[MCPE-13916] Segfault on changing worlds Created: 09/Mar/16  Updated: 21/Aug/17  Resolved: 21/Aug/17

Status: Resolved
Project: Minecraft (Bedrock codebase)
Component/s: None
Affects Version/s: 0.14.0
Fix Version/s: None

Type: Bug
Reporter: C S
Resolution: Cannot Reproduce Votes: 0
Labels: None

Attachments: Text File crash log.txt    
Confirmation Status: Unconfirmed
Platform: Phone - iOS - iPhone 6 Plus

 Description   

My client segfaults and crashes occasionally when switching worlds on a multiplayer server. So far I cannot recreate it every time, but it happens about 10% of the time and I have recreated it about a dozen times. I believe it may be related to switching worlds multiple times in quick succession, but I cannot be sure of that.

The crash log from my phone is attached.

Update: With about 60 tries on an iPhone 4 running iOS 7.1.2, I cannot recreate this issue using the same exact circumstances as causes the crashes on my iPhone 6 plus.



 Comments   
Comment by [Mojang] Mega_Spud (Jay Wells) [ 21/Aug/17 ]

This ticket has been resolved as 'Cannot Reproduce' as it has not been updated recently (1 year+)

Comment by AMAN4700 [ 08/Aug/16 ]

Please respond and add the current version if you can reproduce this issue.

Comment by C S [ 09/Mar/16 ]

I just want to point out, that this could theoretically cause a security issue like a remote-code-execution exploit. I don't have any proof of concept code and this may be infeasible in practice. But in an abstract theoretical sense, we have a situation in which a server that a user connects to can:
1. Populate their device's memory with tons of arbitrary data, such as chunk data, which could be sizable enough to serve as a base for malicious code and exploits.
2. Remotely cause inconsistency in memory access by using an abnormal pattern of packets. In other words, they may be able to use this bug in a specifically targeted way.

If an attacker was able to disguise malicious code as chunk data and then redirect the flow of execution to that code, they could create a remote-code-execution exploit that could infect a phone just by having the user connect to the malicious server.

So much arbitrary server-defined data alongside remotely triggerable memory-location inconsistencies (ie this bug) in assembly code is just dangerous.

Comment by C S [ 09/Mar/16 ]

I can also confirm that this happens on an iPhone 6s with iOS 9.2.1.

Comment by C S [ 09/Mar/16 ]

The exact circumstances could not feasibly be replicated on a local server, because the trigger that I have been able to use to recreate the issue is related to packet manipulation where multiple change-dimension packets are sent to the client in a short period of time.

Comment by rplatham [ 09/Mar/16 ]

Does this happen if the multiplayer server is running locally on one of your devices?

Generated at Sat Jan 11 15:01:43 UTC 2025 using Jira 9.12.2#9120002-sha1:301bf498dd45d800842af0b84230f1bb58606c13.