New issue
Advanced search Search tips

Issue 792257 link

Starred by 1 user
Status: WontFix
Owner:
kerrnel@chromium.org
Closed: Dec 2017
Cc:
rsesek@chromium.org
wfh@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 3
Type: Bug



Sign in to add a comment

macOS V2 Sandbox allows access to com.apple.distributed_notifications@Uv3

Project Member Reported by kerrnel@chromium.org, Dec 5 2017 
The macOS V2 Sandbox allows access to com.apple.distributed_notifications@Uv3 because the TSDescriptorSource constructor in CoreText requires access to it.

Thread 0 (id: 8466154, CrRendererMain):
0   libsystem_platform.dylib      	0x00007fffdebd6b20 _sigtramp + 0
1   CoreText                      	0x00007fffca384e47 TDescriptorSource::TDescriptorSource() + 67
2   CoreText                      	0x00007fffca384dbd CTFontDescriptorCreateForUIType + 35
3   UIFoundation                  	0x00007fffdbee6164 __NSGetMetaFontInstance + 392
4   UIFoundation                  	0x00007fffdbee6954 +[NSFont systemFontOfSize:] + 90
5   Chromium Framework            	0x0000000113788fdd blink::LayoutThemeMac::SystemFont(blink::CSSValueID, blink::FontSelectionValue&, blink::FontSelectionValue&, float&, WTF::AtomicString&) const + 237 (LayoutThemeMac.mm:0)
6   Chromium Framework            	0x0000000113183fd9 blink::CSSShorthand::Font::ParseShorthand(bool, blink::CSSParserTokenRange&, blink::CSSParserContext const&, blink::CSSParserLocalContext const&, blink::HeapVector<blink::CSSPropertyValue, 256ul>&) const + 713 (FontSelectionTypes.h:184)
7   Chromium Framework            	0x00000001131514b1 blink::CSSPropertyParser::ParseValueStart(blink::CSSPropertyID, bool) + 161 (CSSPropertyParser.cpp:98)
8   Chromium Framework            	0x000000011315093b blink::CSSPropertyParser::ParseValue(blink::CSSPropertyID, bool, blink::CSSParserTokenRange const&, blink::CSSParserContext const*, blink::HeapVector<blink::CSSPropertyValue, 256ul>&, blink::StyleRuleBase::RuleType) + 187 (CSSPropertyParser.cpp:63)
9   Chromium Framework            	0x000000011314ac8d blink::CSSParserImpl::ConsumeDeclaration(blink::CSSParserTokenRange, blink::CSSParserImpl::RangeOffset const&, blink::StyleRuleBase::RuleType) + 589 (CSSParserImpl.cpp:969)
10  Chromium Framework            	0x0000000113147c35 blink::CSSParserImpl::ConsumeDeclarationList(blink::CSSParserTokenStream&, blink::StyleRuleBase::RuleType) + 437 (CSSParserTokenStream.h:86)
11  Chromium Framework            	0x000000011314d2e4 blink::CSSParserImpl::ConsumeStyleRule(blink::CSSParserTokenStream&) + 532 (CSSSelectorList.h:70)
12  Chromium Framework            	0x0000000113149307 blink::CSSParserImpl::ConsumeQualifiedRule(blink::CSSParserTokenStream&, blink::CSSParserImpl::AllowedRulesType) + 39 (CSSParserImpl.cpp:526)
13  Chromium Framework            	0x00000001131498bb blink::CSSParserImpl::ParseStyleSheet(WTF::String const&, blink::CSSParserContext const*, blink::StyleSheetContents*, bool) + 1003 (CSSParserImpl.cpp:444)
14  Chromium Framework            	0x000000011306d021 blink::CSSDefaultStyleSheets::CSSDefaultStyleSheets() + 833 (Member.h:102)
15  Chromium Framework            	0x000000011306cc34 blink::CSSDefaultStyleSheets::Instance() + 260 (Persistent.h:54)
16  Chromium Framework            	0x00000001131b624f blink::ViewportStyleResolver::CollectViewportRulesFromUASheets() + 15 (ViewportStyleResolver.cpp:73)
17  Chromium Framework            	0x00000001131b70d9 blink::ViewportStyleResolver::UpdateViewport(blink::DocumentStyleSheetCollection&) + 41 (runtime_enabled_features.h:493)
18  Chromium Framework            	0x000000011310693e blink::StyleEngine::UpdateActiveStyle() + 30 (StyleEngine.cpp:424)
19  Chromium Framework            	0x00000001131e26e7 blink::Document::UpdateActiveStyle() + 55 (trace_event.h:1094)
20  Chromium Framework            	0x00000001131dfc88 blink::Document::UpdateStyleAndLayoutTree() + 472 (Document.cpp:2150)
21  Chromium Framework            	0x00000001133ea897 blink::LocalFrameView::UpdateStyleAndLayoutIfNeededRecursiveInternal() + 135 (LocalFrameView.cpp:3468)
22  Chromium Framework            	0x00000001133e9531 blink::LocalFrameView::UpdateStyleAndLayoutIfNeededRecursive() + 145 (LocalFrameView.cpp:0)
23  Chromium Framework            	0x00000001133e8734 blink::LocalFrameView::UpdateLifecyclePhasesInternal(blink::DocumentLifecycle::LifecycleState) + 180 (LocalFrameView.cpp:3189)
24  Chromium Framework            	0x000000011389272e blink::PageAnimator::UpdateAllLifecyclePhases(blink::LocalFrame&) + 30 (auto_reset.h:30)
25  Chromium Framework            	0x00000001133a4a76 blink::WebViewImpl::UpdateAllLifecyclePhases() + 246 (WebViewImpl.cpp:3777)
26  Chromium Framework            	0x00000001133a6a5d blink::WebViewImpl::ResizeViewWhileAnchored(float, float, bool) + 221 (WebViewImpl.cpp:1754)
27  Chromium Framework            	0x00000001133a6d86 blink::WebViewImpl::ResizeWithBrowserControls(blink::WebSize const&, float, float, bool) + 790 (ResizeViewportAnchor.h:37)
28  Chromium Framework            	0x000000011422288e content::RenderViewImpl::ResizeWebWidget() + 78 (render_view_impl.cc:2061)
29  Chromium Framework            	0x000000011422f16c content::RenderWidget::Resize(content::ResizeParams const&) + 540 (WebSize.h:53)
30  Chromium Framework            	0x000000011422c561 content::RenderWidget::OnResize(content::ResizeParams const&) + 97 (size.h:75)
31  Chromium Framework            	0x00000001142229b7 content::RenderViewImpl::OnResize(content::ResizeParams const&) + 279 (trace_event.h:1094)
32  Chromium Framework            	0x000000011422868e bool IPC::MessageT<ViewMsg_Resize_Meta, std::__1::tuple<content::ResizeParams>, void>::Dispatch<content::RenderWidget, content::RenderWidget, void, void (content::RenderWidget::*)(content::ResizeParams const&)>(IPC::Message const*, content::RenderWidget*, content::RenderWidget*, void*, void (content::RenderWidget::*)(content::ResizeParams const&)) + 126 (tuple.h:52)
33  Chromium Framework            	0x000000011422688d content::RenderWidget::OnMessageReceived(IPC::Message const&) + 861 (render_widget.cc:666)
34  Chromium Framework            	0x000000011421be7b content::RenderViewImpl::OnMessageReceived(IPC::Message const&) + 1755 (render_view_impl.cc:1161)
35  Chromium Framework            	0x0000000110cf8bab IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const&) + 91 (ipc_message.h:132)
36  Chromium Framework            	0x000000011022ce5c base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) + 188 (callback_forward.h:11)
37  Chromium Framework            	0x000000010fd29222 blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(blink::scheduler::internal::WorkQueue*, bool, blink::scheduler::LazyNow, base::TimeTicks*) + 1346 (task_queue_manager.cc:526)
38  Chromium Framework            	0x000000010fd288e2 blink::scheduler::TaskQueueManager::DoWork(blink::scheduler::internal::Sequence::WorkType) + 450 (task_queue_manager.cc:320)
39  Chromium Framework            	0x000000011022ce5c base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) + 188 (callback_forward.h:11)
40  Chromium Framework            	0x000000010fd2c3a5 blink::scheduler::internal::ThreadControllerImpl::DoWork(blink::scheduler::internal::Sequence::WorkType) + 117 (weak_ptr.h:240)
41  Chromium Framework            	0x000000011022ce5c base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) + 188 (callback_forward.h:11)
42  Chromium Framework            	0x0000000110252784 base::MessageLoop::RunTask(base::PendingTask*) + 484 (vector:639)
43  Chromium Framework            	0x0000000110252c89 base::MessageLoop::DoWork() + 441 (message_loop.cc:447)
44  Chromium Framework            	0x0000000110254aea base::MessagePumpCFRunLoopBase::RunWork() + 42 (message_pump_mac.mm:452)
45  Chromium Framework            	0x000000011024649a base::mac::CallWithEHFrame(void () block_pointer) + 10 (call_with_eh_frame_asm.S:38)
46  Chromium Framework            	0x000000011025440f base::MessagePumpCFRunLoopBase::RunWorkSource(void*) + 63 (message_pump_mac.mm:431)
47  CoreFoundation                	0x00007fffc8e1e3e1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
48  CoreFoundation                	0x00007fffc8dff65c __CFRunLoopDoSources0 + 556
49  CoreFoundation                	0x00007fffc8dfeb46 __CFRunLoopRun + 934
50  CoreFoundation                	0x00007fffc8dfe544 CFRunLoopRunSpecific + 420
51  Foundation                    	0x00007fffca82f252 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 277
52  Chromium Framework            	0x000000011025514e base::MessagePumpNSRunLoop::DoRun(base::MessagePump::Delegate*) + 126 (message_pump_mac.mm:722)
53  Chromium Framework            	0x0000000110253f2e base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) + 110 (message_pump_mac.mm:301)
54  Chromium Framework            	0x00000001102776a5 base::RunLoop::Run() + 53 (run_loop.cc:315)
55  Chromium Framework            	0x000000011423d418 content::RendererMain(content::MainFunctionParams const&) + 712 (renderer_main.cc:222)
56  Chromium Framework            	0x000000010fe4e4ff content::ContentMainRunnerImpl::Run() + 383 (content_main_runner.cc:706)
57  Chromium Framework            	0x000000011164a7f8 service_manager::Main(service_manager::MainParams const&) + 2344 (main.cc:456)
58  Chromium Framework            	0x000000010fe4d9b4 content::ContentMain(content::ContentMainParams const&) + 68 (content_main.cc:19)
59  Chromium Framework            	0x000000010e52f16f ChromeMain + 175 (chrome_main.cc:0)
60  Chromium Helper               	0x000000010d08f4ac main + 1788 (chrome_exe_main_mac.cc:169)
61  libdyld.dylib                 	0x00007fffde9c7235 start + 1
62  Chromium Helper               	0x0000000000000017

Comment 1 by rsesek@chromium.org, Dec 6 2017 

I imagine some other Foundation and Cocoa things also probably use distnoted for things, but we should be listening for them in the browser and forwarding the event on to the renderer ourselves. That's what we do for the Aqua color variant and other distributed notifications currently.

Sign in to add a comment