Description of problem: When I have opencryptoki-libs installed alongside firefox, the content and extension processes crash randomly due to SEGFAULT. After `dnf remove opencryptoki-libs` firefox works fine again. This started to happen after upgrade F35->F36 (I had opencryptoki-libs installed before as well). Version-Release number of selected component (if applicable): firefox-100.0-4.fc36.x86_64 glibc-2.35-5.fc36.x86_64 nss-3.77.0-1.fc36.x86_64 opencryptoki-libs-3.17.0-7.fc36.x86_64 How reproducible: Always. Steps to Reproduce: 1. Install firefox and opencryptoki-libs. 2. Start firefox. Actual results: firefox processes crash with SIGSGEV Expected results: No crashes. Additional info: I use KDE with Plasma X11 session, in case that matters. Sample backtrace: #0 0x00007fecde5f081d in __nss_lookup () at /lib64/libc.so.6 #1 0x00007fecde591302 in getgrnam_r@@GLIBC_2.2.5 () at /lib64/libc.so.6 #2 0x00007fecde5909c8 in getgrnam () at /lib64/libc.so.6 #3 0x00007fecbce22757 in C_Initialize () at /usr/lib64/pkcs11/libopencryptoki.so #4 0x00007fecbce94db0 in initialize_module_inlock_reentrant () at /lib64/p11-kit-proxy.so #5 0x00007fecbce94f73 in managed_C_Initialize () at /lib64/p11-kit-proxy.so #6 0x00007fecbce9b6b5 in p11_kit_modules_initialize () at /lib64/p11-kit-proxy.so #7 0x00007fecbce9bb67 in proxy_C_Initialize () at /lib64/p11-kit-proxy.so #8 0x00007fecd1938dd7 in secmod_ModuleInit () at /lib64/libnss3.so #9 0x00007fecd193953b in secmod_LoadPKCS11Module () at /lib64/libnss3.so #10 0x00007fecd19468dc in SECMOD_LoadModule () at /lib64/libnss3.so #11 0x00007fecd1946a30 in SECMOD_LoadModule () at /lib64/libnss3.so #12 0x00007fecd190cf9d in nss_Init () at /lib64/libnss3.so #13 0x00007fecd190d6fc in NSS_NoDB_Init () at /lib64/libnss3.so #14 0x00007fecd581e2a2 in EnsureNSSInitializedChromeOrContent() () at /usr/lib64/firefox/libxul.so #15 0x00007fecd5820fd1 in nsresult mozilla::psm::NSSConstructor<nsRandomGenerator>(nsISupports*, nsID const&, void**) () at /usr/lib64/firefox/libxul.so #16 0x00007fecd4894c1a in nsComponentManagerImpl::GetServiceLocked(mozilla::Maybe<mozilla::detail::BaseMonitorAutoLock<mozilla::Monitor> >&, (anonymous namespace)::EntryWrapper&, nsID const&, void**) () at /usr/lib64/firefox/libxul.so #17 0x00007fecd48948f6 in nsComponentManagerImpl::GetServiceByContractID(char const*, nsID const&, void**) () at /usr/lib64/firefox/libxul.so #18 0x00007fecd4aac5cb in nsGetServiceByContractIDWithError::operator()(nsID const&, void**) const () at /usr/lib64/firefox/libxul.so #19 0x00007fecd4a7b5fa in nsCOMPtr_base::assign_from_gs_contractid_with_error(nsGetServiceByContractIDWithError const&, nsID const&) () at /usr/lib64/firefox/libxul.so #20 0x00007fecd58700c3 in mozilla::RelativeTimeline::GetRandomTimelineSeed() () at /usr/lib64/firefox/libxul.so #21 0x00007fecd5403645 in mozilla::dom::Performance::Now() () at /usr/lib64/firefox/libxul.so #22 0x00007fecd4fb185c in mozilla::dom::Performance_Binding::now(JSContext*, JS::Handle<JSObject*>, void*, JSJitMethodCallArgs const&) () at /usr/lib64/firefox/libxul.so #23 0x00007fecd505e38d in bool mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy, mozilla::dom::binding_detail::ThrowExceptions>(JSContext*, unsigned int, JS::Value*) () at /usr/lib64/firefox/libxul.so #24 0x00007fecd499dcc8 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) () at /usr/lib64/firefox/libxul.so #25 0x00007fecd499a5b8 in Interpret(JSContext*, js::RunState&) () at /usr/lib64/firefox/libxul.so #26 0x00007fecd499377b in js::RunScript(JSContext*, js::RunState&) () at /usr/lib64/firefox/libxul.so #27 0x00007fecd58d67c8 in js::ExecuteKernel(JSContext*, JS::Handle<JSScript*>, JS::Handle<JSObject*>, JS::Handle<JS::Value>, js::AbstractFramePtr, JS::MutableHandle<JS::Value>) () at /usr/lib64/firefox/libxul.so #28 0x00007fecd5908e7c in JS_ExecuteScript(JSContext*, JS::Handle<JSScript*>, JS::MutableHandle<JS::Value>) () at /usr/lib64/firefox/libxul.so #29 0x00007fecd4cb6c2e in mozJSSubScriptLoader::DoLoadSubScriptWithOptions(nsTSubstring<char16_t> const&, LoadSubScriptOptions&, JSContext*, JS::MutableHandle<JS::Value>) () at /usr/lib64/firefox/libxul.so #30 0x00007fecd4cb64ba in mozJSSubScriptLoader::LoadSubScript(nsTSubstring<char16_t> const&, JS::Handle<JS::Value>, JSContext*, JS::MutableHandle<JS::Value>) () at /usr/lib64/firefox/libxul.so #31 0x00007fecd4ac8d12 in NS_InvokeByIndex () at /usr/lib64/firefox/libxul.so #32 0x00007fecd48ba3cd in XPCWrappedNative::CallMethod(XPCCallContext&, XPCWrappedNative::CallMode) () at /usr/lib64/firefox/libxul.so #33 0x00007fecd48bba19 in XPC_WN_CallMethod(JSContext*, unsigned int, JS::Value*) () at /usr/lib64/firefox/libxul.so #34 0x00007fecd499dcc8 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) () at /usr/lib64/firefox/libxul.so #35 0x00007fecd499a5b8 in Interpret(JSContext*, js::RunState&) () at /usr/lib64/firefox/libxul.so #36 0x00007fecd4993808 in js::RunScript(JSContext*, js::RunState&) () at /usr/lib64/firefox/libxul.so #37 0x00007fecd499deac in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct, js::CallReason) () at /usr/lib64/firefox/libxul.so #38 0x00007fecd499e6c9 in js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>, js::CallReason) () at /usr/lib64/firefox/libxul.so #39 0x00007fecd49ac930 in JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>) () at /usr/lib64/firefox/libxul.so #40 0x00007fecd503b3be in mozilla::dom::EventListener::HandleEvent(mozilla::dom::BindingCallContext&, JS::Handle<JS::Value>, mozilla::dom::Event&, mozilla::ErrorResult&) () at /usr/lib64/firefox/libxul.so #41 0x00007fecd53ba10b in mozilla::dom::JSWindowActorProtocol::HandleEvent(mozilla::dom::Event*) () at /usr/lib64/firefox/libxul.so #42 0x00007fecd490a790 in mozilla::EventListenerManager::HandleEventSubType(mozilla::EventListenerManager::Listener*, mozilla::dom::Event*, mozilla::dom::EventTarget*) () at /usr/lib64/firefox/libxul.so #43 0x00007fecd490a472 in mozilla::EventListenerManager::HandleEventInternal(nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event**, mozilla::dom::EventTarget*, nsEventStatus*, bool) () at /usr/lib64/firefox/libxul.so #44 0x00007fecd49086f3 in mozilla::EventTargetChainItem::HandleEventTargetChain(nsTArray<mozilla::EventTargetChainItem>&, mozilla::EventChainPostVisitor&, mozilla::EventDispatchingCallback*, mozilla::ELMCreationDetector&) () at /usr/lib64/firefox/libxul.so #45 0x00007fecd49070b9 in mozilla::EventDispatcher::Dispatch(nsISupports*, nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsEventStatus*, mozilla::EventDispatchingCallback*, nsTArray<mozilla::dom::EventTarget*>*) () at /usr/lib64/firefox/libxul.so #46 0x00007fecd50e5e0e in mozilla::EventDispatcher::DispatchDOMEvent(nsISupports*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsPresContext*, nsEventStatus*) () at /usr/lib64/firefox/libxul.so #47 0x00007fecd4f6128e in nsINode::DispatchEvent(mozilla::dom::Event&, mozilla::dom::CallerType, mozilla::ErrorResult&) () at /usr/lib64/firefox/libxul.so #48 0x00007fecd4eb6967 in nsContentUtils::DispatchEvent(mozilla::dom::Document*, nsISupports*, nsTSubstring<char16_t> const&, mozilla::CanBubble, mozilla::Cancelable, mozilla::Composed, mozilla::Trusted, bool*, mozilla::ChromeOnlyDispatch) () at /usr/lib64/firefox/libxul.so #49 0x00007fecd4eb7355 in nsContentUtils::DispatchTrustedEvent(mozilla::dom::Document*, nsISupports*, nsTSubstring<char16_t> const&, mozilla::CanBubble, mozilla::Cancelable, mozilla::Composed, bool*) () at /usr/lib64/firefox/libxul.so #50 0x00007fecd4f04c42 in mozilla::dom::Document::DispatchContentLoadedEvents() () at /usr/lib64/firefox/libxul.so #51 0x00007fecd4f04b50 in mozilla::detail::RunnableMethodImpl<mozilla::dom::Document*, void (mozilla::dom::Document::*)(), true, (mozilla::RunnableKind)0>::Run() () at /usr/lib64/firefox/libxul.so #52 0x00007fecd4ab2c4a in mozilla::SchedulerGroup::Runnable::Run() () at /usr/lib64/firefox/libxul.so #53 0x00007fecd489933c in mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) () at /usr/lib64/firefox/libxul.so #54 0x00007fecd4898b92 in mozilla::TaskController::ProcessPendingMTTask(bool) () at /usr/lib64/firefox/libxul.so #55 0x00007fecd4897873 in nsThread::ProcessNextEvent(bool, bool*) () at /usr/lib64/firefox/libxul.so #56 0x00007fecd48973c3 in NS_ProcessNextEvent(nsIThread*, bool) () at /usr/lib64/firefox/libxul.so #57 0x00007fecd48b084a in mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) () at /usr/lib64/firefox/libxul.so #58 0x00007fecd4c5c8ab in MessageLoop::Run() () at /usr/lib64/firefox/libxul.so #59 0x00007fecd546dfbd in nsBaseAppShell::Run() () at /usr/lib64/firefox/libxul.so #60 0x00007fecd58b4608 in XRE_RunAppShell() () at /usr/lib64/firefox/libxul.so #61 0x00007fecd4c5c8ab in MessageLoop::Run() () at /usr/lib64/firefox/libxul.so #62 0x00007fecd58b4343 in XRE_InitChildProcess(int, char**, XREChildData const*) () at /usr/lib64/firefox/libxul.so #63 0x000056089f3a9ede in content_process_main(mozilla::Bootstrap*, int, char**) () #64 0x000056089f39caa8 in main ()
Hm, this could be some sandbox issue. The getgrnam is trying to obtain the /etc/group or similar and this seems not to be allowed from the content process. You can try to set env variable MOZ_SANDBOX_LOGGING=1 first if that output something, or disable sandbox temporarily by MOZ_DISABLE_CONTENT_SANDBOX=1 env variable.
Indeed the issue doesn't reproduce when I run firefox with MOZ_DISABLE_CONTENT_SANDBOX=1. Still, I guess there is a bug also in glibc or opencryptoki since a failed syscall shouldn't lead to a segfault.
Yes, you're right. The SEGFAULT is most likely from the libc's __nss_lookup where it does not check the failed syscall.
FEDORA-2022-d243bd1823 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-d243bd1823
FEDORA-2022-ae2b0a7c72 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2022-ae2b0a7c72
FEDORA-2022-d243bd1823 has been pushed to the Fedora 36 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-d243bd1823` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-d243bd1823 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2022-ae2b0a7c72 has been pushed to the Fedora 35 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-ae2b0a7c72` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-ae2b0a7c72 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
*** Bug 2093750 has been marked as a duplicate of this bug. ***
*** Bug 2089629 has been marked as a duplicate of this bug. ***
FEDORA-2022-d243bd1823 has been pushed to the Fedora 36 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2022-ae2b0a7c72 has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.