Closed Bug 1743909 Opened 4 years ago Closed 4 years ago

Crash with signal SIGSYS, Bad system call.

Categories

(Core :: Security: Process Sandboxing, defect)

Product:
Core
Component:
Security: Process Sandboxing
Version:
Firefox 96
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1742993

People

(Reporter: pmenzel+bugzilla.mozilla.org, Unassigned)

Details

Attachments

(1 file)

`(gdb) t a a bt f`
14.96 KB, text/plain
Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0

Steps to reproduce:

Run Nightly. Either this trace was created when exiting Nightly before the update, or when starting Nightly after updating it. I didn’t notice anything when browsing though.

Actual results:

The journal contains a coredump notification.

Core was generated by `/opt/nightly/firefox-bin -contentproc -parentBuildID 20211201050507 -prefsLen 7'.
Program terminated with signal SIGSYS, Bad system call.
#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
38	../sysdeps/unix/sysv/linux/x86_64/syscall.S: Datei oder Verzeichnis nicht gefunden.

(gdb) bt
#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x00007f9ae216e1fc in mozilla::SandboxCrash(int, siginfo_t*, void*, void const*) () at /opt/nightly/libxul.so
#2  0x00007f9aee04b4ca in mozilla::SigSysHandler(int, siginfo_t*, void*) () at /opt/nightly/libmozsandbox.so
#3  0x00007f9aee00e8e0 in <signal handler called> () at /lib/x86_64-linux-gnu/libpthread.so.0
#4  __pthread_setaffinity_new (th=<optimized out>, cpusetsize=128, cpuset=0x7f9aed77dd10) at pthread_setaffinity.c:36
#5  0x00007f9adf492753 in  () at /usr/lib/x86_64-linux-gnu/dri/iris_dri.so
#6  0x00007f9adf491ec7 in  () at /usr/lib/x86_64-linux-gnu/dri/iris_dri.so
#7  0x00007f9aee003eae in start_thread (arg=0x7f9aed77e640) at pthread_create.c:463
#8  0x00007f9aedbc0a5f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Expected results:

No crash should happen.

The crash is not visible in about:crashes. There, a crash from some minutes later is shown (bug 1742993).

Attached file `(gdb) t a a bt f`

With iris_dri.so debug symbols installed:

(gdb) bt
#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x00007f9ae216e1fc in mozilla::SandboxCrash(int, siginfo_t*, void*, void const*) () at /opt/nightly/libxul.so
#2  0x00007f9aee04b4ca in mozilla::SigSysHandler(int, siginfo_t*, void*) () at /opt/nightly/libmozsandbox.so
#3  0x00007f9aee00e8e0 in <signal handler called> () at /lib/x86_64-linux-gnu/libpthread.so.0
#4  __pthread_setaffinity_new (th=<optimized out>, cpusetsize=cpusetsize@entry=128, cpuset=0x7f9aed77dd10) at pthread_setaffinity.c:36
#5  0x00007f9adf492753 in util_set_thread_affinity (old_mask=0x0, num_mask_bits=32, mask=0x7f9aed77dc90, thread=<optimized out>)
    at ../src/util/u_thread.h:190
#6  util_set_current_thread_affinity (old_mask=0x0, num_mask_bits=32, mask=0x7f9aed77dc90) at ../src/util/u_thread.h:223
#7  util_queue_thread_func (input=input@entry=0x7f9ae0d480f0) at ../src/util/u_queue.c:269
#8  0x00007f9adf491ec7 in impl_thrd_routine (p=<optimized out>) at ../include/c11/threads_posix.h:87
#9  0x00007f9aee003eae in start_thread (arg=0x7f9aed77e640) at pthread_create.c:463
#10 0x00007f9aedbc0a5f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
Component: Untriaged → Crash Reporting
Product: Firefox → Toolkit
Has STR: --- → no
QA Whiteboard: qa-not-actionable

The severity field is not set for this bug.
:gsvelto, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(gsvelto)

I think, it’s a duplicate of bug 1742993.

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
Component: Crash Reporting → Security: Process Sandboxing
Flags: needinfo?(gsvelto)
Product: Toolkit → Core
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: