I am using hardened-sources with security level set to Gentoo [Workstation]. The yelp does not start. Reproducible: Always Actual Results: Segmentation fault. /var/log/grsec.log: Jul 31 08:47:07 ooxx kernel: grsec: denied RWX mmap of <anonymous mapping> by /usr/bin/yelp[yelp:14929] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/strace[strace:14928] uid/euid:1000/1000 gid/egid:1000/1000 Jul 31 08:47:07 ooxx kernel: grsec: Segmentation fault occurred at 0000000000000010 in /usr/bin/yelp[yelp:14929] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/strace[strace:14928] uid/euid:1000/1000 gid/egid:1000/1000 Jul 31 08:47:07 ooxx kernel: grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/bin/yelp[yelp:14929] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/strace[strace:14928] uid/euid:1000/1000 gid/egid:1000/1000 Portage 2.1.10.9 (hardened/linux/amd64/desktop, gcc-4.5.2, glibc-2.13-r4, 2.6.39-hardened-r8 x86_64) ================================================================= System uname: Linux-2.6.39-hardened-r8-x86_64-AMD_Athlon-tm-_II_Neo_K345_Dual-Core_Processor-with-gentoo-2.0.3 Timestamp of tree: Sat, 30 Jul 2011 00:30:01 +0000 app-shells/bash: 4.2_p10 dev-lang/python: 2.7.2-r2, 3.2-r2 dev-util/cmake: 2.8.5-r2 dev-util/pkgconfig: 0.26 sys-apps/baselayout: 2.0.3 sys-apps/openrc: 0.8.3-r1 sys-apps/sandbox: 2.5 sys-devel/autoconf: 2.13, 2.68 sys-devel/automake: 1.9.6-r3, 1.11.1-r1 sys-devel/binutils: 2.21.1 sys-devel/gcc: 4.5.2 sys-devel/gcc-config: 1.4.1-r1 sys-devel/libtool: 2.4-r1 sys-devel/make: 3.82-r1 sys-kernel/linux-headers: 2.6.38 (virtual/os-headers) sys-libs/glibc: 2.13-r4 Repositories: gentoo sunrise science gentoo-zh gentoo-haskell local ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /usr/share/openvpn/easy-rsa" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=native -O2 -pipe" DISTDIR="/var/cache/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps=y" FEATURES="assume-digests binpkg-logs distlocks ebuild-locks fixlafiles fixpackages news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch" FFLAGS="" GENTOO_MIRRORS="http://mirrors.163.com/gentoo" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="zh_TW zh" MAKEOPTS="-j2" PKGDIR="/var/cache/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/var/lib/ebuilds/portage" PORTDIR_OVERLAY="/var/lib/ebuilds/sunrise /var/lib/ebuilds/science /var/lib/ebuilds/gentoo-zh /var/lib/ebuilds/haskell /var/lib/ebuilds/local" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X a52 aac acl acpi amd64 avahi bash-completion berkdb bluetooth branding bzip2 cairo cdda cdr cjk cli consolekit cracklib crypt cups cxx dbus djvu dri dts dvd dvdr emboss encode exif fam ffmpeg firefox flac gconf gdbm gdu gif gnome gnome-keyring gpm gstreamer gtk hardened iconv ipv6 jpeg jpeg2k justify lame lcms ldap libnotify mad mms mmx mmxext mng modules mp3 mp4 mpeg msn mudflap multilib nautilus ncurses networkmanager nls nptl nptlonly nsplugin ogg opengl openmp pam pango pcre pdf perl png policykit ppds pppd pulseaudio python readline samba sdl session spell sqlite sse sse2 ssl startup-notification svg sysfs system-sqlite taglib tcpd threads tiff truetype udev unicode upnp urandom usb v4l2 vaapi vim-syntax vorbis webkit x264 xcb xcomposite xml xorg xulrunner xv xvid xvmc zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="braindump flow karbon kexi kpresenter krita tables words" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" DRACUT_MODULES="crypt crypt-gpg plymouth syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev keyboard mouse synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="zh_TW zh" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Created attachment 281631 [details] Strace log If it helps...
Try rebuilding xulrunner
I have just finished 2 "emerge -eDNu world" (I'm crazy) and apparently these did not solve. paxctl -m /usr/bin/yelp seems solve the help. Maybe a pax-mark m ${ED}/usr/bin/yelp in ebuild is needed.
Will ask at first for mozilla team opinion as this is a regression caused by yelp using xulrunner-2 instead of 1.9 (it's the only change between -r5 and -r6)
(In reply to comment #4) > Will ask at first for mozilla team opinion as this is a regression caused by > yelp using xulrunner-2 instead of 1.9 (it's the only change between -r5 and > -r6) xulrunner-2 is dead, it will never go stable so your better off forcing 1.9.x or moving to firefox-5 support.
OK, when will xul-2 be masked for removal? In that time, please mask yelp-2.30.2-r6 with it too (I won't be able to do it myself in the near future :( )
So my own problem should be solved by forcing downgrading xulrunner. Thank you for your help.
It's not exactly "fixed", but will be fixed with xul-2 is dropped
yelp is now using webkit