Closed Bug 1697314 Opened 3 years ago Closed 3 years ago

crash at null in [@ nsProfileLock::FatalSignalHandler]

Categories

(Core :: Graphics, defect)

Product:
Core
Component:
Graphics
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1696816
Tracking Flags:
Tracking Status
firefox88 --- affected

People

(Reporter: tsmith, Unassigned)

References

(Blocks 1 open bug)

Details

(Keywords: crash, testcase)

Attachments

(1 file)

testcase.html
394 bytes, text/html
Details
Attached file testcase.html 
==31926==ERROR: UndefinedBehaviorSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000000000 bp 0x7ffebf493da0 sp 0x7ffebf48dbd8 T31926)
==31926==Hint: pc points to the zero page.
==31926==The signal is caused by a READ memory access.
==31926==Hint: address points to the zero page.
    #0 0x0  (<unknown module>)
    #1 0x56137ac9a84a in __sanitizer::HandleDeadlySignal(void*, void*, unsigned int, void (*)(__sanitizer::SignalContext const&, void const*, __sanitizer::BufferedStackTrace*), void const*) /builds/worker/fetches/llvm-project/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_symbolizer_report.cpp:245:3
    #2 0x7f445f8aabdf in nsProfileLock::FatalSignalHandler(int, siginfo_t*, void*) /builds/worker/checkouts/gecko/toolkit/profile/nsProfileLock.cpp:173:7
    #3 0x7f4460c1604a in WasmTrapHandler(int, siginfo_t*, void*) /builds/worker/checkouts/gecko/js/src/wasm/WasmSignalHandlers.cpp:981:5
    #4 0x7f446f2aa3bf  (/lib/x86_64-linux-gnu/libpthread.so.0+0x153bf)
Flags: in-testsuite?

A Pernosco session is available here: https://pernos.co/debug/Y4iZ05iC3CEKWsSi1qLRhw/index.html

Group: gfx-core-security
Component: Startup and Profile System → Graphics
Product: Toolkit → Core
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → DUPLICATE
Group: gfx-core-security
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: