1896995 - Intermittent SUMMARY: AddressSanitizer: SEGV /builds/worker/checkouts/gecko/image/SVGDocumentWrapper.cpp:387:28 in GetRootSVGElem

Status: RESOLVED INCOMPLETE

(Core :: Graphics: ImageLib, defect, P5)

Description

[Treeherder Bug Filer]

Filed by: smolnar [at] mozilla.com
Parsed log: https://treeherder.mozilla.org/logviewer?job_id=458349082&repo=mozilla-central
Full log: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/b-O7NQQlRfqANe6GRfq5yw/runs/0/artifacts/public/logs/live_backing.log
Reftest URL: https://hg.mozilla.org/mozilla-central/raw-file/tip/layout/tools/reftest/reftest-analyzer.xhtml#logurl=https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/b-O7NQQlRfqANe6GRfq5yw/runs/0/artifacts/public/logs/live_backing.log&only_show_unexpected=1

---

REFTEST TEST-START | image/test/crashtests/delayedframe.sjs
[task 2024-05-15T21:25:19.524Z] 21:25:19     INFO - REFTEST TEST-LOAD | http://localhost:44867/1715807868729/46/delayedframe.sjs | 1485 / 4034 (36%)
[task 2024-05-15T21:25:19.704Z] 21:25:19     INFO - /builds/worker/workspace/build/tests/reftest/tests/image/test/crashtests/threeframes-start.gif
[task 2024-05-15T21:25:20.061Z] 21:25:20     INFO - AddressSanitizer:DEADLYSIGNAL
[task 2024-05-15T21:25:20.061Z] 21:25:20     INFO - =================================================================
[task 2024-05-15T21:25:20.061Z] 21:25:20    ERROR - ==2488==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f3b1b7de2ea bp 0x7ffe0fa1a410 sp 0x7ffe0fa1a3a0 T0)
[task 2024-05-15T21:25:20.061Z] 21:25:20     INFO - ==2488==The signal is caused by a READ memory access.
[task 2024-05-15T21:25:20.061Z] 21:25:20     INFO - ==2488==Hint: address points to the zero page.
[task 2024-05-15T21:25:24.732Z] 21:25:24     INFO - /builds/worker/workspace/build/tests/reftest/tests/image/test/crashtests/threeframes-end.gif
[task 2024-05-15T21:25:24.832Z] 21:25:24     INFO - REFTEST TEST-PASS | image/test/crashtests/delayedframe.sjs | (LOAD ONLY)

Comment 1

[Timothy Nikkel (:tnikkel)]

Looks like a null deref happening on this

https://searchfox.org/mozilla-central/rev/55b8c839700564409af5295286a1fd389410e19b/image/SVGDocumentWrapper.cpp#387

but we null check mViewer just before. I think this is all main thread only code, but maybe it's possible for the destructor of ~SVGDocumentWrapper to run off main thread, which clears the mViewer pointer. I'll put a main thread assert there in bug 1897055 so if this happens again we know.

Comment 2

[Intermittent Failures Robot]

2 failures in 4547 pushes (0.0 failures/push) were associated with this bug in the last 7 days.

Repository breakdown:

• mozilla-central: 2

Platform and build breakdown:

• linux1804-64-asan-qr: 2
  • opt: 2

For more details, see:
https://treeherder.mozilla.org/intermittent-failures/bugdetails?bug=1896995&startday=2024-05-13&endday=2024-05-19&tree=all

Comment 3

[Aron Cseh]

This also started failing on tier 1

Comment 4

[Intermittent Failures Robot]

3 failures in 3995 pushes (0.001 failures/push) were associated with this bug in the last 7 days.

Repository breakdown:

• try: 1
• autoland: 2

Platform and build breakdown:

• linux1804-64-asan-qr: 3
  • opt: 3

For more details, see:
https://treeherder.mozilla.org/intermittent-failures/bugdetails?bug=1896995&startday=2024-05-20&endday=2024-05-26&tree=all

Comment 5

[Intermittent Failures Robot]

1 failures in 4202 pushes (0.0 failures/push) were associated with this bug in the last 7 days.

Repository breakdown:

• mozilla-beta: 1

Platform and build breakdown:

• linux1804-64-asan-qr: 1
  • opt: 1

For more details, see:
https://treeherder.mozilla.org/intermittent-failures/bugdetails?bug=1896995&startday=2024-05-27&endday=2024-06-02&tree=all

Comment 6

[Intermittent Failures Robot]

3 failures in 3649 pushes (0.001 failures/push) were associated with this bug in the last 7 days.

Repository breakdown:

• mozilla-central: 2
• try: 1

Platform and build breakdown:

• linux1804-64-asan-qr: 3
  • opt: 3

For more details, see:
https://treeherder.mozilla.org/intermittent-failures/bugdetails?bug=1896995&startday=2024-06-03&endday=2024-06-09&tree=all

Comment 7

[Intermittent Failures Robot]

2 failures in 4625 pushes (0.0 failures/push) were associated with this bug in the last 7 days.

Repository breakdown:

• autoland: 2

Platform and build breakdown:

• linux1804-64-asan-qr: 2
  • opt: 2

For more details, see:
https://treeherder.mozilla.org/intermittent-failures/bugdetails?bug=1896995&startday=2024-06-10&endday=2024-06-16&tree=all

Comment 8

[Intermittent Failures Robot]

1 failures in 4116 pushes (0.0 failures/push) were associated with this bug in the last 7 days.

Repository breakdown:

• try: 1

Platform and build breakdown:

• linux1804-64-asan-qr: 1
  • opt: 1

For more details, see:
https://treeherder.mozilla.org/intermittent-failures/bugdetails?bug=1896995&startday=2024-06-24&endday=2024-06-30&tree=all

Comment 9

[Intermittent Failures Robot]

2 failures in 3199 pushes (0.001 failures/push) were associated with this bug in the last 7 days.

Repository breakdown:

• autoland: 1
• mozilla-central: 1

Platform and build breakdown:

• linux1804-64-asan-qr: 2
  • opt: 2

For more details, see:
https://treeherder.mozilla.org/intermittent-failures/bugdetails?bug=1896995&startday=2024-07-01&endday=2024-07-07&tree=all

Comment 10

[BugBot [:suhaib / :marco/ :calixte]]

https://wiki.mozilla.org/Bug_Triage#Intermittent_Test_Failure_Cleanup
For more information, please visit BugBot documentation.