| 15 Oct 2023 |
 @5m5z3q888q5prxkg:chat.lightnovel-dungeon.de | In reply to @jtojnar:matrix.org
can you reproduce with the script mentioned in the upstream issue? Which one? | 10:06:24 |
 Jan Tojnar | In reply to @5m5z3q888q5prxkg:chat.lightnovel-dungeon.de
Which one? https://gitlab.freedesktop.org/mesa/mesa/-/issues/8198#note_1754876 | 10:15:06 |
| @5m5z3q888q5prxkg:chat.lightnovel-dungeon.de | oh didn't notice that one i will try that when i get home | 10:15:41 |
 Hubble the Wolverine (they/them) | Heya! (reposted from Nix/NixOS room)
I'm having trouble with tracker-extract-3.service on nixos. It's been crashing since nixos 23.05.20231011.bd1cde (October 12th).
https://gist.github.com/the-furry-hubofeverything/97e6dbbca82bcdfb6325626e7b88b40a
Looking at the time that it happened, and comparing that to the closest system profile change, I ran a diff-closure between unproblematic and the problematic system, and it resulted with:
[hubble@Gulo-Laptop:~]$ nix store diff-closures /nix/var/nix/profiles/system-395-link /nix/var/nix/profiles/system-396-link
nixos-system-Gulo-Laptop: 23.05.20231007.5a237ae → 23.05.20231011.bd1cde4
source: +417.8 KiB
tracker-miners: 3.5.0 → 3.5.3, -41.0 KiB
And looking at the latest commits at that time, tracker-miners was updated to patch CVE-2023-43641.
Is this related to the CVE? Is this a nixos bug or upstream?
| 23:07:07 |
| 16 Oct 2023 |
|  @dandelionc:matrix.org joined the room. | 01:25:25 |
| Jan Tojnar | In reply to @hubofeverything:bark.lgbt
Heya! (reposted from Nix/NixOS room)
I'm having trouble with tracker-extract-3.service on nixos. It's been crashing since nixos 23.05.20231011.bd1cde (October 12th).
https://gist.github.com/the-furry-hubofeverything/97e6dbbca82bcdfb6325626e7b88b40a
Looking at the time that it happened, and comparing that to the closest system profile change, I ran a diff-closure between unproblematic and the problematic system, and it resulted with:
[hubble@Gulo-Laptop:~]$ nix store diff-closures /nix/var/nix/profiles/system-395-link /nix/var/nix/profiles/system-396-link
nixos-system-Gulo-Laptop: 23.05.20231007.5a237ae → 23.05.20231011.bd1cde4
source: +417.8 KiB
tracker-miners: 3.5.0 → 3.5.3, -41.0 KiB
And looking at the latest commits at that time, tracker-miners was updated to patch CVE-2023-43641.
Is this related to the CVE? Is this a nixos bug or upstream?
Hi, the security sandbox whitelists allowed system calls so if some dependency is updated it might start using one not on the whitelist | 04:29:37 |
| Jan Tojnar | It would help if you could get a trace by running `coredumpctl gdb` and entering `bt` | 04:33:14 |
| @5m5z3q888q5prxkg:chat.lightnovel-dungeon.de | In reply to @jtojnar:matrix.org
https://gitlab.freedesktop.org/mesa/mesa/-/issues/8198#note_1754876 Doesn't seem to be reproducible with the script, it seems to happen when trying to call epiphany which then slowly crashes the whole system | 10:10:23 |
| @5m5z3q888q5prxkg:chat.lightnovel-dungeon.de | where epiphany seems to be using bwrap maybe it has the old mesa? | 10:12:14 |
| @5m5z3q888q5prxkg:chat.lightnovel-dungeon.de | also seems that the hardened kernel prevents the crashes | 10:13:54 |
| @5m5z3q888q5prxkg:chat.lightnovel-dungeon.de | hmm i can reproduce that by playing a mpv video of the big bucks bunny sample 🤔 | 10:29:49 |
| @5m5z3q888q5prxkg:chat.lightnovel-dungeon.de | and can't anymore | 10:30:26 |
