Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: re-enable devtools renderer sandbox #16864

Merged
merged 2 commits into from Feb 15, 2019
Merged

chore: re-enable devtools renderer sandbox #16864

merged 2 commits into from Feb 15, 2019

Conversation

miniak
Copy link
Contributor

@miniak miniak commented Feb 10, 2019
edited

Description of Change

/cc @nornagon, @deepak1556

Checklist

Release Notes

Notes: Enabled sandboxing of devtools and chrome extension background script host renderers.

@miniak miniak added the wip ⚒ label Feb 10, 2019
@miniak miniak self-assigned this Feb 10, 2019
@miniak miniak requested a review from a team February 10, 2019 19:58
@miniak miniak force-pushed the miniak/sandbox-devtools-renderers branch from dad8bf8 to 8beae03 Compare February 11, 2019 22:39
@miniak
Copy link
Contributor Author

miniak commented Feb 12, 2019
edited

The tests for MAS builds are failing due to the devtools renderer crashing with this call stack:

Application Specific Information:
abort() called
rdar://problem/28724618 Couldn't create connection object
_RegisterApplication(), unable to get application ASN from launchservicesd, and this application requires an ASN, so aborting.  error=#-1.
 

Thread 0 Crashed:: CrRendererMain  Dispatch queue: com.apple.main-thread
0   libsystem_kernel.dylib        	0x00007fff5efb4b66 __pthread_kill + 10
1   libsystem_pthread.dylib       	0x00007fff5f17f080 pthread_kill + 333
2   libsystem_c.dylib             	0x00007fff5ef1024d __abort + 144
3   libsystem_c.dylib             	0x00007fff5ef101bd abort + 142
4   com.apple.HIServices          	0x00007fff3578f60a _RegisterApplication + 7911
5   com.apple.HIServices          	0x00007fff3578d64c GetCurrentProcess + 24
6   com.apple.HIToolbox           	0x00007fff361ed4ab MenuBarInstance::GetAggregateUIMode(unsigned int*, unsigned int*) + 63
7   com.apple.AppKit              	0x00007fff34eb5627 _NSScreenConfigurationUpdateSharedInfoForReason + 1546
8   com.apple.AppKit              	0x00007fff34eb4fc9 ___NSScreenConfigurationEnsureInitialUpdateOccurred_block_invoke + 137
9   libdispatch.dylib             	0x00007fff5ee2adb8 _dispatch_client_callout + 8
10  libdispatch.dylib             	0x00007fff5ee2ad6b dispatch_once_f + 41
11  com.apple.AppKit              	0x00007fff34eb4f3e +[_NSScreenConfiguration latestGreatestBackingScaleFactor] + 128
12  com.apple.AppKit              	0x00007fff3450fd83 -[NSView _transformToBackingUsingIntegralizationSpace:] + 242
13  com.apple.AppKit              	0x00007fff3454a063 -[NSView _primitiveConvertSizeToBacking:useIntegralizationSpace:] + 63
14  com.apple.AppKit              	0x00007fff3455535b NSCellImageRectWithSize_centeredInRect_scaling_flipped + 56
15  com.apple.AppKit              	0x00007fff34568ec4 -[NSButtonCell(NSButtonCellPrivate) _imageRectWithRect:] + 244
16  com.apple.AppKit              	0x00007fff34940407 -[NSButtonCell _imageRect:titleRect:forBounds:] + 275
17  com.apple.AppKit              	0x00007fff3458fa4f -[NSButtonCell imageRectForBounds:] + 114
18  com.apple.AppKit              	0x00007fff34619436 -[NSButtonCell drawInteriorWithFrame:inView:] + 1627
19  com.apple.AppKit              	0x00007fff346184fc -[NSButtonCell drawWithFrame:inView:] + 481
20  libblink_core.dylib           	0x000000014972eda5 blink::ThemePainterMac::PaintRadio(blink::Node const*, blink::Document const&, blink::ComputedStyle const&, blink::PaintInfo const&, blink::IntRect const&) + 1317 (theme_painter_mac.mm:694)
...

@nornagon, @zcbenz do you have any idea why this could be happening? The non-MAS builds are working fine.

@nornagon
Copy link
Member

//electron/patches/common/chromium/mas_blink_no_private_api.patch does contain changes to ThemePainterMac; that'd be a good place to start.

@miniak
Copy link
Contributor Author

miniak commented Feb 12, 2019

@nornagon I've checked the changes in ThemePainterMac, we are not changing the way we render radio buttons. Actually, just calling GetCurrentProcess in AtomMain for example crashes the process in the same way:

Application Specific Information:
dyld: in dlopen()
abort() called
rdar://problem/28724618 Couldn't create connection object
_RegisterApplication(), unable to get application ASN from launchservicesd, and this application requires an ASN, so aborting.  error=#-1.
 

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   libsystem_kernel.dylib        	0x00007fff5efb4b66 __pthread_kill + 10
1   libsystem_pthread.dylib       	0x00007fff5f17f080 pthread_kill + 333
2   libsystem_c.dylib             	0x00007fff5ef101ae abort + 127
3   com.apple.HIServices          	0x00007fff3578f60a _RegisterApplication + 7911
4   com.apple.HIServices          	0x00007fff3578d64c GetCurrentProcess + 24
5   com.github.Electron.framework 	0x00000001056ae757 AtomMain + 71 (atom_library_main.mm:26)
6   com.github.Electron.helper    	0x00000001054eb8ae main + 430 (atom_main.cc:245)
7   libdyld.dylib                 	0x00007fff5ee64015 start + 1

when that happens, I can see that SeatbeltExecServer::InitializeSandbox was used to sandbox the process, which seems to be causing the issue somehow. Continuing the investigation...

@miniak miniak force-pushed the miniak/sandbox-devtools-renderers branch 3 times, most recently from ff3f490 to 4ba455f Compare February 14, 2019 09:21
@miniak miniak force-pushed the miniak/sandbox-devtools-renderers branch from 4ba455f to dcb75d5 Compare February 14, 2019 19:05
@miniak miniak changed the title [wip] chore: re-enable devtools renderer sandbox chore: re-enable devtools renderer sandbox Feb 14, 2019
@miniak miniak removed the wip ⚒ label Feb 14, 2019
@deepak1556 deepak1556 merged commit 975a035 into master Feb 15, 2019
@release-clerk
Copy link

release-clerk bot commented Feb 15, 2019

Release Notes Persisted

Enabled sandboxing of devtools and chrome extension background script host renderers.

@deepak1556 deepak1556 deleted the miniak/sandbox-devtools-renderers branch February 15, 2019 09:40
@deepak1556 deepak1556 mentioned this pull request Jun 17, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nornagon nornagon nornagon approved these changes

@deepak1556 deepak1556 deepak1556 approved these changes

Assignees

@miniak miniak

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@miniak @nornagon @deepak1556