Greetings, things are quite simple. I downloaded 2007.0 hardened-multilib stage 3, I compiled 2.6.23-hardened-r4 with grsec(gentoo) option. Reboot the system.... everything works fine. Then i modify /etc/make.conf... like this CFLAGS="-O2 -pipe -fforce-addr -march=opteron -fomit-frame-pointer" CXXFLAGS="-O2 -pipe -fforce-addr -march=opteron -fomit-frame-pointer" added few use flags USE="-gtk -gnome -alsa -X perl perlsuid ssl -ldap -apache mysql snmp" emerge --sync. then i upgrade portage first.... it compile well, still no problems. Then i run emerge system -uD compilation stops during compilation of binutils. dmesg say: Jan 13 15:07:01 [kernel] conftest[10916]: segfault at 00000000299638c0 rip 000008ed29859b27 rsp 00007eea859c0460 error 4 Jan 13 15:15:49 [kernel] conftest[14012]: segfault at 000000006d6f35e0 rip 000006386d5e9b27 rsp 00007bb646d68e40 error 4 i do run emerge --resume it start to compile diferent package, but it fail with errors like. libsandbox: Can't resolve access: (null) make: *** [xmlwf/xmlwf.o] Error 1 make: *** Waiting for unfinished jobs.... libsandbox: Can't resolve getcwd: (null) ... This happen to me 2x times in exactly the same way. HW were running memtest for few days, no problems so far. FEATURES="-sandbox" and one more option, that i cant recall (something like -usersandbox or something like that. Will make system able to compile code again. However .. im not sure, if i can drop sandbox support in hardened gentoo. But i think, that installing hardened gentoo and running into troubles like this after first emerge system -uD is not normal :) Portage 2.1.3.19 (hardened/amd64/multilib, gcc-3.4.6, glibc-2.6.1-r0, 2.6.23-hardened-r4 x86_64) ================================================================= System uname: 2.6.23-hardened-r4 x86_64 Dual-Core AMD Opteron(tm) Processor 2216 Timestamp of tree: Sun, 13 Jan 2008 13:00:01 +0000 app-shells/bash: 3.2_p17-r1 dev-lang/python: 2.4.4-r6 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.9 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.61-r1 sys-devel/automake: 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.23-r2 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -fforce-addr -march=opteron -fomit-frame-pointer" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -pipe -fforce-addr -march=opteron -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks metadata-transfer sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="amd64 berkdb cracklib crypt hardened justify midi mysql nls nptl nptlonly pam perl perlsuid pic readline snmp ssl tcpd urandom xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i810 mach64 mga neomagic nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY Comments are welcome.
If you have some problems, then you need to post a lot more info about how a particular compile fails (including the actual emerge output, exact ebuild version etc.) instead of some abstract rants blaming hardened profiles. http://www.gentoo.org/doc/en/bugzilla-howto.xml
(In reply to comment #1) > If you have some problems, then you need to post a lot more info about how a > particular compile fails (including the actual emerge output, exact ebuild > version etc.) instead of some abstract rants blaming hardened profiles. > > http://www.gentoo.org/doc/en/bugzilla-howto.xml > Well... proper description would be... basic binaries segfault on random basis. Since i managed to reproduce it 2x from fresh installation it might be worth a try. Moved to vmware and will try to reproduce it again. I would welcome some comments about my CFLAGS and CXXFLAGS. If they could cause segfaults after glibc and other things get upgraded.
Well, random segfaults -> HW issue pretty much. See Bug 20600.