| Summary: | emerge www-client/chromium fails with denied RWX mmap by mksnapshot | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Ondřej Guth <ondra-a> |
| Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
| Status: | RESOLVED WORKSFORME | ||
| Severity: | normal | CC: | chromium, ilovekiruna, zerochaos |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: |
emerge --info '=www-client/chromium-56.0.2924.59
build.log |
||
|
Description
Ondřej Guth
2017-01-16 20:55:01 UTC
Created attachment 460396 [details]
emerge --info '=www-client/chromium-56.0.2924.59
Created attachment 460398 [details]
build.log
The ebuild already does that.
# Build mksnapshot and pax-mark it.
eninja -C out/Release mksnapshot || die
pax-mark m out/Release/mksnapshot
(In reply to Mike Gilbert from comment #3) > The ebuild already does that. > > # Build mksnapshot and pax-mark it. > eninja -C out/Release mksnapshot || die > pax-mark m out/Release/mksnapshot Could you give me a hint to find out, why this does not work in my case, please? From the original build.log on this bug: * PT_PAX marking -m out/Release/mksnapshot with paxctl * PT_PAX marking -m out/Release/mksnapshot with paxctl-ng * XATTR_PAX marking -m out/Release/mksnapshot with paxctl-ng *snip* [9129/23858] python ../../v8/tools/run.py ./mksnapshot --startup_src gen/v8/snapshot.cc --random-seed 314159265 --startup_blob snapshot_blob.bin FAILED: gen/v8/snapshot.cc snapshot_blob.bin python ../../v8/tools/run.py ./mksnapshot --startup_src gen/v8/snapshot.cc --random-seed 314159265 --startup_blob snapshot_blob.bin # # Fatal javascript OOM in CALL_AND_RETRY_LAST # Not to be completely contradictory but, one of two things happened: 1.) Actually ran out of ram, hardly a surprise with chromium these days 2.) it is possible that mksnapshot got rebuilt *after* the pax mark and we need to run pax mark *again* > 2.) it is possible that mksnapshot got rebuilt *after* the pax mark and we
> need to run pax mark *again*
The build log does not show mksnapshot being rebuilt.
(In reply to Mike Gilbert from comment #6) > > 2.) it is possible that mksnapshot got rebuilt *after* the pax mark and we > > need to run pax mark *again* > > The build log does not show mksnapshot being rebuilt. I agree, but I'm curious if the created/modified times on the file agree. To add to clarification, I built this version of chromium successfully yesterday: www-client/chromium-56.0.2924.76-r1 I'm not building unstable chromium, but stable sure works fine. I'm leaning hard toward "user ran out of ram" I also faced the issue. By help from IRC I could figure out that in my kernel config I was missing the CONFIG_PAX_XATTR_PAX_FLAGS setting. Activating it and rebuilding the kernel solved the issue for me. I'm going to go ahead and close this; this is probably caused by a mis-configured kernel or some other user error. (In reply to ilovekiruna from comment #9) > I also faced the issue. By help from IRC I could figure out that in my > kernel config I was missing the CONFIG_PAX_XATTR_PAX_FLAGS setting. > Activating it and rebuilding the kernel solved the issue for me. I confirm that kernel config is the cause. After setting CONFIG_PAX_XATTR_PAX_FLAGS=y, I have built www-client/chromium-57.0.2987.21 successfully. Thank you for the help! |
