You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I reported this p11-kit related issue to the Chromium team but they stated that the issue needs to be fixed in p11-kit because it is loaded into Chromium. Here's the bug report I filed with them:
Set any CA certificate installed under /etc/ca-certificates/trust-source/anchors/ to only be readable by root.
Start Chromium and observe constant errors like:
p11-kit: 'ret >=0' not true at loader_load_directory
Running "trust list" will show a similar error.
Continue using Chromium as usual. Within about half to a full day, Chromium will crash with a warning like:
WARNING:shared_memory_posix.cc(386)] Shared memory creation failed; out of file descriptors
At the point, the browser becomes unresponsive with the current tab not reacting. Shortly thereafter, Chromium crashes.
What is the expected behavior?
Chromium should not run out of file descriptors on a system with normal limits such as the 1024 file descriptor limit that is normal for most Linux distributions and was configured on my system.
What went wrong?
It looks like there is some error path being hit in p11-kit within Chromium that is causing a file descriptor leak. Once I fix permissions on the bad certificate, the file descriptor limit is not exceeded and Chromium does not crash.
The text was updated successfully, but these errors were encountered:
I reported this p11-kit related issue to the Chromium team but they stated that the issue needs to be fixed in p11-kit because it is loaded into Chromium. Here's the bug report I filed with them:
https://bugs.chromium.org/p/chromium/issues/detail?id=944529
Steps to reproduce the problem:
Set any CA certificate installed under /etc/ca-certificates/trust-source/anchors/ to only be readable by root.
Start Chromium and observe constant errors like:
p11-kit: 'ret >=0' not true at loader_load_directory
Running "trust list" will show a similar error.
WARNING:shared_memory_posix.cc(386)] Shared memory creation failed; out of file descriptors
At the point, the browser becomes unresponsive with the current tab not reacting. Shortly thereafter, Chromium crashes.
What is the expected behavior?
Chromium should not run out of file descriptors on a system with normal limits such as the 1024 file descriptor limit that is normal for most Linux distributions and was configured on my system.
What went wrong?
It looks like there is some error path being hit in p11-kit within Chromium that is causing a file descriptor leak. Once I fix permissions on the bad certificate, the file descriptor limit is not exceeded and Chromium does not crash.
The text was updated successfully, but these errors were encountered: