1778559 – [abrt] firefox: __open64_nocancel(): firefox killed by SIGSYS

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1778559 - [abrt] firefox: __open64_nocancel(): firefox killed by SIGSYS

Summary: [abrt] firefox: __open64_nocancel(): firefox killed by SIGSYS

Keywords:
Status:	CLOSED DUPLICATE of bug 1778366
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	firefox
Sub Component:
Version:	rawhide
Hardware:	x86_64
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Gecko Maintainer
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:	https://retrace.fedoraproject.org/faf...
Whiteboard:	abrt_hash:27480b90a3580e26dee0eb36582...
Depends On:
Blocks:	F32BetaBlocker
TreeView+	depends on / blocked

Reported:	2019-12-02 03:06 UTC by Ritesh Khadgaray
Modified:	2019-12-03 23:59 UTC (History)
CC List:	13 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-12-02 18:11:50 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
File: backtrace (215.82 KB, text/plain) 2019-12-02 03:06 UTC, Ritesh Khadgaray	no flags	Details
File: core_backtrace (92.30 KB, text/plain) 2019-12-02 03:06 UTC, Ritesh Khadgaray	no flags	Details
File: cpuinfo (2.22 KB, text/plain) 2019-12-02 03:06 UTC, Ritesh Khadgaray	no flags	Details
File: dso_list (9.40 KB, text/plain) 2019-12-02 03:06 UTC, Ritesh Khadgaray	no flags	Details
File: environ (6.53 KB, text/plain) 2019-12-02 03:06 UTC, Ritesh Khadgaray	no flags	Details
File: limits (1.29 KB, text/plain) 2019-12-02 03:06 UTC, Ritesh Khadgaray	no flags	Details
File: maps (69.75 KB, text/plain) 2019-12-02 03:06 UTC, Ritesh Khadgaray	no flags	Details
File: open_fds (7.03 KB, text/plain) 2019-12-02 03:06 UTC, Ritesh Khadgaray	no flags	Details
File: proc_pid_status (1.33 KB, text/plain) 2019-12-02 03:06 UTC, Ritesh Khadgaray	no flags	Details
View All

Description Ritesh Khadgaray 2019-12-02 03:06:04 UTC

Description of problem:
Load firefox, and tabs crash. Brand new rawhide install.

This is also seen with chrome. using  --disable-seccomp-filter-sandbox fixes this issue on google chrome.

probably - https://github.com/void-linux/void-packages/blob/master/srcpkgs/firefox/patches/fix-sandbox-membarrier.patch . Not yet tested

Version-Release number of selected component:
firefox-71.0-6.npgo.fc32

Additional info:
reporter:       libreport-2.11.3
backtrace_rating: 4
cgroup:         0::/user.slice/user-1000.slice/user/gnome-terminal-server.service
cmdline:        /usr/lib64/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 6726 -prefMapSize 447970 -parentBuildID 20191128104533 -greomni /usr/lib64/firefox/omni.ja -appomni /usr/lib64/firefox/browser/omni.ja -appdir /usr/lib64/firefox/browser 11391 tab
crash_function: __open64_nocancel
executable:     /usr/lib64/firefox/firefox
journald_cursor: s=7f97d50356c54300a414dfd26ce43fe5;i=18dc;b=7a7addb80436400f92559dd45275d782;m=90fff50e;t=598afab0c378d;x=5ee03dc6bfd63248
kernel:         5.4.0-2.fc32.x86_64
mountinfo:      
rootdir:        /proc/11518/fdinfo
runlevel:       N 5
type:           CCpp
uid:            1000

Comment 1 Ritesh Khadgaray 2019-12-02 03:06:07 UTC

Created attachment 1641249 [details]
File: backtrace

Comment 2 Ritesh Khadgaray 2019-12-02 03:06:08 UTC

Created attachment 1641250 [details]
File: core_backtrace

Comment 3 Ritesh Khadgaray 2019-12-02 03:06:09 UTC

Created attachment 1641251 [details]
File: cpuinfo

Comment 4 Ritesh Khadgaray 2019-12-02 03:06:10 UTC

Created attachment 1641252 [details]
File: dso_list

Comment 5 Ritesh Khadgaray 2019-12-02 03:06:11 UTC

Created attachment 1641253 [details]
File: environ

Comment 6 Ritesh Khadgaray 2019-12-02 03:06:12 UTC

Created attachment 1641254 [details]
File: limits

Comment 7 Ritesh Khadgaray 2019-12-02 03:06:13 UTC

Created attachment 1641255 [details]
File: maps

Comment 8 Ritesh Khadgaray 2019-12-02 03:06:14 UTC

Created attachment 1641256 [details]
File: open_fds

Comment 9 Ritesh Khadgaray 2019-12-02 03:06:15 UTC

Created attachment 1641257 [details]
File: proc_pid_status

Comment 10 Ritesh Khadgaray 2019-12-02 15:12:14 UTC

Disabling sandbox works around this - https://wiki.mozilla.org/Security/Sandbox/Seccomp .

From firefox run
```
[New Thread 0x7fffd157d700 (LWP 98140)]
[New Thread 0x7fffd19bf700 (LWP 98157)]
[Parent 97968, Gecko_IOThread] WARNING: pipe error (76): Connection reset by peer: file /builddir/build/BUILD/firefox-71.0/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 358
[Parent 97968, Gecko_IOThread] WARNING: pipe error (107): Connection reset by peer: file /builddir/build/BUILD/firefox-71.0/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 358

###!!! [Parent][MessageChannel] Error: (msgtype=0x59001A,name=PHttpChannel::Msg_DeleteSelf) Channel error: cannot send/recv

[Parent 97968, Gecko_IOThread] WARNING: pipe error (116): Connection reset by peer: file /builddir/build/BUILD/firefox-71.0/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 358

###!!! [Parent][MessageChannel] Error: (msgtype=0x59001A,name=PHttpChannel::Msg_DeleteSelf) Channel error: cannot send/recv

[Thread 0x7fffd4dbe700 (LWP 98053) exited]
[New Thread 0x7fffd4dbe700 (LWP 98181)]
[New Thread 0x7fffd1386700 (LWP 98183)]

```



For chrome : **CRASHING**:seccomp-bpf failure in syscall 0230

Comment 11 Adam Williamson 2019-12-02 17:26:38 UTC

See also https://bugzilla.redhat.com/show_bug.cgi?id=1778555 - not sure if it's the same, though.

openQA is running into this too by the looks of it, e.g. https://openqa.fedoraproject.org/tests/491837# .

Proposing as an F32 Beta blocker per Basic criterion "It must be possible to run the default web browser and a terminal application from all release-blocking desktop environments...The web browser must be able to download files, load extensions (if applicable), and log into FAS."

Comment 12 Adam Williamson 2019-12-02 18:11:50 UTC


*** This bug has been marked as a duplicate of bug 1778366 ***

Comment 13 Jed Davis 2019-12-03 23:59:37 UTC

The Chrome failure mentioned in comment #10 is probably unrelated: amd64 syscall 230 is clock_nanosleep, and Chromium has a bug about it: https://crbug.com/1025739 (see also https://bugzilla.mozilla.org/show_bug.cgi?id=1597792 for the Firefox equivalent)

In general, if the crashing process is able to print a log message, then it's not a problem with getting SECCOMP_RET_TRAP while blocking SIGSYS: in that case the kernel removes the signal handler and immediately kills the process itself.

As for bug 1778555, that looks like heap corruption and not anything sandbox-related.

Note You need to log in before you can comment on or make changes to this bug.