Package: chromium Version: 97.0.4692.99-1~deb11u2 Severity: normal X-Debbugs-Cc: spikycaterpillar_debian...@deekoo.net
Chromium complains about stack smashing whenever started. I'm starting it from an xterm, and the output when starting to a blank tab with Google as the search engine is: [122740:122740:0126/025300.330856:ERROR:gpu_init.cc(457)] Passthrough is not supported, GL is disabled, ANGLE is [122696:122727:0126/025301.818616:ERROR:nss_util.cc(286)] After loading Root Certs, loaded==false: NSS error code: -8018 *** stack smashing detected ***: terminated *** stack smashing detected ***: terminated [122696:122727:0126/025304.329684:ERROR:chrome_browser_main_extra_parts_metrics.cc(227)] START: ReportBluetoothAvailability(). If you don't see the END: message, this is crbug.com/1216328. [122696:122727:0126/025304.329873:ERROR:chrome_browser_main_extra_parts_metrics.cc(230)] END: ReportBluetoothAvailability() *** stack smashing detected ***: terminated With Google as the default search engine, opening a new tab will give me two more "*** stack smashing detected ***: terminated" lines. (Note: I disabled hardware acceleration to see if it would make the stack smashing go away, it didn't.) If I set the default search engine to Debian, I get: [122448:122448:0126/025217.558330:ERROR:gpu_init.cc(457)] Passthrough is not supported, GL is disabled, ANGLE is [122405:122461:0126/025219.779173:ERROR:nss_util.cc(286)] After loading Root Certs, loaded==false: NSS error code: -8018 [122405:122432:0126/025221.869024:ERROR:chrome_browser_main_extra_parts_metrics.cc(227)] START: ReportBluetoothAvailability(). If you don't see the END: message, this is crbug.com/1216328. [122405:122432:0126/025221.869057:ERROR:chrome_browser_main_extra_parts_metrics.cc(230)] END: ReportBluetoothAvailability() *** stack smashing detected ***: terminated The stack smashing messages go away when I upgrade to 97.0.4692.99-1 (in unstable). I don't see stack smashing messages running Chromium 100.0.4853.0 (Build revision 963308, linux binary downloaded from chromium.org's recommended source). I also don't see stack smashing messages if I switch to unstable and upgrade Chromium to 97.0.4692.99-1 (which pulls in an updated libc, among other things. I'll include the system info for the unstable version in this message too) Ordinarily I wouldn't bother reporting a bug that appears fixed in unstable, but the stack smashing messages seem like they may be a sign of a security hole - and the fact that they appear linked to third-party network service integration makes them seem a bit ominous. -- System Information (stable, shows bug): Debian Release: 11.2 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.15.0-2-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages chromium depends on: ii chromium-common 97.0.4692.99-1~deb11u2 ii libasound2 1.2.4-1.1 ii libatk-bridge2.0-0 2.38.0-1 ii libatk1.0-0 2.36.0-2 ii libatomic1 10.2.1-6 ii libatspi2.0-0 2.38.0-4 ii libc6 2.31-13+deb11u2 ii libcairo2 1.16.0-5 ii libcups2 2.3.3op2-3+deb11u1 ii libdbus-1-3 1.12.20-2 ii libdrm2 2.4.104-1 ii libevent-2.1-7 2.1.12-stable-1 ii libexpat1 2.2.10-2 ii libflac8 1.3.3-2 ii libfontconfig1 2.13.1-4.2 ii libfreetype6 2.10.4+dfsg-1 ii libgbm1 20.3.5-1 ii libgcc-s1 10.2.1-6 ii libglib2.0-0 2.66.8-1 ii libharfbuzz0b 2.7.4-1 ii libicu67 67.1-7 ii libjpeg62-turbo 1:2.0.6-4 ii libjsoncpp24 1.9.4-4 ii liblcms2-2 2.12~rc1-2 ii libminizip1 1.1-8+b1 ii libnspr4 2:4.29-1 ii libnss3 2:3.61-1+deb11u2 ii libopenjp2-7 2.4.0-3 ii libopus0 1.3.1-0.1 ii libpango-1.0-0 1.46.2-3 ii libpng16-16 1.6.37-3 ii libpulse0 14.2-2 ii libre2-9 20210201+dfsg-1 ii libsnappy1v5 1.1.8-1 ii libstdc++6 10.2.1-6 ii libwebp6 0.6.1-2.1 ii libwebpdemux2 0.6.1-2.1 ii libwebpmux3 0.6.1-2.1 ii libx11-6 2:1.7.2-1 ii libxcb1 1.14-3 ii libxcomposite1 1:0.4.5-1 ii libxdamage1 1:1.1.5-2 ii libxext6 2:1.3.3-1.1 ii libxfixes3 1:5.0.3-2 ii libxkbcommon0 1.0.3-2 ii libxml2 2.9.10+dfsg-6.7 ii libxrandr2 2:1.5.1-1 ii libxslt1.1 1.1.34-4 ii zlib1g 1:1.2.11.dfsg-2 Versions of packages chromium recommends: ii chromium-sandbox 97.0.4692.99-1~deb11u2 Versions of packages chromium suggests: pn chromium-driver <none> pn chromium-l10n <none> pn chromium-shell <none> Versions of packages chromium-common depends on: ii libc6 2.31-13+deb11u2 ii libstdc++6 10.2.1-6 ii libx11-6 2:1.7.2-1 ii libxext6 2:1.3.3-1.1 ii x11-utils 7.7+5 ii xdg-utils 1.1.3-4.1 ii zlib1g 1:1.2.11.dfsg-2 Versions of packages chromium-common recommends: ii chromium-sandbox 97.0.4692.99-1~deb11u2 ii fonts-liberation 1:1.07.4-11 ii gnome-flashback [notification-daemon] 3.38.0-2 ii gnome-shell [notification-daemon] 3.38.6-1~deb11u1 ii libgl1-mesa-dri 20.3.5-1 ii libu2f-udev 1.1.10-3 ii notification-daemon 3.20.0-4 ii system-config-printer 1.5.14-1 ii upower 0.99.11-2 Versions of packages chromium-sandbox depends on: ii libc6 2.31-13+deb11u2 -- no debconf information -- System Information (unstable, does not show bug): Debian Release: 11.2 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.15.0-2-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages chromium depends on: ii chromium-common 97.0.4692.99-1 ii libasound2 1.2.4-1.1 ii libatk-bridge2.0-0 2.38.0-1 ii libatk1.0-0 2.36.0-2 ii libatomic1 10.2.1-6 ii libatspi2.0-0 2.38.0-4 ii libc6 2.33-4 ii libcairo2 1.16.0-5 ii libcups2 2.3.3op2-3+deb11u1 ii libdbus-1-3 1.12.20-2 ii libdrm2 2.4.104-1 ii libevent-2.1-7 2.1.12-stable-1 ii libexpat1 2.2.10-2 ii libflac8 1.3.3-2 ii libfontconfig1 2.13.1-4.2 ii libfreetype6 2.11.1+dfsg-1 ii libgbm1 20.3.5-1 ii libgcc-s1 10.2.1-6 ii libglib2.0-0 2.66.8-1 ii libharfbuzz0b 2.7.4-1 ii libicu67 67.1-7 ii libjpeg62-turbo 1:2.0.6-4 ii libjsoncpp25 1.9.5-2 ii liblcms2-2 2.12~rc1-2 ii libminizip1 1.1-8+b1 ii libnspr4 2:4.29-1 ii libnss3 2:3.61-1+deb11u2 ii libopenjp2-7 2.4.0-3 ii libopus0 1.3.1-0.1 ii libpango-1.0-0 1.46.2-3 ii libpng16-16 1.6.37-3 ii libpulse0 14.2-2 ii libre2-9 20210201+dfsg-1 ii libsnappy1v5 1.1.8-1 ii libstdc++6 11.2.0-14 ii libwebp6 0.6.1-2.1 ii libwebpdemux2 0.6.1-2.1 ii libwebpmux3 0.6.1-2.1 ii libx11-6 2:1.7.2-1 ii libxcb1 1.14-3 ii libxcomposite1 1:0.4.5-1 ii libxdamage1 1:1.1.5-2 ii libxext6 2:1.3.3-1.1 ii libxfixes3 1:5.0.3-2 ii libxkbcommon0 1.0.3-2 ii libxml2 2.9.10+dfsg-6.7 ii libxrandr2 2:1.5.1-1 ii libxslt1.1 1.1.34-4 ii zlib1g 1:1.2.11.dfsg-2 Versions of packages chromium recommends: ii chromium-sandbox 97.0.4692.99-1~deb11u2 Versions of packages chromium suggests: pn chromium-driver <none> pn chromium-l10n <none> pn chromium-shell <none> Versions of packages chromium-common depends on: ii libc6 2.33-4 ii libstdc++6 11.2.0-14 ii libx11-6 2:1.7.2-1 ii libxext6 2:1.3.3-1.1 ii x11-utils 7.7+5 ii xdg-utils 1.1.3-4.1 ii zlib1g 1:1.2.11.dfsg-2 Versions of packages chromium-common recommends: ii chromium-sandbox 97.0.4692.99-1~deb11u2 ii fonts-liberation 1:1.07.4-11 ii gnome-flashback [notification-daemon] 3.38.0-2 ii gnome-shell [notification-daemon] 3.38.6-1~deb11u1 ii libgl1-mesa-dri 20.3.5-1 ii libu2f-udev 1.1.10-3 ii notification-daemon 3.20.0-4 ii system-config-printer 1.5.14-1 ii upower 0.99.11-2 Versions of packages chromium-sandbox depends on: ii libc6 2.33-4 -- no debconf information