From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:45664) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eagBt-0002qW-Oj for guix-patches@gnu.org; Sun, 14 Jan 2018 06:11:07 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eagBq-0006xL-H5 for guix-patches@gnu.org; Sun, 14 Jan 2018 06:11:05 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:47516) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1eagBq-0006x7-Ai for guix-patches@gnu.org; Sun, 14 Jan 2018 06:11:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1eagBp-0004Tk-QC for guix-patches@gnu.org; Sun, 14 Jan 2018 06:11:01 -0500 Subject: [bug#28004] Chromium Resent-Message-ID: Date: Sun, 14 Jan 2018 12:10:21 +0000 From: ng0 Message-ID: <20180114121021.kjkkfzpvwkepaxsh@abyayala> References: <87lgkha2cx.fsf@gnu.org> <20171012195628.GA31843@jasmine.lan> <87shensfq6.fsf@gnu.org> <87o9p45bb6.fsf@fastmail.com> <20180104191648.custe7w3l57fvbac@abyayala> <87wp0s2ewl.fsf@fastmail.com> <20180108232042.nqjurjr2bcfl2yyc@abyayala> <87373cey5b.fsf@fastmail.com> <20180113190235.4yhko2v5cxiu7p6f@abyayala> <20180113191357.lqiwwyw3jxcimaqa@abyayala> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="rhpp4fbt4wy637lc" Content-Disposition: inline In-Reply-To: <20180113191357.lqiwwyw3jxcimaqa@abyayala> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Marius Bakke Cc: 28004@debbugs.gnu.org --rhpp4fbt4wy637lc Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable ng0 transcribed 14K bytes: > ng0 transcribed 5.6K bytes: > > I just got a bug report for the build via: > >=20 > > guix pull --url=3D"https://c.n0.is/git/ng0/guix/guix.git" --branch=3D"p= retest/chromium" > > guix package --install chromium > >=20 > > Failing with the attached build log excerpt. We are not FreeBSD, but I = found > > this in the first 5 minutes: https://bugs.freebsd.org/bugzilla/show_bug= =2Ecgi?id=3D160935 > > Maybe it helps to debug this, or maybe you've encountered this before. > >=20 > > I myself have been able to build this without issues on two systems. > >=20 > > All mentioned systems are GuixSD. > >=20 >=20 > this time with attached file. My guess was "low on RAM or swap", as it turns out this was right. With more RAM and/or swap space it builds. > > This should be a blocker, but maybe a head-up in potential build issues. > > Marius Bakke transcribed 4.5K bytes: > > > ng0 writes: > > >=20 > > > > Many thanks for your ongoing work with this (and the patience :)) > > > > As this is 63, you you are keeping track of Debian, right? I tried > > > > to package 64 a couple of days ago because I wanted the workaround > > > > for some of the recent security clusterfucks, but Debian is still > > > > on 63 :/ > > > > I hope they'll update their patchset soon. > > >=20 > > > Indeed Google did not add the Spectre mitigation to Chromium 63, even > > > though the latest version was released after the fact. > > >=20 > > > https://xlab.tencent.com/special/spectre/spectre_check.html > > >=20 > > > For reasons that beat me, they only added it to the proprietary Chrome > > > browser, which follows the same version number as Chromium. > > >=20 > > > The attached patch adds Spectre mitigation to the current Chromium > > > release. The patch was pulled from the Chrome 64 branch: > > >=20 > >=20 > > > From b011b57f357af97f3a003a3b1c481fc8bd2b869c Mon Sep 17 00:00:00 2001 > > > From: Marius Bakke > > > Date: Thu, 11 Jan 2018 14:36:47 +0100 > > > Subject: [PATCH] gnu: chromium: Add spectre mitigation. > > >=20 > > > * gnu/packages/patches/chromium-spectre-mitigation.patch: New file. > > > * gnu/local.mk (dist_patch_DATA): Register it. > > > * gnu/packages/chromium.scm (chromium)[source]: Use it. > > > --- > > > gnu/local.mk | 1 + > > > gnu/packages/chromium.scm | 3 ++- > > > gnu/packages/patches/chromium-spectre-mitigation.patch | 13 ++++++++= +++++ > > > 3 files changed, 16 insertions(+), 1 deletion(-) > > > create mode 100644 gnu/packages/patches/chromium-spectre-mitigation.= patch > > >=20 > > > diff --git a/gnu/local.mk b/gnu/local.mk > > > index 513f64043..89dab227c 100644 > > > --- a/gnu/local.mk > > > +++ b/gnu/local.mk > > > @@ -575,6 +575,7 @@ dist_patch_DATA =3D \ > > > %D%/packages/patches/ceph-skip-collect-sys-info-test.patch \ > > > %D%/packages/patches/ceph-skip-unittest_blockdev.patch \ > > > %D%/packages/patches/chmlib-inttypes.patch \ > > > + %D%/packages/patches/chromium-spectre-mitigation.patch \ > > > %D%/packages/patches/clang-libc-search-path.patch \ > > > %D%/packages/patches/clang-3.8-libc-search-path.patch \ > > > %D%/packages/patches/clementine-use-openssl.patch \ > > > diff --git a/gnu/packages/chromium.scm b/gnu/packages/chromium.scm > > > index dd040527b..1e9dba42e 100644 > > > --- a/gnu/packages/chromium.scm > > > +++ b/gnu/packages/chromium.scm > > > @@ -240,7 +240,8 @@ > > > %chromium-system-icu.patch > > > %chromium-system-nspr.patch > > > %chromium-system-libevent.patch > > > - %chromium-disable-api-keys-warning.patc= h)) > > > + %chromium-disable-api-keys-warning.patch > > > + (search-patch "chromium-spectre-mitigat= ion.patch"))) > > > (modules '((srfi srfi-1) > > > (guix build utils))) > > > (snippet > > > diff --git a/gnu/packages/patches/chromium-spectre-mitigation.patch b= /gnu/packages/patches/chromium-spectre-mitigation.patch > > > new file mode 100644 > > > index 000000000..a44a3bce4 > > > --- /dev/null > > > +++ b/gnu/packages/patches/chromium-spectre-mitigation.patch > > > @@ -0,0 +1,13 @@ > > > +diff --git a/content/public/common/content_features.cc b/content/pub= lic/common/content_features.cc > > > +index 43feb76..33a49b8 100644 > > > +--- a/content/public/common/content_features.cc > > > ++++ b/content/public/common/content_features.cc > > > +@@ -308,7 +308,7 @@ > > > +=20 > > > + // http://tc39.github.io/ecmascript_sharedmem/shmem.html > > > + const base::Feature kSharedArrayBuffer{"SharedArrayBuffer", > > > +- base::FEATURE_ENABLED_BY_DEF= AULT}; > > > ++ base::FEATURE_DISABLED_BY_DE= FAULT}; > > > +=20 > > > + // An experiment to require process isolation for the sign-in origi= n, > > > + // https://accounts.google.com. Launch bug: https://crbug.com/7394= 18. > > > --=20 > > > 2.15.1 > > >=20 > >=20 > >=20 > >=20 > >=20 > > --=20 > > ng0 :: https://ea.n0.is > > A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/ >=20 >=20 >=20 > --=20 > ng0 :: https://ea.n0.is > A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/ > [19248/23429] CXX obj/content/browser/browser/web_bluetooth_service_impl.o > FAILED: obj/content/browser/browser/web_bluetooth_service_impl.o=20 > g++ -MMD -MF obj/content/browser/browser/web_bluetooth_service_impl.o.d -= DENABLE_SCREEN_CAPTURE=3D1 -DV8_DEPRECATION_WARNINGS=20 > -DUSE_UDEV -DUSE_AURA=3D1 -DUSE_GLIB=3D1 -DUSE_NSS_CERTS=3D1 -DUSE_X11=3D= 1 -DNO_TCMALLOC -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD=20 > -DSAFE_BROWSING_DB_LOCAL -DCHROMIUM_BUILD -D_FILE_OFFSET_BITS=3D64 -D_LAR= GEFILE_SOURCE -D_LARGEFILE64_SOURCE=20 > -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D_FORTIFY_SOURCE=3D2 -DN= DEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=3D0=20 > -DCONTENT_IMPLEMENTATION -DV8_USE_EXTERNAL_STARTUP_DATA=20 > -DATK_LIB_DIR=3D\"/gnu/store/nniszqyslmgllha2cyi9g3pfsmm6sg16-atk-2.24.0/= lib\" -DGLIB_VERSION_MAX_ALLOWED=3DGLIB_VERSION_2_32=20 > -DGLIB_VERSION_MIN_REQUIRED=3DGLIB_VERSION_2_26 -DGL_GLEXT_PROTOTYPES -DU= SE_GLX -DUSE_EGL -DGOOGLE_PROTOBUF_NO_RTTI=20 > -DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DHAVE_PTHREAD -DUSING_SYSTEM_ICU= =3D1 -DICU_UTIL_DATA_IMPL=3DICU_UTIL_DATA_STATIC=20 > -DUCHAR_TYPE=3Duint16_t -DSK_IGNORE_LINEONLY_AA_CONVEX_PATH_OPTS -DSK_HAS= _PNG_LIBRARY -DSK_HAS_WEBP_LIBRARY -DSK_HAS_JPEG_LIBRARY=20 > -DSK_SUPPORT_GPU=3D1 -DLEVELDB_PLATFORM_CHROMIUM=3D1 -DWEBRTC_NON_STATIC_= TRACE_EVENT_HANDLERS=3D0 -DFEATURE_ENABLE_VOICEMAIL=20 > -DGTEST_RELATIVE_PATH -DWEBRTC_CHROMIUM_BUILD -DWEBRTC_POSIX -DWEBRTC_LIN= UX -DWTF_USE_WEBAUDIO_FFMPEG=3D1=20 > -DWTF_USE_DEFAULT_RENDER_THEME=3D1 -DUSE_SYSTEM_ZLIB=3D1 -DNO_MAIN_THREAD= _WRAPPING -I../.. -Igen=20 > -I/gnu/store/nniszqyslmgllha2cyi9g3pfsmm6sg16-atk-2.24.0/include/atk-1.0= =20 > -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.= 0=20 > -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/in= clude=20 > -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.= 0=20 > -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/in= clude=20 > -I/gnu/store/b9ww6qv1ii9v6n45kin7543vkf6jfnd3-libpng-1.6.29/include/libpn= g16=20 > -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/include/glib-2.= 0=20 > -I/gnu/store/azbfh3i72lbaqvhgg5m7p6ymmqq0ii6q-glib-2.52.3/lib/glib-2.0/in= clude=20 > -I/gnu/store/3k1y78v6nxjvmivnri5j46wai6ppvyz0-harfbuzz-1.5.1/include/harf= buzz=20 > -I/gnu/store/b9ww6qv1ii9v6n45kin7543vkf6jfnd3-libpng-1.6.29/include/libpn= g16=20 > -I/gnu/store/4b9y9f5fvghk2vmwpbgzncal7z3r4n5y-pango-1.40.12/include/pango= -1.0=20 > -I/gnu/store/c4vl4hw5jccg0b23sfvs0kdnfdbxdlgm-cairo-1.14.10/include/cairo= =20 > -I/gnu/store/w8kii3hjvmh50yxs52gkdywkq9jc7s19-pixman-0.34.0/include/pixma= n-1 -Igen/shim_headers/libevent_shim=20 > -Igen/shim_headers/icui18n_shim -Igen/shim_headers/icuuc_shim -Igen/shim_= headers/re2_shim -Igen/shim_headers/libpng_shim=20 > -Igen/shim_headers/zlib_shim -Igen/shim_headers/libdrm_shim -I../../third= _party/khronos -I../../gpu=20 > -Igen/shim_headers/ffmpeg_shim -Igen/shim_headers/libvpx_shim -Igen/shim_= headers/opus_shim -Igen/shim_headers/snappy_shim=20 > -Igen/shim_headers/openh264_shim -Igen/shim_headers/minizip_shim -Igen/sh= im_headers/flac_shim -I../../third_party/protobuf/src=20 > -I../../third_party/ced/src -I../../skia/config -I../../skia/ext -I../../= third_party/skia/include/c=20 > -I../../third_party/skia/include/config -I../../third_party/skia/include/= core -I../../third_party/skia/include/effects=20 > -I../../third_party/skia/include/encode -I../../third_party/skia/include/= gpu -I../../third_party/skia/include/images=20 > -I../../third_party/skia/include/lazy -I../../third_party/skia/include/pa= thops -I../../third_party/skia/include/pdf=20 > -I../../third_party/skia/include/pipe -I../../third_party/skia/include/po= rts -I../../third_party/skia/include/utils=20 > -I../../third_party/skia/third_party/vulkan -I../../third_party/skia/src/= gpu -I../../third_party/skia/src/sksl=20 > -I../../third_party/leveldatabase -I../../third_party/leveldatabase/src -= I../../third_party/leveldatabase/src/include=20 > -I../../third_party/webrtc_overrides -I../../testing/gtest/include -I../.= =2E/third_party/webrtc=20 > -I../../third_party/webrtc_overrides -I../../third_party/webrtc -I../../t= hird_party/protobuf/src -Igen/protoc_out=20 > -Igen/components/metrics/proto -I../../third_party/boringssl/src/include= =20 > -I/gnu/store/yk0bk0y3dvz2pa3f56knjhdby16fb62s-nss-3.34/include/nss=20 > -I/gnu/store/544jcd4141xgg72dk5xxbs4zjzvxvvxi-nspr-4.17/include/nspr -I..= /../third_party/libwebm/source -Igen=20 > -I../../third_party/WebKit -Igen/third_party/WebKit -I../../v8/include -I= gen/v8/include -I../../third_party/mesa/src/include=20 > -I../../third_party/WebKit/Source -I../../third_party/WebKit -Igen/blink = -Igen/third_party/WebKit=20 > -I../../third_party/angle/src/common/third_party/base -Igen/angle -I../..= /third_party/brotli/include=20 > -I../../third_party/libyuv/include -I/gnu/store/xr0zjan791j0pgvcs770m59za= 9bsjsr6-dbus-1.10.22/include/dbus-1.0=20 > -I/gnu/store/xr0zjan791j0pgvcs770m59za9bsjsr6-dbus-1.10.22/lib/dbus-1.0/i= nclude -fno-strict-aliasing --param=3Dssp-buffer-size=3D4=20 > -fstack-protector -Wno-builtin-macro-redefined -D__DATE__=3D -D__TIME__= =3D -D__TIMESTAMP__=3D -funwind-tables -fPIC -pipe -pthread=20 > -m64 -march=3Dx86-64 -Wall -Wno-unused-local-typedefs -Wno-maybe-uninitia= lized -Wno-missing-field-initializers=20 > -Wno-unused-parameter -O2 -fno-ident -fdata-sections -ffunction-sections = -fomit-frame-pointer -g0 -fvisibility=3Dhidden=20 > -Wno-unused-local-typedef -Wno-unused-function -std=3Dgnu++14 -Wno-narrow= ing -fno-rtti -fno-exceptions -fvisibility-inlines-hidden=20 > -c ../../content/browser/bluetooth/web_bluetooth_service_impl.cc -o obj/c= ontent/browser/browser/web_bluetooth_service_impl.o > g++: internal compiler error: Killed (program cc1plus) > Please submit a full bug report, > with preprocessed source if appropriate. > See for instructions. > [19249/23429] CXX obj/content/browser/browser/render_frame_host_factory.o > In file included from ../../content/browser/frame_host/frame_tree_node.h:= 18:0, > from ../../content/browser/frame_host/render_frame_host_= factory.cc:9: > ../../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning= : multi-line comment [-Wcomment] > // / | \ > ^ > ../../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning= : multi-line comment [-Wcomment] > // / / \ \ > ^ > cc1plus: warning: unrecognized command line option =E2=80=98-Wno-unused-l= ocal-typedef=E2=80=99 > [19250/23429] CXX obj/content/browser/browser/render_frame_host_manager.o > In file included from ../../content/browser/frame_host/render_frame_host_= manager.h:19:0, > from ../../content/browser/frame_host/render_frame_host_= manager.cc:5: > ../../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning= : multi-line comment [-Wcomment] > // / | \ > ^ > ../../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning= : multi-line comment [-Wcomment] > // / / \ \ > ^ > cc1plus: warning: unrecognized command line option =E2=80=98-Wno-unused-l= ocal-typedef=E2=80=99 > [19251/23429] CXX obj/content/browser/browser/render_frame_host_impl.o > In file included from ../../content/browser/frame_host/render_frame_host_= impl.cc:5:0: > ../../content/browser/frame_host/render_frame_host_impl.h:1001:3: warning= : multi-line comment [-Wcomment] > // / | \ > ^ > ../../content/browser/frame_host/render_frame_host_impl.h:1003:3: warning= : multi-line comment [-Wcomment] > // / / \ \ > ^ > cc1plus: warning: unrecognized command line option =E2=80=98-Wno-unused-l= ocal-typedef=E2=80=99 > ninja: build stopped: subcommand failed. > phase `build' failed after 16570.6 seconds > builder for `/gnu/store/9ws2gavs5bjlrfimhdi10pssvy7hwnwl-chromium-63.0.32= 39.132.drv' failed with exit code 1 > guix package: error: build failed: build of `/gnu/store/9ws2gavs5bjlrfimh= di10pssvy7hwnwl-chromium-63.0.3239.132.drv' failed --=20 ng0 :: https://ea.n0.is A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/ --rhpp4fbt4wy637lc Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEqIyK3RKYKNfqwC5S4i+bv+40hYgFAlpbSK0ACgkQ4i+bv+40 hYhzXxAArDgVnBuXsW8jofkbBp4Iq843KaULtKxF3QcKzT1ZXO4x6S1XCAc9C9bg QY941InFbH8C2hSzmfKsK9RXSmzfsUn3cdsxmE+rL7LKd7YIAlc4B/dvLiMW0Vuq SlRNpWzYRnvXLJRSJFWg02s91pKa90klINTQfLvlQMvgCm6lAclxs8ufkgPuRMyu 24xQtO1pBOA6meOa4C13Z1XhaWLoknvci/n1IsnANszV8iYZ/iW2YQqc4x9ebCoq rBn9/WvC/piGwafWEdnWgTaoYw9CWRLGuoBoTXprpU/wiVudUfrgSbTOJsmg03hg zG82KX96FcVvwtWLkXMm/jRAt3inuxbtCogACOjYcWXSV5iz/Hrgvx4X6jCO0GdX lg/ew4No+6kytOmDPG9SM6z+wBfcvgg7SFP93CYDwj5xHqJujhRN6t+5hL3c2XUL uB6MMZW7Fs4bbbweY9Eb7o/1klit5I/6olHSP/FbB0U5rGM3wW/Y6HMmfdpqyFqI lOSPBNbQUqyAWWyI7Ffl+SlcOnSdiqcKrw1UMs5e9gQqZu7IlbRv2XiNm6deD78P vRHAtDAEb9VpTImWOwRJnYs6VD3kNnAtkRmTDWVYkD7I8iPeP0bMcSivjtQXm1dq jRNOqVyJE2IbVOnmdHU+lH5M3J3ImyR5trLadggQLaQ89lVV3oQ= =FWRC -----END PGP SIGNATURE----- --rhpp4fbt4wy637lc--