This works on ARM/ARM64 devices; I'm not sure if we've tested x86. Chromium actually installs its own additional seccomp filter that restricts the allowed syscalls even further, so we're aware of the mechanism.

The system filter doesn't prohibit any of the syscalls you mention..

Tested breakpad on google/fugu/fugu:8.0.0/OPR6.170623.021/4312005:userdebug/dev-keys and it appears to work fine: crash produces a breakpad microdump and everything looks okay with it.

How are you reproducing this issue? What device, build, and version of WebView?

It was a x86_64 IVI device with Android O MR0, and  webview was the beta build 62.0.3202.34.
Which process did you test? Per my observation, breakpad works correctly in render process, but not in browser process.

Take this sys_waitpid(https://chromium.googlesource.com/breakpad/breakpad/+/master/src/client/linux/handler/exception_handler.cc#558) for example:

If I change it to the equivalent wait4(...) call, which is allowed by bionic(https://android.googlesource.com/platform/bionic/+/master/libc/SYSCALLS.TXT#339), then there is no violation.

Could you point me the source code of chromium's own additional seccomp filter? I'd like to double check whether it actually worked in my case.

Ah, thanks; I didn't realise you meant it only crashes in the browser process and not the renderer - that's very unexpected as the code that runs is the same and the renderer is *more* restricted than the browser. The additional seccomp filter is only used in the renderer process, so won't affect the browser.

(to be clear I can repro it now by signalling the browser process)

Ah. The webview_zygote doesn't end up initialising the platform seccomp filter, so the renderer is only constrained by the Chromium policy, which allows waitpid. That's not a big deal since the chromium policy is significantly more restrictive in general (it just happens to allow a couple of older syscalls that bionic doesn't use itself).

We'll get breakpad fixed to call the syscalls bionic expects on x86 android.

I have 32-bit x86 working, and am working on x86_64 but it's trickier. WIP change is here: https://chromium-review.googlesource.com/#/c/linux-syscall-support/+/699213/ if anyone can help out with x86_64 syscall calling conventions and inline assembly stuff (I've not worked on x86 stuff since DOS so I'm very rusty)

OK, the change at https://chromium-review.googlesource.com/#/c/linux-syscall-support/+/699213/ now works for me on both 32-bit and 64-bit. Will get this landed and rolled into chromium as soon as I can, but you can test it in the meantime if you want to verify it on your platform?

Great, it works on my device too. You have done an amazing job. Lucky to have been helped by the real professional like you.

The following revision refers to this bug:
  https://chromium.googlesource.com/linux-syscall-support/+/e6527b0cd469e3ff5764785dadcb39bf7d787154

commit e6527b0cd469e3ff5764785dadcb39bf7d787154
Author: Torne (Richard Coles) <torne@google.com>
Date: Wed Oct 18 19:37:42 2017

Fix use of non-whitelisted syscalls on Android.

Android O has a default seccomp policy for all app processes which
disallows most syscalls that aren't used by bionic on x86_64, including
the syscalls which were removed in aarch64 but still supported for
legacy apps in x86_64 in the kernel.

Refactor the existing aarch64 support to check for the syscall numbers
being defined instead of being directly based on the architecture, and
undefine the disallowed syscalls on Android to trigger the polyfills to
be used instead.

Also, use wait4 instead of waitpid on Android for all architectures,
because waitpid is not permitted even on 32-bit ABIs.

Bug:  chromium:770449 
Change-Id: Ifc9047ee4b1986cd8078afa7f3fc169ee4031597
Reviewed-on: https://chromium-review.googlesource.com/699213
Reviewed-by: Mike Frysinger <vapier@chromium.org>

[modify] https://crrev.com/e6527b0cd469e3ff5764785dadcb39bf7d787154/linux_syscall_support.h

The following revision refers to this bug:
  https://chromium.googlesource.com/breakpad/breakpad/+/2aaeead73fbc70860c6bc0ff477500f84ab595e9

commit 2aaeead73fbc70860c6bc0ff477500f84ab595e9
Author: Torne (Richard Coles) <torne@google.com>
Date: Thu Oct 19 18:43:22 2017

Roll src/src/third_party/lss/ a91633d17..e6527b0cd (1 commit)

https://chromium.googlesource.com/linux-syscall-support/+log/a91633d17240..e6527b0cd469

$ git log a91633d17..e6527b0cd --date=short --no-merges --format='%ad %ae %s'
2017-10-03 torne Fix use of non-whitelisted syscalls on Android.

Created with:
  roll-dep src/src/third_party/lss
Bug:  770449 

Change-Id: Ia9556ba31f61c0bd8a5dcd4b032cdb1f321d7a57
Reviewed-on: https://chromium-review.googlesource.com/728357
Reviewed-by: Mike Frysinger <vapier@chromium.org>

[modify] https://crrev.com/2aaeead73fbc70860c6bc0ff477500f84ab595e9/default.xml
[modify] https://crrev.com/2aaeead73fbc70860c6bc0ff477500f84ab595e9/DEPS

Thank you all for fixing this!

It's not rolled into chromium yet - the roll commit above was for standalone breakpad.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9a6106e69b750191b1b95fba453dc1c2f5200ccc

commit 9a6106e69b750191b1b95fba453dc1c2f5200ccc
Author: Torne (Richard Coles) <torne@google.com>
Date: Fri Oct 20 17:48:17 2017

Roll src/third_party/lss/ 63f24c822..e6527b0cd (3 commits)

https://chromium.googlesource.com/linux-syscall-support.git/+log/63f24c8221a2..e6527b0cd469

$ git log 63f24c822..e6527b0cd --date=short --no-merges --format='%ad %ae %s'
2017-10-03 torne Fix use of non-whitelisted syscalls on Android.
2017-06-01 amaury.leleyzour Remove "r7 cannot be used in asm" gcc error
2017-05-05 andrew Fix sys_clone() for thumb2.

Created with:
  roll-dep src/third_party/lss

Bug:  770449 
Change-Id: I8365dc81aec0e7433e86179ff88ce98d001b40db
Reviewed-on: https://chromium-review.googlesource.com/726463
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Richard Coles <torne@chromium.org>
Cr-Commit-Position: refs/heads/master@{#510482}
[modify] https://crrev.com/9a6106e69b750191b1b95fba453dc1c2f5200ccc/DEPS

This missed the M63 branch point as it took a while to refactor the LSS code into a maintainable state.

I don't want to cherrypick this as we want to allow it to soak in dev for a long time to ensure it doesn't cause any issues for breakpad in the field.

The following revision refers to this bug:
  https://chrome-internal.googlesource.com/chromeos/manifest-internal/+/a86a1d4d40ff183e868500ed7084bb171247ebe5

commit a86a1d4d40ff183e868500ed7084bb171247ebe5
Author: Mike Frysinger <vapier@chromium.org>
Date: Tue Oct 24 05:39:10 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/manifest/+/90db72c078860dfc64ab69bcfe3fac398944834a

commit 90db72c078860dfc64ab69bcfe3fac398944834a
Author: Mike Frysinger <vapier@chromium.org>
Date: Tue Oct 24 05:39:07 2017

lss: update to match breakpad

BUG= chromium:770449 
TEST=precq passes

Change-Id: I87f67a67474e2314438e7d6568ebd47d4a4e06ad
Reviewed-on: https://chromium-review.googlesource.com/733864
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Ben Chan <benchan@chromium.org>

[modify] https://crrev.com/90db72c078860dfc64ab69bcfe3fac398944834a/full.xml