search

termux / proot

An chroot-like implementation using ptrace.
https://wiki.termux.com/wiki/PRoot
Other
751 stars 161 forks source link

Firefox 83 Issues with crashing tabs on PRoot #139

Open ghost opened 3 years ago

ghost commented 3 years ago

Hello, recently i installed the latest version Firefox and it seems there's a bug with it,

Webpages keeps crashing at this point: Screenshot_2020-12-07-18-01-18-78_00dcaf2fcbe692c602a0957f19a66664.jpg

Tried with/without sysvipc enabled but this error still persists

I don't know if this is proot-related bug or not

With the ESR Version, it works fine without any issues

Tested on Ubuntu and Arch Linux

ghost commented 3 years ago

Start firefox from terminal and see if some errors were printed.

ghost commented 3 years ago

@xeffyr It seems it reports about fonts: https://pastebin.com/8Ltf6rq5

However I'm still investigating it (Pango, ttf-dejavu, xfonts-base) are installed and idk why this happens (haven't straced it for further output)

On ESR Version, no Output is printed and Webpages loads fine

ghost commented 3 years ago

ttf-dejavu

Try different font. Here is what I have on my desktop (not proot):

fonts-beng
fonts-beng-extra
fonts-crosextra-caladea
fonts-crosextra-carlito
fonts-dejavu
fonts-dejavu-core
fonts-dejavu-extra
fonts-deva
fonts-deva-extra
fonts-droid-fallback
fonts-freefont-ttf
fonts-gargi
fonts-gubbi
fonts-gujr
fonts-gujr-extra
fonts-guru
fonts-guru-extra
fonts-indic
fonts-kacst
fonts-kacst-one
fonts-kalapi
fonts-khmeros-core
fonts-knda
fonts-lao
fonts-liberation
fonts-liberation2
fonts-linuxlibertine
fonts-lklug-sinhala
fonts-lohit-beng-assamese
fonts-lohit-beng-bengali
fonts-lohit-deva
fonts-lohit-gujr
fonts-lohit-guru
fonts-lohit-knda
fonts-lohit-mlym
fonts-lohit-orya
fonts-lohit-taml
fonts-lohit-taml-classical
fonts-lohit-telu
fonts-mlym
fonts-nakula
fonts-navilu
fonts-noto-cjk
fonts-noto-color-emoji
fonts-noto-core
fonts-noto-extra
fonts-noto-mono
fonts-noto-ui-core
fonts-open-sans
fonts-opensymbol
fonts-orya
fonts-orya-extra
fonts-pagul
fonts-sahadeva
fonts-samyak-deva
fonts-samyak-gujr
fonts-samyak-mlym
fonts-samyak-taml
fonts-sarai
fonts-sil-abyssinica
fonts-sil-gentium
fonts-sil-gentium-basic
fonts-sil-padauk
fonts-smc
fonts-smc-anjalioldlipi
fonts-smc-chilanka
fonts-smc-dyuthi
fonts-smc-gayathri
fonts-smc-karumbi
fonts-smc-keraleeyam
fonts-smc-manjari
fonts-smc-meera
fonts-smc-rachana
fonts-smc-raghumalayalamsans
fonts-smc-suruma
fonts-smc-uroob
fonts-taml
fonts-telu
fonts-telu-extra
fonts-thai-tlwg
fonts-tibetan-machine
fonts-tlwg-garuda
fonts-tlwg-garuda-ttf
fonts-tlwg-kinnari
fonts-tlwg-kinnari-ttf
fonts-tlwg-laksaman
fonts-tlwg-laksaman-ttf
fonts-tlwg-loma
fonts-tlwg-loma-ttf
fonts-tlwg-mono
fonts-tlwg-mono-ttf
fonts-tlwg-norasi
fonts-tlwg-norasi-ttf
fonts-tlwg-purisa
fonts-tlwg-purisa-ttf
fonts-tlwg-sawasdee
fonts-tlwg-sawasdee-ttf
fonts-tlwg-typewriter
fonts-tlwg-typewriter-ttf
fonts-tlwg-typist
fonts-tlwg-typist-ttf
fonts-tlwg-typo
fonts-tlwg-typo-ttf
fonts-tlwg-umpush
fonts-tlwg-umpush-ttf
fonts-tlwg-waree
fonts-tlwg-waree-ttf
fonts-ubuntu
fonts-urw-base35
fonts-yrsa-rasa
ghost commented 3 years ago

Ok i found a new output:

###!!! [Parent][RunMessage] Error: Channel error: cannot send/recv

###!!! [Parent][RunMessage] Error: Channel error: cannot send/recv

###!!! [Parent][MessageChannel] Error: (msgtype=0x5C0015,name=PHttpChannel::Msg_DeleteSelf) Channel error: cannot send/recv

###!!! [Parent][MessageChannel] Error: (msgtype=0x5C0015,name=PHttpChannel::Msg_DeleteSelf) Channel error: cannot send/recv

###!!! [Parent][MessageChannel] Error: (msgtype=0x5C0015,name=PHttpChannel::Msg_DeleteSelf) Channel error: cannot send/recv

###!!! [Parent][MessageChannel] Error: (msgtype=0x5C0015,name=PHttpChannel::Msg_DeleteSelf) Channel error: cannot send/recv

###!!! [Parent][MessageChannel] Error: (msgtype=0x230076,name=PBrowser::Msg_ChildToParentMatrix) Channel error: cannot send/recv

It also shows about channel error cannot send/recv

But i don't think fonts could cause this kind of problem to render such sites but I'll try it again by installing fonts

ghost commented 3 years ago

This is something IPC-related.

lypanov commented 3 years ago

This was also reported to Firefox directly at https://bugzilla.mozilla.org/show_bug.cgi?id=1681502.

IMHO if it's hitting Firefox running in Alpine / headless it's most likely not a proot specific issue.

ghost commented 3 years ago

@lypanov Thanks for the information, until firefox updated and Everything goes back to normal, will close this issue

ghost commented 3 years ago

Firefox 84 is released btw, i haven't tested it on Ubuntu proot, if it works this time. i should close this issue

ghost commented 3 years ago

Still no luck with Firefox 84, it still crashes

michalbednarski commented 3 years ago

Keep issue open, I'm looking into this but since Firefox is large program it might take me some time.

michalbednarski commented 3 years ago

For now Firefox can be used with MOZ_FAKE_NO_SANDBOX=1 env variable set, although I'm still looking for PRoot implementation which will nicely support sandbox.

Firefox (and possibly also Chromium as parts of sandboxing are taken from Chromium) installs own seccomp filter with SECCOMP_RET_TRAP for actions for which it wants to run own syscall handler and registers SIGSYS signal handler which asks unsandboxed process to perform operation.

PRoot on the other hand when sees SIGSYS it considers that to be due to Android enforced policy restricting access to syscalls unused by bionic and performs redirections such as open(2) -> openat(2) and for syscalls for which it doesn't have special redirection it'll make syscall return -ENOSYS without triggering signal. That is what is needed for most cases but in case of Firefox/Chromium sandbox this prevents brokered syscalls from being usable at all.

I think I'll add additional logic which upon detection of browser sandbox will disable most proot SIGSYS interceptors, but I don't yet have fully working implementation.

ghost commented 3 years ago

Using that environment variable makes firefox work again:

Screenshot_2020-12-21-09-29-56-91.jpg

2moe commented 3 years ago

For now Firefox can be used with MOZ_FAKE_NO_SANDBOX=1 env variable set, although I'm still looking for PRoot implementation which will nicely support sandbox.

Thank you very much.

ZhymabekRoman commented 3 years ago

For now Firefox can be used with MOZ_FAKE_NO_SANDBOX=1 env variable set, although I'm still looking for PRoot implementation which will nicely support sandbox.

Thanks, your method perfectly works.

I want will offer the another solution of this problem. 1) Install Firefox (not important what edition) 2) Open Firefox and enter the address "about:config" 3) Accept a warning of safety 4) In a search box enter "sandbox" 5) Near the line "media.cubeb.sandbox" press the toggle button that its value became "false", and near the line "security.sandbox.content.level" it is necessary to appropriate value "0" 6) Close and reopen Firefox

My way kills two "hares" - fixes the problem with tabs as well as the problem with sound in Firefox

Screenshot_20201229_140855.jpg

ghost commented 3 years ago

Thanks, that fixed the sound problem as well

Although I haven't tested this one if this fixes the sound as well if disabling Gecko Sandboxing: export MOZ_DISABLE_GMP_SANDBOX=1

michalbednarski commented 3 years ago

I've pushed experimental support onto firefoxsandbox branch, so far only tested on AArch64 (on x86_64 there is additional problem that SYSCALL_AVOIDER kills process according to Firefox seccomp policy)

For now this is on branch for further testing, although probably it'll be better to use that instead of users/distros disabling sandboxing)

Dawimpy commented 3 years ago

if still occur, just change to chromium. HOWTO:https://github.com/ayitsleo/terminaltricks/blob/master/apt-pinning-chromium/README.md

Pedro1234-code commented 3 years ago

Install Firefox ESR

Yonle commented 3 years ago

Now when using firefox without sandbox enabled, The whole proot environment freezes except the host.

ghost commented 2 years ago

Solution:

Restart firefox

ZhymabekRoman commented 2 years ago

Solution:

  • Enter about:config in address bar
  • Click “Accept the risk and continue”
  • Click “Show all”
  • Search for sandbox
  • Change first two values to false, and change security.sandbox.content.level to 1, exactly as in this picture:

Restart firefox

What is the difference from my method? https://github.com/termux/proot/issues/139#issuecomment-751988264

ghost commented 2 years ago

Solution:

  • Enter about:config in address bar
  • Click “Accept the risk and continue”
  • Click “Show all”
  • Search for sandbox
  • Change first two values to false, and change security.sandbox.content.level to 1, exactly as in this picture:

Restart firefox

What is the difference from my method? https://github.com/termux/proot/issues/139#issuecomment-751988264

Both

ayubmetah commented 2 years ago

Here are the steps I picked up from the trailing comments @ghost that resolved a similar issue;

Enter about:config in address bar Click “Accept the risk and continue” Click “Show all” Search for sandbox Change the following values to false,

"dom.block_download_in_sandboxed_iframes"

"media.cubeb.sandbox"

"media.cubeb.sandbox"

Finally, change numerical values for "security.sandbox.content.level" to 1 and "security.sandbox.socket.process.level" to 0.

Close and reopen Firefox.