[tbb-bugs] #19400 [Applications/Tor Browser]: [Asan] Crash in js::AsmJSModule::deserialize / DeserializeSig

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jun 13 11:03:07 UTC 2016


#19400: [Asan] Crash in js::AsmJSModule::deserialize / DeserializeSig
---------------------------------------------+-----------------------------
 Reporter:  cypherpunks                      |          Owner:  tbb-team
     Type:  defect                           |         Status:
 Priority:  Very High                        |  needs_information
Component:  Applications/Tor Browser         |      Milestone:
 Severity:  Critical                         |        Version:
 Keywords:  tbb-crash, TorBrowserTeam201606  |     Resolution:
Parent ID:                                   |  Actual Points:
 Reviewer:                                   |         Points:
                                             |        Sponsor:
---------------------------------------------+-----------------------------

Comment (by gk):

 Okay, thanks so much for narrowing this down. As far as I can see, there
 are three possible sources of the crash:

 1) One of our (crash) fixes in 6.0.1 is causing this.
 2) It is a bug in Mozilla's code itself.
 3) It is a bug caused by new Mozilla code interfering badly with one of
 our patches.

 I've uploaded a test build trying to rule out 1). It only omits the fixes
 for #19212 and #19187 and is the code otherwise the same as the branch
 used for Tor Browser 6.0.1.

 https://people.torproject.org/~gk/testbuilds/tor-browser-
 linux64-bug19400-hardened_ALL.tar.xz
 https://people.torproject.org/~gk/testbuilds/tor-browser-
 linux64-bug19400-hardened_ALL.tar.xz.asc

 Does this still crash for you?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19400#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list