Program received signal SIGSYS, Bad system call. dup () at bionic/libc/arch-arm/syscalls/dup.S:10 10 ldmfd sp!, {r4, r7} dup seems relatively harmless, so maybe we should allow it? Here's the beginning of the call stack, with newlines added for clarity, in case we want to try to avoid it instead: (gdb) bt #0 dup () at bionic/libc/arch-arm/syscalls/dup.S:10 #1 0x40e17d72 in mozilla::ipc::SharedMemoryBasic::ShareToProcess (this=<value optimized out>, aNewHandle=0xbec9c024) at /home/jld/src/B2G/gecko/ipc/glue/SharedMemoryBasic_android.cpp:103 #2 0x40e1e36e in mozilla::ipc::Shmem::ShareTo (this=0xbec9c05c, aProcess=2639, routingId=2147483647) at /home/jld/src/B2G/gecko/ipc/glue/Shmem.cpp:606 #3 0x40e8b68c in mozilla::layers::PCompositorChild::CreateSharedMemory (this=0x42ce1180, aSize=<value optimized out>, aType=<value optimized out>, aUnsafe=<value optimized out>, aId=0xbec9c0b4) at /home/jld/src/B2G/objdir-gecko/ipc/ipdl/PCompositorChild.cpp:530 #4 0x40e1f1b2 in mozilla::dom::PSpeechSynthesisChild::CreateSharedMemory (this=0x25, aSize=<value optimized out>, aType=<value optimized out>, aUnsafe=255, aId=0xbec9c0b4) at /home/jld/src/B2G/objdir-gecko/ipc/ipdl/PSpeechSynthesisChild.cpp:266 #5 0x40e9449e in mozilla::layers::PLayerTransactionChild::AllocUnsafeShmem (this=0xbec9c0b4, aSize=126736, aType=mozilla::ipc::SharedMemory::TYPE_BASIC, aMem=0xbec9c0d8) at /home/jld/src/B2G/objdir-gecko/ipc/ipdl/PLayerTransactionChild.cpp:782 #6 0x4110e78c in mozilla::layers::ShadowLayerForwarder::AllocUnsafeShmem (this=<value optimized out>, aSize=126736, aType=mozilla::ipc::SharedMemory::TYPE_BASIC, aShmem=0xffffffff) at /home/jld/src/B2G/gecko/gfx/layers/ipc/ShadowLayers.cpp:567 #7 0x410ffad2 in Create<mozilla::layers::ISurfaceAllocator, true> (this=0x40326428, aSize=..., aContent=<value optimized out>, aBuffer=0xbec9c130) at ../../dist/include/gfxBaseSharedMemorySurface.h:176 #8 CreateUnsafe<mozilla::layers::ISurfaceAllocator> (this=0x40326428, aSize=..., aContent=<value optimized out>, aBuffer=0xbec9c130) at ../../dist/include/gfxBaseSharedMemorySurface.h:98 #9 mozilla::layers::ISurfaceAllocator::AllocSharedImageSurface (this=0x40326428, aSize=..., aContent=<value optimized out>, aBuffer=0xbec9c130) at /home/jld/src/B2G/gecko/gfx/layers/ipc/ISurfaceAllocator.cpp:60 #10 0x410ffa4c in mozilla::layers::ISurfaceAllocator::AllocSurfaceDescriptorWithCaps (this=0x40326428, aSize=..., aContent=gfxASurface::CONTENT_ALPHA, aCaps=<value optimized out>, aBuffer=0x443d62bc) at /home/jld/src/B2G/gecko/gfx/layers/ipc/ISurfaceAllocator.cpp:112 #11 0x410ff940 in mozilla::layers::ISurfaceAllocator::AllocSurfaceDescriptor (this=0xbec9c0b4, aSize=<value optimized out>, aContent=0, aBuffer=<value optimized out>) at /home/jld/src/B2G/gecko/gfx/layers/ipc/ISurfaceAllocator.cpp:74

There are a few other syscalls I found. I'm going to expand this bug to cover all of them, including working around bug 906996, because if I try to separate each added line into its own patch they'll all conflict with each other.

…and I should reapply the summary change I lost after mid-air colliding with myself.

Comment on attachment 799883 [details] [diff] [review] bug908907-seccomp-gaps.diff Review of attachment 799883 [details] [diff] [review]: ----------------------------------------------------------------- thanks :) hopefully we can remove some of these sooner than later (same for open, in fact). Until then, looks good.

I have this patch applied, and it works generalyl. However I got bug 907087 once again, but I didn't think of running gdb at that time so I don't know why... I'll report again if I find something.

Thanks for the review. Checkin note: This should be sent to b2g-inbound instead of regular inbound, I think?