==22040==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000050 (pc 0x7f395319fa79 bp 0x7ffde88553f0 sp 0x7ffde88553a0 T0)
==22040==The signal is caused by a READ memory access.
==22040==Hint: address points to the zero page.
#0 0x7f395319fa78 in HasAnyStateBits src/layout/generic/nsIFrame.h:2051:59
#1 0x7f395319fa78 in nsIFrame::SetParent(nsContainerFrame*) src/layout/generic/nsFrame.cpp:10409
#2 0x7f39531a5aa1 in nsFrameList::ApplySetParent(nsContainerFrame*) const src/layout/generic/nsFrameList.cpp:280:8
#3 0x7f3952e15c30 in nsCSSFrameConstructor::FinishBuildingColumns(nsFrameConstructorState&, nsContainerFrame*, nsContainerFrame*, nsFrameList&) src/layout/base/nsCSSFrameConstructor.cpp:10771:14
#4 0x7f3952e0f8d2 in nsCSSFrameConstructor::AppendFramesToParent(nsFrameConstructorState&, nsContainerFrame*, nsFrameItems&, nsIFrame*, bool) src/layout/base/nsCSSFrameConstructor.cpp:5965:5
#5 0x7f3952e23e11 in nsCSSFrameConstructor::ContentAppended(nsIContent*, nsCSSFrameConstructor::InsertionKind) src/layout/base/nsCSSFrameConstructor.cpp:6885:5
#6 0x7f3952d89f87 in mozilla::RestyleManager::ProcessRestyledFrames(nsStyleChangeList&) src/layout/base/RestyleManager.cpp:1447:27
#7 0x7f3952d9c713 in mozilla::RestyleManager::DoProcessPendingRestyles(mozilla::ServoTraversalFlags) src/layout/base/RestyleManager.cpp:3073:9
#8 0x7f3952d392da in ProcessPendingRestyles src/layout/base/RestyleManager.cpp:3145:3
#9 0x7f3952d392da in mozilla::PresShell::DoFlushPendingNotifications(mozilla::ChangesToFlush) src/layout/base/PresShell.cpp:4148
#10 0x7f3952ca3b4d in FlushPendingNotifications src/layout/base/nsIPresShell.h:588:5
#11 0x7f3952ca3b4d in nsRefreshDriver::Tick(mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>, mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:1817
#12 0x7f3952cb7e19 in TickDriver src/layout/base/nsRefreshDriver.cpp:328:13
#13 0x7f3952cb7e19 in mozilla::RefreshDriverTimer::TickRefreshDrivers(mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>, mozilla::TimeStamp, nsTArray<RefPtr<nsRefreshDriver> >&) src/layout/base/nsRefreshDriver.cpp:305
#14 0x7f3952cb76f6 in mozilla::RefreshDriverTimer::Tick(mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>, mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:321:5
#15 0x7f3952cbad4f in RunRefreshDrivers src/layout/base/nsRefreshDriver.cpp:727:5
#16 0x7f3952cbad4f in mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::TickRefreshDriver(mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>, mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:647
#17 0x7f3952cb4ec0 in mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::ParentProcessVsyncNotifier::Run() src/layout/base/nsRefreshDriver.cpp:488:20
#18 0x7f394814e618 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1167:14
#19 0x7f394815740d in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:468:10
#20 0x7f394942381f in mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) src/ipc/glue/MessagePump.cpp:88:21
#21 0x7f39493124de in RunInternal src/ipc/chromium/src/base/message_loop.cc:315:10
#22 0x7f39493124de in RunHandler src/ipc/chromium/src/base/message_loop.cc:308
#23 0x7f39493124de in MessageLoop::Run() src/ipc/chromium/src/base/message_loop.cc:290
#24 0x7f39525b5d43 in nsBaseAppShell::Run() src/widget/nsBaseAppShell.cpp:137:27
#25 0x7f3956e62e30 in nsAppStartup::Run() src/toolkit/components/startup/nsAppStartup.cpp:271:30
#26 0x7f3957146014 in XREMain::XRE_mainRun() src/toolkit/xre/nsAppRunner.cpp:4388:22
#27 0x7f3957148b49 in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) src/toolkit/xre/nsAppRunner.cpp:4526:8
#28 0x7f395714a593 in XRE_main(int, char**, mozilla::BootstrapConfig const&) src/toolkit/xre/nsAppRunner.cpp:4610:21
#29 0x56015e4ce68c in do_main src/browser/app/nsBrowserApp.cpp:214:22
#30 0x56015e4ce68c in main src/browser/app/nsBrowserApp.cpp:293
#31 0x7f396c46082f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
#32 0x56015e3f3efc in _start (firefox+0x2defc)
Bug 1522024 Comment 0 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
```
==22040==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000050 (pc 0x7f395319fa79 bp 0x7ffde88553f0 sp 0x7ffde88553a0 T0)
==22040==The signal is caused by a READ memory access.
==22040==Hint: address points to the zero page.
#0 0x7f395319fa78 in HasAnyStateBits src/layout/generic/nsIFrame.h:2051:59
#1 0x7f395319fa78 in nsIFrame::SetParent(nsContainerFrame*) src/layout/generic/nsFrame.cpp:10409
#2 0x7f39531a5aa1 in nsFrameList::ApplySetParent(nsContainerFrame*) const src/layout/generic/nsFrameList.cpp:280:8
#3 0x7f3952e15c30 in nsCSSFrameConstructor::FinishBuildingColumns(nsFrameConstructorState&, nsContainerFrame*, nsContainerFrame*, nsFrameList&) src/layout/base/nsCSSFrameConstructor.cpp:10771:14
#4 0x7f3952e0f8d2 in nsCSSFrameConstructor::AppendFramesToParent(nsFrameConstructorState&, nsContainerFrame*, nsFrameItems&, nsIFrame*, bool) src/layout/base/nsCSSFrameConstructor.cpp:5965:5
#5 0x7f3952e23e11 in nsCSSFrameConstructor::ContentAppended(nsIContent*, nsCSSFrameConstructor::InsertionKind) src/layout/base/nsCSSFrameConstructor.cpp:6885:5
#6 0x7f3952d89f87 in mozilla::RestyleManager::ProcessRestyledFrames(nsStyleChangeList&) src/layout/base/RestyleManager.cpp:1447:27
#7 0x7f3952d9c713 in mozilla::RestyleManager::DoProcessPendingRestyles(mozilla::ServoTraversalFlags) src/layout/base/RestyleManager.cpp:3073:9
#8 0x7f3952d392da in ProcessPendingRestyles src/layout/base/RestyleManager.cpp:3145:3
#9 0x7f3952d392da in mozilla::PresShell::DoFlushPendingNotifications(mozilla::ChangesToFlush) src/layout/base/PresShell.cpp:4148
#10 0x7f3952ca3b4d in FlushPendingNotifications src/layout/base/nsIPresShell.h:588:5
#11 0x7f3952ca3b4d in nsRefreshDriver::Tick(mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>, mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:1817
#12 0x7f3952cb7e19 in TickDriver src/layout/base/nsRefreshDriver.cpp:328:13
#13 0x7f3952cb7e19 in mozilla::RefreshDriverTimer::TickRefreshDrivers(mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>, mozilla::TimeStamp, nsTArray<RefPtr<nsRefreshDriver> >&) src/layout/base/nsRefreshDriver.cpp:305
#14 0x7f3952cb76f6 in mozilla::RefreshDriverTimer::Tick(mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>, mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:321:5
#15 0x7f3952cbad4f in RunRefreshDrivers src/layout/base/nsRefreshDriver.cpp:727:5
#16 0x7f3952cbad4f in mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::TickRefreshDriver(mozilla::layers::BaseTransactionId<mozilla::VsyncIdType>, mozilla::TimeStamp) src/layout/base/nsRefreshDriver.cpp:647
#17 0x7f3952cb4ec0 in mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::ParentProcessVsyncNotifier::Run() src/layout/base/nsRefreshDriver.cpp:488:20
#18 0x7f394814e618 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1167:14
#19 0x7f394815740d in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:468:10
#20 0x7f394942381f in mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) src/ipc/glue/MessagePump.cpp:88:21
#21 0x7f39493124de in RunInternal src/ipc/chromium/src/base/message_loop.cc:315:10
#22 0x7f39493124de in RunHandler src/ipc/chromium/src/base/message_loop.cc:308
#23 0x7f39493124de in MessageLoop::Run() src/ipc/chromium/src/base/message_loop.cc:290
#24 0x7f39525b5d43 in nsBaseAppShell::Run() src/widget/nsBaseAppShell.cpp:137:27
#25 0x7f3956e62e30 in nsAppStartup::Run() src/toolkit/components/startup/nsAppStartup.cpp:271:30
#26 0x7f3957146014 in XREMain::XRE_mainRun() src/toolkit/xre/nsAppRunner.cpp:4388:22
#27 0x7f3957148b49 in XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) src/toolkit/xre/nsAppRunner.cpp:4526:8
#28 0x7f395714a593 in XRE_main(int, char**, mozilla::BootstrapConfig const&) src/toolkit/xre/nsAppRunner.cpp:4610:21
#29 0x56015e4ce68c in do_main src/browser/app/nsBrowserApp.cpp:214:22
#30 0x56015e4ce68c in main src/browser/app/nsBrowserApp.cpp:293
#31 0x7f396c46082f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
#32 0x56015e3f3efc in _start (firefox+0x2defc)
```