" but obviously that is a show of weakness. I would rather have the Chromium sources patched so that this behavior no longer occurs and  Idon't have to disable the seccomp filter sandbox.

The errors I am getting are completely different though than the ones I shared for Chromium 88 and 89.

I'll share the start of 1400 lines of crash output when running my non-stripped chromium binary. Can anyone make sense of what happens here? More to the point: can anyone fix this crash behavior?
Thanks for listening, Let me know if I should do more tests. Crash output follows.

[3322:3322:0422/073213.937223:ERROR:browser_dm_token_storage_linux.cc(94)] Error: /etc/machine-id contains 0 characters (32 were expected).
Received signal 11 SEGV_MAPERR 000000000000
#0 0x000004861c1f base::debug::CollectStackTrace()
#1 0x0000047c2a32 base::debug::StackTrace::StackTrace()
#2 0x000004861876 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x0000b7f8a570 ([vdso]+0x56f)
#4 0x00000653d898 sandbox::bpf_dsl::PolicyCompiler::PolicyCompiler()
#5 0x00000654417e sandbox::SandboxBPF::AssembleFilter()
#6 0x000006543f02 sandbox::SandboxBPF::InstallFilter()
#7 0x000006543e71 sandbox::SandboxBPF::StartSandbox()
#8 0x000006532de6 sandbox::policy::SandboxSeccompBPF::StartSandboxWithExternalPolicy()
#9 0x00000653139b sandbox::policy::SandboxLinux::StartSeccompBPF()
#10 0x000006531c19 sandbox::policy::SandboxLinux::InitializeSandbox()
#11 0x00000652f9b9 sandbox::policy::Sandbox::Initialize()
#12 0x000004387755 content::UtilityMain()
#13 0x000004766434 content::RunZygote()
#14 0x000004766a29 Received signal 11 SEGV_MAPERR 000000000000
#0 0x000004861c1f Received signal 11 SEGV_MAPERR 000000000000
#0 0x000004861c1f content::RunOtherNamedProcessTypeMain()
#15 0x000004767726 base::debug::CollectStackTrace()
#1 0x0000047c2a32 base::debug::CollectStackTrace()
#1 0x0000047c2a32 content::ContentMainRunnerImpl::Run()
#16 0x000004764d03 base::debug::StackTrace::StackTrace()
#2 0x000004861876 content::RunContentProcess()
#17 0x00000476570b base::debug::StackTrace::StackTrace()
#2 0x000004861876 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x0000b7f8a570 ([vdso]+0x56f)
#4 0x00000653d898 content::ContentMain()
#18 0x00000179e199 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x0000b7f8a570 ([vdso]+0x56f)
#4 0x00000653d898 sandbox::bpf_dsl::PolicyCompiler::PolicyCompiler()
#5 0x00000654417e sandbox::bpf_dsl::PolicyCompiler::PolicyCompiler()
#5 0x00000654417e ChromeMain
#19 0x00000179e09f main
#20 0x0000b6676889 __libc_start_main
  gs: 00000033  fs: 00000000  es: 0000007b  ds: 0000007b
 edi: bff3a7e0 esi: 0bd4e23c ebp: bff3a7b8 esp: bff3a7a0
 ebx: 0a6f767c edx: 00000002 ecx: 0a4cfd68 eax: 00000000
 trp: 0000000e err: 00000004  ip: 0653d6ba  cs: 00000073
 efl: 00210212 usp: bff3a7a0  ss: 0000007b
[end of stack trace]
Calling _exit(1). Core file will not be generated.
sandbox::SandboxBPF::AssembleFilter()
#6 0x000006543f02 sandbox::SandboxBPF::AssembleFilter()
#6 0x000006543f02 Received signal 11 SEGV_MAPERR 000000000000
#0 0x000004861c1f sandbox::SandboxBPF::InstallFilter()
#7 0x000006543e71 sandbox::SandboxBPF::InstallFilter()
#7 0x000006543e71 base::debug::CollectStackTrace()
#1 0x0000047c2a32 base::debug::StackTrace::StackTrace()
#2 0x000004861876 sandbox::SandboxBPF::StartSandbox()
#8 0x000006532de6 sandbox::SandboxBPF::StartSandbox()
#8 0x000006532de6 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x0000b7f8a570 ([vdso]+0x56f)
#4 0x00000653d898 sandbox::policy::SandboxSeccompBPF::StartSandboxWithExternalPolicy()
#9 0x00000653139b sandbox::policy::SandboxSeccompBPF::StartSandboxWithExternalPolicy()
#9 0x00000653139b sandbox::bpf_dsl::PolicyCompiler::PolicyCompiler()
#5 0x00000654417e sandbox::policy::SandboxLinux::StartSeccompBPF()
#10 0x000006531c19 sandbox::policy::SandboxLinux::StartSeccompBPF()
#10 0x000006531c19 sandbox::SandboxBPF::AssembleFilter()
#6 0x000006543f02 sandbox::policy::SandboxLinux::InitializeSandbox()
#11 0x00000652f9b9 sandbox::policy::SandboxLinux::InitializeSandbox()
#11 0x00000652f9b9 sandbox::SandboxBPF::InstallFilter()
#7 0x000006543e71 sandbox::policy::Sandbox::Initialize()
#12 0x00000a25d461 sandbox::policy::Sandbox::Initialize()
#12 0x00000a25d461 sandbox::SandboxBPF::StartSandbox()
#8 0x000006532de6 sandbox::policy::SandboxSeccompBPF::StartSandboxWithExternalPolicy()
#9 0x00000653139b content::RendererMainPlatformDelegate::EnableSandbox()
#13 0x00000a237f6a content::RendererMainPlatformDelegate::EnableSandbox()
#13 0x00000a237f6a sandbox::policy::SandboxLinux::StartSeccompBPF()
#10 0x000006531c19 sandbox::policy::SandboxLinux::InitializeSandbox()
#11 0x00000652f9b9 content::RendererMain()
#14 0x000004766434 content::RendererMain()
#14 0x000004766434 content::RunZygote()
#15 0x000004766a29 content::RunZygote()
#15 0x000004766a29 sandbox::policy::Sandbox::Initialize()
#12 0x000004387755 content::RunOtherNamedProcessTypeMain()
#16 0x000004767726 content::UtilityMain()
#13 0x000004766434 content::RunOtherNamedProcessTypeMain()
#16 0x000004767726 content::ContentMainRunnerImpl::Run()
#17 0x000004764d03 content::ContentMainRunnerImpl::Run()
#17 0x000004764d03 content::RunZygote()
#14 0x000004766a29 content::RunContentProcess()
#18 0x00000476570b content::RunOtherNamedProcessTypeMain()
#15 0x000004767726 content::RunContentProcess()
#18 0x00000476570b content::ContentMain()
#19 0x00000179e199 content::ContentMain()
#19 0x00000179e199 content::ContentMainRunnerImpl::Run()
#16 0x000004764d03 content::RunContentProcess()
#17 0x00000476570b content::ContentMain()
#18 0x00000179e199 ChromeMain
#20 0x00000179e09f main
#21 0x0000b6676889 __libc_start_main
  gs: 00000033  fs: 00000000  es: 0000007b  ds: 0000007b
 edi: bff3a7e0 esi: 0bd693bc ebp: bff3a7b8 esp: bff3a7a0
 ebx: 0a6f767c edx: 00000002 ecx: 0a4cfd68 eax: 00000000
 trp: 0000000e err: 00000004  ip: 0653d6ba  cs: 00000073
 efl: 00010212 usp: bff3a7a0  ss: 0000007b
[end of stack trace]
Calling _exit(1). Core file will not be generated.
ChromeMain
#20 0x00000179e09f main
#21 0x0000b6676889 __libc_start_main
  gs: 00000033  fs: 00000000  es: 0000007b  ds: 0000007b
 edi: bff3a7e0 esi: 0bd693bc ebp: bff3a7b8 esp: bff3a7a0
 ebx: 0a6f767c edx: 00000002 ecx: 0a4cfd68 eax: 00000000
 trp: 0000000e err: 00000004  ip: 0653d6ba  cs: 00000073
 efl: 00010212 usp: bff3a7a0  ss: 0000007b
[end of stack trace]
Calling _exit(1). Core file will not be generated.
ChromeMain
#19 0x00000179e09f main
#20 0x0000b6676889 __libc_start_main
  gs: 00000033  fs: 00000000  es: 0000007b  ds: 0000007b
 edi: bff3a7e0 esi: 0bd4e23c ebp: bff3a7b8 esp: bff3a7a0
 ebx: 0a6f767c edx: 00000002 ecx: 0a4cfd68 eax: 00000000
 trp: 0000000e err: 00000004  ip: 0653d6ba  cs: 00000073
 efl: 00210212 usp: bff3a7a0  ss: 0000007b
[end of stack trace]
Calling _exit(1). Core file will not be generated.
Received signal 11 SEGV_MAPERR 000000000000
#0 0x000004861c1f base::debug::CollectStackTrace()
#1 0x0000047c2a32 base::debug::StackTrace::StackTrace()
#2 0x000004861876 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x0000b7f8a570 ([vdso]+0x56f)
#4 0x00000653d898 [3352:3352:0422/073215.310473:ERROR:sandbox_linux.cc(374)] InitializeSandbox() called with multiple threads in process gpu-process.
sandbox::bpf_dsl::PolicyCompiler::PolicyCompiler()
#5 0x00000654417e sandbox::SandboxBPF::AssembleFilter()
#6 0x000006543f02 sandbox::SandboxBPF::InstallFilter()
#7 0x000006543e71 sandbox::SandboxBPF::StartSandbox()
#8 0x000006532de6 sandbox::policy::SandboxSeccompBPF::StartSandboxWithExternalPolicy()
#9 0x00000653139b sandbox::policy::SandboxLinux::StartSeccompBPF()
#10 0x000006531c19 sandbox::policy::SandboxLinux::InitializeSandbox()
#11 0x00000652f9b9 sandbox::policy::Sandbox::Initialize()
#12 0x000004387755 content::UtilityMain()
#13 0x000004766434 content::RunZygote()
#14 0x000004766a29 content::RunOtherNamedProcessTypeMain()
#15 0x000004767726 content::ContentMainRunnerImpl::Run()
#16 0x000004764d03 content::RunContentProcess()
#17 0x00000476570b content::ContentMain()
#18 0x00000179e199 ChromeMain
#19 0x00000179e09f main
#20 0x0000b6676889 __libc_start_main
  gs: 00000033  fs: 00000000  es: 0000007b  ds: 0000007b
 edi: bff3a7e0 esi: 0bd4e23c ebp: bff3a7b8 esp: bff3a7a0
 ebx: 0a6f767c edx: 00000002 ecx: 0a4cfd68 eax: 00000000
 trp: 0000000e err: 00000004  ip: 0653d6ba  cs: 00000073
 efl: 00210212 usp: bff3a7a0  ss: 0000007b
[end of stack trace]

-- 
Eric Hameleers

Lei Zhang

unread,
Apr 26, 2021, 3:15:42 PMApr 26
to Eric Hameleers, mpde...@chromium.org, chromium-packagers
Hi Matt,

Do you want to help Eric again with this one? Should we file a bug for
this and continue the discussion there?
> --
> You received this message because you are subscribed to the Google Groups "chromium-packagers" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to chromium-packag...@chromium.org.
> To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-packagers/03424f3d-b002-49a0-a77a-93c565902512n%40chromium.org.

Eric Hameleers

unread,
Apr 29, 2021, 3:03:16 AMApr 29
to Matt Denton, Lei Zhang, Matthew Denton, chromium-packagers, Tom Anderson
Hi Matt,

Thanks for looking into my issue.

Checking https://crbug.com/1200669 I think it is not the same. Yes,
the workaround in that case is also disabling the seccomp filter
sandbox.
But in my case with running Chromium without any commandline
parameters to disable stuff, I do not even get a Chromium window to
display an "aw, snap!" messge. As soon as I see the window borders
being painted, the whole thing crashes. I only get a functional
browser if I add "--disable-seccomp-filter-sandbox".
If I add "--disable-sandbox" instead, I get Chromium to start and then
it will display "aw, snap" error messages and do nothing else.

To answer your question Matt, Slackware does nothing special to user
namespaces. They are enabled always and the distro does not offer a
mechanism (as Debian does) to disable/enable them. Note that my 64-bit
browser build runs just fine.

On Wed, 28 Apr 2021, Matt Denton wrote:

> I believe this is the same bug as https://crbug.com/1200669. I must admit I
> currently have no idea what's causing it.
>
> Eric, does slackware have untrusted user namespaces enabled by default?
Cheers, Eric

--
Eric Hameleers <al...@slackware.com>
Home: http://alien.slackbook.org/blog/

Matt Denton

unread,
Apr 29, 2021, 4:30:05 AMApr 29
to Eric Hameleers, Lei Zhang, Matthew Denton, chromium-packagers, Tom Anderson
Indeed I can see from your example that all child processes crash immediately. Is it possible for you to bisect this using https://www.chromium.org/developers/bisect-builds-py ?

Matt Denton

unread,
Apr 29, 2021, 4:45:19 AMApr 29
to Eric Hameleers, Lei Zhang, Matthew Denton, chromium-packagers, Tom Anderson
Sorry, silly suggestion, since linux 32-bit builds won't be supported by that tool, nor will they have the necessary patches to avoid earlier crashes. Let me file a bug and continue the discussion there: https://crbug.com/1204012 

Pea Bee

unread,
May 16, 2021, 12:33:20 PMMay 16
to chromium-packagers, mpde...@google.com, Lei Zhang, Matthew Denton, chromium-packagers, Tom Anderson, al...@slackware.com
All these published and released 32-bit builds of Chromium 90.0.4430.xxx crash unless run with the "--disable-seccomp-filter-sandbox" :

http://pool.mirror.archlinux32.org/pentium4/extra/chromium-90.0.4430.212-1.0-pentium4.pkg.tar.zst
http://ftp.us.debian.org/debian/pool/main/c/chromium/chromium_90.0.4430.212-1_i386.deb
https://slackware.uk/people/alien/slackbuilds/chromium/pkg/14.2/chromium-90.0.4430.212-i586-1alien.txz
https://snapcraft.io/chromium  (no direct link)
http://archive.ubuntu.com/ubuntu/pool/universe/c/chromium-browser/chromium-browser_90.0.4430.93-0ubuntu0.18.04.1_i386.deb

Each build seems to produce slightly different error messages when run in terminal - some crash completely, some give the "Aw Snap" page.

Linux Mint also used to publish a 32-bit version at:
http://www.mirrorservice.org/sites/packages.linuxmint.com/packages/pool/upstream/c/chromium/
but seems to have only provided a 64-bit version recently.
Reply all
Reply to author
Forward
0 new messages