| 20 Dec 2024 |
 matthewcroughan | Oh wow.. I made it work SomeoneSerge (utc+3) | 14:22:02 |
| matthewcroughan | it was some systemd hardening feature causing it | 14:22:10 |
| matthewcroughan | It is one of these, but we do not know which one it is
DevicePolicy = "closed";
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = false; # hides acceleration devices
PrivateTmp = true;
PrivateUsers = true;
ProcSubset = "all"; # /proc/meminfo
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProtectSystem = "strict";
RemoveIPC = true;
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
"AF_UNIX"
];
SupplementaryGroups = [ "render" ]; # for rocm to access /dev/dri/renderD* devices
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service @resources"
"~@privileged"
];
UMask = "0077";
| 14:24:04 |
| matthewcroughan | now comes the bisecting | 14:28:29 |
| matthewcroughan | It appears it was WriteMemoryDenyExecute causing it | 14:35:34 |
| matthewcroughan | https://github.com/pytorch/pytorch/issues/143651 | 14:54:06 |
| matthewcroughan | Made an issue in pytorch anyway | 14:54:10 |
 SomeoneSerge (matrix works sometimes) | Nice. Maybe it's some kind of JIT stuff? | 14:54:41 |
| matthewcroughan | Yeah, I disabled JIT I thought with a var | 14:54:52 |
| matthewcroughan | who knows | 14:54:53 |
| matthewcroughan | PYTORCH_JIT = "0"; | 14:55:08 |
| matthewcroughan | I thought this had worked, maybe it had no impact for another reason | 14:55:15 |
| matthewcroughan | it seems to completely work with this turned off though | 14:56:43 |
| matthewcroughan | Oh this is *so good SomeoneSerge (utc+3) | 15:03:04 |
