Package: chromium Version: 83.0.4103.116-1 Severity: normal Dear Maintainer,
As part of my work on a Debian-based privacy/security focused distribution called Whonix [1], we are considering globally preloading a hardened memory allocator, Daniel Micay's hardened_malloc [2], by default. hardened_malloc provides considerable protection from memory corruption vulnerabilities. When attempting to use Chromium with this however, it immediately crashes which is potentially an indication of a memory corruption bug that was caught (there have been many such cases of hardened_malloc uncovering bugs before). I have also tested this on Arch Linux with a newer version of Chromium and discovered that it did not crash and worked perfectly fine so I suspect that this is a bug in Debian's older package. [1] https://www.whonix.org/ [2] https://github.com/GrapheneOS/hardened_malloc Error message: fatal allocator error: invalid uninitialized allocator usage Received signal 6 #0 0x59425ffb3529 (/usr/lib/chromium/chromium+0x51f9528) #1 0x59425ff11253 (/usr/lib/chromium/chromium+0x5157252) #2 0x59425ffb30b1 (/usr/lib/chromium/chromium+0x51f90b0) #3 0x7b3117dfd730 (/usr/lib/x86_64-linux-gnu/libpthread-2.28.so+0x1272f) #4 0x7b3111cbe7bb gsignal #5 0x7b3111ca9535 abort #6 0x7b3117e32076 (/usr/lib/libhardened_malloc.so/libhardened_malloc_kicksecure.so+0x7075) #7 0x7b3117e311bf malloc_usable_size #8 0x594260da4ed9 (/usr/lib/chromium/chromium+0x5feaed8) #9 0x594260e6be4f (/usr/lib/chromium/chromium+0x60b1e4e) #10 0x594260db5d40 (/usr/lib/chromium/chromium+0x5ffbd3f) #11 0x594260d9c6ea (/usr/lib/chromium/chromium+0x5fe26e9) #12 0x594260d971a6 (/usr/lib/chromium/chromium+0x5fdd1a5) #13 0x594260d96f02 (/usr/lib/chromium/chromium+0x5fdcf01) #14 0x594261511d9f (/usr/lib/chromium/chromium+0x6757d9e) #15 0x594261513352 (/usr/lib/chromium/chromium+0x6759351) #16 0x5942615131ee (/usr/lib/chromium/chromium+0x67591ed) #17 0x59425ff5fa82 (/usr/lib/chromium/chromium+0x51a5a81) #18 0x59425ff75662 (/usr/lib/chromium/chromium+0x51bb661) #19 0x59425ff750a6 (/usr/lib/chromium/chromium+0x51bb0a5) #20 0x59425ffc29ab (/usr/lib/chromium/chromium+0x52089aa) #21 0x59425ff74c32 (/usr/lib/chromium/chromium+0x51bac31) #22 0x59425ff81e76 (/usr/lib/chromium/chromium+0x51c7e75) #23 0x59425ff81b91 (/usr/lib/chromium/chromium+0x51c7b90) #24 0x59425ffc318e (/usr/lib/chromium/chromium+0x520918d) #25 0x7b3117df2fa3 start_thread #26 0x7b3111d804cf clone r8: 0000000000000000 r9: 00007b30ca7fa9b0 r10: 0000000000000008 r11: 0000000000000246 r12: 00007b30ca7faec8 r13: 0000000000000000 r14: 0000000000000028 r15: 0000594264ad5910 di: 0000000000000002 si: 00007b30ca7fa9b0 bp: 00007b30ca7fac60 bx: 0000000000000006 dx: 0000000000000000 ax: 0000000000000000 cx: 00007b3111cbe7bb sp: 00007b30ca7fa9b0 ip: 00007b3111cbe7bb efl: 0000000000000246 cgf: 002b000000000033 erf: 0000000000000000 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000 [ end of stack trace ] Calling _exit( 1 ). Core file will not be generated.
