Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 588596

Summary: www-client/chromium with gcc-6 - null pointer dereference in V8
Product: Gentoo Linux Reporter: Alexey Shvetsov <alexxy>
Component: Current packagesAssignee: Chromium Project <chromium>
Status: RESOLVED FIXED    
Severity: normal CC: chutzpah, const, gentoo, qt, soap
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugs.chromium.org/p/v8/issues/detail?id=3782
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 582084    

Description Alexey Shvetsov gentoo-dev 2016-07-11 12:13:38 UTC
chromium miscompiles with gcc-6 that causes crashes on js-enabled pages.

References:

https://bugs.chromium.org/p/v8/issues/detail?id=3782
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68853

temporary workaround is to build chromium with -fno-delete-null-pointer-checks in C{,XX}_FLAGS
Comment 1 Rok Kralj 2016-10-05 23:17:07 UTC
Could you put this build flag to the BUILD file, but just for V8 (that is, as localized as possible)?
Comment 2 eroen 2016-10-07 12:34:08 UTC
This (as you might expect) also affects qtwebengine. Qupzilla crashes at seemingly random times when processing javascript.
Comment 3 PaweĊ‚ Hajdan, Jr. (RETIRED) gentoo-dev 2016-10-26 09:42:09 UTC
I was unable to reproduce with sys-devel/gcc-6.2.0-r1 from portage (and chromium-56.0.2897.0).

I made sure to gcc-config switch to it and verified with gcc -v.

Is anyone else getting a different result? If so make sure to specify what page you navigate to. I've tried e.g. with Octane JS benchmark, which I'm pretty sure has some JS.
Comment 4 Rok Kralj 2016-10-29 11:14:18 UTC
I can not reproduce it either.
Comment 5 Rok Kralj 2016-10-30 14:19:59 UTC
Spoke too soon. It sometimes happens with some complex webpages.

The practical workaround is to immediately switch tab after pressing enter in the location bar, and then switch back when page loads. Weird. Ctrl + PgDn is  the shortcut for that.
Comment 6 Patrick Lauer gentoo-dev 2016-11-05 16:24:16 UTC
I've been able to reliably reproduce it, pretty much any website using JS would trigger a crash within about a second.
Comment 7 Rok Kralj 2016-11-08 22:20:22 UTC
Novadays, almost every page uses js. The pages that crash are rare, but they exist. Facebook is one of them.

"temporary workaround is to build chromium with -fno-delete-null-pointer-checks in C{,XX}_FLAGS"

You have to first enable custom-cflags.
Comment 8 Mike Gilbert gentoo-dev 2016-11-13 18:04:48 UTC
commit 382082c70b9339a463f32024f5d9101f951108f5
Author: Mike Gilbert <floppym@gentoo.org>
Date:   Sun Nov 13 12:45:35 2016 -0500

    www-client/chromium: dev channel bump (56.0.2914.3)
    
    Addresses a couple bugs:
    
    - Null pointer deref in V8 (bug 588596).
    - Crash with old harfbuzz (bug 599098).
    
    Bug: https://bugs.gentoo.org/588596
    Bug: https://bugs.gentoo.org/599098
    Package-Manager: portage-2.3.2_p5

 www-client/chromium/Manifest                            |  2 +-
 ...m-56.0.2897.0.ebuild => chromium-56.0.2914.3.ebuild} | 17 ++++++++++++-----
 2 files changed, 13 insertions(+), 6 deletions(-)
Comment 9 Mike Gilbert gentoo-dev 2016-11-13 21:00:32 UTC
commit aa24ca1549e5f2212320e6801b2c297cd7b4c72c
Author: Mike Gilbert <floppym@gentoo.org>
Date:   Sun Nov 13 15:59:04 2016 -0500

    www-client/chromium: beta channel bump (55.0.2883.44)
    
    Addresses a couple bugs:
    
    - Null pointer deref in V8 (bug 588596).
    - Crash with old harfbuzz (bug 599098).
    
    Bug: https://bugs.gentoo.org/588596
    Bug: https://bugs.gentoo.org/599098
    Package-Manager: portage-2.3.2_p5

 www-client/chromium/Manifest                                        | 2 +-
 .../{chromium-55.0.2883.28.ebuild => chromium-55.0.2883.44.ebuild}  | 6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)
Comment 10 Mike Gilbert gentoo-dev 2016-11-13 21:06:48 UTC
commit 78047b6f5c093fdfaa64c19f47798fcb1b5591d4
Author: Mike Gilbert <floppym@gentoo.org>
Date:   Sun Nov 13 16:06:17 2016 -0500

    www-client/chromium: fix null pointer deref in V8 with gcc-6
    
    Bug: https://bugs.gentoo.org/588596
    
    Package-Manager: portage-2.3.2_p5

 www-client/chromium/chromium-54.0.2840.100.ebuild | 3 +++
 1 file changed, 3 insertions(+)
Comment 11 Nathan Zachary gentoo-dev 2017-01-11 16:25:12 UTC
I am seeing this problem (or a very similar one) with Chromium 56 as well.
This thread has more information:
https://forums.gentoo.org/viewtopic-t-1057444.html

If a new bug should be filed, I can take care of that.

Cheers,
Nathan Zachary
Comment 12 Mike Gilbert gentoo-dev 2017-01-11 16:39:25 UTC
(In reply to Nathan Zachary from comment #11)

All versions of chromium in the tree are built with -fno-delete-null-pointer-checks.

If you are encountering an error, it is likely different from the one reported here.