Closed Bug 1792146 Opened 2 years ago Closed 1 year ago

Intermittent toolkit/content/tests/chrome/test_menuchecks.xhtml | application crashed [@ _ZN4GMut19EnsureValidAndInUseERK8AutoLockI5MutexEPvm] | application terminated with exit code 1

Categories

(Core :: Graphics, defect, P3)

Firefox 106
Unspecified
macOS
defect

Tracking

()

RESOLVED FIXED
112 Branch
Tracking Status
firefox-esr102 --- unaffected
firefox106 --- wontfix
firefox107 --- wontfix
firefox108 --- wontfix
firefox109 --- wontfix
firefox110 --- wontfix
firefox111 --- wontfix
firefox112 --- fixed

People

(Reporter: intermittent-bug-filer, Assigned: bradwerth)

References

Details

(Keywords: crash, intermittent-failure, regression)

Crash Data

Attachments

(1 file)

Filed by: nfay [at] mozilla.com
Parsed log: https://treeherder.mozilla.org/logviewer?job_id=391265630&repo=mozilla-central
Full log: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/NM04MKAiQhakft5kx9nLRg/runs/0/artifacts/public/logs/live_backing.log


[task 2022-09-23T06:58:25.310Z] 06:58:25     INFO - TEST-START | toolkit/content/tests/chrome/test_menuchecks.xhtml
[task 2022-09-23T06:58:27.950Z] 06:58:27     INFO - GECKO(1600) | Exiting due to channel error.
[task 2022-09-23T06:58:27.998Z] 06:58:27     INFO - TEST-INFO | Main app process: exit 1
[task 2022-09-23T06:58:27.998Z] 06:58:27     INFO - Buffered messages logged at 06:58:25
[task 2022-09-23T06:58:27.999Z] 06:58:27     INFO - TEST-PASS | toolkit/content/tests/chrome/test_menuchecks.xhtml | initial 
[task 2022-09-23T06:58:28.000Z] 06:58:27     INFO - TEST-PASS | toolkit/content/tests/chrome/test_menuchecks.xhtml | select unchecked checkbox 
[task 2022-09-23T06:58:28.000Z] 06:58:28     INFO - TEST-PASS | toolkit/content/tests/chrome/test_menuchecks.xhtml | select checked checkbox 
[task 2022-09-23T06:58:28.000Z] 06:58:28     INFO - Buffered messages logged at 06:58:26
[task 2022-09-23T06:58:28.001Z] 06:58:28     INFO - TEST-PASS | toolkit/content/tests/chrome/test_menuchecks.xhtml | select unchecked autocheck checkbox 
[task 2022-09-23T06:58:28.001Z] 06:58:28     INFO - TEST-PASS | toolkit/content/tests/chrome/test_menuchecks.xhtml | select checked autocheck checkbox 
[task 2022-09-23T06:58:28.001Z] 06:58:28     INFO - Buffered messages logged at 06:58:27
[task 2022-09-23T06:58:28.002Z] 06:58:28     INFO - TEST-PASS | toolkit/content/tests/chrome/test_menuchecks.xhtml | select unchecked radio 
[task 2022-09-23T06:58:28.002Z] 06:58:28     INFO - TEST-PASS | toolkit/content/tests/chrome/test_menuchecks.xhtml | select checked radio 
[task 2022-09-23T06:58:28.003Z] 06:58:28     INFO - TEST-PASS | toolkit/content/tests/chrome/test_menuchecks.xhtml | select out of order checked radio 
[task 2022-09-23T06:58:28.003Z] 06:58:28     INFO - Buffered messages finished
[task 2022-09-23T06:58:28.003Z] 06:58:28    ERROR - TEST-UNEXPECTED-FAIL | toolkit/content/tests/chrome/test_menuchecks.xhtml | application terminated with exit code 1
[task 2022-09-23T06:58:28.004Z] 06:58:28     INFO - runtests.py | Application ran for: 0:05:51.191656
[task 2022-09-23T06:58:28.004Z] 06:58:28     INFO - zombiecheck | Reading PID log: /var/folders/hh/r1bq0dhn7zq2hjjnpgx5l6_8000014/T/tmp3py5r5e5pidlog
[task 2022-09-23T06:58:28.004Z] 06:58:28     INFO - ==> process 1600 launched child process 1775
[task 2022-09-23T06:58:28.005Z] 06:58:28     INFO - ==> process 1600 launched child process 1776
[task 2022-09-23T06:58:28.005Z] 06:58:28     INFO - ==> process 1600 launched child process 1777
[task 2022-09-23T06:58:28.005Z] 06:58:28     INFO - ==> process 1600 launched child process 1778
[task 2022-09-23T06:58:28.006Z] 06:58:28     INFO - ==> process 1600 launched child process 1797
[task 2022-09-23T06:58:28.006Z] 06:58:28     INFO - ==> process 1600 launched child process 1798
[task 2022-09-23T06:58:28.006Z] 06:58:28     INFO - zombiecheck | Checking for orphan process with PID: 1797
[task 2022-09-23T06:58:28.007Z] 06:58:28     INFO - zombiecheck | Checking for orphan process with PID: 1798
[task 2022-09-23T06:58:28.007Z] 06:58:28     INFO - zombiecheck | Checking for orphan process with PID: 1775
[task 2022-09-23T06:58:28.008Z] 06:58:28     INFO - zombiecheck | Checking for orphan process with PID: 1776
[task 2022-09-23T06:58:28.008Z] 06:58:28     INFO - zombiecheck | Checking for orphan process with PID: 1777
[task 2022-09-23T06:58:28.008Z] 06:58:28     INFO - zombiecheck | Checking for orphan process with PID: 1778
[task 2022-09-23T06:58:28.009Z] 06:58:28     INFO - mozcrash Downloading symbols from: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/dpEUKKnMRKCttz05orR2dQ/artifacts/public/build/target.crashreporter-symbols.zip
[task 2022-09-23T06:58:57.376Z] 06:58:57     INFO - mozcrash Copy/paste: /opt/worker/tasks/task_166391569023736/fetches/minidump-stackwalk/minidump-stackwalk --symbols-url=https://symbols.mozilla.org/ --human /var/folders/hh/r1bq0dhn7zq2hjjnpgx5l6_8000014/T/tmp6fimgd0o.mozrunner/minidumps/BABB6A8E-7A35-4C27-8DF1-AD6DC7E9A42D.dmp /var/folders/hh/r1bq0dhn7zq2hjjnpgx5l6_8000014/T/tmpn_00x8qc
[task 2022-09-23T06:59:04.763Z] 06:59:04     INFO - mozcrash Saved minidump as /opt/worker/tasks/task_166391569023736/build/blobber_upload_dir/BABB6A8E-7A35-4C27-8DF1-AD6DC7E9A42D.dmp
[task 2022-09-23T06:59:04.764Z] 06:59:04     INFO - mozcrash Saved app info as /opt/worker/tasks/task_166391569023736/build/blobber_upload_dir/BABB6A8E-7A35-4C27-8DF1-AD6DC7E9A42D.extra
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - PROCESS-CRASH | toolkit/content/tests/chrome/test_menuchecks.xhtml | application crashed [@ _ZN4GMut19EnsureValidAndInUseERK8AutoLockI5MutexEPvm]
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - Mozilla crash reason: MOZ_RELEASE_ASSERT(page.mBaseAddr == aPtr)
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - Crash dump filename: /var/folders/hh/r1bq0dhn7zq2hjjnpgx5l6_8000014/T/tmp6fimgd0o.mozrunner/minidumps/BABB6A8E-7A35-4C27-8DF1-AD6DC7E9A42D.dmp
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - Operating system: Mac OS X
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -                   10.15.7 19H524
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - CPU: amd64
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -      family 6 model 158 stepping 10
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -      12 CPUs
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - 
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - Crash reason:  EXC_BAD_ACCESS / KERN_INVALID_ADDRESS
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - Crash address: 0x0
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - Mac Crash Info:
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - 
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - Process uptime: 351 seconds
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - 
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO - Thread 0 MainThread (crashed)
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -  0  libmozglue.dylib!_ZN4GMut19EnsureValidAndInUseERK8AutoLockI5MutexEPvm [PHC.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 794]
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -     Found by: inlining
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -  1  libmozglue.dylib!_ZL26replace_malloc_usable_sizePKv [PHC.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 1376]
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -     Found by: inlining
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -  2  libmozglue.dylib!_ZN9AllocatorI17ReplaceMallocBaseE18malloc_usable_sizeEPKv [malloc_decls.h:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 61]
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -     Found by: inlining
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -  3  libmozglue.dylib!malloc_usable_size [malloc_decls.h:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 61]
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -     Found by: inlining
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -  4  libmozglue.dylib!zone_size [zone.c:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 113 + 0x1f1]
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -      rax = 0x000000010333973a    rdx = 0x0000000000050000
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -      rcx = 0x0000000103340588    rbx = 0x000000010367dd30
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -      rsi = 0x0000000000000307    rdi = 0x0000000103340498
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -      rbp = 0x00007ffeec9542f0    rsp = 0x00007ffeec9542d0
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -       r8 = 0x00000000000130a8     r9 = 0x0000000000000000
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -      r10 = 0x0000000127015a08    r11 = 0x0000000127015a00
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -      r12 = 0x0000000042475241    r13 = 0x0000000000000000
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -      r14 = 0x000000010367dd30    r15 = 0x000000000000003e
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -      rip = 0x00000001032ac369
[task 2022-09-23T06:59:05.196Z] 06:59:05     INFO -     Found by: given as instruction pointer in context
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -  5  libsystem_malloc.dylib!malloc_size + 0x54
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rbx = 0x000000000000010a    rbp = 0x00007ffeec954330
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rsp = 0x00007ffeec954300    r12 = 0x0000000042475241
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x000000010367dd30
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r15 = 0x00000001258ce120    rip = 0x00007fff69bfbfc2
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -  6  CoreImage!-[CIImage initWithCGImage:options:] + 0x5a3
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rbx = 0x000000000000010a    rbp = 0x00007ffeec954520
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rsp = 0x00007ffeec954340    r12 = 0x0000000042475241
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r13 = 0x000000010367dd30    r14 = 0x0000000127015940
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r15 = 0x00000001258ce120    rip = 0x00007fff305ba10e
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -  7  CoreImage!+[CIImage imageWithCGImage:options:] + 0x2e
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rbx = 0x00000001258ce120    rbp = 0x00007ffeec954540
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rsp = 0x00007ffeec954530    r12 = 0x00000001258ce120
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r13 = 0x00000001258ce120    r14 = 0x000000012e8d2b60
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r15 = 0x00007fff87559c68    rip = 0x00007fff305f0d38
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -  8  CoreUI!CUIRenderer::CreateImageByApplyingEffectsToImage(CUIDescriptor const*, long, __CFArray const*, CGImage*, double, unsigned char, unsigned char, CGBlendMode&, bool) const + 0x77c
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rbx = 0x00007fff875c19c0    rbp = 0x00007ffeec954bb0
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rsp = 0x00007ffeec954550    r12 = 0x00000001258ce120
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r13 = 0x00000001258ce120    r14 = 0x00007fff68889800
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r15 = 0x00007fff87559c68    rip = 0x00007fff4943a0bd
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -  9  CoreUI!CUIRenderer::CreateImage(CGRect, long, CUIDescriptor const*, unsigned char, CGImage**, long long*, unsigned char*, CGBlendMode*) const + 0x15cc
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rbx = 0x00000001160ef670    rbp = 0x00007ffeec954de0
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rsp = 0x00007ffeec954bc0    r12 = 0x0000000000000000
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r13 = 0x00000001160ef400    r14 = 0x0000000000000000
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r15 = 0x00007ffeec954ff0    rip = 0x00007fff49438923
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO - 10  CoreUI!CUIRenderer::DrawImage(CGRect, long, CUIDescriptor const*) const + 0x92
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rbx = 0x4026000000000000    rbp = 0x00007ffeec954f00
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rsp = 0x00007ffeec954df0    r12 = 0x4026000000000000
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r13 = 0xfffffffffffffeb3    r14 = 0x000000010835c9c0
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r15 = 0x00007ffeec954ff0    rip = 0x00007fff49437085
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO - 11  CoreUI!CUICoreThemeRenderer::Draw(CUIDescriptor const*, CGAffineTransform, CUIReturnInfo&) + 0x70b
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rbx = 0x00007ffeec954ff0    rbp = 0x00007ffeec954fb0
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      rsp = 0x00007ffeec954f10    r12 = 0x4052000000000000
[task 2022-09-23T06:59:05.197Z] 06:59:05     INFO -      r13 = 0x00007ffeec954ff0    r14 = 0x000000010835c9c0
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      r15 = 0x00007ffeec954ff8    rip = 0x00007fff494361f6
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO - 12  CoreUI!CUIRenderer::Draw(CGRect, CGContext*, __CFDictionary const*, __CFDictionary const**) + 0x6f0
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rbx = 0x00007ffeec9552d0    rbp = 0x00007ffeec955520
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rsp = 0x00007ffeec954fc0    r12 = 0x4052000000000000
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      r13 = 0x00007ffeec954ff0    r14 = 0x8000000000000000
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      r15 = 0x00007ffeec954ff8    rip = 0x00007fff4943590d
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO - 13  CoreUI!CUIDraw + 0x115
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rbx = 0x000000010835c9c0    rbp = 0x00007ffeec9555a0
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rsp = 0x00007ffeec955530    r12 = 0x000000012d5bc760
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      r13 = 0x000000012c290100    r14 = 0x0000000000000000
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      r15 = 0x00000001035c4178    rip = 0x00007fff494351ec
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO - 14  AppKit!__44-[NSAppearance _drawInRect:context:options:]_block_invoke + 0x2e
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rbx = 0x0000000000000000    rbp = 0x00007ffeec9555d0
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rsp = 0x00007ffeec9555b0    r12 = 0x0000000000000001
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      r13 = 0x0000000000000001    r14 = 0x00007fff2daf0924
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      r15 = 0x0000000000000002    rip = 0x00007fff2cf28461
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO - 15  AppKit!-[NSCompositeAppearance _callCoreUIWithBlock:options:requireBezelTintColor:] + 0x184
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rbp = 0x00007ffeec9556f0    rsp = 0x00007ffeec9555e0
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rip = 0x00007fff2cdb3013
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO - 16  AppKit!-[NSAppearance _drawInRect:context:options:] + 0x6e
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rbp = 0x00007ffeec955750    rsp = 0x00007ffeec955700
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rip = 0x00007fff2cf2842c
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO - 17  XUL!nsNativeThemeCocoa::DrawMenuIcon(CGContext*, CGRect const&, nsNativeThemeCocoa::MenuIconParams const&) [nsNativeThemeCocoa.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 1101 + 0x1f]
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rbp = 0x00007ffeec9557f0    rsp = 0x00007ffeec955760
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rip = 0x000000010d05c1ab
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO - 18  XUL!nsNativeThemeCocoa::DrawMenuItem(CGContext*, CGRect const&, nsNativeThemeCocoa::MenuItemParams const&) [nsNativeThemeCocoa.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 1136]
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -     Found by: inlining
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO - 19  XUL!nsNativeThemeCocoa::RenderWidget(nsNativeThemeCocoa::WidgetInfo const&, mozilla::ColorScheme, mozilla::gfx::DrawTarget&, mozilla::gfx::RectTyped<mozilla::gfx::UnknownUnits, float> const&, mozilla::gfx::RectTyped<mozilla::gfx::UnknownUnits, float> const&, float) [nsNativeThemeCocoa.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 2630]
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -     Found by: inlining
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO - 20  XUL!nsNativeThemeCocoa::DrawWidgetBackground(gfxContext*, nsIFrame*, mozilla::StyleAppearance, nsRect const&, nsRect const&, nsITheme::DrawOverflow) [nsNativeThemeCocoa.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 2561 + 0x50]
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rbx = 0x0000000133335200    rbp = 0x00007ffeec955ac0
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rsp = 0x00007ffeec955800    r12 = 0x000000000000003c
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      r14 = 0x0000000000000001    r15 = 0x0000000000000000
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rip = 0x0000000109ec98b8
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO - 21  XUL!mozilla::nsDisplayThemedBackground::PaintInternal(mozilla::nsDisplayListBuilder*, gfxContext*, nsRect const&, nsRect*) [nsDisplayList.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 3741 + 0x31]
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rbx = 0x000000011091d4d8    rbp = 0x00007ffeec955b30
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      rsp = 0x00007ffeec955ad0    r12 = 0x000000012be93640
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      r13 = 0x00007ffeec955b40    r14 = 0x00007ffeec955af0
[task 2022-09-23T06:59:05.198Z] 06:59:05     INFO -      r15 = 0x000000012b25f1b8    rip = 0x000000010a192377
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO - 22  XUL!mozilla::nsDisplayThemedBackground::Paint(mozilla::nsDisplayListBuilder*, gfxContext*) [nsDisplayList.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 3727 + 0x1b]
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rbx = 0x000000012c9d85d0    rbp = 0x00007ffeec955b70
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rsp = 0x00007ffeec955b40    r12 = 0x000000012a92d900
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r13 = 0x00007ffeec955be0    r14 = 0x000000012a92d900
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r15 = 0x00007ffeec955b40    rip = 0x000000010a192224
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO - 23  XUL!mozilla::nsDisplayList::Paint(mozilla::nsDisplayListBuilder*, gfxContext*, int) [nsDisplayList.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 2196 + 0x11]
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rbx = 0x00007ffeec955be0    rbp = 0x00007ffeec955c60
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rsp = 0x00007ffeec955b80    r12 = 0x000000012a92d900
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r13 = 0x00007ffeec955be0    r14 = 0x000000012c9d85d0
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r15 = 0x00007ffeec956218    rip = 0x000000010a178653
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO - 24  XUL!mozilla::FallbackRenderer::EndTransactionWithList(mozilla::nsDisplayListBuilder*, mozilla::nsDisplayList*, int, mozilla::WindowRenderer::EndTransactionFlags) [WindowRenderer.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 219 + 0x10]
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rbx = 0x00007ffeec956218    rbp = 0x00007ffeec955d20
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rsp = 0x00007ffeec955c70    r12 = 0x000000012a92d900
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r13 = 0x00007ffeec958040    r14 = 0x00007ffeec955cb8
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r15 = 0x0000000133335200    rip = 0x000000010d2bfdbf
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO - 25  XUL!mozilla::nsDisplayList::PaintRoot(mozilla::nsDisplayListBuilder*, gfxContext*, unsigned int, mozilla::Maybe<double>) [nsDisplayList.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 2330 + 0xe]
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rbx = 0x000000012107b600    rbp = 0x00007ffeec955e20
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rsp = 0x00007ffeec955d30    r12 = 0x0000000000000000
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r13 = 0x000000012cdda2e0    r14 = 0x00007ffeec956218
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r15 = 0x0000000000000005    rip = 0x000000010a18c932
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO - 26  XUL!nsLayoutUtils::PaintFrame(gfxContext*, nsIFrame*, nsRegion const&, unsigned int, mozilla::nsDisplayListBuilderMode, nsLayoutUtils::PaintFrameFlags) [nsLayoutUtils.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 3474 + 0xc]
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rbx = 0x0000000000000005    rbp = 0x00007ffeec958200
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rsp = 0x00007ffeec955e30    r12 = 0x0000000000000000
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x0000009f2e54c486
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r15 = 0x00007ffeec956218    rip = 0x0000000109fd3a56
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO - 27  XUL!mozilla::PresShell::PaintInternal(nsView*, mozilla::PaintInternalFlags) [PresShell.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 6468 + 0x15]
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rbx = 0x00007ffeec9582b0    rbp = 0x00007ffeec958370
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rsp = 0x00007ffeec958210    r12 = 0x000000012dc5c700
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r13 = 0x000000013513c830    r14 = 0x000000010fac0178
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r15 = 0x0000000133ca5000    rip = 0x0000000109f774c7
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO - 28  XUL!mozilla::PresShell::SyncPaintFallback(nsView*) [PresShell.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 6356 + 0xf]
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rbx = 0x0000000133ca5000    rbp = 0x00007ffeec9583a0
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      rsp = 0x00007ffeec958380    r12 = 0x000000012dc5c700
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r13 = 0x000000012dc10b80    r14 = 0x0000000133c12d00
[task 2022-09-23T06:59:05.199Z] 06:59:05     INFO -      r15 = 0x0000000133ca5000    rip = 0x000000010d1a57a4
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO - 29  XUL!nsViewManager::Refresh(nsView*, mozilla::gfx::IntRegionTyped<mozilla::LayoutDevicePixel> const&) [nsViewManager.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 311 + 0xa]
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rbx = 0x000000012cdda2e0    rbp = 0x00007ffeec9583e0
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rsp = 0x00007ffeec9583b0    r12 = 0x000000012dc5c700
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r13 = 0x000000012dc10b80    r14 = 0x0000000133c12d00
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r15 = 0x0000000133ca5000    rip = 0x000000010d0077a8
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO - 30  XUL!nsViewManager::PaintWindow(nsIWidget*, mozilla::gfx::IntRegionTyped<mozilla::LayoutDevicePixel> const&) [nsViewManager.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 623 + 0xd]
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rbx = 0x00007ffeec958458    rbp = 0x00007ffeec958410
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rsp = 0x00007ffeec9583f0    r12 = 0x000000012dc5c700
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x0000000000000001
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r15 = 0x000000012dc10b80    rip = 0x000000010d00721d
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO - 31  XUL!nsView::PaintWindow(nsIWidget*, mozilla::gfx::IntRegionTyped<mozilla::LayoutDevicePixel>) [nsView.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 1053 + 0x4]
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rbx = 0x0000000133c12d00    rbp = 0x00007ffeec958440
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rsp = 0x00007ffeec958420    r12 = 0x000000012dc5c700
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x00007ffeec958420
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r15 = 0x00007ffeec9584e8    rip = 0x000000010d00719f
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO - 32  XUL!nsChildView::PaintWindow(mozilla::gfx::IntRegionTyped<mozilla::LayoutDevicePixel>) [nsChildView.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 1305 + 0x12]
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rbx = 0x0000000133c12d00    rbp = 0x00007ffeec9584a0
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rsp = 0x00007ffeec958450    r12 = 0x000000012dc5c700
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x000000012dc7a800
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r15 = 0x00007ffeec9584e8    rip = 0x000000010d04aa72
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO - 33  XUL!nsChildView::PaintWindowInDrawTarget(mozilla::gfx::DrawTarget*, mozilla::gfx::IntRegionTyped<mozilla::LayoutDevicePixel> const&, mozilla::gfx::IntSizeTyped<mozilla::gfx::UnknownUnits> const&) [nsChildView.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 1335 + 0x7]
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rbx = 0x000000012dc7a800    rbp = 0x00007ffeec958560
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rsp = 0x00007ffeec9584b0    r12 = 0x0000000000000000
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x00000000000000dd
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r15 = 0x00007ffeec958508    rip = 0x000000010d04adbb
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO - 34  XUL!nsChildView::PaintWindowInContentLayer() [nsChildView.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 1370 + 0x16]
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rbx = 0x00000001258a2400    rbp = 0x00007ffeec9585c0
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rsp = 0x00007ffeec958570    r12 = 0x0000000108349700
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r13 = 0x00007fff68889800    r14 = 0x000000012dc7aaa0
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r15 = 0x000000012dc7a800    rip = 0x000000010d04af0a
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO - 35  XUL!nsChildView::HandleMainThreadCATransaction() [nsChildView.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 1382 + 0x4]
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rbx = 0x000000012dc7a800    rbp = 0x00007ffeec958610
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rsp = 0x00007ffeec9585d0    r12 = 0x0000000108349700
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r13 = 0x00007fff68889800    r14 = 0x0000000000000289
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r15 = 0x00007fff68889800    rip = 0x000000010d04b078
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO - 36  XUL!-[ChildView updateRootCALayer] [nsChildView.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 2344 + 0x8]
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rbx = 0x000000012dc7ab00    rbp = 0x00007ffeec958630
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      rsp = 0x00007ffeec958620    r12 = 0x0000000108349700
[task 2022-09-23T06:59:05.200Z] 06:59:05     INFO -      r13 = 0x00007fff68889800    r14 = 0x0000000000000289
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      r15 = 0x00007fff68889800    rip = 0x0000000109ec71f2
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 37  AppKit!_NSViewUpdateLayer + 0x61
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbx = 0x000000012e7c3200    rbp = 0x00007ffeec958660
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rsp = 0x00007ffeec958640    r12 = 0x0000000108349700
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      r13 = 0x00007fff68889800    r14 = 0x0000000000000000
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      r15 = 0x00007fff68889800    rip = 0x00007fff2ce937a7
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 38  AppKit!-[_NSViewBackingLayer display] + 0x1f4
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbp = 0x00007ffeec958720    rsp = 0x00007ffeec958670
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rip = 0x00007fff2ce9305c
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 39  QuartzCore!CA::Layer::display_if_needed(CA::Transaction*) + 0x2f4
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbp = 0x00007ffeec959800    rsp = 0x00007ffeec958730
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rip = 0x00007fff3b63ae09
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 40  QuartzCore!CA::Context::commit_transaction(CA::Transaction*, double) + 0x14d
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbp = 0x00007ffeec959b10    rsp = 0x00007ffeec959810
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rip = 0x00007fff3b619106
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 41  QuartzCore!CA::Transaction::commit() + 0x283
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbp = 0x00007ffeec959bc0    rsp = 0x00007ffeec959b20
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rip = 0x00007fff3b617cf0
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 42  AppKit!__62+[CATransaction(NSCATransaction) NS_setFlushesWithDisplayLink]_block_invoke + 0x109
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbp = 0x00007ffeec959ce0    rsp = 0x00007ffeec959bd0
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rip = 0x00007fff2cf47da1
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 43  AppKit!___NSRunLoopObserverCreateWithHandler_block_invoke + 0x28
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbp = 0x00007ffeec959d10    rsp = 0x00007ffeec959cf0
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rip = 0x00007fff2d667080
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 44  CoreFoundation!__CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 0x16
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbp = 0x00007ffeec959d20    rsp = 0x00007ffeec959d20
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rip = 0x00007fff2fb37335
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 45  CoreFoundation!__CFRunLoopDoObservers + 0x1c8
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbp = 0x00007ffeec959dd0    rsp = 0x00007ffeec959d30
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rip = 0x00007fff2fb37267
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 46  CoreFoundation!__CFRunLoopRun + 0x369
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbp = 0x00007ffeec95aae0    rsp = 0x00007ffeec959de0
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rip = 0x00007fff2fb36805
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO - 47  CoreFoundation!CFRunLoopRunSpecific + 0x1cd
[task 2022-09-23T06:59:05.201Z] 06:59:05     INFO -      rbp = 0x00007ffeec95ab70    rsp = 0x00007ffeec95aaf0
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rip = 0x00007fff2fb35e3e
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO - 48  HIToolbox!RunCurrentEventLoopInMode + 0x123
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rbp = 0x00007ffeec95abc0    rsp = 0x00007ffeec95ab80
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rip = 0x00007fff2e762abd
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO - 49  HIToolbox!ReceiveNextEventCommon + 0x247
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rbx = 0x0000000000000001    rbp = 0x00007ffeec95ac40
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rsp = 0x00007ffeec95abd0    r12 = 0x0000000000000000
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x0000000000000000
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      r15 = 0x00000000ffffd96d    rip = 0x00007fff2e7627d5
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO - 50  HIToolbox!_BlockUntilNextEventMatchingListInModeWithFilter + 0x3f
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rbx = 0xffffffffffffffff    rbp = 0x00007ffeec95ac60
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rsp = 0x00007ffeec95ac50    r12 = 0x0000000000000001
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x00007fff902e74c0
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      r15 = 0x00007fff873eab00    rip = 0x00007fff2e762579
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO - 51  AppKit!_DPSNextEvent + 0x372
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rbx = 0xffffffffffffffff    rbp = 0x00007ffeec95b060
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rsp = 0x00007ffeec95ac70    r12 = 0x0000000000000001
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x00007fff902e74c0
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      r15 = 0x00007fff873eab00    rip = 0x00007fff2cda8039
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO - 52  AppKit!-[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 0x547
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rbp = 0x00007ffeec95b2c0    rsp = 0x00007ffeec95b070
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rip = 0x00007fff2cda6880
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO - 53  XUL!-[GeckoNSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] [nsAppShell.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 175 + 0x20]
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rbp = 0x00007ffeec95b320    rsp = 0x00007ffeec95b2d0
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rip = 0x0000000109ed0799
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO - 54  AppKit!-[NSApplication run] + 0x291
[task 2022-09-23T06:59:05.202Z] 06:59:05     INFO -      rbx = 0x000000010524c2f0    rbp = 0x00007ffeec95b3e0
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rsp = 0x00007ffeec95b330    r12 = 0x000000012bc5be60
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      r13 = 0x00007fff68889800    r14 = 0x0000000000000000
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      r15 = 0x000000011d60ff40    rip = 0x00007fff2cd9858e
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO - 55  XUL!nsAppShell::Run() [nsAppShell.mm:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 801 + 0x18]
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rbp = 0x00007ffeec95b420    rsp = 0x00007ffeec95b3f0
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rip = 0x0000000109ed19e1
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -     Found by: previous frame's frame pointer
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO - 56  XUL!nsAppStartup::Run() [nsAppStartup.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 295 + 0x5]
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rbx = 0x000000011dc733d0    rbp = 0x00007ffeec95b450
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rsp = 0x00007ffeec95b430    r14 = 0x00007ffeec95b4c4
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      r15 = 0x000000000000000e    rip = 0x000000010de478cc
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO - 57  XUL!XREMain::XRE_mainRun() [nsAppRunner.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 5723 + 0x5]
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rbx = 0x00007ffeec95b4b0    rbp = 0x00007ffeec95b5d0
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rsp = 0x00007ffeec95b460    r14 = 0x00007ffeec95b4c4
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      r15 = 0x000000000000000e    rip = 0x000000010a36e07b
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO - 58  XUL!XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) [nsAppRunner.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 5916 + 0x7]
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rbx = 0x000000010350f300    rbp = 0x00007ffeec95b650
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rsp = 0x00007ffeec95b5e0    r12 = 0x0000000103584450
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x0000000000000000
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      r15 = 0x00007ffeec95b668    rip = 0x000000010deb8ec6
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO - 59  XUL!XRE_main(int, char**, mozilla::BootstrapConfig const&) [nsAppRunner.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 5972 + 0xf]
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rbx = 0x0000000000000005    rbp = 0x00007ffeec95b790
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      rsp = 0x00007ffeec95b660    r12 = 0x00007ffeec95b668
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      r13 = 0x00007ffeec95bc10    r14 = 0x00007ffeec95b7c0
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -      r15 = 0x00007ffeec95bc10    rip = 0x000000010deb92a7
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO - 60  firefox!do_main(int, char**, char**) [nsBrowserApp.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 226]
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO -     Found by: inlining
[task 2022-09-23T06:59:05.203Z] 06:59:05     INFO - 61  firefox!main [nsBrowserApp.cpp:7f81e81ddb4de0340cef8595f912c444ce3fa9a5 : 430 + 0x60]
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -      rbx = 0x00000001032a5d05    rbp = 0x00007ffeec95bbf0
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -      rsp = 0x00007ffeec95b7a0    r12 = 0x0000004d74ed1cb6
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -      r13 = 0x00007ffeec95bc10    r14 = 0x0000000000000005
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -      r15 = 0x00007ffeec95b700    rip = 0x00000001032a5005
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO - 62  libdyld.dylib!start + 0x0
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -      rbx = 0x0000000000000000    rbp = 0x00007ffeec95bc00
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -      rsp = 0x00007ffeec95bc00    r12 = 0x0000000000000000
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -      r13 = 0x0000000000000000    r14 = 0x0000000000000000
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -      r15 = 0x0000000000000000    rip = 0x00007fff69a3ecc9
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -     Found by: call frame info
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO - 
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO - Thread 1 IPC I/O Parent
[task 2022-09-23T06:59:05.204Z] 06:59:05     INFO -  0  libsystem_kernel.dylib!kevent + 0xa

The bug is linked to a topcrash signature, which matches the following criterion:

  • Top 5 desktop browser crashes on Mac on beta

For more information, please visit auto_nag documentation.

Keywords: topcrash

This is a PHC crash. Kris, do you know if there's some issue on file for this already? It looks like we're crashing inside OSX graphics code, so maybe it is an issue there.

Component: Memory Allocator → Widget: Cocoa
Flags: needinfo?(kwright)
OS: Unspecified → macOS

I presume that very few people are running PHC on OSX, so the crash rate here is presumably quite high per user.

Based on the topcrash criteria, the crash signature linked to this bug is not a topcrash signature anymore.

For more information, please visit auto_nag documentation.

Keywords: topcrash

It looks like something null is being passed to imageWithCGImage. I'm not quite familiar enough with this code to know for sure what's going on here, but if something is getting null then it looks like an issue for graphics to look into.

Component: Widget: Cocoa → Graphics
Flags: needinfo?(kwright)

They can also happen when you try to use Apple's Instruments on a Firefox build. Note that some of my crashes have different signatures. But they all involve jemalloc in some fashion, as do the crashes reported above. Instruments doesn't get along with jemalloc (I only got it to work in a local build with jemalloc disabled). Also note liboainject.dylib in the crash stacks. This is apparently injected by Instruments. I was using Instruments' Leaks tool.

What is this "PHC" of which you speak?

bp-8c5cf4d9-1912-434d-bf6f-c8a6c0221010
bp-73fc89aa-0c45-4757-a5ff-c485a0221010
bp-2a5357a0-5bcd-413b-8119-e81f40221010

Crash stack from the first of these:

Crashing Thread (89)
Frame  Module  Signature  Source  Trust
0  libmozglue.dylib  _ZN4GMut19EnsureValidAndInUseERK8AutoLockI5MutexEPvm  memory/replace/phc/PHC.cpp:805  inlined
0  libmozglue.dylib  _ZL26replace_malloc_usable_sizePKv  memory/replace/phc/PHC.cpp:1376  inlined
0  libmozglue.dylib  _ZN9AllocatorI17ReplaceMallocBaseE18malloc_usable_sizeEPKv  memory/build/malloc_decls.h:61  inlined
0  libmozglue.dylib  malloc_usable_size  memory/build/malloc_decls.h:61  inlined
0  libmozglue.dylib  zone_size  memory/build/zone.c:113  context
1  libsystem_malloc.dylib  malloc_size   cfi
Ø 2  liboainject.dylib  liboainject.dylib@0x0000000000002ff8   cfi
Ø 3  liboainject.dylib  liboainject.dylib@0x00000000000032fd   frame_pointer
4  CoreFoundation  _CFRetain   frame_pointer
5  CoreMedia  FigFormatDescriptionRetain   cfi
6  CMIOBaseUnits  CMIOUnitVideoToolboxCompressorEntry   cfi
7  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
8  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
9  CMIOBaseUnits  CMIOUnitOutputToProcsEntry   cfi
10  CMIOBaseUnits  CMIOUnitAudioMixerEntry   cfi
11  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
12  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
13  CMIOBaseUnits  CMIOUnitOutputToProcsEntry   cfi
14  CMIOBaseUnits  CMIOUnitNativeFileOutputEntry   cfi
15  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
16  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
17  CMIOBaseUnits  CMIOUnitOutputToProcsEntry   cfi
18  CMIOBaseUnits  CMIOUnitAudioMixerEntry   cfi
19  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
20  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
21  CMIOBaseUnits  CMIOUnitOutputToProcsEntry   cfi
22  CMIOBaseUnits  CMIOUnitNativeFileOutputEntry   cfi
23  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
24  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
25  CMIOBaseUnits  CMIOUnitOutputToProcsEntry   cfi
26  CMIOBaseUnits  CMIOUnitNativeFileOutputEntry   cfi
27  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
28  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
29  CMIOBaseUnits  CMIOUnitOutputToProcsEntry   cfi
30  CMIOBaseUnits  CMIOUnitAudioMixerEntry   cfi
31  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
32  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
33  CMIOBaseUnits  CMIOUnitOutputToProcsEntry   cfi
34  CMIOBaseUnits  CMIOUnitNativeFileOutputEntry   cfi
35  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
36  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
37  CMIOBaseUnits  CMIOUnitOutputToProcsEntry   cfi
38  CMIOBaseUnits  CMIOUnitNativeFileOutputEntry   cfi
39  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
40  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
41  CMIOBaseUnits  CMIOUnitOutputToProcsEntry   cfi
42  CMIOBaseUnits  CMIOUnitNativeFileOutputEntry   cfi
43  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
44  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
45  CMIOBaseUnits  CMIOUnitOutputToProcsEntry   cfi
46  CMIOBaseUnits  CMIOUnitAudioOutputEntry   cfi
47  CMIOBaseUnits  CMIOUnitDALInputEntry   cfi
48  CMIOBaseUnits  CMIOUnitAudioOutputEntry   cfi
49  CMIOBaseUnits  CMIOUnitFanOutEntry   cfi
50  CoreMediaIO  CMIOGraph::PullOutputUnits(bool, bool&, bool&, bool&)   cfi
51  CoreMediaIO  CMIOGraph::DoWork(unsigned int)   cfi
52  CoreMediaIO  CMIO::Thread::QueuedTWorkThread<unsigned int>::DoWork()   cfi
53  CoreMediaIO  CMIO::Thread::SignaledThread::ThreadLoop()   cfi
54  CoreMediaIO  CMIO::Thread::SignaledThread::WorkQueuedThreadCallback(void*)   cfi
55  CoreMedia  figThreadMain   cfi
56  libsystem_pthread.dylib  _pthread_start   cfi
57  libsystem_pthread.dylib  thread_start   cfi

What is this "PHC" of which you speak?

Searching on "PHC" at searchfox.org, I see this is the "Probablistic Heap Checker". It's turned on by default in macOS mozilla-central nighlies (what I was testing with) -- and for all I know maybe elsewhere too. Quite a lot of users, all together.

Instruments doesn't get along with jemalloc (I only got it to work in a local build with jemalloc disabled).

Actually it's PHC that Instruments doesn't get along with. I did a local build with ac_add_options --disable-phc and ran the same tests that previously crashed current macOS mozilla-central builds and vanilla local builds. No problems, and certainly no crashes.

This makes me wonder if this bug's crashes are due to bugs in PHC. Likewise for those at bug 1790298, whose signature is shared by the second and third of my crashes from comment #8.

Oddly, I got a lot more leaks in my ac_add_options --disable-jemalloc build than in my ac_add_options --disable-phc build -- at least as measured by Apple's Instruments' Leaks tool and their commandline leaks utility. The fact that a change like this can make such a difference leads me to doubt the usefulness of these tools. Both builds were from exactly the same mozilla-central source.

See Also: → 1790298

PHC was turned on for macOS nightlies at bug 1576515. As best I can tell this hasn't been reversed.

Instruments doesn't get along with jemalloc (I only got it to work in a local build with jemalloc disabled).

Actually it's PHC that Instruments doesn't get along with.

Actually Instruments (its GUI Leaks tool and command line leaks) doesn't get along with either. The incompatibility is worse with PHC -- it triggers crashes. But it's still there with jemalloc, and explains why both tools see so many fewer leaks with jemalloc enabled (which is a prerequisite for PHC).

leaks displays the following error when used on a Firefox build with jemalloc enabled (with or without PHC):

Can't examine target process's malloc zone replace_malloc_zone_0x1075d3380, so memory analysis will be incomplete or incorrect.
Reason: dlopen(/Users/smichaud/Desktop/Nightly No-PHC.app/Contents/MacOS/libmozglue.dylib, 0x0185): tried: '/Users/smichaud/Desktop/Nightly No-PHC.app/Contents/MacOS/libmozglue.dylib' (code signature in <4C4C445A-5555-3144-A1A6-AFF26F238509> '/Users/smichaud/Desktop/Nightly No-PHC.app/Contents/MacOS/libmozglue.dylib' not valid for use in process: mapping process is a platform binary, but mapped file is not)

The dlopen() part of it is spurious: It varies depending on circumstances, but there's no way to make it go away completely. The GUI tool doesn't display any errors, but its behavior (many fewer leaks reported) seems to match the same pattern.

I'm going to try to get to the bottom of these problems. The Instruments' Leaks tool and utility seem potentially quite useful. Though I suspect many of what they call "leaks" are mislabeled: A Firefox local ASAN build reports many fewer straight-up "leaks".

If I find anything actionable I'll open one or more bugs.

Since the crash volume is low (less than 5 per week), the severity is downgraded to S3. Feel free to change it back if you think the bug is still critical.

For more information, please visit auto_nag documentation.

Severity: S2 → S3

The bug is linked to a topcrash signature, which matches the following criterion:

  • Top 5 desktop browser crashes on Mac on beta

:bhood, could you consider increasing the severity of this top-crash bug?

For more information, please visit auto_nag documentation.

Flags: needinfo?(bhood)
Keywords: topcrash
Flags: needinfo?(bhood)

(Following up comment #8 through comment #12)

Oops, my crashes are a different bug, even though they have the same signature. My crashes end up here, which shows they're a UAF (presumably caused by bugs in Apple's Instruments). But the other crashes end up here. It seems the pointer passed to malloc_size() (which by the way isn't NULL) isn't a valid pointer. A bug in jemalloc? Something else?

Here's the source code for malloc_size(). Note that it simply returns 0 if called with a NULL ptr.

This crash looks like a regression in 106.0a1. There are crash reports from Nightly and Beta 106, 107, and 108 and nothing earlier.

QA Whiteboard: [qa-regression-triage]

Based on the topcrash criteria, the crash signature linked to this bug is not a topcrash signature anymore.

For more information, please visit auto_nag documentation.

Keywords: topcrash

Hi @Chris, are there any steps or maybe a reduced test case that would help us reproduce this issue on our end ? It would really help us try to get a regression range for this issue.

Flags: needinfo?(cpeterson)
Assignee: nobody → bwerth
Priority: -- → P2

(In reply to Rares Doghi from comment #20)

Hi @Chris, are there any steps or maybe a reduced test case that would help us reproduce this issue on our end ? It would really help us try to get a regression range for this issue.

Sorry, I don't have steps to reduce. I'll remove the regressionwindow-wanted keyword since this bug isn't reproducible. I was just looking at the user-submitted crash reports.

Flags: needinfo?(cpeterson)

Emilio, do you think any of your recent XUL changes might have caused heap corruption in macOS theme code?

This stack traces all include [CIImage initWithCGImage:options:], often called from nsNativeThemeCocoa::DrawMenuIcon(CGContext*, CGRect const&, nsNativeThemeCocoa::MenuIconParams const&) like bp-debf7979-bdfe-4802-b33f-682c70221117.

The first crash report was submitted from Nightly 106.0a1 build ID 20220914213649. That gives us a ceiling on the regression range, but this crash's volume is low, so the regression could have landed days before that build. I don't see any changes directly related to macOS theme code in the mozilla-central changelog for the three days before that build:

https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=2527c3dc7c4a9b0d158e97e0da66d3e730fcf811&tochange=a3b25b7bf19249110a73898a225d64c639937609

This is the MOZ_RELEASE_ASSERT that's crashing:

    // The pointer must point to the start of the allocation.
    MOZ_RELEASE_ASSERT(page.mBaseAddr == aPtr);

https://searchfox.org/mozilla-central/rev/4d433a219634633ce19158b55520ea228187577a/memory/replace/phc/PHC.cpp#793-794

Flags: needinfo?(emilio)
Version: unspecified → Firefox 106

Not particularly no. My xul changes aren't platform-specific in any way, and 106 doesn't have them anyways.

Flags: needinfo?(emilio)
Priority: P2 → P3

I'm not completely sure what's happening here, but the theory that a NULL ptr is getting all the way through to EnsureValidAndInUse seems wrong to me. The only way that could happen is if the constructor for PtrKind concludes something other than Tag::Nothing for a NULL ptr. The logic is:

if (!(aPagesStart <= aPtr && aPtr < aPagesLimit)) {
  mTag = Tag::Nothing;
}

That would evaluate false for aPtr NULL if aPagesStart is also NULL and aPagesLimit is not. GConst::AllocAllPages() would seem to make that impossible, because it would crash if it was returning a NULL value to initialize mPagesStart.

So... I don't think that's what's happening. I don't think that NULL is getting all the way to the point of the crash. I think it's just that the MOZ_RELEASE_ASSERT manifests as a NULL-dereference, which has added confusion to what this crash is telling us.

What it does seem to be saying is that there's an expectation that any pointer passed to replace_malloc_usable_size which is within the memory footprint of one of the allocation pages points exactly to the start of that allocation page. I don't see why that should have to be true so I'm going to make a patch that relaxes that expectation and allows such a pointer to use the malloc_usable_size path. Reviewers can correct me if this is an important expectation that should be asserted earlier up the line.

(In reply to Brad Werth [:bradwerth] from comment #33)

I don't see why that should have to be true so I'm going to make a patch that relaxes that expectation and allows such a pointer to use the malloc_usable_size path.

Rather it seems that such an allocation should be limited to the usable size of the page in which it appears. Basically the assertion in EnsureValidAndInUse is working as intended for the other callers of the function, which are trying to free or realloc the entire page at once. But that assertion is not helpful for the callsite coming from replace_malloc_usable_size.

The callers PageRealloc and PageFree expect that the pointer exactly
matches the start of the allocation page, but other callers do not. This
change hoists the MOZ_RELEASE_ASSERT to those callers so it doesn't impede
the functioning of other callers.

In the caller replace_malloc_usable_size, this changes the returned size
to correctly handle a pointer that is offset from the start of the
allocation page.

Attachment #9319803 - Attachment description: Bug 1792146: Hoist the start-of-page release assert in EnsureValidAndInUse to callers. → Bug 1792146: Make replace_malloc_usable_size succeed with pointers within allocation pages.
Pushed by bwerth@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/a91ff4535546
Make replace_malloc_usable_size succeed with pointers within allocation pages. r=glandium
Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
Target Milestone: --- → 112 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: