null pointer crash in JS::SetScriptPrivate(class JSScript *, class JS::Value const &)+13 Topic is solved

Discussions about the development and maturation of the platform code (UXP).
Warning: may contain highly-technical topics.

Moderators: trava90, athenian200

User avatar
Veit Kannegieser
Moonbather
Moonbather
Posts: 51
Joined: 2019-03-23, 19:16

null pointer crash in JS::SetScriptPrivate(class JSScript *, class JS::Value const &)+13

Unread post by Veit Kannegieser » 2025-01-25, 18:28

Hello,
i have a repeated crash in a banking site, with Pale Moon 33.5.1 Linux+Windows x64, clean profile.
Site is https://www.spk-reichenau.de, but only after login, and i suspect only with a extra welcome screen to verify if personal data are current.
Storing the page in a different browser and loading it in Pale Moon causes a redirect to a not existing file.

Looking on Windows with x64dbg, the call stack is:

Code: Select all

                          000000B8095FE9E8 00007FFFFEFB9826 00007FF807E9CA63 30   Benutzer mozjs.void __cdecl JS::SetScriptPrivate(class JSScript *, class JS::Value const &)+13
                          000000B8095FEA18 00007FFFFE35312C 00007FFFFEFB9826 3A0  Benutzer xul.public: bool __cdecl mozilla::NormalizedConstraintSet::Range<bool>::Merge(class mozilla::NormalizedConstraintSet::Range<bool> const &)+2DD446
                          000000B8095FEDB8 00007FFFFE352B90 00007FFFFE35312C 90   Benutzer xul.mozilla_dump_image+C7E4C
                          000000B8095FEE48 00007FFFFE3E4283 00007FFFFE352B90 30   Benutzer xul.mozilla_dump_image+C78B0
                          000000B8095FEE78 00007FFFFDBB4511 00007FFFFE3E4283 100  Benutzer xul.mozilla_dump_image+158FA3
                          000000B8095FEF78 00007FFFFDBB1219 00007FFFFDBB4511 30   Benutzer xul.XRE_AddStaticComponent+109B1
                          000000B8095FEFA8 00007FFFFDBB060D 00007FFFFDBB1219 40   Benutzer xul.XRE_AddStaticComponent+D6B9
                          000000B8095FEFE8 00007FFFFDBAEA2E 00007FFFFDBB060D B0   Benutzer xul.XRE_AddStaticComponent+CAAD
                          000000B8095FF098 00007FFFFDBD06D2 00007FFFFDBAEA2E 30   Benutzer xul.XRE_AddStaticComponent+AECE
                          000000B8095FF0C8 00007FFFFDDC199F 00007FFFFDBD06D2 70   Benutzer xul.NS_StringSetIsVoid+44D2
                          000000B8095FF138 00007FFFFDDA6AC7 00007FFFFDDC199F 50   Benutzer xul.public: virtual enum nsresult __cdecl mozilla::net::LoadInfo::SetVerifySignedContent(bool)+1B1E5F
                          000000B8095FF188 00007FFFFF0131C1 00007FFFFDDA6AC7 30   Benutzer xul.public: virtual enum nsresult __cdecl mozilla::net::LoadInfo::SetVerifySignedContent(bool)+196F87
                          000000B8095FF1B8 00007FFFFF05E2ED 00007FFFFF0131C1 30   Benutzer xul.public: bool __cdecl mozilla::NormalizedConstraintSet::Range<bool>::Merge(class mozilla::NormalizedConstraintSet::Range<bool> const &)+336DE1
                          000000B8095FF1E8 00007FFFFF5F648C 00007FFFFF05E2ED 30   Benutzer xul.public: bool __cdecl mozilla::NormalizedConstraintSet::Range<bool>::Merge(class mozilla::NormalizedConstraintSet::Range<bool> const &)+381F0D
                          000000B8095FF218 00007FFFFF6115DD 00007FFFFF5F648C 240  Benutzer xul.XRE_StartupTimelineRecord+1E2C
                          000000B8095FF458 00007FFFFF610387 00007FFFFF6115DD 60   Benutzer xul.XRE_GetFileFromPath+7A1D
                          000000B8095FF4B8 00007FFFFF612522 00007FFFFF610387 190  Benutzer xul.XRE_GetFileFromPath+67C7
                          000000B8095FF648 0000000140001B2B 00007FFFFF612522 320  Benutzer xul.XRE_main+C2
                          000000B8095FF968 0000000140001523 0000000140001B2B 70   Benutzer palemoon.0000000140001B2B
                          000000B8095FF9D8 0000000140001E91 0000000140001523 50   Benutzer palemoon.0000000140001523
                          000000B8095FFA28 0000000140002D04 0000000140001E91 40   Benutzer palemoon.0000000140001E91
                          000000B8095FFA68 00007FF83DF97344 0000000140002D04 30   System   palemoon.0000000140002D04
                          000000B8095FFA98 00007FF83E2A26B1 00007FF83DF97344 80   System   kernel32.BaseThreadInitThunk+14
                          000000B8095FFB18 0000000000000000 00007FF83E2A26B1      Benutzer ntdll.RtlUserThreadStart+21
Assumed source: https://repo.palemoon.org/MoonchildProductions/UXP/src/commit/f4a37f53671f715bce67028cd3198e3319d39a41/js/src/jsapi.cpp#L4745
where script is a NULL pointer.

Debug prints console:

Code: Select all

Thread 4676 exit
Thread 1752 exit
Thread 2120 exit
Thread 708 exit
Thread 4276 exit
Thread 5516 exit
Thread 2280 exit
Thread 1056 exit
Thread 4180 exit
Thread 5560 exit
Thread 424 exit
Thread 3476 exit
Thread 2056 exit
Thread 5144 exit
Thread 4616 exit
Thread 4872 exit
Thread 4496 exit
Thread 3528 exit
Thread 4984 exit
Thread 6124 exit
Thread 3944 exit
Thread 5200 exit
Thread 4136 exit
Thread 2376 exit
Thread 5540 exit
Thread 1060 exit
Thread 328 exit
Thread 3468 exit
Thread 3308 exit
Thread 5876 exit
Thread 3964 exit
Thread 2428 exit
Thread 5544 exit
Thread 2496 exit
Thread 4332 exit
Thread 512 exit
Thread 1916 exit
Thread 2116 exit
Thread 4644 exit
Thread 5396 exit
Thread 316 exit
Thread 4252 exit
Thread 5712 exit
Thread 3828 exit
Thread 2612 exit
Thread 2244 exit
Thread 888 exit
Thread 1884 exit
Thread 1696 exit
Thread 3632 exit
Thread 5952 exit
Thread 2516 exit
Thread 2712 exit
Thread 5448 exit
Thread 1496 exit
Thread 5356 exit
Process stopped with exit code 0x0 (0)
Saving database to C:\Program Files\xdbg\x64\db\palemoon.exe.dd64 0ms
Debugging stopped!
Debugging: C:\Program Files\Pale Moon\palemoon.exe
Database file: C:\Program Files\xdbg\x64\db\palemoon.exe.dd64
Process Started: 0000000140000000 C:\Program Files\Pale Moon\palemoon.exe
  "C:\Program Files\Pale Moon\palemoon.exe"
  argv[0]: C:\Program Files\Pale Moon\palemoon.exe
DLL Loaded: 00007FF83E250000 C:\Windows\System32\ntdll.dll
DLL Loaded: 00007FF83DF80000 C:\Windows\System32\kernel32.dll
DLL Loaded: 00007FF83BB60000 C:\Windows\System32\KernelBase.dll
DLL Loaded: 00007FF839240000 C:\Windows\System32\apphelp.dll
DLL Loaded: 00007FF83C1B0000 C:\Windows\System32\ucrtbase.dll
DLL Loaded: 00007FF81C3D0000 C:\Program Files\Pale Moon\mozglue.dll
DLL Loaded: 00007FF81FF50000 C:\Program Files\Pale Moon\vcruntime140.dll
DLL Loaded: 00007FF806B90000 C:\Program Files\Pale Moon\msvcp140.dll
DLL Loaded: 00007FF81FF90000 C:\Program Files\Pale Moon\vcruntime140_1.dll
System breakpoint reached!
DLL Loaded: 000002555F120000 C:\Program Files\Pale Moon\api-ms-win-crt-runtime-l1-1-0.dll
DLL Unloaded: 000002555F120000 api-ms-win-crt-runtime-l1-1-0.dll
Thread 1404 created, Entry: ntdll.00007FF83E2A2B30, Parameter: 000002555F00B380
DLL Loaded: 000002555F120000 C:\Program Files\Pale Moon\api-ms-win-crt-runtime-l1-1-0.dll
DLL Loaded: 000002555F130000 C:\Program Files\Pale Moon\api-ms-win-crt-heap-l1-1-0.dll
DLL Unloaded: 000002555F130000 api-ms-win-crt-heap-l1-1-0.dll
DLL Loaded: 000002555F130000 C:\Program Files\Pale Moon\api-ms-win-crt-heap-l1-1-0.dll
DLL Loaded: 000002555F140000 C:\Program Files\Pale Moon\api-ms-win-crt-string-l1-1-0.dll
DLL Unloaded: 000002555F140000 api-ms-win-crt-string-l1-1-0.dll
DLL Loaded: 000002555F140000 C:\Program Files\Pale Moon\api-ms-win-crt-string-l1-1-0.dll
DLL Loaded: 000002555F150000 C:\Program Files\Pale Moon\api-ms-win-crt-stdio-l1-1-0.dll
DLL Unloaded: 000002555F150000 api-ms-win-crt-stdio-l1-1-0.dll
DLL Loaded: 000002555F150000 C:\Program Files\Pale Moon\api-ms-win-crt-stdio-l1-1-0.dll
DLL Loaded: 000002555F160000 C:\Program Files\Pale Moon\api-ms-win-crt-convert-l1-1-0.dll
DLL Unloaded: 000002555F160000 api-ms-win-crt-convert-l1-1-0.dll
DLL Loaded: 000002555F160000 C:\Program Files\Pale Moon\api-ms-win-crt-convert-l1-1-0.dll
DLL Loaded: 000002555F170000 C:\Program Files\Pale Moon\api-ms-win-crt-time-l1-1-0.dll
DLL Unloaded: 000002555F170000 api-ms-win-crt-time-l1-1-0.dll
DLL Loaded: 000002555F170000 C:\Program Files\Pale Moon\api-ms-win-crt-time-l1-1-0.dll
DLL Loaded: 000002555F180000 C:\Program Files\Pale Moon\api-ms-win-crt-environment-l1-1-0.dll
DLL Unloaded: 000002555F180000 api-ms-win-crt-environment-l1-1-0.dll
DLL Loaded: 000002555F180000 C:\Program Files\Pale Moon\api-ms-win-crt-environment-l1-1-0.dll
DLL Loaded: 000002555F190000 C:\Program Files\Pale Moon\api-ms-win-crt-math-l1-1-0.dll
DLL Unloaded: 000002555F190000 api-ms-win-crt-math-l1-1-0.dll
DLL Loaded: 000002555F190000 C:\Program Files\Pale Moon\api-ms-win-crt-math-l1-1-0.dll
DLL Loaded: 000002555F1A0000 C:\Program Files\Pale Moon\api-ms-win-crt-utility-l1-1-0.dll
DLL Unloaded: 000002555F1A0000 api-ms-win-crt-utility-l1-1-0.dll
DLL Loaded: 000002555F1A0000 C:\Program Files\Pale Moon\api-ms-win-crt-utility-l1-1-0.dll
DLL Loaded: 000002555F1B0000 C:\Program Files\Pale Moon\api-ms-win-crt-locale-l1-1-0.dll
DLL Unloaded: 000002555F1B0000 api-ms-win-crt-locale-l1-1-0.dll
DLL Loaded: 000002555F1B0000 C:\Program Files\Pale Moon\api-ms-win-crt-locale-l1-1-0.dll
DLL Loaded: 000002555F1C0000 C:\Program Files\Pale Moon\api-ms-win-crt-filesystem-l1-1-0.dll
DLL Unloaded: 000002555F1C0000 api-ms-win-crt-filesystem-l1-1-0.dll
DLL Loaded: 000002555F1C0000 C:\Program Files\Pale Moon\api-ms-win-crt-filesystem-l1-1-0.dll
DLL Loaded: 000002555F1D0000 C:\Program Files\Pale Moon\api-ms-win-crt-multibyte-l1-1-0.dll
DLL Unloaded: 000002555F1D0000 api-ms-win-crt-multibyte-l1-1-0.dll
DLL Loaded: 000002555F1D0000 C:\Program Files\Pale Moon\api-ms-win-crt-multibyte-l1-1-0.dll
DLL Loaded: 00007FF806A50000 C:\Program Files\Pale Moon\nss3.dll
DLL Loaded: 00007FF83CC40000 C:\Windows\System32\advapi32.dll
DLL Loaded: 00007FF83DA00000 C:\Windows\System32\msvcrt.dll
DLL Loaded: 00007FF83E170000 C:\Windows\System32\sechost.dll
DLL Loaded: 00007FF83D090000 C:\Windows\System32\rpcrt4.dll
DLL Loaded: 00007FF83DF10000 C:\Windows\System32\ws2_32.dll
DLL Loaded: 00007FF834560000 C:\Windows\System32\winmm.dll
DLL Loaded: 00007FF81FC10000 C:\Windows\System32\wsock32.dll
DLL Loaded: 00007FF806330000 C:\Program Files\Pale Moon\mozjs.dll
DLL Loaded: 00007FF8048D0000 C:\Program Files\Pale Moon\icu63.dll
DLL Loaded: 00007FF83B2E0000 C:\Windows\System32\cryptbase.dll
DLL Loaded: 00007FF802CF0000 C:\Program Files\Pale Moon\gkmedias.dll
DLL Loaded: 00007FF83C810000 C:\Windows\System32\user32.dll
DLL Loaded: 00007FF83BEE0000 C:\Windows\System32\win32u.dll
DLL Loaded: 00007FF83CCF0000 C:\Windows\System32\gdi32.dll
DLL Loaded: 00007FF83B9D0000 C:\Windows\System32\gdi32full.dll
DLL Loaded: 00007FF83B930000 C:\Windows\System32\msvcp_win.dll
DLL Loaded: 00007FF83E040000 C:\Windows\System32\ole32.dll
DLL Loaded: 00007FF83DBB0000 C:\Windows\System32\combase.dll
DLL Loaded: 00007FF81FB50000 C:\Windows\System32\usp10.dll
DLL Loaded: 00007FF828DE0000 C:\Windows\System32\msimg32.dll
DLL Loaded: 00007FF83D220000 C:\Windows\System32\imm32.dll
Thread 4080 created, Entry: ntdll.00007FF83E2A2B30, Parameter: 000002555F00B380
DLL Loaded: 00007FF81FC00000 C:\Program Files\Pale Moon\lgpllibs.dll
DLL Loaded: 00007FF806240000 C:\Program Files\Pale Moon\mozsqlite3.dll
DLL Loaded: 00007FF8094A0000 C:\Program Files\Pale Moon\hunspell.dll
DLL Loaded: 00007FFFFDB00000 C:\Program Files\Pale Moon\xul.dll
DLL Loaded: 00007FF83D2B0000 C:\Windows\System32\shell32.dll
DLL Loaded: 00007FF83C050000 C:\Windows\System32\crypt32.dll
DLL Loaded: 00007FF83D1C0000 C:\Windows\System32\shlwapi.dll
DLL Loaded: 00007FF83C2B0000 C:\Windows\System32\setupapi.dll
DLL Loaded: 00007FF83BE60000 C:\Windows\System32\cfgmgr32.dll
DLL Loaded: 00007FF83BEB0000 C:\Windows\System32\bcrypt.dll
DLL Loaded: 00007FF83BAF0000 C:\Windows\System32\wintrust.dll
DLL Loaded: 00007FF83CB60000 C:\Windows\System32\oleaut32.dll
DLL Loaded: 00007FF836930000 C:\Windows\System32\version.dll
DLL Loaded: 00007FF839520000 C:\Windows\System32\dwmapi.dll
DLL Loaded: 00007FF83AD50000 C:\Windows\System32\IPHLPAPI.DLL
DLL Loaded: 00007FF839340000 C:\Windows\System32\uxtheme.dll
DLL Loaded: 00007FF837790000 C:\Windows\System32\wtsapi32.dll
DLL Loaded: 00007FF83B820000 C:\Windows\System32\userenv.dll
DLL Loaded: 00007FF83B500000 C:\Windows\System32\msasn1.dll
DLL Loaded: 00007FF839810000 C:\Windows\System32\kernel.appcore.dll
DLL Loaded: 00007FF83BFC0000 C:\Windows\System32\bcryptprimitives.dll
DLL Loaded: 00007FF83AA70000 C:\Windows\System32\ntmarta.dll
Thread 3820 created, Entry: xul.00007FFFFF60CD80, Parameter: 0000000000000000
DLL Loaded: 00007FF83CFC0000 C:\Windows\System32\SHCore.dll
DLL Loaded: 00007FF8304C0000 C:\Windows\System32\DWrite.dll
DLL Loaded: 00007FF83CEA0000 C:\Windows\System32\msctf.dll
Thread 3820 exit
DLL Loaded: 00007FF839A10000 C:\Windows\System32\windows.storage.dll
DLL Loaded: 00007FF83B370000 C:\Windows\System32\wldp.dll
Thread 3588 created, Entry: ntdll.00007FF83E2A2B30, Parameter: 000002555F000BC0
Thread 2328 created, Entry: ntdll.00007FF83E2A2B30, Parameter: 000002555F000BC0
DLL Loaded: 00007FF83DAA0000 C:\Windows\System32\clbcatq.dll
DLL Loaded: 00007FF8374D0000 C:\Windows\System32\propsys.dll
DLL Loaded: 00007FF83B860000 C:\Windows\System32\profapi.dll
Thread 6048 created, Entry: xul.00007FFFFDD9A940, Parameter: 000002555F30E8D0
SetThreadName exception on 00007FF83BB8CF19 (17A0, "Gecko_IOThread")
DLL Loaded: 00007FF83AD90000 C:\Windows\System32\dnsapi.dll
DLL Loaded: 00007FF83CDB0000 C:\Windows\System32\nsi.dll
Thread 2964 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D16AC0
SetThreadName exception on 00007FF83BB8CF19 (B94, "Link Monitor")
Thread 1356 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D18D70
SetThreadName exception on 00007FF83BB8CF19 (54C, "Socket Thread")
DLL Loaded: 00007FF83B080000 C:\Windows\System32\mswsock.dll
Thread 1408 created, Entry: mswsock.00007FF83B081010, Parameter: 0000025560D1BA30
DLL Loaded: 00007FF827610000 C:\Program Files\Pale Moon\browser\components\browsercomps.dll
Thread 3984 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D1CBF0
SetThreadName exception on 00007FF83BB8CF19 (F90, "JS Watchdog")
Thread 5408 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D1EBC0
Thread 3112 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D1EC20
SetThreadName exception on 00007FF83BB8CF19 (1520, "JS Helper")
SetThreadName exception on 00007FF83BB8CF19 (C28, "JS Helper")
Thread 5980 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D1EB60
SetThreadName exception on 00007FF83BB8CF19 (175C, "JS Helper")
Thread 4312 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D21290
Thread 3008 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D20740
SetThreadName exception on 00007FF83BB8CF19 (10D8, "JS Helper")
SetThreadName exception on 00007FF83BB8CF19 (BC0, "JS Helper")
Thread 5344 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D205F0
SetThreadName exception on 00007FF83BB8CF19 (14E0, "JS Helper")
DLL Loaded: 00007FF829230000 C:\Windows\System32\dhcpcsvc.dll
Thread 2836 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D29F00
SetThreadName exception on 00007FF83BB8CF19 (B14, "Timer")
Thread 5596 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D2A9C0
SetThreadName exception on 00007FF83BB8CF19 (15DC, "Hang Monitor")
DLL Loaded: 00007FF81FFF0000 C:\Windows\System32\NapiNSP.dll
DLL Loaded: 00007FF81FFD0000 C:\Windows\System32\pnrpnsp.dll
DLL Loaded: 00007FF81FFB0000 C:\Windows\System32\wshbth.dll
DLL Loaded: 00007FF837160000 C:\Windows\System32\nlaapi.dll
DLL Loaded: 00007FF81FE10000 C:\Windows\System32\winrnr.dll
Thread 1000 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D29440
SetThreadName exception on 00007FF83BB8CF19 (3E8, "Cache2 I/O")
Thread 5536 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D30520
SetThreadName exception on 00007FF83BB8CF19 (15A0, "Cookie")
Thread 4916 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D316D0
SetThreadName exception on 00007FF83BB8CF19 (1334, "StreamTrans #1")
DLL Loaded: 00007FF83B520000 C:\Windows\System32\devobj.dll
DLL Loaded: 00007FF832C70000 C:\Windows\System32\TextInputFramework.dll
DLL Loaded: 00007FF838E80000 C:\Windows\System32\CoreMessaging.dll
DLL Loaded: 00007FF8387A0000 C:\Windows\System32\CoreUIComponents.dll
DLL Loaded: 00007FF837630000 C:\Windows\System32\WinTypes.dll
DLL Loaded: 0000025563800000 C:\Windows\System32\WinTypes.dll
DLL Unloaded: 0000025563800000 wintypes.dll
DLL Loaded: 00007FF83ABC0000 C:\Windows\System32\winsta.dll
DLL Loaded: 00007FF8333A0000 C:\Windows\System32\MMDevAPI.dll
DLL Loaded: 00007FF81D950000 C:\Windows\System32\AudioSes.dll
DLL Loaded: 00007FF83B0F0000 C:\Windows\System32\powrprof.dll
DLL Loaded: 00007FF83B060000 C:\Windows\System32\umpdc.dll
DLL Loaded: 00007FF832D70000 C:\Windows\System32\Windows.UI.dll
Breakpoint at 00007FF836952E60 (TLS Callback 1 (windowmanagementapi.dll)) set!
Breakpoint at 00007FF836952EC0 (TLS Callback 2 (windowmanagementapi.dll)) set!
DLL Loaded: 00007FF836940000 C:\Windows\System32\WindowManagementAPI.dll
DLL Loaded: 00007FF836720000 C:\Windows\System32\twinapi.appcore.dll
DLL Loaded: 0000025564000000 C:\Windows\System32\twinapi.appcore.dll
DLL Unloaded: 0000025564000000 twinapi.appcore.dll
Breakpoint at 00007FF832B28FF0 (TLS Callback 1 (inputhost.dll)) set!
Breakpoint at 00007FF832B29160 (TLS Callback 2 (inputhost.dll)) set!
DLL Loaded: 00007FF832B10000 C:\Windows\System32\InputHost.dll
INT3 breakpoint "TLS Callback 1 (windowmanagementapi.dll)" at windowmanagementapi.00007FF836952E60!
INT3 breakpoint "TLS Callback 2 (windowmanagementapi.dll)" at windowmanagementapi.00007FF836952EC0!
INT3 breakpoint "TLS Callback 1 (inputhost.dll)" at inputhost.00007FF832B28FF0!
INT3 breakpoint "TLS Callback 2 (inputhost.dll)" at inputhost.00007FF832B29160!
Thread 5332 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D56300
SetThreadName exception on 00007FF83BB8CF19 (14D4, "HTML5 Parser")
Thread 4556 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D58E40
SetThreadName exception on 00007FF83BB8CF19 (11CC, "IPDL Background")
Thread 3948 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D5D740
SetThreadName exception on 00007FF83BB8CF19 (F6C, "StreamTrans #2")
Thread 5828 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D5EF90
SetThreadName exception on 00007FF83BB8CF19 (16C4, "DOM Worker")
Thread 6072 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D607E0
SetThreadName exception on 00007FF83BB8CF19 (17B8, "ImgDecoder #1")
Thread 5780 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D62030
SetThreadName exception on 00007FF83BB8CF19 (1694, "ImgDecoder #2")
Thread 264 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025560D63880
SetThreadName exception on 00007FF83BB8CF19 (108, "ImageIO")
DLL Loaded: 00007FF837C40000 C:\Windows\System32\d3d11.dll
DLL Loaded: 00007FF83A1F0000 C:\Windows\System32\dxgi.dll
DLL Loaded: 00007FF839420000 C:\Windows\System32\ResourcePolicyClient.dll
DLL Unloaded: 00007FF839420000 resourcepolicyclient.dll
DLL Loaded: 00007FF834660000 C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_aad8de61c230f3e3\nvldumdx.dll
DLL Loaded: 00007FF8352E0000 C:\Windows\System32\cryptnet.dll
DLL Loaded: 00007FF8363E0000 C:\Windows\System32\drvstore.dll
DLL Loaded: 00007FF83D070000 C:\Windows\System32\imagehlp.dll
Thread 6068 created, Entry: crypt32.00007FF83C09B180, Parameter: 0000025560D7BD40
DLL Loaded: 00007FF83B2C0000 C:\Windows\System32\cryptsp.dll
DLL Loaded: 00007FF83A930000 C:\Windows\System32\rsaenh.dll
Breakpoint at 00007FFFFA2D1220 (TLS Callback 1 (nvwgf2umx.dll)) set!
DLL Loaded: 00007FFFF90F0000 C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_aad8de61c230f3e3\nvwgf2umx.dll
INT3 breakpoint "TLS Callback 1 (nvwgf2umx.dll)" at nvwgf2umx.00007FFFFA2D1220!
Thread 224 created, Entry: nvwgf2umx.00007FFFF919FC40, Parameter: 0000000000000000
Thread 224 exit
DLL Loaded: 00007FF836130000 C:\Windows\System32\DXCore.dll
Thread 1812 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 000002556425B940
Thread 5604 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 000002556425DFC0
Thread 4116 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 000002556430D150
Thread 4036 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 000002556430D1B0
Thread 1428 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 0000025564457DA0
Thread 2464 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 00000255644807B0
DLL Loaded: 00007FF837EB0000 C:\Windows\System32\d2d1.dll
DLL Loaded: 00007FF837480000 C:\Windows\System32\xmllite.dll
Thread 1132 created, Entry: xul.00007FFFFDD9A940, Parameter: 00000255627F5240
SetThreadName exception on 00007FF83BB8CF19 (46C, "WindowsVsyncThread")
DLL Loaded: 00007FF838470000 C:\Windows\System32\dcomp.dll
Thread 2160 created, Entry: xul.00007FFFFDD9A940, Parameter: 00000255627F5290
SetThreadName exception on 00007FF83BB8CF19 (870, "Compositor")
DLL Loaded: 00007FF8365B0000 C:\Windows\System32\mscms.dll
DLL Loaded: 00007FF836590000 C:\Windows\System32\coloradapterclient.dll
DLL Loaded: 00007FF836A70000 C:\Windows\System32\icm32.dll
Thread 4916 exit
Thread 5736 created, Entry: combase.00007FF83DC52D30, Parameter: 00000255644C77B0
DLL Loaded: 00007FF81B160000 C:\Windows\System32\DataExchange.dll
Thread 3592 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255644CCC60
SetThreadName exception on 00007FF83BB8CF19 (E08, "StreamTrans #3")
Thread 3948 exit
Thread 3764 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025564405380
SetThreadName exception on 00007FF83BB8CF19 (EB4, "StreamTrans #4")
Thread 3592 exit
Thread 2928 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255644CCC60
SetThreadName exception on 00007FF83BB8CF19 (B70, "StreamTrans #5")
Thread 3388 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255644D0FD0
SetThreadName exception on 00007FF83BB8CF19 (D3C, "StreamTrans #6")
Thread 3764 exit
Thread 3388 exit
Thread 3496 created, Entry: xul.00007FFFFDD9A940, Parameter: 000002556CAFBCE0
SetThreadName exception on 00007FF83BB8CF19 (DA8, "ImageBridgeChild")
Thread 5584 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 000002556454E5B0
Thread 5136 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 00000255645AED80
SetThreadName exception on 00007FF83BB8CF19 (1410, "NVFBCAsyncThread")
Thread 2984 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 000002556454E610
Thread 5444 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 00000255645A25A0
Thread 3744 created, Entry: nvwgf2umx.00007FFFFA2E8B24, Parameter: 00000255645A2540
DLL Loaded: 00007FF8201D0000 C:\Program Files\Pale Moon\softokn3.dll
DLL Loaded: 00007FF820110000 C:\Program Files\Pale Moon\freebl3.dll
DLL Loaded: 00007FF809430000 C:\Program Files\Pale Moon\nssckbi.dll
Thread 5568 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 000002556467C210
SetThreadName exception on 00007FF83BB8CF19 (15C0, "DataStorage")
Thread 2680 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255646819B0
SetThreadName exception on 00007FF83BB8CF19 (A78, "mozStorage #1")
DLL Loaded: 00007FF81AF10000 C:\Windows\System32\ExplorerFrame.dll
Thread 3912 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255646894F0
SetThreadName exception on 00007FF83BB8CF19 (F48, "Cache I/O")
Thread 3768 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 000002556468B9A0
SetThreadName exception on 00007FF83BB8CF19 (EB8, "Cache Deleter")
Thread 5460 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255645481D0
SetThreadName exception on 00007FF83BB8CF19 (1554, "mozStorage #2")
Thread 4320 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255646935B0
SetThreadName exception on 00007FF83BB8CF19 (10E0, "localStorage DB")
Thread 1276 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 000002556469E5B0
SetThreadName exception on 00007FF83BB8CF19 (4FC, "mozStorage #3")
Thread 5248 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255646A12B0
SetThreadName exception on 00007FF83BB8CF19 (1480, "Storage I/O")
DebugString: "[JavaScript Warning: "Key event not available on some keyboard layouts: key=“i” modifiers=“accel,alt,shift” id=“key_browserToolbox”" {file: "chrome://browser/content/browser.xul" line: 0}]"
DebugString: "[JavaScript Warning: "Key event not available on some keyboard layouts: key=“i” modifiers=“accel,alt,shift” id=“key_browserToolbox”" {file: "chrome://browser/content/browser.xul" line: 0}]"
Thread 4348 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255646A2910
SetThreadName exception on 00007FF83BB8CF19 (10FC, "IndexedDB #1")
Thread 5108 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025564710F20
SetThreadName exception on 00007FF83BB8CF19 (13F4, "Proxy Resolution")
Thread 4804 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255646420F0
SetThreadName exception on 00007FF83BB8CF19 (12C4, "DNS Resolver #1")
DLL Loaded: 00007FF827210000 C:\Windows\System32\rasadhlp.dll
DLL Loaded: 00007FF827220000 C:\Windows\System32\FWPUCLNT.DLL
Thread 3628 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025572663790
SetThreadName exception on 00007FF83BB8CF19 (E2C, "DNS Resolver #2")
Thread 3420 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255726288A0
SetThreadName exception on 00007FF83BB8CF19 (D5C, "SSL Cert #1")
DebugString: "Security Error: Content at https://www.spk-reichenau.de/de/home/login-online-banking.html may not load data from https://module.spk-reichenau.de/if/services/tdg?hs=f91b8373a81ee0d1f89aaeb447205b7215b8cf2fbcf00f9af3028cae2d074fbf."
DebugString: "Security Error: Content at https://www.spk-reichenau.de/de/home/login-online-banking.html may not load data from https://module.spk-reichenau.de/if/services/tdg?hs=f91b8373a81ee0d1f89aaeb447205b7215b8cf2fbcf00f9af3028cae2d074fbf."
Thread 2992 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025564710F80
SetThreadName exception on 00007FF83BB8CF19 (BB0, "mozStorage #4")
Thread 1252 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 000002557266C440
SetThreadName exception on 00007FF83BB8CF19 (4E4, "SSL Cert #2")
DLL Loaded: 00007FF81ADA0000 C:\Windows\System32\edputil.dll
Thread 2724 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 000002557279B450
SetThreadName exception on 00007FF83BB8CF19 (AA4, "Play Sound")
Thread 4756 created, Entry: winmm.00007FF8345631B0, Parameter: 0000000000000B84
Thread 2724 exit
Thread 6068 exit
Thread 3768 exit
Thread 5248 exit
DebugString: "Security Error: Content at https://www.spk-reichenau.de/de/home/login-online-banking/sca-legitimation.html?n=true may not load data from https://module.spk-reichenau.de/if/services/tdg?hs=f54ab93e4856310b7c88b3b4354b29e0321c4efbc5b695ffad9936b307b6bc3a."
DebugString: "Security Error: Content at https://www.spk-reichenau.de/de/home/login-online-banking/sca-legitimation.html?n=true may not load data from https://module.spk-reichenau.de/if/services/tdg?hs=f54ab93e4856310b7c88b3b4354b29e0321c4efbc5b695ffad9936b307b6bc3a."
Thread 4348 exit
DebugString: "Security Error: Content at https://www.spk-reichenau.de/de/home/login-online-banking/sca-legitimation.html?sp:ct=TUFJTkBwb3J0YWw%3D may not load data from https://module.spk-reichenau.de/if/services/tdg?hs=f54ab93e4856310b7c88b3b4354b29e0321c4efbc5b695ffad9936b307b6bc3a."
DebugString: "Security Error: Content at https://www.spk-reichenau.de/de/home/login-online-banking/sca-legitimation.html?sp:ct=TUFJTkBwb3J0YWw%3D may not load data from https://module.spk-reichenau.de/if/services/tdg?hs=f54ab93e4856310b7c88b3b4354b29e0321c4efbc5b695ffad9936b307b6bc3a."
Thread 2928 exit
DebugString: "Security Error: Content at https://www.spk-reichenau.de/de/home/login-online-banking/personendaten-aktualisieren.html?n=true may not load data from https://module.spk-reichenau.de/if/services/tdg?hs=f54ab93e4856310b7c88b3b4354b29e0321c4efbc5b695ffad9936b307b6bc3a."
DebugString: "Security Error: Content at https://www.spk-reichenau.de/de/home/login-online-banking/personendaten-aktualisieren.html?n=true may not load data from https://module.spk-reichenau.de/if/services/tdg?hs=f54ab93e4856310b7c88b3b4354b29e0321c4efbc5b695ffad9936b307b6bc3a."
SetThreadName exception on 00007FF83BB8CF19 (16C4, "DOM Worker")
Thread 5576 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 00000255727EC1E0
SetThreadName exception on 00007FF83BB8CF19 (15C8, "StreamTrans #7")
Thread 208 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 000002557266C3E0
SetThreadName exception on 00007FF83BB8CF19 (D0, "StreamTrans #8")
Thread 5100 created, Entry: ucrtbase.00007FF83C1D1B70, Parameter: 0000025572888660
SetThreadName exception on 00007FF83BB8CF19 (13EC, "StreamTrans #9")
Thread 5100 exit
Thread 208 exit
DebugString: "[JavaScript Warning: "Error: Script terminated by timeout at:
css@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:338:485
get@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:340:61
css@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:339:172
jQuery.fn[funcName]/<@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:436:504
access@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:268:143
jQuery.fn[funcName]@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:436:136
@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:827:130
dispatch@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:298:424
add/elemData.handle@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:292:185
trigger@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:387:168
trigger/<@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:389:102
each@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:174:524
each@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:170:447
trigger@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:389:73
jQuery.fn[name]@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:439:10
@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:782:171
dispatch@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:298:424
add/elemData.handle@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:292:185
I<@https://www.spk-reichenau.de/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/js-min/ospm/if/OSPMMain.js:21:5569
" {file: "https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js" line: 338}]"
DebugString: "[JavaScript Warning: "Error: Script terminated by timeout at:
css@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:338:485
get@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:340:61
css@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:339:172
jQuery.fn[funcName]/<@https://www.spk-reichenau.de/etc/clientli"
DebugString: "bs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:436:504
access@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:268:143
jQuery.fn[funcName]@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:436:136
@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:827:130
dispatch@https://www.spk"
DebugString: "-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:298:424
add/elemData.handle@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:292:185
trigger@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:387:168
trigger/<@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6"
DebugString: ".js:389:102
each@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:174:524
each@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:170:447
trigger@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:389:73
jQuery.fn[name]@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be253"
DebugString: "4809b66dfd3f3c5d73b7d6.js:439:10
@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:782:171
dispatch@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:298:424
add/elemData.handle@https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js:292:185
I<@https://www.spk-reichenau.de/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoos"
DebugString: "pm/js-min/ospm/if/OSPMMain.js:21:5569
" {file: "https://www.spk-reichenau.de/etc/clientlibs/myif/master/base/internetfiliale.min.ba2e6be2534809b66dfd3f3c5d73b7d6.js" line: 338}]"
EXCEPTION_DEBUG_INFO:
           dwFirstChance: 1
           ExceptionCode: C0000005 (EXCEPTION_ACCESS_VIOLATION)
          ExceptionFlags: 00000000
        ExceptionAddress: mozjs.00007FF80665CA63
        NumberParameters: 2
ExceptionInformation[00]: 0000000000000000 Read
ExceptionInformation[01]: 0000000000000018 Inaccessible Address
First chance exception on 00007FF80665CA63 (C0000005, EXCEPTION_ACCESS_VIOLATION)!
register/code view:
Clipboard_01-25-2025_02.jpg
The page is a bit slow loading before the crash, and the debug prints have DebugString: "[JavaScript Warning: "Error: Script terminated by timeout at:"...
You do not have the required permissions to view the files attached to this post.
Top
User avatar
Martok
Contributing developer
Contributing developer
Posts: 8
Joined: 2019-08-29, 00:46

Re: null pointer crash in JS::SetScriptPrivate(class JSScript *, class JS::Value const &)+13

Unread post by Martok » 2025-01-26, 13:57

Can repro with my local Sparkasse. It worked mid-december, so something in their new site changed. Hm.

Edit: I think the backtrace might be misleading, I get a crash in setTimeout handler itself due to Compile returning NS_OK when it shouldn't.
Last edited by Martok on 2025-01-26, 14:26, edited 1 time in total.
"For more information please reread."
Top
User avatar
Martok
Contributing developer
Contributing developer
Posts: 8
Joined: 2019-08-29, 00:46

Re: null pointer crash in JS::SetScriptPrivate(class JSScript *, class JS::Value const &)+13

Unread post by Martok » 2025-01-26, 16:03

Yeah, that was it. Kinda surprising that never happened before, this crash was possible everytime a script gets timeouted.

You won't be able to click away from the "Persönliche Daten aktualisieren" screen since the script was aborted so no event handler works, but navigating via top bar works and I've not seen any issues after that.
"For more information please reread."
Top
User avatar
Veit Kannegieser
Moonbather
Moonbather
Posts: 51
Joined: 2019-03-23, 19:16

Re: null pointer crash in JS::SetScriptPrivate(class JSScript *, class JS::Value const &)+13

Unread post by Veit Kannegieser » 2025-02-08, 16:49

Martok wrote:
2025-01-26, 16:03
 Yeah, that was it. Kinda surprising that never happened before, this crash was possible everytime a script gets timeouted.
Nice that it got corrected.
Martok wrote:
2025-01-26, 16:03
 You won't be able to click away from the "Persönliche Daten aktualisieren" screen since the script was aborted so no event handler works, but navigating via top bar works and I've not seen any issues after that.
I have send them an e-mail to figure out why timeout happends.
No need to change addresses now.

Thank you!
Top

Return to “Platform Development”