gnome-shell crashes in libmozjs on x86_64
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mozjs38 (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Zesty |
Fix Released
|
High
|
Unassigned |
Bug Description
Impact
------
This enables build tests to run on all architectures. The tests now fail the build on all architectures except arm64, ppc64el and s390x. (On arm64 and ppc64el, the tests fail and I wasn't able to test s390x before uploading. This means that there is a decent chance the gnome-shell does not work on these architectures but Ubuntu GNOME only officially supports gnome-shell on i386 and amd64.)
This was done by building without -fstrict-aliasing and skipping 3 ICU tests. (Those 3 tests don't work right with the system ICU that Ubuntu 17.04 is using to build mozjs38.)
Test Case
---------
1. Since the tests will now fail the build if they fail, make sure that mozjs38 builds on all architectures
2. Install the new version and make sure GNOME Shell seems to still work.
Regression Potential
-------
I don't know much about strict-aliasing, but I believe it's safer to disable it on a large old codebase like this. Since it makes the build tests pass now, it seems like disabling strict-aliasing may fix some bugs.
Other Info
----------
mozjs is the SpiderMonkey JavaScript engine from Firefox. This version is from Firefox 38.
Original Bug Description
-------
A friend and I are seeing frequent gnome-shell crashes on Ubuntu 17.04 on 3 different computers. Here's an example:
Apr 12 22:35:00 ******** kernel: gnome-shell[2592]: segfault at 10 ip 00007f0e3ccc26d7 sp 00007ffdd31b4d90 error 4 in libmozjs-
I've analyzed the issue for a while and I actually believe I've found the solution.
If I simply download the apt source package and build it using gcc 6.3.0, and then go to js/src and execute:
$ make check-jstests | grep -c UNEXPECTED-FAIL
49
Upon examination, those test failures are all because of segfaults.
If I rebuild and retests with gcc 5, all tests pass.
I've discovered that adding the flag -fno-strict-
description: | updated |
description: | updated |
Changed in mozjs38 (Ubuntu): | |
status: | Triaged → In Progress |
Changed in mozjs38 (Ubuntu Zesty): | |
status: | Fix Committed → Fix Released |
I checked libmozjs185 to see what's changed in that version. It looks like their build script always uses -fno-strict- aliasing on gcc, no matter the version.
It also appears that js tests get ran when the package gets built.