Firefox 66.0.4-r0 is crashing on some sites
Only some sites crash (thingiverse.com is one I hit), and disabling js makes it stop crashing but unusable. The crash is deep inside libxul, and seems to involve a pointer value getting used as an array index, which is rather disturbing:
0x00007f6cda6bbe9a: movslq (%rcx,%rax,4),%rax
(gdb) print/x $rax
$2 = 0x55d2c6054e12
(gdb) print/x $rcx
$3 = 0x7f6cdb055138
Almost surely some sort of memory corruption or UAF. I don’t have debug symbols or a system heavy enough to handle debugging Firefox, so I’m leaving it at this.
(from redmine: issue id 10441, created on 2019-05-09)
- Changesets:
- Revision b65a9c18 by Timo Teräs on 2019-05-12T18:49:48Z:
testing/firefox: force optimization level -O2
ref #10441
The default, -Os, causes crashes likely due to compiler bug or UB.