Package: chromium
Version: 79.0.3945.130-1~deb10u1
Severity: important
Hello,
After installing chromimum version 79.0.3945.130-1~deb10u1 from the
security repos chromium goes into an infinite loop when used on
a X client/server setup that passes X traffic over the network.
This makes chromium unusable with X thin clients, etc.
Prior to installing the security update chromium worked fine.
Given the output below there might be a race condition between
processes or threads.
I do not believe I am using any extensions.
In the commands given below the arguments to chromium can be left
off (except for --debug) and the results are similar.
I believe I have always received the libGL errors, which I have always
ignored because the old chromium worked. I'm also pretty confidient
that I also previously got the FontService errors and they did not
cause a problem.
-----------
The following command results in a "window" rendered in white. This
window has nothing but a frame that allows it to be resized. Pressing
Ctrl-C does nothing. Chromium must be killed (I used 'killall
chromium') from a separate window.
$ chromium --user-data-dir=$(mktemp -d) --incognito
libGL error: failed to authenticate magic 1
libGL error: failed to load driver: radeonsi
[15041:15041:0120/134456.934149:ERROR:sandbox_linux.cc(372)]
InitializeSandbox() called with multiple threads in process gpu-process.
[15106:27:0120/134457.153701:ERROR:child_process_sandbox_support_impl_linux.cc(79)]
FontService unique font name matching request did not receive a response.
[15106:27:0120/134457.154600:ERROR:child_process_sandbox_support_impl_linux.cc(79)]
FontService unique font name matching request did not receive a response.
-----------------
Running the following strace results in what seems to be an infinite
loop producing the following output:
$ strace chromium --user-data-dir=$(mktemp -d) --incognito
poll([{fd=178, events=POLLIN}, {fd=179, events=POLLIN}, {fd=198,
events=POLLIN}, {fd=202, events=POLLIN}, {fd=228, events=POLLIN}], 5, 0) = 0
(Timeout)
recvmsg(202, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily
unavailable)
recvmsg(202, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily
unavailable)
write(197, "\0", 1) = 1
recvmsg(198, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily
unavailable)
recvmsg(198, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily
unavailable)
recvmsg(202, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily
unavailable)
recvmsg(202, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily
unavailable)
The file descriptors 178, 179, and 198 seem to be reproducable.
------------
Running chromium in debug mode seems to work, although the running window
displays the message (all on one line):
You are using an unsupported command-line flag: --single-process.
Stability and security will suffer.
$ chromium --debug
# Env:
# LD_LIBRARY_PATH=
# PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
# GTK_PATH=
# CHROMIUM_FLAGS= --show-component-extension-options
--enable-gpu-rasterization --no-default-browser-check --disable-pings
--media-router=0 --enable-remote-extensions --load-extension=
/usr/bin/gdb /usr/lib/chromium/chromium -x /tmp/chromiumargs.279a41
GNU gdb (Debian 8.2.1-2+b3) 8.2.1
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/lib/chromium/chromium...(no debugging symbols
found)...done.
(gdb) run
Starting program: /usr/lib/chromium/chromium --show-component-extension-options
--enable-gpu-rasterization --no-default-browser-check --disable-pings
--media-router=0 --enable-remote-extensions --load-extension= --single-process
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffea9e1700 (LWP 16053)]
[Detaching after fork from child process 16054]
[New Thread 0x7fffea1e0700 (LWP 16058)]
[New Thread 0x7fffe3fff700 (LWP 16059)]
[New Thread 0x7fffe37fe700 (LWP 16060)]
[New Thread 0x7fffe2ffd700 (LWP 16061)]
[New Thread 0x7fffe27fc700 (LWP 16062)]
[New Thread 0x7fffe1ffb700 (LWP 16063)]
[New Thread 0x7fffe17fa700 (LWP 16064)]
[New Thread 0x7fffe0ff9700 (LWP 16065)]
[New Thread 0x7fffcffff700 (LWP 16066)]
[New Thread 0x7fffe847b700 (LWP 16067)]
[New Thread 0x7fffceffd700 (LWP 16069)]
[New Thread 0x7fffcf7fe700 (LWP 16068)]
[New Thread 0x7fffce7fc700 (LWP 16070)]
[New Thread 0x7fffcdffb700 (LWP 16071)]
[New Thread 0x7fffcd7fa700 (LWP 16072)]
[New Thread 0x7fffccff9700 (LWP 16073)]
[New Thread 0x7fff9ffff700 (LWP 16075)]
[New Thread 0x7fff9effd700 (LWP 16076)]
[New Thread 0x7fff9f7fe700 (LWP 16074)]
[16049:16049:0120/135412.821211:ERROR:system_network_context_manager.cc(726)]
Cannot use V8 Proxy resolver in single process mode.
[New Thread 0x7fff9e7fc700 (LWP 16077)]
[New Thread 0x7fff9dffb700 (LWP 16078)]
[16049:16049:0120/135412.872514:ERROR:system_network_context_manager.cc(726)]
Cannot use V8 Proxy resolver in single process mode.
[New Thread 0x7fff9d7fa700 (LWP 16079)]
[New Thread 0x7fff97fff700 (LWP 16081)]
[New Thread 0x7fff9cff9700 (LWP 16080)]
[New Thread 0x7fff977fe700 (LWP 16082)]
[New Thread 0x7fff96ffd700 (LWP 16083)]
[Thread 0x7fff96ffd700 (LWP 16083) exited]
[New Thread 0x7fff967fc700 (LWP 16084)]
[New Thread 0x7fff95ffb700 (LWP 16085)]
libGL error: failed to authenticate magic 1
libGL error: failed to load driver: radeonsi
[New Thread 0x7fff94a32700 (LWP 16086)]
[New Thread 0x7fff5ffff700 (LWP 16088)]
[New Thread 0x7fff5f7fe700 (LWP 16089)]
[New Thread 0x7fff5effd700 (LWP 16090)]
[New Thread 0x7fff5e7fc700 (LWP 16091)]
[New Thread 0x7fff5dffb700 (LWP 16092)]
[New Thread 0x7fff5d7fa700 (LWP 16093)]
[New Thread 0x7fff5cff9700 (LWP 16094)]
[New Thread 0x7fff57fff700 (LWP 16095)]
[New Thread 0x7fff577fe700 (LWP 16096)]
[New Thread 0x7fff56ffd700 (LWP 16097)]
[New Thread 0x7fff567fc700 (LWP 16098)]
[New Thread 0x7fff55ffb700 (LWP 16099)]
[16049:16049:0120/135414.531238:ERROR:CONSOLE(740)] "Uncaught TypeError: Cannot
read property 'newTabPage' of undefined", source:
chrome-search://local-ntp/local-ntp.js (740)
[New Thread 0x7fff55186700 (LWP 16100)]
[New Thread 0x7fff54985700 (LWP 16101)]
[New Thread 0x7fff4ffff700 (LWP 16102)]
[Detaching after fork from child process 16105]
[Thread 0x7fff54985700 (LWP 16101) exited]
[New Thread 0x7fff54985700 (LWP 16112)]
[Thread 0x7fff55186700 (LWP 16100) exited]
[Thread 0x7fff54985700 (LWP 16112) exited]
[Thread 0x7fff4ffff700 (LWP 16102) exited]
-- System Information:
Debian Release: 10.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages chromium depends on:
ii chromium-common 79.0.3945.130-1~deb10u1
ii libasound2 1.1.8-1
ii libatk-bridge2.0-0 2.30.0-5
ii libatk1.0-0 2.30.0-2
ii libatomic1 8.3.0-6
ii libatspi2.0-0 2.30.0-7
ii libavcodec58 7:4.1.4-1~deb10u1
ii libavformat58 7:4.1.4-1~deb10u1
ii libavutil56 7:4.1.4-1~deb10u1
ii libc6 2.28-10
ii libcairo-gobject2 1.16.0-4
ii libcairo2 1.16.0-4
ii libcups2 2.2.10-6+deb10u1
ii libdbus-1-3 1.12.16-1
ii libdrm2 2.4.97-1
ii libevent-2.1-6 2.1.8-stable-4
ii libexpat1 2.2.6-2+deb10u1
ii libflac8 1.3.2-3
ii libfontconfig1 2.13.1-2
ii libfreetype6 2.9.1-3+deb10u1
ii libgcc1 1:8.3.0-6
ii libgdk-pixbuf2.0-0 2.38.1+dfsg-1
ii libglib2.0-0 2.58.3-2+deb10u2
ii libgtk-3-0 3.24.5-1
ii libharfbuzz0b 2.3.1-1
ii libicu63 63.1-6
ii libjpeg62-turbo 1:1.5.2-2+b1
ii libjsoncpp1 1.7.4-3
ii liblcms2-2 2.9-3
ii libminizip1 1.1-8+b1
ii libnspr4 2:4.20-1
ii libnss3 2:3.42.1-1+deb10u2
ii libopenjp2-7 2.3.0-2
ii libopus0 1.3-1
ii libpango-1.0-0 1.42.4-7~deb10u1
ii libpangocairo-1.0-0 1.42.4-7~deb10u1
ii libpci3 1:3.5.2-1
ii libpng16-16 1.6.36-6
ii libpulse0 12.2-4+deb10u1
ii libre2-5 20190101+dfsg-2
ii libsnappy1v5 1.1.7-1
ii libstdc++6 8.3.0-6
ii libvpx5 1.7.0-3+deb10u1
ii libwebp6 0.6.1-2
ii libwebpdemux2 0.6.1-2
ii libwebpmux3 0.6.1-2
ii libx11-6 2:1.6.7-1
ii libx11-xcb1 2:1.6.7-1
ii libxcb1 1.13.1-2
ii libxcomposite1 1:0.4.4-2
ii libxcursor1 1:1.1.15-2
ii libxdamage1 1:1.1.4-3+b3
ii libxext6 2:1.3.3-1+b2
ii libxfixes3 1:5.0.3-1
ii libxi6 2:1.7.9-1
ii libxml2 2.9.4+dfsg1-7+b3
ii libxrandr2 2:1.5.1-1
ii libxrender1 1:0.9.10-1
ii libxslt1.1 1.1.32-2.2~deb10u1
ii libxss1 1:1.2.3-1
ii libxtst6 2:1.2.3-1
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages chromium recommends:
ii chromium-sandbox 79.0.3945.130-1~deb10u1
Versions of packages chromium suggests:
pn chromium-driver <none>
pn chromium-l10n <none>
pn chromium-shell <none>
Versions of packages chromium-common depends on:
ii x11-utils 7.7+4
ii xdg-utils 1.1.3-1
Versions of packages chromium-common recommends:
ii chromium-sandbox 79.0.3945.130-1~deb10u1
ii fonts-liberation 1:1.07.4-9
ii libgl1-mesa-dri 18.3.6-2
ii libu2f-udev 1.1.9-1
ii notification-daemon 3.20.0-4
ii upower 0.99.10-1
ii xfce4-notifyd [notification-daemon] 0.4.3-1
Versions of packages chromium-sandbox depends on:
ii libatomic1 8.3.0-6
ii libc6 2.28-10
ii libgcc1 1:8.3.0-6
ii libstdc++6 8.3.0-6
-- no debconf information
