Bug 1773289 - After upgrade glibc to 2.30.9000-18 all tabs in Chromium-based browsers start crashing immediately after opening.
Summary: After upgrade glibc to 2.30.9000-18 all tabs in Chromium-based browsers start...
Keywords:
Status: ASSIGNED
Alias: None
Product: Fedora
Classification: Fedora
Component: chromium
Version: 32
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Tom "spot" Callaway
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 1773346 1774222 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-11-17 11:34 UTC by Mikhail
Modified: 2020-03-25 11:24 UTC (History)
18 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug


Attachments (Terms of Use)

Description Mikhail 2019-11-17 11:34:53 UTC
Description of problem:

After upgrade glibc to 2.30.9000-18 all tabs in Chromium-based browsers start crashing immediately after opening.
Last good version is 2.30.9000-17


https://src.fedoraproject.org/rpms/glibc/c/9bd4f8ff4363ca22d850f6ba272aa3f591fc9237

I don't know it is problem codebase of Chromium browsers or glibc so I filled this bugreport.

../../sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc:**CRASHING**:seccomp-bpf failure in syscall 0230
../../sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc:**CRASHING**:seccomp-bpf failure in syscall 0230
../../sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc:**CRASHING**:seccomp-bpf failure in syscall ../../sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc:**CRASHING**:seccomp-bpf failure in syscall 02300230

../../sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc:**CRASHING**:seccomp-bpf failure in syscall 0230

Comment 1 Florian Weimer 2019-11-17 13:08:06 UTC
Assuming 0230 is decimal, this corresponds to clock_nanosleep. Presumably, the existing seccomp filters in chromium only allow nanosleep, but not clock_nanosleep. They need to be adjusted.

Comment 2 Tom "spot" Callaway 2019-11-17 21:54:24 UTC
*** Bug 1773346 has been marked as a duplicate of this bug. ***

Comment 3 Tom "spot" Callaway 2019-11-17 21:59:08 UTC
-2 has a patch to permit clock_nanosleep, it is building now. Once I confirm it resolves the issue, I'll send it upstream.

Comment 4 Tom "spot" Callaway 2019-11-18 15:18:44 UTC
Confirmed the patch fixes the issue, opened upstream bug report with patch:

https://bugs.chromium.org/p/chromium/issues/detail?id=1025739

Comment 5 Florian Weimer 2019-11-19 20:08:41 UTC
*** Bug 1774222 has been marked as a duplicate of this bug. ***

Comment 6 Valdis Kletnieks 2019-11-20 03:34:01 UTC
Mikhail:  For future reference, where was Chrome throwing those 'seccomp-bpf failure in syscall' messages?  To stdout, or elsewhere?

(I had already found the issue and backleveled glibc before I thought to run it from the command line...)

Comment 7 Mikhail 2019-11-21 08:01:59 UTC
(In reply to Valdis Kletnieks from comment #6)
> Mikhail:  For future reference, where was Chrome throwing those 'seccomp-bpf
> failure in syscall' messages?  To stdout, or elsewhere?

in stdout

Comment 8 Emilio Cobos Álvarez (:emilio) 2019-11-22 22:08:11 UTC
Heh, interestingly enough Firefox had a similar problem, but it seems only the profiler had the nanosleep call, otherwise I'd have noted sooner: https://bugzilla.mozilla.org/show_bug.cgi?id=1597792

Comment 9 Valdis Kletnieks 2019-11-23 02:58:03 UTC
So far, this glibc change has broken openssh, chrome, and firefox.

Talk about the gift that keeps on giving.

Comment 10 Yanko Kaneti 2019-12-04 10:52:42 UTC
FWIW the chrome dev build from yesterday (80.0.3983.2) contains the fix and works with glibc-2.30.9000

Comment 11 Valdis Kletnieks 2019-12-04 18:25:09 UTC
Confirming - Chrome 80.0.3983.2 just showed up, and plays nice with the new glibc. There's probably a few more programs that use seccomp sandboxing, but now that openssh and chrome are both OK, the major pain points are probably fixed....

Comment 12 Ben Cotton 2020-02-11 17:42:04 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 32 development cycle.
Changing version to 32.

Comment 13 Ankur Sinha (FranciscoD) 2020-03-25 11:24:27 UTC
Note: also affects chromium based software such as qt-webengine and all the browsers that use it (at least qutebrowser and falkon). There are fixes upstream at Qt based on the Chromium fixes, but they've not made it to Fedora yet: https://bugzilla.redhat.com/show_bug.cgi?id=1812482


Note You need to log in before you can comment on or make changes to this bug.