I don't think official && component are supported. I thought there was a check to prevent this from being specified. 

The default value is to match the component settings, but it can be changed, and AFAICT there is no check for that.

We need a component mode for this module, since we can use the Linux distro version of the module instead of ours.

If I understand it correctly, Ubuntu's Chromium package is also using the component mode for ffmpeg.

I think you have to set use_system_ffmpeg or something like that then. You can't just replace the component:

https://cs.chromium.org/chromium/src/build/linux/unbundle/README

Depending on the distro, there may or may not be a system ffmpeg, which is why we also have to build and ship our own, and for official builds that runs into the reported issue.

Hi Dale, since official && component are allowed I'm inclined to fix this upstream unless you intend to make it an unsupported config.

cfi_icall is usually pointing out a valid issue. Do you know what it's crashing on?

See https://www.chromium.org/developers/testing/control-flow-integrity for more details, if you flip use_cfi_diag=true what is crashing?

Normally chromium and third party packages are all built together so calls between chromium and individual libraries can be accounted for by CFI, but since ffmpeg is built separately in this configuration when it tries to perform an indirect call into chromium it crashes because it can't verify function pointers passed to it by another executable section. Fixing it would entail disabling cfi-icall for the ffmpeg DSO in component builds.

I wouldn't want this done all the time. It should be tied to some specific option other than just is_component since we use those builds for debugging cfi issues sometimes.

One such failure with CFI diagnostics is:
../../third_party/ffmpeg/libavformat/aviobuf.c:535:11: runtime error: control flow integrity check for type 'int (void *, unsigned char *, int)' failed during indirect function call
(/usr/local/google/home/vtsyrklevich/Development/chromium/src/out/ffmpeg/chrome+0x630d818): note: (unknown) defined here
../../third_party/ffmpeg/libavformat/aviobuf.c:535:11: note: check failed in ./libffmpeg.so, destination function located in /usr/local/google/home/vtsyrklevich/Development/chromium/src/out/ffmpeg/chrome

What option are you thinking of? A component build would only work with cfi-icall for APIs that don't accept function pointers (I'm not sure how common a pattern that is for ffmpeg.)

Ahh, I see now that our CFI tests require is_component_build=false, so I guess this is fine for me to tie it to component status. We pass a lot of pointers for ffmpeg so it doesn't work in component then.

A test with debugger that I ran (long before I had narrowed it down to the CFI patch) had an abort/crash of some kind in this stack:

#0  0x00007ffff7bef654 in fill_buffer ()
    at ../../chromium/third_party/ffmpeg/libavformat/aviobuf.c:599
#1  0x00007ffff7beff1a in avio_read ()
    at ../../chromium/third_party/ffmpeg/libavformat/aviobuf.c:678
#2  0x00007ffff7bf3d7b in av_probe_input_buffer2 ()
    at ../../chromium/third_party/ffmpeg/libavformat/format.c:262
#3  0x00007ffff7be1f01 in init_input ()
    at ../../chromium/third_party/ffmpeg/libavformat/utils.c:425
#4  avformat_open_input ()
    at ../../chromium/third_party/ffmpeg/libavformat/utils.c:573
#5  0x0000555557498c1c in OpenContext ()
    at ./../../chromium/media/filters/ffmpeg_glue.cc:110
from running a bind call

I found two places in the assembly code that could jump to that location, but don't know what the condition was.

I haven't tried CFI diagnostics.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2399f3f3ec24a19370a9baab051554e0d9de59db

commit 2399f3f3ec24a19370a9baab051554e0d9de59db
Author: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Date: Tue Oct 16 22:01:24 2018

CFI: Add config to disable cfi-icall

Bug: 894423
Change-Id: I10e809b1b745f2c9d0fdcbf6bd1f958d1aec0103
Reviewed-on: https://chromium-review.googlesource.com/c/1283934
Reviewed-by: Max Moroz <mmoroz@chromium.org>
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#600144}
[modify] https://crrev.com/2399f3f3ec24a19370a9baab051554e0d9de59db/build/config/sanitizers/BUILD.gn

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/third_party/ffmpeg/+/eca1758e6625f4ac0d369d083750bcba327d2782

commit eca1758e6625f4ac0d369d083750bcba327d2782
Author: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Date: Wed Oct 17 17:29:18 2018

CFI: Disable cfi-icall for ffmpeg component build

Bug: 894423
Change-Id: Ibd086b153e90bed016cba879bdc028ce78f929d2
Reviewed-on: https://chromium-review.googlesource.com/c/1284811
Reviewed-by: Dale Curtis <dalecurtis@chromium.org>

[modify] https://crrev.com/eca1758e6625f4ac0d369d083750bcba327d2782/BUILD.gn

The build changes to fix this are merged, ffmpeg just needs to be rolled to pick it up and then I'll close this ticket.

This issue has been marked as started, but has no owner. Making available.