The chromium sandbox is having issues with the changes in fstat: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8ed005daf0ab03e142500324a34087ce179ae78e which changes the fstat function from a wrapper around: U __fxstat64@GLIBC_2.2.5 to the new standalone function: U fstat64@GLIBC_2.3 This can be worked around by starting chromium with --no-sandbox I'll update this once it's been fixed Reproducible: Always
Fedora are using this patch against Chromium 88, I'm currently testing it against Chromium 90 where it applies with fuzz https://src.fedoraproject.org/rpms/chromium/raw/82ff440ce80f6a03b150f768a2cba9469a8ec4f4/f/chromium-88.0.4324.96-fstatfix.patch
I've confirmed that the patch works with www-client/chromium-90.0.4427.5 on a glibc 2.33 system I'll try and test it on a glibc 2.32 system now
*** Bug 774888 has been marked as a duplicate of this bug. ***
I can confirm that patch works on the old glibc too
*** Bug 777705 has been marked as a duplicate of this bug. ***
OK since upstream is unresponsive, the only option I see here is to adopt the RH patch. In any case glibc-2.33 will be re-keyworded over the next days.
(In reply to Andreas K. Hüttel from comment #6) > OK since upstream is unresponsive, the only option I see here is to adopt > the RH patch. > > In any case glibc-2.33 will be re-keyworded over the next days. If you keyword glibc-2.33 then all Chromium based browsers (Chrome, Edge, ...) as well as qtwebengine and maybe Firefox (shares Chromium's sandbox) will be broken. Upstream has doubts with Fedoras patch and nobody tried to merge it. Even if we add it to our Chromium builds then binary-only browsers are broken.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=403201568d69cb5d00cedfb8799ef8a12e239d0c commit 403201568d69cb5d00cedfb8799ef8a12e239d0c Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2021-04-03 09:29:12 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2021-04-03 09:29:39 +0000 sys-libs/glibc: Re-keyword 2.33 Closes: https://bugs.gentoo.org/770334 Bug: https://bugs.gentoo.org/769989 Package-Manager: Portage-3.0.13, Repoman-3.0.2 Signed-off-by: Andreas K. Huettel <dilfridge@gentoo.org> sys-libs/glibc/glibc-2.33.ebuild | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9518e64b2d4700dca0d39065cb6da5072c14c4ad commit 9518e64b2d4700dca0d39065cb6da5072c14c4ad Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2021-04-03 17:27:49 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2021-04-03 17:27:49 +0000 www-client/chromium: depend on <sys-libs/glibc-2.33 Bug: https://bugs.gentoo.org/769989 Signed-off-by: Mike Gilbert <floppym@gentoo.org> www-client/chromium/chromium-89.0.4389.114.ebuild | 1 + www-client/chromium/chromium-90.0.4430.51.ebuild | 1 + www-client/chromium/chromium-91.0.4464.5.ebuild | 1 + 3 files changed, 3 insertions(+)
Damn. I have the same problem. Now I can't downgrade glibc to 2.32, because world update also recompiled python. So it will stop working, killing portage/emerge. Any ideas? Running chromium without sandbox is asking for problems.
You can apply the patch above to keep chromium working
I'm not talking about chromium right now. Mike Gilbert added in commit 9518e64b2d4700dca0d39065cb6da5072c14c4ad dependency <glibc-2.33 for chromium. But everybody (including me) that did -uDN @world before that have chromium-90 with glibc-2.33. And now each and every -uDN @world will want to downgrade glibc, which will of course not work, thus making all those systems unupgradeable.
Even --depclean won't work, beacuse of that: Calculating dependencies... done! * Dependencies could not be completely resolved due to * the following required packages not being installed: * * <sys-libs/glibc-2.33 pulled in by: * www-client/chromium-90.0.4430.51
Take a cope of the ebuild and put it into an overlay Remove the offending line, if you still have issues rename the ebuild -r1
I know what I can do *for now*. But this would have to be done with each and every chromium until they support glibc-2.33. That's not the solution. Imo adding <glibc-2.33 dependency was, after people were able to do the upgrade, was bad decision and needs to be reverted. Maybe we should apply this patch only if glibc-2.33 is detected in the system.
The dependency was added to prevent others from unwittingly upgrading glibc and breaking Chromium. It's a shitty situation, and there is no perfect solution at the moment.
I'm not sure, but can't this dependency be made conditional, based on current glibc version?
(In reply to manwe from comment #17) > I'm not sure, but can't this dependency be made conditional, based on > current glibc version? No, that is not possible.
I've added the ebuilds to the FireBurn overlay with the Fedora patch added and the dependency on 2.32 removed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cccd69ed6644a546091a3a949b808bb45e2defe7 commit cccd69ed6644a546091a3a949b808bb45e2defe7 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2021-04-06 17:59:33 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2021-04-06 21:33:24 +0000 dev-qt/qtwebengine: 5.15.2_p20210406 snapshot bump Snapshotted at: Branch: 5.15 Commit: 1f3412fa07b524fa7917250ed0cc2661abb9246a Submodule qtwebengine-chromium.git: Branch: 87-based Commit: d13920f28c2f3922e0cf793996ea33d02b81a0a4 Add Fedora patches for GLIBC-2.33 and GCC-11... Bug: https://bugs.gentoo.org/769989 Closes: https://bugs.gentoo.org/768261 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtwebengine/Manifest | 1 + .../files/qtwebengine-5.15.2_p20210406-gcc11.patch | 113 ++++++++++++ .../qtwebengine-5.15.2_p20210406-glibc-2.33.patch | 141 +++++++++++++++ .../qtwebengine-5.15.2_p20210406.ebuild | 189 +++++++++++++++++++++ 4 files changed, 444 insertions(+)
*** Bug 782106 has been marked as a duplicate of this bug. ***
Is it fixed in chromium-90?
(In reply to Michael from comment #22) > Is it fixed in chromium-90? Added patch, but use at own risk, because not approved upstream.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=774d25d68d6fce0e1fc0168f50f515c988e6ebf6 commit 774d25d68d6fce0e1fc0168f50f515c988e6ebf6 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2021-07-24 09:47:31 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2021-07-24 09:48:39 +0000 www-client/chromium: stable channel bump to 92.0.4515.107 Bug: https://bugs.gentoo.org/803167 Bug: https://bugs.gentoo.org/803467 Bug: https://bugs.gentoo.org/769989 Bug: https://bugs.gentoo.org/803260 Package-Manager: Portage-3.0.20, Repoman-3.0.2 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 3 +- ...515.80.ebuild => chromium-92.0.4515.107.ebuild} | 16 +++---- .../files/chromium-92-GetUsableSize-nullptr.patch | 46 ++++++++++++++++++++ .../chromium/files/chromium-freetype-2.11.patch | 50 ++++++++++++++++++++++ 4 files changed, 103 insertions(+), 12 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0c8827bdd3d8723d0d84d79787e6c9f241306385 commit 0c8827bdd3d8723d0d84d79787e6c9f241306385 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2021-07-26 21:16:01 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2021-07-26 21:17:08 +0000 www-client/chromium: dev channel bump to 93.0.4577.8 Bug: https://bugs.gentoo.org/803260 Bug: https://bugs.gentoo.org/769989 Package-Manager: Portage-3.0.20, Repoman-3.0.2 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 4 +- ...0.4557.4.ebuild => chromium-93.0.4577.8.ebuild} | 21 ++---- .../files/chromium-93-EnumTable-crash.patch | 79 ++++++++++++++++++++++ 3 files changed, 88 insertions(+), 16 deletions(-)
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=afa4f06bc7e383b77191f6325ed4efef50ac49f8 commit afa4f06bc7e383b77191f6325ed4efef50ac49f8 Author: Stephan Hartmann <sultan@gentoo.org> AuthorDate: 2021-07-27 17:38:58 +0000 Commit: Stephan Hartmann <sultan@gentoo.org> CommitDate: 2021-07-27 17:39:17 +0000 www-client/chromium: security cleanup Bug: https://bugs.gentoo.org/803167 Closes: https://bugs.gentoo.org/803467 Closes: https://bugs.gentoo.org/769989 Closes: https://bugs.gentoo.org/796527 Package-Manager: Portage-3.0.20, Repoman-3.0.2 Signed-off-by: Stephan Hartmann <sultan@gentoo.org> www-client/chromium/Manifest | 3 - www-client/chromium/chromium-91.0.4472.164.ebuild | 944 --------------------- .../files/chromium-89-EnumTable-crash.patch | 71 -- .../files/chromium-91-ThemeService-crash.patch | 36 - .../chromium/files/chromium-91-system-icu.patch | 29 - .../chromium/files/chromium-glibc-2.33.patch | 141 --- 6 files changed, 1224 deletions(-)
