Chromium gets "Snap..." broken pages on some sites The console shows: Fontconfig error: Cannot load default config file: No such file: (null) The backtrace of the coredump shows: Program terminated with signal SIGSYS, Bad system call. #0 __GI___mmap64 (addr=addr@entry=0x0, len=len@entry=4096, prot=3, flags=40, fd=fd@entry=-1, offset=offset@entry=0) at ../sysdeps/unix/sysv/linux/mmap64.c:58 warning: 58 ../sysdeps/unix/sysv/linux/mmap64.c: No such file or directory [Current thread is 1 (Thread 0x7f620386e240 (LWP 1))] (gdb) bt #0 __GI___mmap64 (addr=addr@entry=0x0, len=len@entry=4096, prot=3, flags=40, fd=fd@entry=-1, offset=offset@entry=0) at ../sysdeps/unix/sysv/linux/mmap64.c:58 #1 0x00007f6204f941e0 in vgetrandom_get_state_alloc () at ../sysdeps/unix/sysv/linux/getrandom.c:96 #2 0x00007f6204f943e6 in vgetrandom_get_state () at ../sysdeps/unix/sysv/linux/getrandom.c:168 #3 0x00007f6204f94525 in getrandom_vdso (buffer=buffer@entry=0x7ffeb63ebd60, length=length@entry=8, flags=flags@entry=0, cancel=cancel@entry=false) at ../sysdeps/unix/sysv/linux/getrandom.c:202 #4 0x00007f6204f9476a in __getrandom_nocancel (buffer=buffer@entry=0x7ffeb63ebd60, length=length@entry=8, flags=flags@entry=0) at ../sysdeps/unix/sysv/linux/getrandom.c:341 #5 0x00007f6204f92412 in __GI___arc4random_buf (p=0x7ffeb63ebd60, n=8) at arc4random.c:45 #6 0x00007f6206072d5a in generate_hash_secret_salt (parser=0x15fc010b9400) at /var/tmp/portage/dev-libs/expat-2.6.4/work/expat-2.6.4/lib/xmlparse.c:957 #7 0x00007f6206072f8c in startParsing (parser=0x15fc010b9400) at /var/tmp/portage/dev-libs/expat-2.6.4/work/expat-2.6.4/lib/xmlparse.c:1047 #8 0x00007f6206074f8f in XML_ParseBuffer (parser=0x15fc010b9400, len=382, isFinal=0) at /var/tmp/portage/dev-libs/expat-2.6.4/work/expat-2.6.4/lib/xmlparse.c:2063 #9 0x00007f62061f369a in FcConfigParseAndLoadFromMemoryInternal (config=0x15fc007a7f00, filename=0x7f62062062ba "memory", buffer=0x7f62061f7d90 "<fontconfig>\t<dir>/usr/share/fonts</dir>\n <dir prefix=\"xdg\">fonts</dir> <cachedir>/var/cache/fontconfig</cachedir> <cachedir prefix=\"xdg\">fontconfig</cachedir> <include ignore_missing=\"yes\">/etc/f"..., complain=0, load=1) at ../fontconfig-2.16.0/src/fcxml.c:3545 #10 0x00007f62061f3f56 in IA__FcConfigParseAndLoadFromMemory (config=0x15fc007a7f00, buffer=0x7f62061f7d90 "<fontconfig>\t<dir>/usr/share/fonts</dir>\n <dir prefix=\"xdg\">fonts</dir> <cachedir>/var/cache/fontconfig</cachedir> <cachedir prefix=\"xdg\">fontconfig</cachedir> <include ignore_missing=\"yes\">/etc/f"..., complain=0) at ../fontconfig-2.16.0/src/fcxml.c:3728 #11 0x00007f62061da197 in FcInitFallbackConfig (sysroot=0x0) at ../fontconfig-2.16.0/src/fcinit.c:57 #12 0x00007f62061da1d8 in FcInitFallbackConfigWithFilter (config=0x15fc010cc540, sysroot=0x0) at ../fontconfig-2.16.0/src/fcinit.c:71 #13 0x00007f62061da2eb in FcInitLoadOwnConfig (config=0x15fc010cc540) at ../fontconfig-2.16.0/src/fcinit.c:112 #14 0x00007f62061da577 in FcInitLoadOwnConfigAndFonts (config=0x0) at ../fontconfig-2.16.0/src/fcinit.c:187 #15 0x00007f62061da5c4 in IA__FcInitLoadConfigAndFonts () at ../fontconfig-2.16.0/src/fcinit.c:201 #16 0x00007f62061c3a1d in FcConfigEnsure () at ../fontconfig-2.16.0/src/fccfg.c:97 #17 0x00007f62061c3ac1 in FcConfigInit () at ../fontconfig-2.16.0/src/fccfg.c:123 #18 0x00007f62061da5d3 in IA__FcInit () at ../fontconfig-2.16.0/src/fcinit.c:210 #19 0x000055d1773ba81c in ??? () #20 0x00000000b63ed1e0 in ??? () #21 0x0000000000000093 in ??? () #22 0x0000000000000000 in ??? () This is glibc using the new kernel based getrandom, chromium (and probably other chromium based browsers) need to allow MAP_DROPPABLE Reproducible: Always
Created attachment 918809 [details, diff] Potential fix
Specifically, we get: ``` Program terminated with signal SIGSYS, Bad system call. #0 __GI___mmap64 (addr=addr@entry=0x0, len=len@entry=4096, prot=3, flags=40, fd=fd@entry=-1, offset=offset@entry=0) at ../sysdeps/unix/sysv/linux/mmap64.c:58 warning: 58 ../sysdeps/unix/sysv/linux/mmap64.c: No such file or directory [Current thread is 1 (Thread 0x7f620386e240 (LWP 1))] (gdb) bt #0 __GI___mmap64 (addr=addr@entry=0x0, len=len@entry=4096, prot=3, flags=40, fd=fd@entry=-1, offset=offset@entry=0) at ../sysdeps/unix/sysv/linux/mmap64.c:58 #1 0x00007f6204f941e0 in vgetrandom_get_state_alloc () at ../sysdeps/unix/sysv/linux/getrandom.c:96 #2 0x00007f6204f943e6 in vgetrandom_get_state () at ../sysdeps/unix/sysv/linux/getrandom.c:168 #3 0x00007f6204f94525 in getrandom_vdso (buffer=buffer@entry=0x7ffeb63ebd60, length=length@entry=8, flags=flags@entry=0, cancel=cancel@entry=false) at ../sysdeps/unix/sysv/linux/getrandom.c:202 #4 0x00007f6204f9476a in __getrandom_nocancel (buffer=buffer@entry=0x7ffeb63ebd60, length=length@entry=8, flags=flags@entry=0) at ../sysdeps/unix/sysv/linux/getrandom.c:341 #5 0x00007f6204f92412 in __GI___arc4random_buf (p=0x7ffeb63ebd60, n=8) at arc4random.c:45 #6 0x00007f6206072d5a in generate_hash_secret_salt (parser=0x15fc010b9400) at /var/tmp/portage/dev-libs/expat-2.6.4/work/expat-2.6.4/lib/xmlparse.c:957 #7 0x00007f6206072f8c in startParsing (parser=0x15fc010b9400) at /var/tmp/portage/dev-libs/expat-2.6.4/work/expat-2.6.4/lib/xmlparse.c:1047 #8 0x00007f6206074f8f in XML_ParseBuffer (parser=0x15fc010b9400, len=382, isFinal=0) at /var/tmp/portage/dev-libs/expat-2.6.4/work/expat-2.6.4/lib/xmlparse.c:2063 [...] ``` There's no use of `MAP_DROPPABLE` in glibc internally, but linux.git has: linux.git: lib/vdso/getrandom.c:83: params->mmap_flags = MAP_DROPPABLE | MAP_ANONYMOUS; Chromium filters mmap flags at https://github.com/chromium/chromium/blob/101c8eda5d319a8ec9a7c80dfce4074a458256b1/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc#L237.
ccing jason as an FYI just because it's kind of a cute seccomp failure rather than the usual one
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=72a385017cae2d98eb3327209744bfde14dca1f3 commit 72a385017cae2d98eb3327209744bfde14dca1f3 Author: Matt Jolly <kangie@gentoo.org> AuthorDate: 2025-02-13 10:30:29 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2025-02-13 10:50:45 +0000 www-client/chromium: add 133.0.6943.98 Includes the glibc-2.41 patch and updates GN to enable PPC via the gentoo patchset. Raptor Engineering patchset updated and ~ppc64 keyworded. Bug: https://bugs.gentoo.org/949698 Bug: https://bugs.gentoo.org/948832 Bug: https://bugs.gentoo.org/948384 Bug: https://bugs.gentoo.org/949654 Signed-off-by: Matt Jolly <kangie@gentoo.org> www-client/chromium/Manifest | 4 + www-client/chromium/chromium-133.0.6943.98.ebuild | 1441 +++++++++++++++++++++ 2 files changed, 1445 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a5e2e67ba0a676fbcbd56ddbf2fa75aad70170b1 commit a5e2e67ba0a676fbcbd56ddbf2fa75aad70170b1 Author: Matt Jolly <kangie@gentoo.org> AuthorDate: 2025-02-13 00:23:58 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2025-02-13 10:49:24 +0000 www-client/chromium: add 134.0.6998.15 Includes the glibc-2.41 patch and updates GN to enable PPC via the gentoo patchset (for when patches are available). Bug: https://bugs.gentoo.org/948832 Bug: https://bugs.gentoo.org/948384 Bug: https://bugs.gentoo.org/949654 Signed-off-by: Matt Jolly <kangie@gentoo.org> www-client/chromium/Manifest | 3 + www-client/chromium/chromium-134.0.6998.15.ebuild | 1535 ++++++++++++++++++++ .../files/chromium-134-map_droppable-glibc.patch | 35 + 3 files changed, 1573 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=030898ec7dfd200a15c25027787ccb588627e031 commit 030898ec7dfd200a15c25027787ccb588627e031 Author: Ionen Wolkens <ionen@gentoo.org> AuthorDate: 2025-02-13 19:42:19 +0000 Commit: Ionen Wolkens <ionen@gentoo.org> CommitDate: 2025-02-13 19:49:04 +0000 dev-qt/qtwebengine: import glibc-2.41 crash fix from chromium qtwebengine appears affected as well, reproduced the crash on imgur's main page by scrolling in qutebrowser. Haven't tested the patch myself but it appears to works fine for qtwebengine according to Chiitoo. Bug: https://bugs.gentoo.org/949654 Signed-off-by: Ionen Wolkens <ionen@gentoo.org> .../files/qtwebengine-6.8.2-glibc2.41.patch | 20 ++++++++++++++++++++ ...gine-6.8.2.ebuild => qtwebengine-6.8.2-r1.ebuild} | 1 + 2 files changed, 21 insertions(+)
From a quick test, looks like the patch helps with qtwebengine-based browsers as well (not so surprisingly). I'll see if I can offer it to Qt tomorrow or so. Thank you!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aabd7f6e2f5211000b2dd2dfc819c9780e5b63ff commit aabd7f6e2f5211000b2dd2dfc819c9780e5b63ff Author: Ionen Wolkens <ionen@gentoo.org> AuthorDate: 2025-02-14 02:18:07 +0000 Commit: Ionen Wolkens <ionen@gentoo.org> CommitDate: 2025-02-14 02:23:50 +0000 dev-qt/qtwebengine: fix glibc2.41 patch for older glibc (actually) import from www-client/chromium this time, had missed that the final used patch was different than the one on the bug. No need for another revbump given it'd have just failed to build if <2.41, and was fine if using 2.41. Bug: https://bugs.gentoo.org/949654 Thanks-to: Sam James <sam@gentoo.org> Fixes: 030898ec7dfd200a15c25027787ccb588627e031 Signed-off-by: Ionen Wolkens <ionen@gentoo.org> .../files/qtwebengine-6.8.2-glibc2.41.patch | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-)
(In reply to Chiitoo from comment #6) > From a quick test, looks like the patch helps with qtwebengine-based > browsers as well (not so surprisingly). > > I'll see if I can offer it to Qt tomorrow or so. ftr qutebrowser upstream reported what seems to be the same issue at https://bugreports.qt.io/browse/QTBUG-134631 now
