search

electron / electron

:electron: Build cross-platform desktop apps with JavaScript, HTML, and CSS
https://electronjs.org
MIT License
114.61k stars 15.52k forks source link

[Bug]: stack smashing detected in local debug build #34923

Open MichaelBelousov opened 2 years ago

MichaelBelousov commented 2 years ago

Electron Version

17.4.10 4aaa6eafb04b91760ce4aa93dfc7869297595b31

Operating System Version

Ubuntu 21.10

Arch

x64

Last Known Working Electron version

No Response

Expected Behavior

Be able to create a debug build of the electron native code as shown in your docs for symbol debugging that runs my application.

Expect this debug.gn file to work:

import("testing.gn")
is_debug = true
symbol_level = 2
forbid_non_component_debug_builds = false

Actual Behavior

I run the resulting Debug/electron executable by itself with no arguments and the renderer thread gets:

$ ~/electron-src/electron/src/out/Debug/electron
[2405354:0714/085500.367257:ERROR:power_monitor_device_source_stub.cc(11)] Not implemented reached in virtual bool base::PowerMonitorDeviceSource::IsOnBatteryPower()

Electron 17.4.10 - Build cross platform desktop apps with JavaScript, HTML, and CSS
Usage: electron [options] [path]

A path to an Electron app may be specified. It must be one of the following:
  - index.js file.
  - Folder containing a package.json file.
  - Folder containing an index.js file.
  - .html/.htm file.
  - http://, https://, or file:// URL.

Options:
  -i, --interactive     Open a REPL to the main process.
  -r, --require         Module to preload (option can be repeated).
  -v, --version         Print the version.
  -a, --abi             Print the Node ABI version.
*** stack smashing detected ***: terminated
Received signal 6
#0 0x55dbf33d0a5f base::debug::CollectStackTrace()
#1 0x55dbf319fcfa base::debug::StackTrace::StackTrace()
#2 0x55dbf319fcb5 base::debug::StackTrace::StackTrace()
#3 0x55dbf33d052c base::debug::(anonymous namespace)::StackDumpSignalHandler()
#4 0x7f1a2617e520 (/usr/lib/x86_64-linux-gnu/libc.so.6+0x4251f)
#5 0x7f1a261d2828 pthread_kill
#6 0x7f1a2617e476 raise
#7 0x7f1a261647b7 abort
#8 0x7f1a261c5606 (/usr/lib/x86_64-linux-gnu/libc.so.6+0x89605)
#9 0x7f1a2627135a __fortify_fail
#10 0x7f1a26271326 __stack_chk_fail
#11 0x55dbf341a90e __stack_chk_fail
#12 0x55dbfba9d629 content::RenderFrameImpl::PrepareFrameForCommit()
#13 0x55dbfba9baf6 content::RenderFrameImpl::CommitNavigationWithParams()
#14 0x55dbfbad25a8 base::internal::FunctorTraits<>::Invoke<>()
#15 0x55dbfbad1fb1 base::internal::InvokeHelper<>::MakeItSo<>()
#16 0x55dbfbad1dbf _ZN4base8internal7InvokerINS0_9BindStateIMN7content15RenderFrameImplEFvN4mojo9StructPtrIN5blink5mojom22CommonNavigationParamsEEENS6_INS8_22CommitNavigationParamsEEENSt3__110unique_ptrINS7_29PendingURLLoaderFactoryBundleENSD_14default_deleteISF_EEEEN4absl8optionalINSD_6vectorINS6_INS8_22TransferrableURLLoaderEEENSD_9allocatorISN_EEEEEENS6_INS8_27ControllerServiceWorkerInfoEEENS6_INS8_35ServiceWorkerContainerInfoForClientEEENS5_13PendingRemoteIN7network5mojom16URLLoaderFactoryEEENSW_INS8_13CodeCacheHostEEENS6_INS3_5mojom17CookieManagerInfoEEENS6_INS13_11StorageInfoEEENSE_INS3_13DocumentStateENSG_IS18_EEEENSE_INS7_19WebNavigationParamsENSG_IS1B_EEEEEJNS_7WeakPtrIS4_EESA_SC_SI_SR_ST_SV_S10_S12_S15_S17_S1A_EEEFvS1D_EE7RunImplIS1F_NSD_5tupleIJS1H_SA_SC_SI_SR_ST_SV_S10_S12_S15_S17_S1A_EEEJLm0ELm1ELm2ELm3ELm4ELm5ELm6ELm7ELm8ELm9ELm10ELm11EEEEvOT_OT0_NSD_16integer_sequenceImJXspT1_EEEEOS1D_
#17 0x55dbfbad1bd1 base::internal::Invoker<>::RunOnce()
#18 0x55dbfbab8f46 _ZNO4base12OnceCallbackIFvNSt3__110unique_ptrIN5blink19WebNavigationParamsENS1_14default_deleteIS4_EEEEEE3RunES7_
#19 0x55dbfba9a669 content::RenderFrameImpl::CommitNavigation()
#20 0x55dbfcd827fb content::NavigationClient::CommitNavigation()
#21 0x55dbea3cf4fc content::mojom::NavigationClientStubDispatch::AcceptWithResponder()
#22 0x55dbfcd8312a content::mojom::NavigationClientStub<>::AcceptWithResponder()
#23 0x55dbf3a3156a mojo::InterfaceEndpointClient::HandleValidatedMessage()
#24 0x55dbf3a31189 mojo::InterfaceEndpointClient::HandleIncomingMessageThunk::Accept()
#25 0x55dbf3a4f72b mojo::MessageDispatcher::Accept()
#26 0x55dbf3a334cf mojo::InterfaceEndpointClient::HandleIncomingMessage()
#27 0x55dbf418cd3a IPC::(anonymous namespace)::ChannelAssociatedGroupController::AcceptOnEndpointThread()
#28 0x55dbf4181cee base::internal::FunctorTraits<>::Invoke<>()
#29 0x55dbf4181b96 base::internal::InvokeHelper<>::MakeItSo<>()
#30 0x55dbf4181b03 _ZN4base8internal7InvokerINS0_9BindStateIMN3IPC12_GLOBAL__N_132ChannelAssociatedGroupControllerEFvN4mojo7MessageEEJ13scoped_refptrIS5_ES7_EEEFvvEE7RunImplIS9_NSt3__15tupleIJSB_S7_EEEJLm0ELm1EEEEvOT_OT0_NSG_16integer_sequenceImJXspT1_EEEE
#31 0x55dbf4181a8c base::internal::Invoker<>::RunOnce()
#32 0x55dbe5b29d51 _ZNO4base12OnceCallbackIFvvEE3RunEv
#33 0x55dbf32db396 base::TaskAnnotator::RunTaskImpl()
#34 0x55dbf332dc90 base::TaskAnnotator::RunTask<>()
#35 0x55dbf332da32 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl()
#36 0x55dbf332d1d9 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#37 0x55dbf332dc10 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#38 0x55dbf31f3edf base::MessagePumpDefault::Run()
#39 0x55dbf332e1b2 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run()
#40 0x55dbf32838d7 base::RunLoop::Run()
#41 0x55dbfead5a4d content::RendererMain()
#42 0x55dbe67d7549 content::RunZygote()
#43 0x55dbe67d7db5 content::RunOtherNamedProcessTypeMain()
#44 0x55dbe67d8fc7 content::ContentMainRunnerImpl::Run()
#45 0x55dbe67d4a58 content::RunContentProcess()
#46 0x55dbe67d53ba content::ContentMain()
#47 0x55dbe5b19e5f main
#48 0x7f1a26165fd0 (/usr/lib/x86_64-linux-gnu/libc.so.6+0x29fcf)
#49 0x7f1a2616607d __libc_start_main
#50 0x55dbe5aed36a _start
  r8: 00007ffdb25c5250  r9: 0000000000000000 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffdb25c53b0 r13: 0000000000000016 r14: 00007f1a1b873000 r15: 0000000000000001
  di: 0000000000000001  si: 0000000000000006  bp: 0000000000000006  bx: 00007f1a24d88e40
  dx: 00000000ffffffe6  ax: 0000000000000000  cx: 00007f1a261d2828  sp: 00007ffdb25c5180
  ip: 00007f1a261d2828 efl: 0000000000000246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
Received signal 11 <unknown> 000000000000
#0 0x55dbf33d0a5f base::debug::CollectStackTrace()
#1 0x55dbf319fcfa base::debug::StackTrace::StackTrace()
#2 0x55dbf319fcb5 base::debug::StackTrace::StackTrace()
#3 0x55dbf33d052c base::debug::(anonymous namespace)::StackDumpSignalHandler()
#4 0x7f1a2617e520 (/usr/lib/x86_64-linux-gnu/libc.so.6+0x4251f)
#5 0x7f1a26164860 abort
#6 0x7f1a261c5606 (/usr/lib/x86_64-linux-gnu/libc.so.6+0x89605)
#7 0x7f1a2627135a __fortify_fail
#8 0x7f1a26271326 __stack_chk_fail
#9 0x55dbf341a90e __stack_chk_fail
#10 0x55dbfba9d629 content::RenderFrameImpl::PrepareFrameForCommit()
#11 0x55dbfba9baf6 content::RenderFrameImpl::CommitNavigationWithParams()
#12 0x55dbfbad25a8 base::internal::FunctorTraits<>::Invoke<>()
#13 0x55dbfbad1fb1 base::internal::InvokeHelper<>::MakeItSo<>()
#14 0x55dbfbad1dbf _ZN4base8internal7InvokerINS0_9BindStateIMN7content15RenderFrameImplEFvN4mojo9StructPtrIN5blink5mojom22CommonNavigationParamsEEENS6_INS8_22CommitNavigationParamsEEENSt3__110unique_ptrINS7_29PendingURLLoaderFactoryBundleENSD_14default_deleteISF_EEEEN4absl8optionalINSD_6vectorINS6_INS8_22TransferrableURLLoaderEEENSD_9allocatorISN_EEEEEENS6_INS8_27ControllerServiceWorkerInfoEEENS6_INS8_35ServiceWorkerContainerInfoForClientEEENS5_13PendingRemoteIN7network5mojom16URLLoaderFactoryEEENSW_INS8_13CodeCacheHostEEENS6_INS3_5mojom17CookieManagerInfoEEENS6_INS13_11StorageInfoEEENSE_INS3_13DocumentStateENSG_IS18_EEEENSE_INS7_19WebNavigationParamsENSG_IS1B_EEEEEJNS_7WeakPtrIS4_EESA_SC_SI_SR_ST_SV_S10_S12_S15_S17_S1A_EEEFvS1D_EE7RunImplIS1F_NSD_5tupleIJS1H_SA_SC_SI_SR_ST_SV_S10_S12_S15_S17_S1A_EEEJLm0ELm1ELm2ELm3ELm4ELm5ELm6ELm7ELm8ELm9ELm10ELm11EEEEvOT_OT0_NSD_16integer_sequenceImJXspT1_EEEEOS1D_
#15 0x55dbfbad1bd1 base::internal::Invoker<>::RunOnce()
#16 0x55dbfbab8f46 _ZNO4base12OnceCallbackIFvNSt3__110unique_ptrIN5blink19WebNavigationParamsENS1_14default_deleteIS4_EEEEEE3RunES7_
#17 0x55dbfba9a669 content::RenderFrameImpl::CommitNavigation()
#18 0x55dbfcd827fb content::NavigationClient::CommitNavigation()
#19 0x55dbea3cf4fc content::mojom::NavigationClientStubDispatch::AcceptWithResponder()
#20 0x55dbfcd8312a content::mojom::NavigationClientStub<>::AcceptWithResponder()
#21 0x55dbf3a3156a mojo::InterfaceEndpointClient::HandleValidatedMessage()
#22 0x55dbf3a31189 mojo::InterfaceEndpointClient::HandleIncomingMessageThunk::Accept()
#23 0x55dbf3a4f72b mojo::MessageDispatcher::Accept()
#24 0x55dbf3a334cf mojo::InterfaceEndpointClient::HandleIncomingMessage()
#25 0x55dbf418cd3a IPC::(anonymous namespace)::ChannelAssociatedGroupController::AcceptOnEndpointThread()
#26 0x55dbf4181cee base::internal::FunctorTraits<>::Invoke<>()
#27 0x55dbf4181b96 base::internal::InvokeHelper<>::MakeItSo<>()
#28 0x55dbf4181b03 _ZN4base8internal7InvokerINS0_9BindStateIMN3IPC12_GLOBAL__N_132ChannelAssociatedGroupControllerEFvN4mojo7MessageEEJ13scoped_refptrIS5_ES7_EEEFvvEE7RunImplIS9_NSt3__15tupleIJSB_S7_EEEJLm0ELm1EEEEvOT_OT0_NSG_16integer_sequenceImJXspT1_EEEE
#29 0x55dbf4181a8c base::internal::Invoker<>::RunOnce()
#30 0x55dbe5b29d51 _ZNO4base12OnceCallbackIFvvEE3RunEv
#31 0x55dbf32db396 base::TaskAnnotator::RunTaskImpl()
#32 0x55dbf332dc90 base::TaskAnnotator::RunTask<>()
#33 0x55dbf332da32 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl()
#34 0x55dbf332d1d9 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#35 0x55dbf332dc10 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#36 0x55dbf31f3edf base::MessagePumpDefault::Run()
#37 0x55dbf332e1b2 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run()
#38 0x55dbf32838d7 base::RunLoop::Run()
#39 0x55dbfead5a4d content::RendererMain()
#40 0x55dbe67d7549 content::RunZygote()
#41 0x55dbe67d7db5 content::RunOtherNamedProcessTypeMain()
#42 0x55dbe67d8fc7 content::ContentMainRunnerImpl::Run()
#43 0x55dbe67d4a58 content::RunContentProcess()
#44 0x55dbe67d53ba content::ContentMain()
#45 0x55dbe5b19e5f main
#46 0x7f1a26165fd0 (/usr/lib/x86_64-linux-gnu/libc.so.6+0x29fcf)
#47 0x7f1a2616607d __libc_start_main
#48 0x55dbe5aed36a _start
  r8: 0000000000000000  r9: 0000000000000000 r10: 0000000000000008 r11: 0000000000000246
 r12: 00007ffdb25c53b0 r13: 0000000000000020 r14: 00007f1a1b873000 r15: 0000000000000001
  di: 0000000000000001  si: 0000000000000006  bp: 00007ffdb25c54b0  bx: 00007f1a24d88e40
  dx: 00000000ffffffe6  ax: 0000000000000000  cx: 00007f1a261d2828  sp: 00007ffdb25c5250
  ip: 00007f1a26164860 efl: 0000000000010246 cgf: 002b000000000033 erf: 0000000000000000
 trp: 000000000000000d msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]

Tescase Gist URL

No Response

Additional Information

Sorry that this isn't really a bug, but the issue system didn't fit this very well and I couldn't find a better place to put this that I haven't already tried

(I tried to fill out the regular bug entry, but it wouldn't let me submit even with all required fields filled out. So here it is replicated)

jkleinsc commented 2 years ago

You should be able to disable this by running with the command line flag: --change-stack-guard-on-fork=disable: https://source.chromium.org/chromium/chromium/src/+/main:base/stack_canary_linux.cc;l=51

MichaelBelousov commented 2 years ago

This gets past it, which I actually already did (but neglected to mention) by changing the build to disable -fstack-protect. I still however get a crash rendering my webpage in the renderer. I intend to make a new issue with a minimal shareable reproduction

RaisinTen commented 2 years ago

FWIW, we were facing this in Postman too where we maintain debug builds of Electron and our solution was to introduce a patch that reverts https://chromium-review.googlesource.com/c/chromium/src/+/3295949.

This happens because the size of a Persistent is different for a debug build and a release build. This size mismatch causes the memset call to write into parts of the stack where it shouldn't write, specifically the frame pointers and that messes up the ret procedure from PrepareFrameForCommit to CommitNavigationWithParams.

This difference in sizes should not happen but it happens because Electron is probably passing incorrect options to some of the compilation units but I haven't spent much time to understand where we're passing those options. Maybe someone else could spend some time doing that?