AddressSanitizer: attempting double-free on 0x614000105240 [@ free] in libfontconfig.so
Categories
(Core :: Graphics, defect)
Tracking
()
Tracking | Status | |
---|---|---|
firefox78 | --- | fixed |
People
(Reporter: decoder, Unassigned)
Details
(Keywords: crash, regression)
Attachments
(1 file)
5.74 KB,
text/plain
|
Details |
The attached crash information was submitted via the ASan Nightly Reporter on mozilla-central-asan-nightly revision 78.0a1-20200506215114-https://hg.mozilla.org/mozilla-central/rev/93a33cb7f2369ac4f1d1f2ac97ec14ba60e1e7d7.
For detailed crash information, see attachment.
This is a double-free inside libfontconfig.so, we should try to get the exact location to determine if this is a library problem or a problem with how we use it.
Reporter | ||
Comment 1•4 years ago
|
||
Reporter | ||
Comment 2•4 years ago
|
||
@Original Reporter: Can you please provide exact information about your Linux distribution and the exact version of your libfontconfig package? You can also try to install debug symbols for that package yourself and symbolize the missing frames using addr2line
. Don't perform any upgrades to the package itself, it might make it impossible to get the exact location of the double free. Getting this information should help us to determine if this is a third-party bug or a bug in how we use the library.
Comment 3•4 years ago
|
||
I had already deleted the nightly in question, so wasn’t able to fill in the symbols. Instead,
https://crash-stats.mozilla.org/report/index/45b042bc-067a-438e-b211-0fb060200508
is a crash from the latest nightly with fontconfig symbols installed locally & appears to have line numbers for all libraries.
Linux distribution is (I’m afraid) a Debian testing/unstable mix.
$ dpkg -s libfontconfig1:amd64
...
Version: 2.13.1-4
Let me know if I can provide anything else.
NB. Is there some way I could have attached gdb & halted at the crash point? I don’t seem to be able to turn off the crash reporter at all.
Comment 4•4 years ago
|
||
Although my understanding from poking about online is that this is a fontconfig bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959800
Comment 5•4 years ago
|
||
Here’s the corresponding source line from the Debian sources: https://sources.debian.org/src/fontconfig/2.13.1-4/src/fcfreetype.c/#L2125
Comment 6•4 years ago
|
||
Can we mark this as a duplicate of bug 1633467?
Reporter | ||
Comment 7•4 years ago
|
||
(In reply to Julien Cristau [:jcristau] from comment #6)
Can we mark this as a duplicate of bug 1633467?
Sgtm!
Updated•4 years ago
|
Updated•10 months ago
|
Description
•