[cairo] Can an expert look at this stack trace?

[Chris Wilson]

On Sat, 5 Dec 2009 06:06:51 +0100, Julien Bramary <julien_bramary at msn.com> wrote:
> 
> Hello all, this is my first post to this list.

Welcome, we hope you are having fun using Cairo, and this does not mar the
experience!

> I am writing a threaded cairo application and I need help understanding a rare-ish bug.
> I'm still using cairo 1.8.8 but considering an upgrade to get the nice profiling tools.
> 
> Every so often I get the following crash:
> cairo-board: cairo-surface.c:406: cairo_surface_reference: Assertion `((*&(&surface->ref_count)->ref_count) > 0)' failed.
> /usr/lib/libcairo.so.2(cairo_pattern_create_for_surface+0x7d) [0x7f2e24966a6d]
> /usr/lib/libcairo.so.2(cairo_set_source_surface+0x46) [0x7f2e249525b6]
> ./cairo-board [0x40f591]
> 
> If understand correctly my application is calling set_source_surface on an invalid surface?
> Does it mean the surface was destroyed? This is very possible as the code is quite convoluted.

Yes, this means that cairo_surface_reference() has been called on a
surface that has already been freed. In this particular case you are
trying to use a source surface that has already been destroyed.

> The rarity of the crash (less than 1/100) makes me think it might be a timing issue with a thread destroying the surface while another one tries to read it with cairo_set_source_surface but I can't see where as everything should be locked...
> I'd like to know if an expert can confirm.

Ah the spectre of threads. If you even suspect you have a race here, you
do. The thread using the surface as a source must own a reference to the
surface, so there should be no doubt as to the validity of that surface
and hence no race. So either you've violated that principle or you have
a double-free somewhere in your code.
-ickle

-- 
Chris Wilson, Intel Open Source Technology Centre