Closed Bug 1493512 Opened 6 years ago Closed 6 years ago

Intermittent SUMMARY: AddressSanitizer: heap-use-after-free z:\build\build\src\gfx\cairo\cairo\src\cairo-gstate.c:218 in _cairo_gstate_fini

Tracking

()

Status:

RESOLVED DUPLICATE of bug 1475594

People

(Reporter: nataliaCs, Unassigned)

Details

(Keywords: intermittent-failure)

Natalia Csoregi [:nataliaCs]

Reporter

Description

•

6 years ago

Central as Beta simulation:

https://treeherder.mozilla.org/#/jobs?repo=try&resultStatus=testfailed,busted,exception,usercancel,runnable&revision=baa64b256cdf6fde6341d7528de140569e19a2eb&group_state=expanded&selectedJob=201058851

Failure log: https://treeherder.mozilla.org/logviewer.html#?job_id=201058851&repo=try&lineNumber=1341

Task details: https://tools.taskcluster.net/groups/UR7K9CMISliJJJWY2Uve4w/tasks/RxDfDhulSQGmJJups2gqNA/details

11:22:44     INFO - TEST-START | devtools/client/inspector/rules/test/browser_rules_cubicbezier-commit-on-ENTER.js
11:22:47     INFO - GECKO(932) | =================================================================
11:22:47    ERROR - GECKO(932) | ==932==ERROR: AddressSanitizer: heap-use-after-free on address 0x1170a56e6090 at pc 0x7ff980269e7d bp 0x002f5d22d3d0 sp 0x002f5d22d418
11:22:47     INFO - GECKO(932) | WRITE of size 8 at 0x1170a56e6090 thread T58
11:22:47     INFO - GECKO(932) |     #0 0x7ff980269e7c in _cairo_gstate_fini z:\build\build\src\gfx\cairo\cairo\src\cairo-gstate.c:218
11:22:47     INFO - GECKO(932) |     #1 0x7ff98026a8c1 in _cairo_gstate_restore z:\build\build\src\gfx\cairo\cairo\src\cairo-gstate.c:290
11:22:47     INFO - GECKO(932) |     #2 0x7ff98031bdd5 in _moz_cairo_restore z:\build\build\src\gfx\cairo\cairo\src\cairo.c:608
11:22:47     INFO - GECKO(932) |     #3 0x7ff976b9471e in mozilla::gfx::`anonymous namespace'::AutoPrepareForDrawing::~AutoPrepareForDrawing z:\build\build\src\gfx\2d\DrawTargetCairo.cpp:85
11:22:47     INFO - GECKO(932) |     #4 0x7ff976b9a212 in mozilla::gfx::DrawTargetCairo::CopySurface(class mozilla::gfx::SourceSurface *,struct mozilla::gfx::IntRectTyped<struct mozilla::gfx::UnknownUnits> const &,struct mozilla::gfx::IntPointTyped<struct mozilla::gfx::UnknownUnits> const &) z:\build\build\src\gfx\2d\DrawTargetCairo.cpp:1153
11:22:47     INFO - GECKO(932) |     #5 0x7ff9772ff94e in mozilla::layers::BasicCompositor::TryToEndRemoteDrawing(bool) z:\build\build\src\gfx\layers\basic\BasicCompositor.cpp:1050
11:22:47     INFO - GECKO(932) |     #6 0x7ff97731244c in mozilla::layers::BasicCompositor::EndFrame(void) z:\build\build\src\gfx\layers\basic\BasicCompositor.cpp:1015
11:22:47     INFO - GECKO(932) |     #7 0x7ff97745df42 in mozilla::layers::LayerManagerComposite::Render(class mozilla::gfx::IntRegionTyped<struct mozilla::gfx::UnknownUnits> const &,class mozilla::gfx::IntRegionTyped<struct mozilla::gfx::UnknownUnits> const &) z:\build\build\src\gfx\layers\composite\LayerManagerComposite.cpp:1005
11:22:47     INFO - GECKO(932) |     #8 0x7ff977459838 in mozilla::layers::LayerManagerComposite::UpdateAndRender(void) z:\build\build\src\gfx\layers\composite\LayerManagerComposite.cpp:544
11:22:47     INFO - GECKO(932) |     #9 0x7ff97745798c in mozilla::layers::LayerManagerComposite::EndTransaction(class mozilla::TimeStamp const &,enum mozilla::layers::LayerManager::EndTransactionFlags) z:\build\build\src\gfx\layers\composite\LayerManagerComposite.cpp:465
11:22:47     INFO - GECKO(932) |     #10 0x7ff97750ebfa in mozilla::layers::CompositorBridgeParent::CompositeToTarget(class mozilla::gfx::DrawTarget *,struct mozilla::gfx::IntRectTyped<struct mozilla::gfx::UnknownUnits> const *) z:\build\build\src\gfx\layers\ipc\CompositorBridgeParent.cpp:1086
11:22:47     INFO - GECKO(932) |     #11 0x7ff97752c7a9 in mozilla::layers::CompositorVsyncScheduler::Composite(class mozilla::TimeStamp) z:\build\build\src\gfx\layers\ipc\CompositorVsyncScheduler.cpp:245
11:22:47     INFO - GECKO(932) |     #12 0x7ff977563e41 in mozilla::detail::RunnableMethodImpl<class mozilla::layers::CompositorVsyncScheduler *,void ( mozilla::layers::CompositorVsyncScheduler::*)(class mozilla::TimeStamp),1,1,class mozilla::TimeStamp>::Run(void) z:\build\build\src\obj-firefox\dist\include\nsThreadUtils.h:1229
11:22:47     INFO - GECKO(932) |     #13 0x7ff975685173 in ?DeferOrRunPendingTask@MessageLoop@@IEAA_N$$QEAUPendingTask@1@@Z z:\build\build\src\ipc\chromium\src\base\message_loop.cc:459
11:22:47     INFO - GECKO(932) |     #14 0x7ff975686b4e in MessageLoop::DoWork(void) z:\build\build\src\ipc\chromium\src\base\message_loop.cc:534
11:22:47     INFO - GECKO(932) |     #15 0x7ff975657f32 in base::MessagePumpForUI::DoRunLoop(void) z:\build\build\src\ipc\chromium\src\base\message_pump_win.cc:210
11:22:47     INFO - GECKO(932) |     #16 0x7ff97565a389 in base::MessagePumpWin::Run(class base::MessagePump::Delegate *) z:\build\build\src\ipc\chromium\src\base\message_pump_win.h:80
11:22:47     INFO - GECKO(932) |     #17 0x7ff975683efe in MessageLoop::RunHandler(void) z:\build\build\src\ipc\chromium\src\base\message_loop.cc:318
11:22:47     INFO - GECKO(932) |     #18 0x7ff9756945e5 in base::Thread::ThreadMain(void) z:\build\build\src\ipc\chromium\src\base\thread.cc:181
11:22:47     INFO - GECKO(932) |     #19 0x7ff97565bb2a in `anonymous namespace'::ThreadFunc z:\build\build\src\ipc\chromium\src\base\platform_thread_win.cc:34
11:22:47     INFO - GECKO(932) |     #20 0x7ff98ba8e4b8 in __asan::AsanThread::ThreadStart(unsigned __int64,struct __sanitizer::atomic_uintptr_t *) Z:\task_1537535524\build\src\build\build-clang\build-clang\src\llvm\projects\compiler-rt\lib\asan\asan_thread.cc:262
11:22:47     INFO - GECKO(932) |     #21 0x7ff9b3b22773  (C:\Windows\System32\KERNEL32.DLL+0x180012773)
11:22:47     INFO - GECKO(932) |     #22 0x7ff99e2a74f9 in patched_BaseThreadInitThunk z:\build\build\src\mozglue\build\WindowsDllBlocklist.cpp:708
11:22:47     INFO - GECKO(932) |     #23 0x7ff9b6620d60  (C:\Windows\SYSTEM32\ntdll.dll+0x180070d60)
11:22:47     INFO - GECKO(932) | 0x1170a56e6090 is located 272 bytes inside of 1424-byte region [0x1170a56e5f80,0x1170a56e6510)
11:22:47     INFO - GECKO(932) | freed by thread T0 here:
11:22:47     INFO - GECKO(932) |     #0 0x7ff98ba83fd0 in free Z:\task_1537535524\build\src\build\build-clang\build-clang\src\llvm\projects\compiler-rt\lib\asan\asan_malloc_win.cc:44
11:22:47     INFO - GECKO(932) |     #1 0x7ff98031bb23 in _moz_cairo_destroy z:\build\build\src\gfx\cairo\cairo\src\cairo.c:485
11:22:47     INFO - GECKO(932) |     #2 0x7ff976b90c75 in mozilla::gfx::DrawTargetCairo::~DrawTargetCairo(void) z:\build\build\src\gfx\2d\DrawTargetCairo.cpp:617
11:22:47     INFO - GECKO(932) |     #3 0x7ff976c027ff in mozilla::gfx::DrawTargetCairo::`scalar deleting destructor'(unsigned int) z:\build\build\src\gfx\2d\DrawTargetCairo.cpp:616
11:22:47     INFO - GECKO(932) |     #4 0x7ff97e200b73 in mozilla::widget::WinCompositorWidget::ClearTransparentWindow(void) z:\build\build\src\widget\windows\WinCompositorWidget.cpp:312
11:22:47     INFO - GECKO(932) |     #5 0x7ff97e35895b in nsWindow::Show(bool) z:\build\build\src\widget\windows\nsWindow.cpp:1648
11:22:47     INFO - GECKO(932) |     #6 0x7ff97e06bd61 in nsView::DoResetWidgetBounds(bool,bool) z:\build\build\src\view\nsView.cpp:342
11:22:47     INFO - GECKO(932) |     #7 0x7ff97e079667 in nsViewManager::ProcessPendingUpdatesForView(class nsView *,bool) z:\build\build\src\view\nsViewManager.cpp:399
11:22:47     INFO - GECKO(932) |     #8 0x7ff97e0808f7 in nsViewManager::ProcessPendingUpdates(void) z:\build\build\src\view\nsViewManager.cpp:1102
11:22:47     INFO - GECKO(932) |     #9 0x7ff97e8bd0ec in nsRefreshDriver::Tick(class mozilla::TimeStamp) z:\build\build\src\layout\base\nsRefreshDriver.cpp:2046
11:22:47     INFO - GECKO(932) |     #10 0x7ff97e8cc92a in mozilla::RefreshDriverTimer::TickRefreshDrivers(class mozilla::TimeStamp,class nsTArray<class RefPtr<class nsRefreshDriver> > &) z:\build\build\src\layout\base\nsRefreshDriver.cpp:300
11:22:47     INFO - GECKO(932) |     #11 0x7ff97e8cc3ae in mozilla::RefreshDriverTimer::Tick(class mozilla::TimeStamp) z:\build\build\src\layout\base\nsRefreshDriver.cpp:318
11:22:47     INFO - GECKO(932) |     #12 0x7ff97e8cfe4e in mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::TickRefreshDriver(class mozilla::TimeStamp) z:\build\build\src\layout\base\nsRefreshDriver.cpp:672
11:22:47     INFO - GECKO(932) |     #13 0x7ff97e8d03fb in mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::ParentProcessVsyncNotifier::Run(void) z:\build\build\src\layout\base\nsRefreshDriver.cpp:513
11:22:47     INFO - GECKO(932) |     #14 0x7ff9746cf8d8 in nsThread::ProcessNextEvent(bool,bool *) z:\build\build\src\xpcom\threads\nsThread.cpp:1166
11:22:47     INFO - GECKO(932) |     #15 0x7ff9746d79ce in NS_ProcessNextEvent(class nsIThread *,bool) z:\build\build\src\xpcom\threads\nsThreadUtils.cpp:519
11:22:47     INFO - GECKO(932) |     #16 0x7ff97571c769 in mozilla::ipc::MessagePump::Run(class base::MessagePump::Delegate *) z:\build\build\src\ipc\glue\MessagePump.cpp:97
11:22:47     INFO - GECKO(932) |     #17 0x7ff975683efe in MessageLoop::RunHandler(void) z:\build\build\src\ipc\chromium\src\base\message_loop.cc:318
11:22:47     INFO - GECKO(932) |     #18 0x7ff975683c86 in MessageLoop::Run(void) z:\build\build\src\ipc\chromium\src\base\message_loop.cc:298
11:22:47     INFO - GECKO(932) |     #19 0x7ff97e159e2a in nsBaseAppShell::Run(void) z:\build\build\src\widget\nsBaseAppShell.cpp:158
11:22:47     INFO - GECKO(932) |     #20 0x7ff97e2db8a9 in nsAppShell::Run(void) z:\build\build\src\widget\windows\nsAppShell.cpp:420
11:22:47     INFO - GECKO(932) |     #21 0x7ff98221472e in nsAppStartup::Run(void) z:\build\build\src\toolkit\components\startup\nsAppStartup.cpp:290
11:22:47     INFO - GECKO(932) |     #22 0x7ff9824b3327 in XREMain::XRE_mainRun(void) z:\build\build\src\toolkit\xre\nsAppRunner.cpp:4823
11:22:47     INFO - GECKO(932) |     #23 0x7ff9824b7c67 in XREMain::XRE_main(int,char * * const,struct mozilla::BootstrapConfig const &) z:\build\build\src\toolkit\xre\nsAppRunner.cpp:4968
11:22:47     INFO - GECKO(932) |     #24 0x7ff9824ba080 in XRE_main(int,char * * const,struct mozilla::BootstrapConfig const &) z:\build\build\src\toolkit\xre\nsAppRunner.cpp:5060
11:22:47     INFO - GECKO(932) |     #25 0x7ff6d61f1d5d  (Z:\task_1537700112\build\application\firefox\firefox.exe+0x140001d5d)
11:22:47     INFO - GECKO(932) |     #26 0x7ff6d61f14a1  (Z:\task_1537700112\build\application\firefox\firefox.exe+0x1400014a1)
11:22:47     INFO - GECKO(932) |     #27 0x7ff6d62ee63b  (Z:\task_1537700112\build\application\firefox\firefox.exe+0x1400fe63b)
11:22:47     INFO - GECKO(932) |     #28 0x7ff9b3b22773  (C:\Windows\System32\KERNEL32.DLL+0x180012773)
11:22:47     INFO - GECKO(932) |     #29 0x7ff9b6620d60  (C:\Windows\SYSTEM32\ntdll.dll+0x180070d60)
11:22:47     INFO - GECKO(932) | previously allocated by thread T0 here:
11:22:47     INFO - GECKO(932) |     #0 0x7ff98ba840c0 in malloc Z:\task_1537535524\build\src\build\build-clang\build-clang\src\llvm\projects\compiler-rt\lib\asan\asan_malloc_win.cc:60
11:22:47     INFO - GECKO(932) |     #1 0x7ff98031b233 in _moz_cairo_create z:\build\build\src\gfx\cairo\cairo\src\cairo.c:384
11:22:47     INFO - GECKO(932) |     #2 0x7ff976ba4d74 in mozilla::gfx::DrawTargetCairo::InitAlreadyReferenced(struct _cairo_surface *,struct mozilla::gfx::IntSizeTyped<struct mozilla::gfx::UnknownUnits> const &,enum mozilla::gfx::SurfaceFormat *) z:\build\build\src\gfx\2d\DrawTargetCairo.cpp:1921
11:22:47     INFO - GECKO(932) |     #3 0x7ff976ad2477 in mozilla::gfx::Factory::CreateDrawTargetForCairoSurface(struct _cairo_surface *,struct mozilla::gfx::IntSizeTyped<struct mozilla::gfx::UnknownUnits> const &,enum mozilla::gfx::SurfaceFormat *) z:\build\build\src\gfx\2d\Factory.cpp:1052
11:22:47     INFO - GECKO(932) |     #4 0x7ff97761d31d in gfxPlatform::CreateDrawTargetForSurface(class gfxASurface *,struct mozilla::gfx::IntSizeTyped<struct mozilla::gfx::UnknownUnits> const &) z:\build\build\src\gfx\thebes\gfxPlatform.cpp:1229
11:22:47     INFO - GECKO(932) |     #5 0x7ff97e20082b in mozilla::widget::WinCompositorWidget::ClearTransparentWindow(void) z:\build\build\src\widget\windows\WinCompositorWidget.cpp:305
11:22:47     INFO - GECKO(932) |     #6 0x7ff97e35895b in nsWindow::Show(bool) z:\build\build\src\widget\windows\nsWindow.cpp:1648
11:22:47     INFO - GECKO(932) |     #7 0x7ff97e06bd61 in nsView::DoResetWidgetBounds(bool,bool) z:\build\build\src\view\nsView.cpp:342
11:22:47     INFO - GECKO(932) |     #8 0x7ff97e079667 in nsViewManager::ProcessPendingUpdatesForView(class nsView *,bool) z:\build\build\src\view\nsViewManager.cpp:399
11:22:47     INFO - GECKO(932) |     #9 0x7ff97e0808f7 in nsViewManager::ProcessPendingUpdates(void) z:\build\build\src\view\nsViewManager.cpp:1102
11:22:47     INFO - GECKO(932) |     #10 0x7ff97e8bd0ec in nsRefreshDriver::Tick(class mozilla::TimeStamp) z:\build\build\src\layout\base\nsRefreshDriver.cpp:2046
11:22:47     INFO - GECKO(932) |     #11 0x7ff97e8cc92a in mozilla::RefreshDriverTimer::TickRefreshDrivers(class mozilla::TimeStamp,class nsTArray<class RefPtr<class nsRefreshDriver> > &) z:\build\build\src\layout\base\nsRefreshDriver.cpp:300
11:22:47     INFO - GECKO(932) |     #12 0x7ff97e8cc3ae in mozilla::RefreshDriverTimer::Tick(class mozilla::TimeStamp) z:\build\build\src\layout\base\nsRefreshDriver.cpp:318
11:22:47     INFO - GECKO(932) |     #13 0x7ff97e8cfe4e in mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::TickRefreshDriver(class mozilla::TimeStamp) z:\build\build\src\layout\base\nsRefreshDriver.cpp:672
11:22:47     INFO - GECKO(932) |     #14 0x7ff97e8d03fb in mozilla::VsyncRefreshDriverTimer::RefreshDriverVsyncObserver::ParentProcessVsyncNotifier::Run(void) z:\build\build\src\layout\base\nsRefreshDriver.cpp:513
11:22:47     INFO - GECKO(932) |     #15 0x7ff9746cf8d8 in nsThread::ProcessNextEvent(bool,bool *) z:\build\build\src\xpcom\threads\nsThread.cpp:1166
11:22:47     INFO - GECKO(932) |     #16 0x7ff9746d79ce in NS_ProcessNextEvent(class nsIThread *,bool) z:\build\build\src\xpcom\threads\nsThreadUtils.cpp:519
11:22:47     INFO - GECKO(932) |     #17 0x7ff97571c769 in mozilla::ipc::MessagePump::Run(class base::MessagePump::Delegate *) z:\build\build\src\ipc\glue\MessagePump.cpp:97
11:22:47     INFO - GECKO(932) |     #18 0x7ff975683efe in MessageLoop::RunHandler(void) z:\build\build\src\ipc\chromium\src\base\message_loop.cc:318
11:22:47     INFO - GECKO(932) |     #19 0x7ff975683c86 in MessageLoop::Run(void) z:\build\build\src\ipc\chromium\src\base\message_loop.cc:298
11:22:47     INFO - GECKO(932) |     #20 0x7ff97e159e2a in nsBaseAppShell::Run(void) z:\build\build\src\widget\nsBaseAppShell.cpp:158
11:22:47     INFO - GECKO(932) |     #21 0x7ff97e2db8a9 in nsAppShell::Run(void) z:\build\build\src\widget\windows\nsAppShell.cpp:420
11:22:47     INFO - GECKO(932) |     #22 0x7ff98221472e in nsAppStartup::Run(void) z:\build\build\src\toolkit\components\startup\nsAppStartup.cpp:290
11:22:47     INFO - GECKO(932) |     #23 0x7ff9824b3327 in XREMain::XRE_mainRun(void) z:\build\build\src\toolkit\xre\nsAppRunner.cpp:4823
11:22:47     INFO - GECKO(932) |     #24 0x7ff9824b7c67 in XREMain::XRE_main(int,char * * const,struct mozilla::BootstrapConfig const &) z:\build\build\src\toolkit\xre\nsAppRunner.cpp:4968
11:22:47     INFO - GECKO(932) |     #25 0x7ff9824ba080 in XRE_main(int,char * * const,struct mozilla::BootstrapConfig const &) z:\build\build\src\toolkit\xre\nsAppRunner.cpp:5060
11:22:47     INFO - GECKO(932) |     #26 0x7ff6d61f1d5d  (Z:\task_1537700112\build\application\firefox\firefox.exe+0x140001d5d)
11:22:47     INFO - GECKO(932) |     #27 0x7ff6d61f14a1  (Z:\task_1537700112\build\application\firefox\firefox.exe+0x1400014a1)
11:22:47     INFO - GECKO(932) |     #28 0x7ff6d62ee63b  (Z:\task_1537700112\build\application\firefox\firefox.exe+0x1400fe63b)
11:22:47     INFO - GECKO(932) |     #29 0x7ff9b3b22773  (C:\Windows\System32\KERNEL32.DLL+0x180012773)
11:22:47     INFO - GECKO(932) | Thread T58 created by T0 here:
11:22:47     INFO - GECKO(932) |     #0 0x7ff98ba8f5f0 in __asan_wrap_CreateThread Z:\task_1537535524\build\src\build\build-clang\build-clang\src\llvm\projects\compiler-rt\lib\asan\asan_win.cc:146
11:22:47     INFO - GECKO(932) |     #1 0x7ff97565babf in PlatformThread::Create(unsigned __int64,class PlatformThread::Delegate *,void * *) z:\build\build\src\ipc\chromium\src\base\platform_thread_win.cc:78
11:22:47     INFO - GECKO(932) |     #2 0x7ff975693e9c in base::Thread::StartWithOptions(struct base::Thread::Options const &) z:\build\build\src\ipc\chromium\src\base\thread.cc:99
11:22:47     INFO - GECKO(932) |     #3 0x7ff97752a76c in mozilla::layers::CompositorThreadHolder::CompositorThreadHolder(void) z:\build\build\src\gfx\layers\ipc\CompositorThread.cpp:53
11:22:47     INFO - GECKO(932) |     #4 0x7ff97752abdf in mozilla::layers::CompositorThreadHolder::Start(void) z:\build\build\src\gfx\layers\ipc\CompositorThread.cpp:123
11:22:47     INFO - GECKO(932) |     #5 0x7ff97761a012 in gfxPlatform::InitLayersIPC(void) z:\build\build\src\gfx\thebes\gfxPlatform.cpp:1149
11:22:47     INFO - GECKO(932) |     #6 0x7ff9776130eb in gfxPlatform::Init(void) z:\build\build\src\gfx\thebes\gfxPlatform.cpp:857
11:22:47     INFO - GECKO(932) |     #7 0x7ff977611643 in gfxPlatform::GetPlatform(void) z:\build\build\src\gfx\thebes\gfxPlatform.cpp:517
11:22:47     INFO - GECKO(932) |     #8 0x7ff97e8b195c in nsRefreshDriver::ChooseTimer(void)const  z:\build\build\src\layout\base\nsRefreshDriver.cpp:1101
11:22:47     INFO - GECKO(932) |     #9 0x7ff97e8b51c6 in nsRefreshDriver::EnsureTimerStarted(enum nsRefreshDriver::EnsureTimerStartedFlags) z:\build\build\src\layout\base\nsRefreshDriver.cpp:1357
11:22:47     INFO - GECKO(932) |     #10 0x7ff97e97f58f in nsIPresShell::DoObserveStyleFlushes(void) z:\build\build\src\layout\base\PresShell.cpp:9437
11:22:47     INFO - GECKO(932) |     #11 0x7ff97eafd596 in nsPresContext::CompatibilityModeChanged(void) z:\build\build\src\layout\base\nsPresContext.cpp:1102
11:22:47     INFO - GECKO(932) |     #12 0x7ff97e918842 in mozilla::PresShell::Init(class nsIDocument *,class nsPresContext *,class nsViewManager *,class mozilla::UniquePtr<class mozilla::ServoStyleSet,class mozilla::DefaultDelete<class mozilla::ServoStyleSet> >) z:\build\build\src\layout\base\PresShell.cpp:949
11:22:47     INFO - GECKO(932) |     #13 0x7ff97809f8cd in nsIDocument::CreateShell(class nsPresContext *,class nsViewManager *,class mozilla::UniquePtr<class mozilla::ServoStyleSet,class mozilla::DefaultDelete<class mozilla::ServoStyleSet> >) z:\build\build\src\dom\base\nsDocument.cpp:3936
11:22:47     INFO - GECKO(932) |     #14 0x7ff97ea3c0bf in nsDocumentViewer::InitPresentationStuff(bool) z:\build\build\src\layout\base\nsDocumentViewer.cpp:796
11:22:47     INFO - GECKO(932) |     #15 0x7ff97ea3b683 in nsDocumentViewer::InitInternal(class nsIWidget *,class nsISupports *,struct mozilla::gfx::IntRectTyped<struct mozilla::gfx::UnknownUnits> const &,bool,bool,bool) z:\build\build\src\layout\base\nsDocumentViewer.cpp:1045
11:22:47     INFO - GECKO(932) |     #16 0x7ff97ea3a7c0 in nsDocumentViewer::Init(class nsIWidget *,struct mozilla::gfx::IntRectTyped<struct mozilla::gfx::UnknownUnits> const &) z:\build\build\src\layout\base\nsDocumentViewer.cpp:771
11:22:47     INFO - GECKO(932) |     #17 0x7ff9818b6cf7 in nsDocShell::SetupNewViewer(class nsIContentViewer *) z:\build\build\src\docshell\base\nsDocShell.cpp:8883
11:22:47     INFO - GECKO(932) |     #18 0x7ff9818b56f2 in nsDocShell::Embed(class nsIContentViewer *,char const *,class nsISupports *) z:\build\build\src\docshell\base\nsDocShell.cpp:6707
11:22:47     INFO - GECKO(932) |     #19 0x7ff9818c669a in nsDocShell::CreateAboutBlankContentViewer(class nsIPrincipal *,class nsIURI *,bool,bool) z:\build\build\src\docshell\base\nsDocShell.cpp:7586
11:22:47     INFO - GECKO(932) |     #20 0x7ff9818c7d3a in nsDocShell::CreateAboutBlankContentViewer(class nsIPrincipal *) z:\build\build\src\docshell\base\nsDocShell.cpp:7611
11:22:47     INFO - GECKO(932) |     #21 0x7ff981945cc5 in nsWebShellWindow::Initialize(class nsIXULWindow *,class nsIXULWindow *,class nsIURI *,int,int,bool,class nsITabParent *,class mozIDOMWindowProxy *,struct nsWidgetInitData &) z:\build\build\src\xpfe\appshell\nsWebShellWindow.cpp:229
11:22:47     INFO - GECKO(932) |     #22 0x7ff98193f7a3 in nsAppShellService::JustCreateTopWindow(class nsIXULWindow *,class nsIURI *,unsigned int,int,int,bool,class nsITabParent *,class mozIDOMWindowProxy *,class nsWebShellWindow * *) z:\build\build\src\xpfe\appshell\nsAppShellService.cpp:754
11:22:47     INFO - GECKO(932) |     #23 0x7ff98194198c in nsAppShellService::CreateTopLevelWindow(class nsIXULWindow *,class nsIURI *,unsigned int,int,int,class nsITabParent *,class mozIDOMWindowProxy *,class nsIXULWindow * *) z:\build\build\src\xpfe\appshell\nsAppShellService.cpp:200
11:22:47     INFO - GECKO(932) |     #24 0x7ff982216fef in nsAppStartup::CreateChromeWindow2(class nsIWebBrowserChrome *,unsigned int,class nsITabParent *,class mozIDOMWindowProxy *,unsigned __int64,bool *,class nsIWebBrowserChrome * *) z:\build\build\src\toolkit\components\startup\nsAppStartup.cpp:680
11:22:47     INFO - GECKO(932) |     #25 0x7ff98240eed4 in nsWindowWatcher::CreateChromeWindow(class nsTSubstring<char> const &,class nsIWebBrowserChrome *,unsigned int,class nsITabParent *,class mozIDOMWindowProxy *,unsigned __int64,class nsIWebBrowserChrome * *) z:\build\build\src\toolkit\components\windowwatcher\nsWindowWatcher.cpp:463
11:22:47     INFO - GECKO(932) |     #26 0x7ff98240aee4 in nsWindowWatcher::OpenWindowInternal(class mozIDOMWindowProxy *,char const *,char const *,char const *,bool,bool,bool,class nsIArray *,bool,bool,class nsDocShellLoadInfo *,class mozIDOMWindowProxy * *) z:\build\build\src\toolkit\components\windowwatcher\nsWindowWatcher.cpp:934
11:22:47     INFO - GECKO(932) |     #27 0x7ff9824055d4 in nsWindowWatcher::OpenWindow(class mozIDOMWindowProxy *,char const *,char const *,char const *,class nsISupports *,class mozIDOMWindowProxy * *) z:\build\build\src\toolkit\components\windowwatcher\nsWindowWatcher.cpp:323
11:22:47     INFO - GECKO(932) |     #28 0x7ff9849d1a71 in XPTC__InvokebyIndex (Z:\task_1537700112\build\application\firefox\xul.dll+0x1905a1a71)
11:22:47     INFO - GECKO(932) |     #29 0x7ff9762a4605 in XPCWrappedNative::CallMethod(class XPCCallContext &,enum XPCWrappedNative::CallMode) z:\build\build\src\js\xpconnect\src\XPCWrappedNative.cpp:1233
11:22:47     INFO - GECKO(932) |     #30 0x7ff9762abfea in XPC_WN_CallMethod(struct JSContext *,unsigned int,union JS::Value *) z:\build\build\src\js\xpconnect\src\XPCWrappedNativeJSOps.cpp:963
11:22:47     INFO - GECKO(932) |     #31 0x7ff983deb282 in js::InternalCallOrConstruct(struct JSContext *,class JS::CallArgs const &,enum js::MaybeConstruct) z:\build\build\src\js\src\vm\Interpreter.cpp:553
11:22:47     INFO - GECKO(932) |     #32 0x7ff983dedca5 in InternalCall z:\build\build\src\js\src\vm\Interpreter.cpp:607
11:22:47     INFO - GECKO(932) |     #33 0x7ff983db84ff in Interpret z:\build\build\src\js\src\vm\Interpreter.cpp:3451
11:22:47     INFO - GECKO(932) |     #34 0x7ff983db3f37 in js::RunScript(struct JSContext *,class js::RunState &) z:\build\build\src\js\src\vm\Interpreter.cpp:440
11:22:47     INFO - GECKO(932) |     #35 0x7ff983debb13 in js::InternalCallOrConstruct(struct JSContext *,class JS::CallArgs const &,enum js::MaybeConstruct) z:\build\build\src\js\src\vm\Interpreter.cpp:580
11:22:47     INFO - GECKO(932) |     #36 0x7ff983dedca5 in InternalCall z:\build\build\src\js\src\vm\Interpreter.cpp:607
11:22:47     INFO - GECKO(932) |     #37 0x7ff983deded6 in js::Call(struct JSContext *,class JS::Handle<union JS::Value>,class JS::Handle<union JS::Value>,class js::AnyInvokeArgs const &,class JS::MutableHandle<union JS::Value>) z:\build\build\src\js\src\vm\Interpreter.cpp:626
11:22:47     INFO - GECKO(932) |     #38 0x7ff982b99aaf in JS_CallFunctionValue(struct JSContext *,class JS::Handle<class JSObject *>,class JS::Handle<union JS::Value>,class JS::HandleValueArray const &,class JS::MutableHandle<union JS::Value>) z:\build\build\src\js\src\jsapi.cpp:2893
11:22:47     INFO - GECKO(932) |     #39 0x7ff97628764d in nsXPCWrappedJSClass::CallMethod(class nsXPCWrappedJS *,unsigned short,struct nsXPTMethodInfo const *,struct nsXPTCMiniVariant *) z:\build\build\src\js\xpconnect\src\XPCWrappedJSClass.cpp:1206
11:22:47     INFO - GECKO(932) |     #40 0x7ff976284e93 in nsXPCWrappedJS::CallMethod(unsigned short,struct nsXPTMethodInfo const *,struct nsXPTCMiniVariant *) z:\build\build\src\js\xpconnect\src\XPCWrappedJS.cpp:653
11:22:47     INFO - GECKO(932) |     #41 0x7ff974703a18 in PrepareAndDispatch z:\build\build\src\xpcom\reflect\xptcall\md\win32\xptcstubs_x86_64.cpp:181
11:22:47     INFO - GECKO(932) |     #42 0x7ff9849d1ac8 in SharedStub (Z:\task_1537700112\build\application\firefox\xul.dll+0x1905a1ac8)
11:22:47     INFO - GECKO(932) |     #43 0x7ff974673686 in NS_CreateServicesFromCategory(char const *,class nsISupports *,char const *,UNKNOWN const *) z:\build\build\src\xpcom\components\nsCategoryManager.cpp:777
11:22:47     INFO - GECKO(932) |     #44 0x7ff9824e82be in nsXREDirProvider::DoStartup(void) z:\build\build\src\toolkit\xre\nsXREDirProvider.cpp:1002
11:22:47     INFO - GECKO(932) |     #45 0x7ff9824b2af3 in XREMain::XRE_mainRun(void) z:\build\build\src\toolkit\xre\nsAppRunner.cpp:4653
11:22:47     INFO - GECKO(932) |     #46 0x7ff9824b7c67 in XREMain::XRE_main(int,char * * const,struct mozilla::BootstrapConfig const &) z:\build\build\src\toolkit\xre\nsAppRunner.cpp:4968
11:22:47     INFO - GECKO(932) |     #47 0x7ff9824ba080 in XRE_main(int,char * * const,struct mozilla::BootstrapConfig const &) z:\build\build\src\toolkit\xre\nsAppRunner.cpp:5060
11:22:47     INFO - GECKO(932) |     #48 0x7ff6d61f1d5d  (Z:\task_1537700112\build\application\firefox\firefox.exe+0x140001d5d)
11:22:47     INFO - GECKO(932) |     #49 0x7ff6d61f14a1  (Z:\task_1537700112\build\application\firefox\firefox.exe+0x1400014a1)
11:22:47     INFO - GECKO(932) |     #50 0x7ff6d62ee63b  (Z:\task_1537700112\build\application\firefox\firefox.exe+0x1400fe63b)
11:22:47     INFO - GECKO(932) |     #51 0x7ff9b3b22773  (C:\Windows\System32\KERNEL32.DLL+0x180012773)
11:22:47     INFO - GECKO(932) |     #52 0x7ff9b6620d60  (C:\Windows\SYSTEM32\ntdll.dll+0x180070d60)
11:22:47     INFO - GECKO(932) | SUMMARY: AddressSanitizer: heap-use-after-free z:\build\build\src\gfx\cairo\cairo\src\cairo-gstate.c:218 in _cairo_gstate_fini
11:22:47     INFO - GECKO(932) | Shadow bytes around the buggy address:
11:22:47     INFO - GECKO(932) |   0x0368b9ddcbc0: fd fd fa fa fa fa fa fa fa fa fa fa fa fa fa fa
11:22:47     INFO - GECKO(932) |   0x0368b9ddcbd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
11:22:47     INFO - GECKO(932) |   0x0368b9ddcbe0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
11:22:47     INFO - GECKO(932) |   0x0368b9ddcbf0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
11:22:47     INFO - GECKO(932) |   0x0368b9ddcc00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
11:22:47     INFO - GECKO(932) | =>0x0368b9ddcc10: fd fd[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd
11:22:47     INFO - GECKO(932) |   0x0368b9ddcc20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
11:22:47     INFO - GECKO(932) |   0x0368b9ddcc30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
11:22:47     INFO - GECKO(932) |   0x0368b9ddcc40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
11:22:47     INFO - GECKO(932) |   0x0368b9ddcc50: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
11:22:47     INFO - GECKO(932) |   0x0368b9ddcc60: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
11:22:47     INFO - GECKO(932) | Shadow byte legend (one shadow byte represents 8 application bytes):
11:22:47     INFO - GECKO(932) |   Addressable:           00
11:22:47     INFO - GECKO(932) |   Partially addressable: 01 02 03 04 05 06 07
11:22:47     INFO - GECKO(932) |   Heap left redzone:       fa
11:22:47     INFO - GECKO(932) |   Freed heap region:       fd
11:22:47     INFO - GECKO(932) |   Stack left redzone:      f1
11:22:47     INFO - GECKO(932) |   Stack mid redzone:       f2
11:22:47     INFO - GECKO(932) |   Stack right redzone:     f3
11:22:47     INFO - GECKO(932) |   Stack after return:      f5
11:22:47     INFO - GECKO(932) |   Stack use after scope:   f8
11:22:47     INFO - GECKO(932) |   Global redzone:          f9
11:22:47     INFO - GECKO(932) |   Global init order:       f6
11:22:47     INFO - GECKO(932) |   Poisoned by user:        f7
11:22:47     INFO - GECKO(932) |   Container overflow:      fc
11:22:47     INFO - GECKO(932) |   Array cookie:            ac
11:22:47     INFO - GECKO(932) |   Intra object redzone:    bb
11:22:47     INFO - GECKO(932) |   ASan internal:           fe
11:22:47     INFO - GECKO(932) |   Left alloca redzone:     ca
11:22:47     INFO - GECKO(932) |   Right alloca redzone:    cb
11:22:47     INFO - GECKO(932) |   Shadow gap:              cc
11:22:47     INFO - GECKO(932) | ==932==ABORTING
11:22:48     INFO - TEST-INFO | Main app process: exit 1

Sebastian Hengst [:aryx] (needinfo me if it's about an intermittent or backout)

Updated

•

6 years ago

Status: NEW → RESOLVED

Closed: 6 years ago

Resolution: --- → DUPLICATE

Daniel Veditz [:dveditz]

Updated

•

2 years ago

Group: core-security

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Intermittent SUMMARY: AddressSanitizer: heap-use-after-free z:\build\build\src\gfx\cairo\cairo\src\cairo-gstate.c:218 in _cairo_gstate_fini

Categories

(Core :: Graphics, defect)

Tracking

()

People

(Reporter: nataliaCs, Unassigned)

References

Details

(Keywords: intermittent-failure)

Crash Data

Security

(public)

User Story

Description

Updated

Updated