I've tried to build webkit-gtk-1.6.1-r301 several time but it fails. Reproducible: Always Steps to Reproduce: 1. emerge webkit-gtk 2. 3. Actual Results: Failed to emerge net-libs/webkit-gtk-1.6.1-r301 Expected Results: success emerge -pqv =net-libs/webkit-gtk-1.6.1-r301 [ebuild N ] net-libs/webkit-gtk-1.6.1-r301 USE="gstreamer introspection jit spell (-aqua) -coverage -debug -doc -test -webgl" # emerge --info =net-libs/webkit-gtk-1.6.1-r301 Portage 2.1.10.44 (default/linux/amd64/10.0/desktop, gcc-4.5.3, glibc-2.13-r4, 3.2.2-hardened-r1 x86_64) ================================================================= System Settings ================================================================= System uname: Linux-3.2.2-hardened-r1-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T6670_@_2.20GHz-with-gentoo-2.0.3 Timestamp of tree: Thu, 16 Feb 2012 16:15:01 +0000 app-shells/bash: 4.1_p9 dev-java/java-config: 2.1.11-r3 dev-lang/python: 2.7.2-r3, 3.1.4-r3 dev-util/cmake: 2.8.6-r4 dev-util/pkgconfig: 0.26 sys-apps/baselayout: 2.0.3 sys-apps/openrc: 0.9.8.4 sys-apps/sandbox: 2.5 sys-devel/autoconf: 2.13, 2.68 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.3 sys-devel/binutils: 2.21.1-r1 sys-devel/gcc: 4.4.5, 4.5.3-r1 sys-devel/gcc-config: 1.4.1-r1 sys-devel/libtool: 2.4-r1 sys-devel/make: 3.82-r1 sys-kernel/linux-headers: 3.1 (virtual/os-headers) sys-libs/glibc: 2.13-r4 Repositories: gentoo x-portage ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA AdobeFlash-10.1 google-chrome MakeMKV-EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=native -O2 -pipe" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps y" FEATURES="assume-digests binpkg-logs buildpkg distlocks ebuild-locks fixlafiles news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch" FFLAGS="" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="en_US en" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.us.gentoo.org/gentoo-portage" USE="X a52 aac acl acpi alsa amd64 ao audiofile bash-completion berkdb branding bzip2 cairo caps cdaudio cdda cddb cdr cli consolekit cracklib crypt cups cxx dbus dell dhcp divx dri dts dvd dvdr emboss encode exif fam ffmpeg firefox flac fortran gd gdbm gdu gif gimp git gmedia gmp gnutls gpm grammar gsm gtk gtkhtml hal hardened hddtemp hpn iconv imap java jpeg laptop lcms libnotify libsamplerate lm_sensors mad matroska md5sum mmx mmxext mng modules mp3 mp4 mpeg mudflap multilib musepack musicbrainz ncurses new-login nptl nptlonly nsplugin offensive ogg opengl openmp ots pam pango pax_kernel pcre pdf pic png policykit ppds pppd qt3support qt4 quicktime quotes readline realmedia regex rt73usb rtc scanner sdl sdl-image sensord session sip slp sndfile speex spell sse sse2 ssl ssse3 startup-notification subversion svg sysfs tagwriting tcpd theora thesaurus threads tiff truetype udev unicode usb vcd vim-with-x vlm vorbis wmf wmp wordperfect wxwindows x264 xcb xcomposite xml xorg xprint xscreensaver xulrunner xv xvid zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_US en" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" SANE_BACKENDS="net" USERLAND="GNU" VIDEO_CARDS="intel" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
I would attach the build log but it's not letting me. Nothing happens when I click the Submit button. Here's a pastebin: http://pastebin.com/zZGivGX9
(In reply to comment #1) > I would attach the build log but it's not letting me. Nothing happens when I > click the Submit button. > > Here's a pastebin: > > http://pastebin.com/zZGivGX9 It was likely too big to be attached uncompressed. Command '['/var/tmp/portage/net-libs/webkit-gtk-1.6.1-r301/work/webkit-1.6.1/tmp-introspect81sMbD/WebKit-3.0', '--introspect-dump=/var/tmp/portage/net-libs/webkit-gtk-1.6.1-r301/work/webkit-1.6.1/tmp-introspect81sMbD/functions.txt,/var/tmp/portage/net-libs/webkit-gtk-1.6.1-r301/work/webkit-1.6.1/tmp-introspect81sMbD/dump.xml']' returned non-zero exit status -11 A segfault is quite inconclusive.
Is there anything I can do? I'd really like to give midori a try.
Please attach the entire build log to this bug report.
It builds fine if I enable softmode. I also noticed midori will only run if softmode is enabled. Otherwise it segfaults. What should be my next step here? Would the build log still be helpful?
yes, it's still helpful ;)
Created attachment 302271 [details] build log
My user didn't have permission to read the build log in /var/log/portage. Out of firefox, midori, and chromium, chromium was the only browser that told me I didn't have permission to read the file. The other two didn't even error, they just did weird quirky things.
Can you try with 1.6.3-r300?
I get the same from 1.6.3-r300: Command '['/var/tmp/portage/net-libs/webkit-gtk-1.6.3-r300/work/webkit-1.6.3/tmp-introspectYkZ7BN/WebKit-3.0', '--introspect-dump=/var/tmp/portage/net-libs/webkit-gtk-1.6.3-r300/work/webkit-1.6.3/tmp-introspectYkZ7BN/functions.txt,/var/tmp/portage/net-libs/webkit-gtk-1.6.3-r300/work/webkit-1.6.3/tmp-introspectYkZ7BN/dump.xml']' returned non-zero exit status -11
It still builds fine for me :-/, maybe because I am not running on hardened?
I'm sure it's a hardened issue since it builds fine if I enable softmode. It's my understanding that something can be done in the ebuild to fix this though.
(In reply to comment #12) > I'm sure it's a hardened issue since it builds fine if I enable softmode. It's > my understanding that something can be done in the ebuild to fix this though. As far as I know, nobody on the gnome team uses a hardened setup, so we can't really help you. Adding hardened team to the CC list, perhaps they have some advice.
It would be nice if we could get an extract of the dmesg output with auditing enabled, you know to know if there are attempts at RWX mappings and so.
Try to build it without jit enable
Magnus, disabling jit did allow it to compile.
Fixed in cvs; thanks for reporting and helping to pinpoint the cause of the problem. > 04 Mar 2012; Alexandre Rostovtsev <tetromino@gentoo.org> > webkit-gtk-1.6.3-r200.ebuild, webkit-gtk-1.6.3-r300.ebuild, > +files/webkit-gtk-1.6.3-paxctl-introspection.patch, > +files/gir-paxctl-lt-wrapper: > Fix build problems on PaX with USE="introspection jit" (bug #404215, thanks > to Grant and Magnus Granberg) by having g-ir-scanner call a libtool wrapper > that disables secure memory protection on generated gir dumper binaries.
Hi, > 05 Mar 2012; Alexandre Rostovtsev <tetromino@gentoo.org> > webkit-gtk-1.6.3-r200.ebuild, webkit-gtk-1.6.3-r300.ebuild: > Also pax-mark jsc-1 and jsc-3 to prevent crashes on PaX systems. Why is this done unconditionally? PaX marking is unnecessary with -jit. See bug #338213.
(In reply to comment #18) You are right; fixed in cvs.