From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59896) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eaQKi-0001Fd-QL for guix-patches@gnu.org; Sat, 13 Jan 2018 13:15:10 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eaQKf-0001sH-FE for guix-patches@gnu.org; Sat, 13 Jan 2018 13:15:08 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:47219) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1eaQKf-0001ri-9R for guix-patches@gnu.org; Sat, 13 Jan 2018 13:15:05 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1eaQKe-0003JE-Tl for guix-patches@gnu.org; Sat, 13 Jan 2018 13:15:04 -0500 Subject: [bug#28004] Chromium Resent-Message-ID: Date: Sat, 13 Jan 2018 19:13:57 +0000 From: ng0 Message-ID: <20180113191357.lqiwwyw3jxcimaqa@abyayala> References: <20171010131949.y43plpzxbppvrigr@abyayala> <87lgkha2cx.fsf@gnu.org> <20171012195628.GA31843@jasmine.lan> <87shensfq6.fsf@gnu.org> <87o9p45bb6.fsf@fastmail.com> <20180104191648.custe7w3l57fvbac@abyayala> <87wp0s2ewl.fsf@fastmail.com> <20180108232042.nqjurjr2bcfl2yyc@abyayala> <87373cey5b.fsf@fastmail.com> <20180113190235.4yhko2v5cxiu7p6f@abyayala> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="6f4gatmyeuo3klfj" Content-Disposition: inline In-Reply-To: <20180113190235.4yhko2v5cxiu7p6f@abyayala> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Marius Bakke Cc: 28004@debbugs.gnu.org --6f4gatmyeuo3klfj Content-Type: multipart/mixed; boundary="yoqriwqvuf3qqpax" Content-Disposition: inline --yoqriwqvuf3qqpax Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable ng0 transcribed 5.6K bytes: > I just got a bug report for the build via: >=20 > guix pull --url=3D"https://c.n0.is/git/ng0/guix/guix.git" --branch=3D"pre= test/chromium" > guix package --install chromium >=20 > Failing with the attached build log excerpt. We are not FreeBSD, but I fo= und > this in the first 5 minutes: https://bugs.freebsd.org/bugzilla/show_bug.c= gi?id=3D160935 > Maybe it helps to debug this, or maybe you've encountered this before. >=20 > I myself have been able to build this without issues on two systems. >=20 > All mentioned systems are GuixSD. >=20 this time with attached file. > This should be a blocker, but maybe a head-up in potential build issues. > Marius Bakke transcribed 4.5K bytes: > > ng0 writes: > >=20 > > > Many thanks for your ongoing work with this (and the patience :)) > > > As this is 63, you you are keeping track of Debian, right? I tried > > > to package 64 a couple of days ago because I wanted the workaround > > > for some of the recent security clusterfucks, but Debian is still > > > on 63 :/ > > > I hope they'll update their patchset soon. > >=20 > > Indeed Google did not add the Spectre mitigation to Chromium 63, even > > though the latest version was released after the fact. > >=20 > > https://xlab.tencent.com/special/spectre/spectre_check.html > >=20 > > For reasons that beat me, they only added it to the proprietary Chrome > > browser, which follows the same version number as Chromium. > >=20 > > The attached patch adds Spectre mitigation to the current Chromium > > release. The patch was pulled from the Chrome 64 branch: > >=20 >=20 > > From b011b57f357af97f3a003a3b1c481fc8bd2b869c Mon Sep 17 00:00:00 2001 > > From: Marius Bakke > > Date: Thu, 11 Jan 2018 14:36:47 +0100 > > Subject: [PATCH] gnu: chromium: Add spectre mitigation. > >=20 > > * gnu/packages/patches/chromium-spectre-mitigation.patch: New file. > > * gnu/local.mk (dist_patch_DATA): Register it. > > * gnu/packages/chromium.scm (chromium)[source]: Use it. > > --- > > gnu/local.mk | 1 + > > gnu/packages/chromium.scm | 3 ++- > > gnu/packages/patches/chromium-spectre-mitigation.patch | 13 ++++++++++= +++ > > 3 files changed, 16 insertions(+), 1 deletion(-) > > create mode 100644 gnu/packages/patches/chromium-spectre-mitigation.pa= tch > >=20 > > diff --git a/gnu/local.mk b/gnu/local.mk > > index 513f64043..89dab227c 100644 > > --- a/gnu/local.mk > > +++ b/gnu/local.mk > > @@ -575,6 +575,7 @@ dist_patch_DATA =3D \ > > %D%/packages/patches/ceph-skip-collect-sys-info-test.patch \ > > %D%/packages/patches/ceph-skip-unittest_blockdev.patch \ > > %D%/packages/patches/chmlib-inttypes.patch \ > > + %D%/packages/patches/chromium-spectre-mitigation.patch \ > > %D%/packages/patches/clang-libc-search-path.patch \ > > %D%/packages/patches/clang-3.8-libc-search-path.patch \ > > %D%/packages/patches/clementine-use-openssl.patch \ > > diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm > > index dd040527b..1e9dba42e 100644 > > --- a/gnu/packages/chromium.scm > > +++ b/gnu/packages/chromium.scm > > @@ -240,7 +240,8 @@ > > %chromium-system-icu.patch > > %chromium-system-nspr.patch > > %chromium-system-libevent.patch > > - %chromium-disable-api-keys-warning.patch)) > > + %chromium-disable-api-keys-warning.patch > > + (search-patch "chromium-spectre-mitigatio= n.patch"))) > > (modules '((srfi srfi-1) > > (guix build utils))) > > (snippet > > diff --git a/gnu/packages/patches/chromium-spectre-mitigation.patch b/g= nu/packages/patches/chromium-spectre-mitigation.patch > > new file mode 100644 > > index 000000000..a44a3bce4 > > --- /dev/null > > +++ b/gnu/packages/patches/chromium-spectre-mitigation.patch > > @@ -0,0 +1,13 @@ > > +diff --git a/content/public/common/content_features.cc b/content/publi= c/common/content_features.cc > > +index 43feb76..33a49b8 100644 > > +--- a/content/public/common/content_features.cc > > ++++ b/content/public/common/content_features.cc > > +@@ -308,7 +308,7 @@ > > +=20 > > + // http://tc39.github.io/ecmascript_sharedmem/shmem.html > > + const base::Feature kSharedArrayBuffer{"SharedArrayBuffer", > > +- base::FEATURE_ENABLED_BY_DEFAU= LT}; > > ++ base::FEATURE_DISABLED_BY_DEFA= ULT}; > > +=20 > > + // An experiment to require process isolation for the sign-in origin, > > + // https://accounts.google.com. Launch bug: https://crbug.com/739418. > > --=20 > > 2.15.1 > >=20 >=20 >=20 >=20 >=20 > --=20 > ng0 :: https://ea.n0.is > A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/ --=20 ng0 :: https://ea.n0.is A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/ --yoqriwqvuf3qqpax Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="chromium.fail" Content-Transfer-Encoding: quoted-printable [19248/23429] CXX obj/content/browser/browser/web_bluetooth_service_impl.o FAILED: obj/content/browser/browser/web_bluetooth_service_impl.o=20 g++ -MMD -MF obj/content/browser/browser/web_bluetooth_service_impl.o.d -DE= NABLE_SCREEN_CAPTURE=3D1 -DV8_DEPRECATION_WARNINGS=20 -DUSE_UDEV -DUSE_AURA=3D1 -DUSE_GLIB=3D1 -DUSE_NSS_CERTS=3D1 -DUSE_X11=3D1 = -DNO_TCMALLOC -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD=20 -DSAFE_BROWSING_DB_LOCAL -DCHROMIUM_BUILD -D_FILE_OFFSET_BITS=3D64 -D_LARGE= FILE_SOURCE -D_LARGEFILE64_SOURCE=20 -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D_FORTIFY_SOURCE=3D2 -DNDE= BUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=3D0=20 -DCONTENT_IMPLEMENTATION -DV8_USE_EXTERNAL_STARTUP_DATA=20 -DATK_LIB_DIR=3D\"/gnu/store/nniszqyslmgllha2cyi9g3pfsmm6sg16-atk-2.24.0/li= b\" -DGLIB_VERSION_MAX_ALLOWED=3DGLIB_VERSION_2_32=20 -DGLIB_VERSION_MIN_REQUIRED=3DGLIB_VERSION_2_26 -DGL_GLEXT_PROTOTYPES -DUSE= _GLX -DUSE_EGL -DGOOGLE_PROTOBUF_NO_RTTI=20 -DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DHAVE_PTHREAD -DUSING_SYSTEM_ICU= =3D1 -DICU_UTIL_DATA_IMPL=3DICU_UTIL_DATA_STATIC=20 -DUCHAR_TYPE=3Duint16_t -DSK_IGNORE_LINEONLY_AA_CONVEX_PATH_OPTS -DSK_HAS_P= NG_LIBRARY -DSK_HAS_WEBP_LIBRARY -DSK_HAS_JPEG_LIBRARY=20 -DSK_SUPPORT_GPU=3D1 -DLEVELDB_PLATFORM_CHROMIUM=3D1 -DWEBRTC_NON_STATIC_TR= ACE_EVENT_HANDLERS=3D0 -DFEATURE_ENABLE_VOICEMAIL=20 -DGTEST_RELATIVE_PATH -DWEBRTC_CHROMIUM_BUILD -DWEBRTC_POSIX -DWEBRTC_LINUX= -DWTF_USE_WEBAUDIO_FFMPEG=3D1=20 -DWTF_USE_DEFAULT_RENDER_THEME=3D1 -DUSE_SYSTEM_ZLIB=3D1 -DNO_MAIN_THREAD_W= RAPPING -I../.. -Igen=20 -I/gnu/store/nniszqyslmgllha2cyi9g3pfsmm6sg16-atk-2.24.0/include/atk-1.0=20 -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.0= =20 -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/incl= ude=20 -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.0= =20 -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/incl= ude=20 -I/gnu/store/b9ww6qv1ii9v6n45kin7543vkf6jfnd3-libpng-1.6.29/include/libpng1= 6=20 -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.0= =20 -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/incl= ude=20 -I/gnu/store/3k1y78v6nxjvmivnri5j46wai6ppvyz0-harfbuzz-1.5.1/include/harfbu= zz=20 -I/gnu/store/b9ww6qv1ii9v6n45kin7543vkf6jfnd3-libpng-1.6.29/include/libpng1= 6=20 -I/gnu/store/4b9y9f5fvghk2vmwpbgzncal7z3r4n5y-pango-1.40.12/include/pango-1= =2E0=20 -I/gnu/store/c4vl4hw5jccg0b23sfvs0kdnfdbxdlgm-cairo-1.14.10/include/cairo= =20 -I/gnu/store/w8kii3hjvmh50yxs52gkdywkq9jc7s19-pixman-0.34.0/include/pixman-= 1 -Igen/shim_headers/libevent_shim=20 -Igen/shim_headers/icui18n_shim -Igen/shim_headers/icuuc_shim -Igen/shim_he= aders/re2_shim -Igen/shim_headers/libpng_shim=20 -Igen/shim_headers/zlib_shim -Igen/shim_headers/libdrm_shim -I../../third_p= arty/khronos -I../../gpu=20 -Igen/shim_headers/ffmpeg_shim -Igen/shim_headers/libvpx_shim -Igen/shim_he= aders/opus_shim -Igen/shim_headers/snappy_shim=20 -Igen/shim_headers/openh264_shim -Igen/shim_headers/minizip_shim -Igen/shim= _headers/flac_shim -I../../third_party/protobuf/src=20 -I../../third_party/ced/src -I../../skia/config -I../../skia/ext -I../../th= ird_party/skia/include/c=20 -I../../third_party/skia/include/config -I../../third_party/skia/include/co= re -I../../third_party/skia/include/effects=20 -I../../third_party/skia/include/encode -I../../third_party/skia/include/gp= u -I../../third_party/skia/include/images=20 -I../../third_party/skia/include/lazy -I../../third_party/skia/include/path= ops -I../../third_party/skia/include/pdf=20 -I../../third_party/skia/include/pipe -I../../third_party/skia/include/port= s -I../../third_party/skia/include/utils=20 -I../../third_party/skia/third_party/vulkan -I../../third_party/skia/src/gp= u -I../../third_party/skia/src/sksl=20 -I../../third_party/leveldatabase -I../../third_party/leveldatabase/src -I.= =2E/../third_party/leveldatabase/src/include=20 -I../../third_party/webrtc_overrides -I../../testing/gtest/include -I../../= third_party/webrtc=20 -I../../third_party/webrtc_overrides -I../../third_party/webrtc -I../../thi= rd_party/protobuf/src -Igen/protoc_out=20 -Igen/components/metrics/proto -I../../third_party/boringssl/src/include=20 -I/gnu/store/yk0bk0y3dvz2pa3f56knjhdby16fb62s-nss-3.34/include/nss=20 -I/gnu/store/544jcd4141xgg72dk5xxbs4zjzvxvvxi-nspr-4.17/include/nspr -I../.= =2E/third_party/libwebm/source -Igen=20 -I../../third_party/WebKit -Igen/third_party/WebKit -I../../v8/include -Ige= n/v8/include -I../../third_party/mesa/src/include=20 -I../../third_party/WebKit/Source -I../../third_party/WebKit -Igen/blink -I= gen/third_party/WebKit=20 -I../../third_party/angle/src/common/third_party/base -Igen/angle -I../../t= hird_party/brotli/include=20 -I../../third_party/libyuv/include -I/gnu/store/xr0zjan791j0pgvcs770m59za9b= sjsr6-dbus-1.10.22/include/dbus-1.0=20 -I/gnu/store/xr0zjan791j0pgvcs770m59za9bsjsr6-dbus-1.10.22/lib/dbus-1.0/inc= lude -fno-strict-aliasing --param=3Dssp-buffer-size=3D4=20 -fstack-protector -Wno-builtin-macro-redefined -D__DATE__=3D -D__TIME__=3D = -D__TIMESTAMP__=3D -funwind-tables -fPIC -pipe -pthread=20 -m64 -march=3Dx86-64 -Wall -Wno-unused-local-typedefs -Wno-maybe-uninitiali= zed -Wno-missing-field-initializers=20 -Wno-unused-parameter -O2 -fno-ident -fdata-sections -ffunction-sections -f= omit-frame-pointer -g0 -fvisibility=3Dhidden=20 -Wno-unused-local-typedef -Wno-unused-function -std=3Dgnu++14 -Wno-narrowin= g -fno-rtti -fno-exceptions -fvisibility-inlines-hidden=20 -c ../../content/browser/bluetooth/web_bluetooth_service_impl.cc -o obj/con= tent/browser/browser/web_bluetooth_service_impl.o g++: internal compiler error: Killed (program cc1plus) Please submit a full bug report, with preprocessed source if appropriate. See for instructions. [19249/23429] CXX obj/content/browser/browser/render_frame_host_factory.o In file included from ../../content/browser/frame_host/frame_tree_node.h:18= :0, from ../../content/browser/frame_host/render_frame_host_fa= ctory.cc:9: =2E./../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning= : multi-line comment [-Wcomment] // / | \ ^ =2E./../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning= : multi-line comment [-Wcomment] // / / \ \ ^ cc1plus: warning: unrecognized command line option =E2=80=98-Wno-unused-loc= al-typedef=E2=80=99 [19250/23429] CXX obj/content/browser/browser/render_frame_host_manager.o In file included from ../../content/browser/frame_host/render_frame_host_ma= nager.h:19:0, from ../../content/browser/frame_host/render_frame_host_ma= nager.cc:5: =2E./../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning= : multi-line comment [-Wcomment] // / | \ ^ =2E./../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning= : multi-line comment [-Wcomment] // / / \ \ ^ cc1plus: warning: unrecognized command line option =E2=80=98-Wno-unused-loc= al-typedef=E2=80=99 [19251/23429] CXX obj/content/browser/browser/render_frame_host_impl.o In file included from ../../content/browser/frame_host/render_frame_host_im= pl.cc:5:0: =2E./../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning= : multi-line comment [-Wcomment] // / | \ ^ =2E./../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning= : multi-line comment [-Wcomment] // / / \ \ ^ cc1plus: warning: unrecognized command line option =E2=80=98-Wno-unused-loc= al-typedef=E2=80=99 ninja: build stopped: subcommand failed. phase `build' failed after 16570.6 seconds builder for `/gnu/store/9ws2gavs5bjlrfimhdi10pssvy7hwnwl-chromium-63.0.3239= =2E132.drv' failed with exit code 1 guix package: error: build failed: build of `/gnu/store/9ws2gavs5bjlrfimhdi= 10pssvy7hwnwl-chromium-63.0.3239.132.drv' failed --yoqriwqvuf3qqpax-- --6f4gatmyeuo3klfj Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEqIyK3RKYKNfqwC5S4i+bv+40hYgFAlpaWnUACgkQ4i+bv+40 hYhE0RAAhjXzAIYYYwPEC38gItQP6jeHA8O8pxQfI6xLXdpy0KZNllzcis87RzWK XYQkiw3nnUQB3pkFGsAhrAJ5c0R4IOTjFHPtwbppoy5uQ/YL6jIZKwGmhL4NoLKN EdRNHH5/nl07pWIGPYmJiQH8YqHmKgykq3GUamVcU4T6xkdwMpZzDlGb5UnjVuda MUj1oX5Ex29CONACDaoo1pDZnHn/UVp2QuV8WwedZr3LTESvaMvj/m3CPY4qov8l z6gAUe5tFcm66q+gBU5t0VYXGWRliiM5JFnfLiOhXmgd6/A0SaMGZIpBGOp0JLJD 33/w3Dud8P/0Omw8ZsFXBgXA4O5/NCE/YtBi5tmjU181T5SUk05Q3Tdu8qwi0h38 u3sAvRK0eQvcsHlLfNaYX0w2f+H2OeV0+NGjKoY1JCvf+HVQiriM14lJ2SQwsfPl 51U2hZeQnOsF56CfX7z1vfnaJ2EF6ws47OGU6xvSa2LcumwtkkHBUVRYO6R+DlUU W+3qMSoG0nPtXLhiOqy/oFu1gfza2ZJZ6CzHFIaYmRhJxAmRX9jv0cQehBZ4lkwB jdpeLrbabxVc/ESADRfgEq2/24y8tZDFyOEMpeCuNstZZa4jT4mfc7HOzTqOjWbN Ni5AoigSRLehRrwe+w+GhJ+/ZXiatE81EqUvCmm9LC25cK5XyaE= =lG00 -----END PGP SIGNATURE----- --6f4gatmyeuo3klfj--