jssh extension causes segmentation fault in libmozjs JS_BeginRequest

RESOLVED INCOMPLETE

Status

()

Firefox
Extension Compatibility
--
critical
RESOLVED INCOMPLETE
8 years ago
5 years ago

People

(Reporter: Jean-Baptiste Quenot, Unassigned)

Tracking

({crash, stackwanted})

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

8 years ago
User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_8; fr-fr) AppleWebKit/531.9 (KHTML, like Gecko) Version/4.0.3 Safari/531.9
Build Identifier: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3

Used the 32bit jssh extension from http://wiki.openqa.org/download/attachments/13893658/jssh-3.5.x-Linux.xpi?version=1 with Firefox 32 bit from http://mozilla2.snt.utwente.nl/firefox/releases/3.5.3/linux-i686/en-US/firefox-3.5.3.tar.bz2

Ran firefox -jssh to enable the Javascript shell on port 9997.

Connect with telnet to port 9997 and at the prompt, type 1+1.  Firefox crashes immediately with the following traceback:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xf6067750 (LWP 1018)]
0xf7106191 in JS_BeginRequest () from /opt/firefox/libmozjs.so
(gdb) bt
#0  0xf7106191 in JS_BeginRequest () from /opt/firefox/libmozjs.so
#1  0xf590bced in nsJSSh::IsBufferCompilable () from /opt/firefox/extensions/jssh@extensions.mozilla.org/components/libjssh.so
#2  0xf7be29db in NS_InvokeByIndex_P () from /opt/firefox/libxul.so
#3  0xf7bda845 in ?? () from /opt/firefox/libxul.so
#4  0xf7bd5c04 in ?? () from /opt/firefox/libxul.so
#5  0xf7ba5ecb in ?? () from /opt/firefox/libxul.so
#6  0xf7b088aa in ?? () from /opt/firefox/libxul.so
#7  0xf79d2fd2 in ?? () from /opt/firefox/libxul.so
#8  0xf736935b in XRE_main () from /opt/firefox/libxul.so
#9  0x080495aa in ?? ()
#10 0xf6652775 in __libc_start_main () from /lib32/libc.so.6
#11 0x08049411 in ?? ()

Reproducible: Always

Comment 1

8 years ago
you need symbols from at least one of firefox, jssh. i'd recommend symbols for both.

it's hard to tell from a stack who's doing what how. is JSContext *cx valid? if not, it's probably jssh's fault. Is it in use? etc

Comment 2

5 years ago
Jean-Baptiste, does this still reproduce for you when using newer version?

(In reply to timeless from comment #1)
> you need symbols from at least one of firefox, jssh. i'd recommend symbols
> for both.
> 
> it's hard to tell from a stack who's doing what how. is JSContext *cx valid?
> if not, it's probably jssh's fault. Is it in use? etc
Severity: normal → critical
Flags: needinfo?(jbq)
Keywords: crash, stackwanted
Whiteboard: [closeme 2013-05-20]

Comment 3

5 years ago
Resolved per whiteboard
Status: UNCONFIRMED → RESOLVED
Last Resolved: 5 years ago
Flags: needinfo?(jbq)
Resolution: --- → INCOMPLETE
Whiteboard: [closeme 2013-05-20]
You need to log in before you can comment on or make changes to this bug.