libxul causes segmentation fault (segfault)

[opsec-ee]

libxul causes segmentation fault (segfault) in Firefox on linux ( machine arch linux ).

The Issue

Process: Firefox MainThread (PID 74835)
Fault: Segmentation fault at memory address 0 (null pointer dereference)
Location: Inside libxul.so (Firefox's core rendering engine library)
Signal: Process terminated with signal 11 (SIGSEGV)

Actual:|

kernel: MainThread[74835]: segfault at 0 ip 00007d062c7950c6 sp 00007ffd1cb3c380 error 6 in libxul.so[71940c6,7d0628318000+6cc5000] likely on CPU 7 (core 12, socket 0)
kernel: Code: 15 d7 eb d5 02 48 8d 3d ee aa 0d fa 45 31 f6 89 de 89 c2 31 c0 ff 15 11 dd d5 02 48 8b 0d 22 dd d5 02 48 89 01 b8 7b 00 00 00 <49> 89 06 ff 15 09 dd d5 02 48 8d 05 30 dc 09 fa 48 8b 0d 03 dd d5
firefox[24957]: [Parent 24957, IPC I/O Parent] WARNING: process 74835 exited on signal 11: file /usr/src/debug/firefox/firefox-142.0.1/ipc/chromium/src/chrome/common/process_watcher_posix_sigchld.cc:134

Key Details

Instruction Pointer: 0x00007d062c7950c6 - where the crash occurred
Stack Pointer: 0x00007ffd1cb3c380 - current stack location
Error Code: 6 (attempted to write to a read-only or unmapped memory region)

The assembly code shows it was trying to execute 49 89 06 (which is mov %rax,(%r14)) when it crashed, suggesting it attempted to write to a null pointer stored in the R14 register.

Likely Causes

Memory corruption - Something overwrote a pointer with null
Use-after-free - Accessing freed memory that got zeroed
Uninitialized pointer - Using a pointer before it was properly set
Race condition - Multi-threaded access corrupted the pointer

[sylvestre]

bugbot is a tool to help with bug management. this isn't the place for firefox bug.

[opsec-ee]

I should check my definition of issue versus bug.. got it

[marco-c]

@opsec-ee it's not a matter of definition, Firefox bugs/issues are not tracked here, they are tracked on Bugzilla (https://bugzilla.mozilla.org/).

[opsec-ee]

I only did what the page at https://support.mozilla.org/en-US/kb/file-bug-report-or-feature-request-mozilla
said to do:

In Mozilla Support (SUpport.MOzilla.org, a.k.a. SUMO), you can ask a support question or get help with product troubleshooting. However, to report a bug or defect, you should go to either Bugzilla or GitHub. Alternatively, if you would like to request a new feature, submit feedback or discuss ideas that will help shape future product releases, you should go to Mozilla Connect.

[opsec-ee]

I did what I was suppose to do, I let someone know, regardless.. I wont be creating another account o tell anyone about this.. thanks

[marco-c]

@opsec-ee I guess the page points to Bugzilla and GitHub because there are Mozilla projects on both, but this doesn't mean any Mozilla repo on GitHub can be used to file bugs about the Firefox project. If you want to file a bug for the bugbot project, this repo is the right place. If you want to file a bug for the Firefox project, https://bugzilla.mozilla.org/ is the right place.

I did what I was suppose to do, I let someone know, regardless.. I wont be creating another account o tell anyone about this.. thanks

Feel free to do what you want, I can't force you to do anything. You should know that it is possible to login on Bugzilla with a GitHub account though.

[marco-c]

And to be clear, in the page you linked, you can see there is a table pointing to the right bug tracker for each project:

[opsec-ee]

"but this doesn't mean any Mozilla repo on GitHub" when I only placed this in the 'issues" field..

I'm done with this trolling crap now.. have a good day!

[opsec-ee]

Bugzilla has suffered an internal error:

Invalid GitHub log in attempt (reason: invalid state param)