=================================================================
==11446==ERROR: AddressSanitizer: heap-use-after-free on address 0x61500000fa98 at pc 0x7f0961e27c8e bp 0x7fff896d94d0 sp 0x7fff896d94c0
READ of size 4 at 0x61500000fa98 thread T0
    #0 0x7f0961e27c8d in _cairo_atomic_int_get /home/massimo/devel/obj/cairo/src/cairo-atomic-private.h:75
    #1 0x7f0961e27c8d in _cairo_surface_reference /home/massimo/devel/obj/cairo/src/cairo-surface-inline.h:55
    #2 0x7f0961e27c8d in _cairo_surface_snapshot_get_target /home/massimo/devel/obj/cairo/src/cairo-surface-snapshot-inline.h:55
    #3 0x7f0961e27c8d in _cairo_surface_snapshot_get_extents /home/massimo/devel/obj/cairo/src/cairo-surface-snapshot.c:137
    #4 0x7f0961e1a331 in _cairo_surface_get_extents /home/massimo/devel/obj/cairo/src/cairo-surface.c:2466
    #5 0x7f0961dc8d02 in _surface_is_clear /home/massimo/devel/obj/cairo/src/cairo-pattern.c:3217
    #6 0x7f0961dc8d02 in _cairo_pattern_is_clear /home/massimo/devel/obj/cairo/src/cairo-pattern.c:3327
    #7 0x7f0961e14c26 in nothing_to_do /home/massimo/devel/obj/cairo/src/cairo-surface.c:2072
    #8 0x7f0961e198d0 in _cairo_surface_fill /home/massimo/devel/obj/cairo/src/cairo-surface.c:2334
    #9 0x7f0961e2d0fd in _cairo_surface_wrapper_fill /home/massimo/devel/obj/cairo/src/cairo-surface-wrapper.c:390
    #10 0x7f0961dedc90 in _cairo_recording_surface_replay_internal /home/massimo/devel/obj/cairo/src/cairo-recording-surface.c:1838
    #11 0x7f0961df0b9a in _cairo_recording_surface_replay /home/massimo/devel/obj/cairo/src/cairo-recording-surface.c:2001
    #12 0x7f0961f0c578 in _emit_recording_surface_pattern /home/massimo/devel/obj/cairo/src/cairo-script-surface.c:1174
    #13 0x7f0961f0dfaa in _emit_surface_pattern /home/massimo/devel/obj/cairo/src/cairo-script-surface.c:1576
    #14 0x7f0961f0dfaa in _emit_pattern /home/massimo/devel/obj/cairo/src/cairo-script-surface.c:1650
    #15 0x7f0961f0f1a4 in _emit_source /home/massimo/devel/obj/cairo/src/cairo-script-surface.c:1752
    #16 0x7f0961f0f35d in _cairo_script_surface_paint /home/massimo/devel/obj/cairo/src/cairo-script-surface.c:2442
    #17 0x7f0961e18c53 in _cairo_surface_paint /home/massimo/devel/obj/cairo/src/cairo-surface.c:2117
    #18 0x7f0961e2bcb4 in _cairo_surface_wrapper_paint /home/massimo/devel/obj/cairo/src/cairo-surface-wrapper.c:165
    #19 0x7f0961ded7b0 in _cairo_recording_surface_replay_internal /home/massimo/devel/obj/cairo/src/cairo-recording-surface.c:1742
    #20 0x7f0961df0b9a in _cairo_recording_surface_replay /home/massimo/devel/obj/cairo/src/cairo-recording-surface.c:2001
    #21 0x7f0961f0c578 in _emit_recording_surface_pattern /home/massimo/devel/obj/cairo/src/cairo-script-surface.c:1174
    #22 0x7f0961f0dfaa in _emit_surface_pattern /home/massimo/devel/obj/cairo/src/cairo-script-surface.c:1576
    #23 0x7f0961f0dfaa in _emit_pattern /home/massimo/devel/obj/cairo/src/cairo-script-surface.c:1650
    #24 0x7f0961f0f1a4 in _emit_source /home/massimo/devel/obj/cairo/src/cairo-script-surface.c:1752
    #25 0x7f0961f0f35d in _cairo_script_surface_paint /home/massimo/devel/obj/cairo/src/cairo-script-surface.c:2442
    #26 0x7f0961e18c53 in _cairo_surface_paint /home/massimo/devel/obj/cairo/src/cairo-surface.c:2117
    #27 0x7f0961d58270 in _cairo_gstate_paint /home/massimo/devel/obj/cairo/src/cairo-gstate.c:1067
    #28 0x7f0961d2c300 in INT_cairo_paint /home/massimo/devel/obj/cairo/src/cairo.c:2003
    #29 0x4a1458 in _cairo_boilerplate_get_image_surface /home/massimo/devel/obj/cairo/boilerplate/cairo-boilerplate.c:342
    #30 0x429532 in cairo_test_for_target /home/massimo/devel/obj/cairo/test/cairo-test.c:1136
    #31 0x42af85 in _cairo_test_context_run_for_target /home/massimo/devel/obj/cairo/test/cairo-test.c:1532
    #32 0x41d624 in _cairo_test_runner_draw /home/massimo/devel/obj/cairo/test/cairo-test-runner.c:255
    #33 0x41d624 in main /home/massimo/devel/obj/cairo/test/cairo-test-runner.c:937
    #34 0x3f9f8206ff in __libc_start_main (/lib64/libc.so.6+0x3f9f8206ff)
    #35 0x425be8 in _start (/home/massimo/devel/obj/cairo/test/.libs/lt-cairo-test-suite+0x425be8)

0x61500000fa98 is located 24 bytes inside of 464-byte region [0x61500000fa80,0x61500000fc50)
freed by thread T8 here:
    #0 0x7f096228c70a in __interceptor_free (/lib64/libasan.so.2+0x9870a)
    #1 0x7f0961dbf827 in _cairo_pattern_fini /home/massimo/devel/obj/cairo/src/cairo-pattern.c:443
    #2 0x7f0961dc1452 in INT_cairo_pattern_destroy /home/massimo/devel/obj/cairo/src/cairo-pattern.c:1131
    #3 0x48d4ea in draw_thread /home/massimo/devel/obj/cairo/test/pthread-same-source.c:74
    #4 0x3fa0007554 in start_thread (/lib64/libpthread.so.0+0x3fa0007554)

previously allocated by thread T0 here:
    #0 0x7f096228ca0a in malloc (/lib64/libasan.so.2+0x98a0a)
    #1 0x7f0961def8ed in INT_cairo_recording_surface_create /home/massimo/devel/obj/cairo/src/cairo-recording-surface.c:389
    #2 0x7f0961defeac in _cairo_recording_surface_create_similar /home/massimo/devel/obj/cairo/src/cairo-recording-surface.c:441
    #3 0x7f0961e1b242 in cairo_surface_create_similar /home/massimo/devel/obj/cairo/src/cairo-surface.c:516
    #4 0x48d734 in create_source /home/massimo/devel/obj/cairo/test/pthread-same-source.c:95
    #5 0x48d734 in draw /home/massimo/devel/obj/cairo/test/pthread-same-source.c:126
    #6 0x42920a in cairo_test_for_target /home/massimo/devel/obj/cairo/test/cairo-test.c:929
    #7 0x42af85 in _cairo_test_context_run_for_target /home/massimo/devel/obj/cairo/test/cairo-test.c:1532
    #8 0x41d624 in _cairo_test_runner_draw /home/massimo/devel/obj/cairo/test/cairo-test-runner.c:255
    #9 0x41d624 in main /home/massimo/devel/obj/cairo/test/cairo-test-runner.c:937
    #10 0x3f9f8206ff in __libc_start_main (/lib64/libc.so.6+0x3f9f8206ff)

Thread T8 created by T0 here:
    #0 0x7f096222a703 in pthread_create (/lib64/libasan.so.2+0x36703)
    #1 0x48d94d in draw /home/massimo/devel/obj/cairo/test/pthread-same-source.c:144
    #2 0x42920a in cairo_test_for_target /home/massimo/devel/obj/cairo/test/cairo-test.c:929
    #3 0x42af85 in _cairo_test_context_run_for_target /home/massimo/devel/obj/cairo/test/cairo-test.c:1532
    #4 0x41d624 in _cairo_test_runner_draw /home/massimo/devel/obj/cairo/test/cairo-test-runner.c:255
    #5 0x41d624 in main /home/massimo/devel/obj/cairo/test/cairo-test-runner.c:937
    #6 0x3f9f8206ff in __libc_start_main (/lib64/libc.so.6+0x3f9f8206ff)

SUMMARY: AddressSanitizer: heap-use-after-free /home/massimo/devel/obj/cairo/src/cairo-atomic-private.h:75 _cairo_atomic_int_get
Shadow bytes around the buggy address:
  0x0c2a7fff9f00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c2a7fff9f10: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c2a7fff9f20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c2a7fff9f30: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa
  0x0c2a7fff9f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c2a7fff9f50: fd fd fd[fd]fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c2a7fff9f60: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c2a7fff9f70: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c2a7fff9f80: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa
  0x0c2a7fff9f90: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c2a7fff9fa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
==11446==ABORTING