Seccomp sandbox violation: sys_pwrite64 called in content process of Firefox desktop

RESOLVED FIXED in Firefox 50

Status

()

Core
Security: Process Sandboxing
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: gcp, Unassigned)

Tracking

Trunk
mozilla50
Points:
---

Firefox Tracking Flags

(firefox49 affected, firefox50 fixed)

Details

(Whiteboard: sblc1)

MozReview Requests

()

Submitter Diff Changes Open Issues Last Updated
Loading...
Error loading review requests:

Attachments

(1 attachment)

(Reporter)

Description

2 years ago
Browsing around YouTube with the patch from bug 1273852  in place.

Sandbox: seccomp sandbox violation: pid 29808, syscall 18, args 31 140189581884814 1 1 0 64.  Killing process.
Sandbox: crash reporter is disabled (or failed); trying stack trace:
Sandbox: frame #01: pwrite[/lib/x86_64-linux-gnu/libpthread.so.0 +0xf313]
Sandbox: frame #02: ???[/usr/lib/x86_64-linux-gnu/gio/modules/libdconfsettings.so +0x86bd]
Sandbox: frame #03: ???[/usr/lib/x86_64-linux-gnu/gio/modules/libdconfsettings.so +0x614b]
Sandbox: frame #04: ???[/usr/lib/x86_64-linux-gnu/gio/modules/libdconfsettings.so +0x5e5c]
Sandbox: frame #05: ???[/usr/lib/x86_64-linux-gnu/gio/modules/libdconfsettings.so +0x42ad]
Sandbox: frame #06: ???[/usr/lib/x86_64-linux-gnu/gio/modules/libdconfsettings.so +0x5273]
Sandbox: frame #07: ???[/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 +0x15844]
Sandbox: frame #08: g_object_new_valist[/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 +0x174e5]
Sandbox: frame #09: g_object_new[/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 +0x17821]
Sandbox: frame #10: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x40f78d1]
Sandbox: frame #11: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4093ea3]
Sandbox: frame #12: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x409404b]
Sandbox: frame #13: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xbb0263]
Sandbox: frame #14: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xb7864f]
Sandbox: frame #15: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xb78ebf]
Sandbox: frame #16: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xbc6395]
Sandbox: frame #17: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xbc63ac]
Sandbox: frame #18: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xc7201b]
Sandbox: frame #19: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xc7274a]
Sandbox: frame #20: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x10bcdb4]
Sandbox: frame #21: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xbb0263]
Sandbox: frame #22: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xb7864f]
Sandbox: frame #23: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xb78ebf]
Sandbox: frame #24: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xbc6395]
Sandbox: frame #25: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xbc7097]
Sandbox: frame #26: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xc785bb]
Sandbox: frame #27: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xc750be]
Sandbox: frame #28: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0xc75726]
Sandbox: frame #29: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x1e3e218]
Sandbox: frame #30: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x1da3bf9]
Sandbox: frame #31: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x2b04519]
Sandbox: frame #32: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x1ead7a4]
Sandbox: frame #33: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x1d5c3fc]
Sandbox: frame #34: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x1eb52e7]
Sandbox: frame #35: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x217f62a]
Sandbox: frame #36: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x28c549a]
Sandbox: frame #37: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d5f7e0]
Sandbox: frame #38: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59aaa]
Sandbox: frame #39: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59e03]
Sandbox: frame #40: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d50e79]
Sandbox: frame #41: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59748]
Sandbox: frame #42: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59c09]
Sandbox: frame #43: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59e03]
Sandbox: frame #44: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59e47]
Sandbox: frame #45: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4bf48b3]
Sandbox: frame #46: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d5f7e0]
Sandbox: frame #47: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59aaa]
Sandbox: frame #48: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59e03]
Sandbox: frame #49: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d50e79]
Sandbox: frame #50: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59748]
Sandbox: frame #51: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59c09]
Sandbox: frame #52: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59e03]
Sandbox: frame #53: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x4d59e17]
Sandbox: frame #54: ???[/home/morbo/hg/firefox/objdir-desktop/dist/bin/libxul.so +0x50c6d67]
Sandbox: frame #55: ??? (???:???)
Sandbox: end of stack.
Sandbox: JS frame 0: QS_iXa https://www.google.be/xjs/_/js/k=xjs.s.nl.x0PZDBc3zQE.O/m=sy36,sy42,em2,em1,sy44,em0,sy258,aa,abd,sy68,sy67,sy66,sy69,em13,async,sy5,sy288,sy245,sy1,sy7,sy48,sy289,sy290,sy25,sy291,dvl,erh,sy71,foot,fpe,idck,ipv6,sy134,sy259,lu,m,sf,sy2
Sandbox: JS frame 1: (anonymous) https://www.google.be/xjs/_/js/k=xjs.s.nl.x0PZDBc3zQE.O/m=sy36,sy42,em2,em1,sy44,em0,sy258,aa,abd,sy68,sy67,sy66,sy69,em13,async,sy5,sy288,sy245,sy1,sy7,sy48,sy289,sy290,sy25,sy291,dvl,erh,sy71,foot,fpe,idck,ipv6,sy134,sy259,lu,m,s
Sandbox: JS frame 2: QS_Ega https://www.google.be/xjs/_/js/k=xjs.s.nl.x0PZDBc3zQE.O/m=sx,c,sb,cdos,cr,elog,jsa,r,hsm,qsm,j,p,d,csi/am=AJQkAQgS8e9DQNhCWEEqwMCC/rt=j/d=1/t=zcms/rs=ACT90oEQcHmVQWaV84_gEGYv03XF_ksmNw line 413
Sandbox: JS frame 3: QS_Aga https://www.google.be/xjs/_/js/k=xjs.s.nl.x0PZDBc3zQE.O/m=sx,c,sb,cdos,cr,elog,jsa,r,hsm,qsm,j,p,d,csi/am=AJQkAQgS8e9DQNhCWEEqwMCC/rt=j/d=1/t=zcms/rs=ACT90oEQcHmVQWaV84_gEGYv03XF_ksmNw line 409
Sandbox: JS frame 4: QS_Rga https://www.google.be/xjs/_/js/k=xjs.s.nl.x0PZDBc3zQE.O/m=sx,c,sb,cdos,cr,elog,jsa,r,hsm,qsm,j,p,d,csi/am=AJQkAQgS8e9DQNhCWEEqwMCC/rt=j/d=1/t=zcms/rs=ACT90oEQcHmVQWaV84_gEGYv03XF_ksmNw line 417
(Reporter)

Updated

2 years ago
Whiteboard: sblc1
(Reporter)

Comment 1

2 years ago
Created attachment 8753815 [details]
MozReview Request: Bug 1273859 - Add sys_pwrite64 to seccomp whitelist for content process. r?jld

Review commit: https://reviewboard.mozilla.org/r/53500/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/53500/
Attachment #8753815 - Flags: review?(jld)
(Reporter)

Updated

2 years ago
Blocks: 742434
Comment on attachment 8753815 [details]
MozReview Request: Bug 1273859 - Add sys_pwrite64 to seccomp whitelist for content process. r?jld

https://reviewboard.mozilla.org/r/53500/#review51008
Attachment #8753815 - Flags: review?(jld) → review+

Comment 3

2 years ago
Pushed by gpascutto@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/0d08f7065337
Add sys_pwrite64 to seccomp whitelist for content process. r=jld

Comment 4

2 years ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/0d08f7065337
Status: NEW → RESOLVED
Last Resolved: 2 years ago
status-firefox50: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla50
You need to log in before you can comment on or make changes to this bug.