[cairo] Crash in glyph cache

Behdad Esfahbod behdad at behdad.org
Mon Jan 7 15:33:51 PST 2013


If you grab fontconfig master and pango master, the resulting pangocairo
library is supposed to be threadsafe.  However, I'm seeing crashes when I run
pango/tests/test-pangocairo-threads with arguments "200 10000", which means
create 200 threads, and in each one, render a certain line of text at 10000
different font sizes.

When catching the crashes in gdb, the last few times I've seen this backtrace
in cairo:

#0  0x00007ffff6b65425 in __GI_raise (sig=<optimized out>)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x00007ffff6b68b8b in __GI_abort () at abort.c:91
#2  0x00007ffff6b5e0ee in __assert_fail_base (fmt=<optimized out>,
    assertion=0x7ffff774dbf6 "!\"reached\"", file=0x7ffff774faf8 "cairo-hash.c",
    line=<optimized out>, function=<optimized out>) at assert.c:94
#3  0x00007ffff6b5e192 in __GI___assert_fail (assertion=0x7ffff774dbf6
    file=0x7ffff774faf8 "cairo-hash.c", line=506,
    function=0x7ffff774fd80 <__PRETTY_FUNCTION__.10233>
    at assert.c:103
#4  0x00007ffff76b13a0 in _cairo_hash_table_lookup_exact_key (key=<optimized
    hash_table=<optimized out>) at cairo-hash.c:506
#5  _cairo_hash_table_remove (hash_table=<optimized out>, key=<optimized out>)
    at cairo-hash.c:523
#6  0x00007ffff76e1148 in _cairo_scaled_glyph_page_destroy (closure=0x127c52860)
    at cairo-scaled-font.c:463
#7  0x00007ffff76a31ec in _cairo_cache_remove_random (
    cache=0x7ffff7982700 <cairo_scaled_glyph_page_cache>) at cairo-cache.c:223
#8  _cairo_cache_shrink_to_accommodate (cache=0x7ffff7982700
    additional=0) at cairo-cache.c:243
#9  0x00007ffff76e16c2 in _cairo_scaled_font_thaw_cache (scaled_font=0x1108fc310)
    at cairo-scaled-font.c:795
#10 0x00007ffff76e43cc in INT_cairo_scaled_font_glyph_extents
    glyphs=0x7fffd3bf46a0, num_glyphs=<optimized out>, extents=0x7fffd3bf4640)
    at cairo-scaled-font.c:1635
#11 0x00007ffff798a389 in compute_glyph_extents (entry=0x13239ea08, glyph=55,
    cf_priv=0x1d86bba8) at ../../pango/pangocairo-font.c:765

Now, it's possible that there's memory corruption going on somewhere else, but
that's not hugely likely.  Anyone feels like / competent enough to look into this?


More information about the cairo mailing list