Bug 18977

Summary:	Bus error or Segfault inside cairo_show_text
Product:	cairo	Reporter:	Asko Kauppi <askok>
Component:	quartz font backend	Assignee:	Vladimir Vukicevic <vladimir>
Status:	RESOLVED FIXED	QA Contact:	cairo-bugs mailing list <cairo-bugs>
Severity:	normal
Priority:	medium	CC:	askok
Version:	1.8.4
Hardware:	All
OS:	Mac OS X (All)
Whiteboard:
i915 platform:		i915 features:

Description Asko Kauppi 2008-12-09 03:00:26 UTC

The sample code below crashes on OS X and Cairo 1.8.4 (via fink packaging) and with current GIT code (see below):

<<
#include <cairo.h>
#include <cairo-pdf.h>

int main ()
{
    cairo_surface_t *surface = cairo_pdf_surface_create("out_c.pdf", 120, 120);
    cairo_t *cr = cairo_create (surface);
    cairo_arc(cr, 60, 60, 25, 0, 6.283);
    cairo_set_source_rgb(cr, 0.5, 0.6, 0.8);
    cairo_fill_preserve(cr);
    cairo_set_line_width(cr, 5.0);
    cairo_set_source_rgb(cr, 0.3, 0.4, 0.6);
    cairo_stroke(cr);
    
    cairo_move_to( cr, 60,60 );
    cairo_show_text( cr, "abc" );   // <--- BUS ERROR if gets here
    cairo_stroke(cr);

    cairo_destroy (cr);
    cairo_surface_destroy (surface);
}
<<

This one gives "Bus error", other circumstances can give "Segmentation fault".  Most likely it's the same issue, though (always within 'cairo_show_text()'.

$ gcc `pkg-config cairo --cflags --libs` -o testme_c testme.c
$ ./testme_c 
Bus error

$ uname -a
Darwin PowerBook-G4.dlan.fmi.fi 9.5.0 Darwin Kernel Version 9.5.0: Wed Sep  3 11:31:44 PDT 2008; root:xnu-1228.7.58~1/RELEASE_PPC Power Macintosh

$ gcc -v
Using built-in specs.
Target: powerpc-apple-darwin9
Configured with: /var/tmp/gcc/gcc-5484~1/src/configure --disable-checking -enable-werror --prefix=/usr --mandir=/share/man --enable-languages=c,objc,c++,obj-c++ --program-transform-name=/^[cg][^.-]*$/s/$/-4.0/ --with-gxx-include-dir=/include/c++/4.0.0 --with-slibdir=/usr/lib --build=i686-apple-darwin9 --program-prefix= --host=powerpc-apple-darwin9 --target=powerpc-apple-darwin9
Thread model: posix
gcc version 4.0.1 (Apple Inc. build 5484)

$ pkg-config --modversion cairo
1.8.4

$ fink --version
Package manager version: 0.28.6


The bug exists also in the current (2008-Dec-09) GIT code.

I spotted this in the compilation:

<<
 gcc -DHAVE_CONFIG_H -I. -I.. -I. -I/sw/include/pixman-1 -I/sw/lib/freetype219/include/freetype2 -I/sw/lib/freetype219/include -I/usr/X11/include -I/sw/include/libpng12 -I/usr/X11/include -I/usr/X11/include -Wall -Wextra -Wsign-compare -Werror-implicit-function-declaration -Wpointer-arith -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Wpacked -Wswitch-enum -Wstrict-aliasing=2 -Winit-self -Wdeclaration-after-statement -Wold-style-definition -Wno-missing-field-initializers -Wno-unused-parameter -Wno-long-long -Winline -fno-strict-aliasing -fno-common -Wp,-D_FORTIFY_SOURCE=2 -g -O2 -MT cairo-quartz-font.lo -MD -MP -MF .deps/cairo-quartz-font.Tpo -c cairo-quartz-font.c  -fno-common -DPIC -o .libs/cairo-quartz-font.o
cairo-quartz-font.c: In function ‘_cairo_quartz_font_get_implementation’:
cairo-quartz-font.c:296: warning: assignment from incompatible pointer type
cairo-quartz-font.c:371: warning: assignment from incompatible pointer type
cairo-quartz-font.c: In function ‘_cairo_quartz_font_create_toy’:
cairo-quartz-font.c:386: warning: passing argument 2 of ‘_cairo_quartz_font_get_implementation’ from incompatible pointer type
cairo-quartz-font.c: In function ‘_cairo_quartz_init_glyph_metrics’:
cairo-quartz-font.c:455: warning: unused variable ‘textMatrix’
cairo-quartz-font.c: At top level:
cairo-quartz-font.c:778: warning: initialization from incompatible pointer type
<<

And also:
<<
 gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src -I../../src -I/sw/include/pixman-1 -I/sw/lib/freetype219/include/freetype2 -I/sw/lib/freetype219/include -I/usr/X11/include -I/sw/include/libpng12 -I/usr/X11/include -I/usr/X11/include -Wall -Wextra -Wsign-compare -Werror-implicit-function-declaration -Wpointer-arith -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Wpacked -Wswitch-enum -Wstrict-aliasing=2 -Winit-self -Wdeclaration-after-statement -Wold-style-definition -Wno-missing-field-initializers -Wno-unused-parameter -Wno-long-long -Winline -fno-strict-aliasing -fno-common -Wp,-D_FORTIFY_SOURCE=2 -g -O2 -MT libcairo_script_interpreter_la-cairo-script-operators.lo -MD -MP -MF .deps/libcairo_script_interpreter_la-cairo-script-operators.Tpo -c cairo-script-operators.c  -fno-common -DPIC -o .libs/libcairo_script_interpreter_la-cairo-script-operators.o
cairo-script-operators.c: In function ‘_image_load_from_dictionary’:
cairo-script-operators.c:2529: warning: ‘len’ may be used uninitialized in this function
cairo-script-operators.c:2798: warning: ‘image’ may be used uninitialized in this function
cairo-script-operators.c: In function ‘_font’:
cairo-script-operators.c:1848: warning: ‘font_face’ may be used uninitialized in this function
cairo-script-operators.c: In function ‘_set_scaled_font’:
cairo-script-operators.c:4478: warning: ‘font’ may be used uninitialized in this function
<<

Compilation options:
<<
The following surface backends:
  Image:         yes (always builtin)
  Xlib:          yes
  Xlib Xrender:  yes
  Quartz:        yes
  Quartz-image:  no (disabled, use --enable-quartz-image to enable)
  XCB:           no (disabled, use --enable-xcb to enable)
  Win32:         no (requires a Win32 platform)
  OS2:           no (disabled, use --enable-os2 to enable)
  CairoScript:   no (disabled, use --enable-script to enable)
  PostScript:    yes
  PDF:           yes
  SVG:           yes
  glitz:         no (disabled, use --enable-glitz to enable)
  BeOS:          no (disabled, use --enable-beos to enable)
  DirectFB:      no (disabled, use --enable-directfb to enable)
  SDL:           no (disabled, use --enable-sdl to enable)

The following font backends:
  User:          yes (always builtin)
  FreeType:      yes
  Win32:         no (requires a Win32 platform)
  Quartz:        yes

The following functions:
  PNG functions: yes

And the following internal features:
  gcov support:  no
  test surfaces: yes
  ps testing:    yes
  pdf testing:   no (requires poppler-glib >= 0.9.2)
  svg testing:   no (requires librsvg-2.0 >= 2.15.0)
<<

Comment 1 Chris Wilson 2009-01-24 10:40:58 UTC

A stack trace may be of use, but first can you confirm whether the bug is still present in 1.8.6 and git? I seem to recall Jeff Muizelaar complaining (and I think fixing) about the breakage of quartz fonts.

Comment 2 Asko Kauppi 2009-01-24 13:17:39 UTC

It really seems to be fixed in the git.

I will now need to push for fink authors to update Cairo to 1.8.6 and have a go.

Comment 3 Marco Manfredini 2010-06-09 13:35:16 UTC

The error persists with MacPorts cairo 1.8.10 under MacOSX 10.6.3. Askos example saved in q.c:

odradek:q marco$ uname -a
Darwin odradek.schatzhaus 10.3.2 Darwin Kernel Version 10.3.2: Wed Mar 17 14:55:00 PDT 2010; root:xnu-1504.5.30~3/RELEASE_I386 i386 i386
odradek:q marco$ gcc -v
Using built-in specs.
Target: i686-apple-darwin10
Configured with: /var/tmp/gcc/gcc-5659~1/src/configure --disable-checking --enable-werror --prefix=/usr --mandir=/share/man --enable-languages=c,objc,c++,obj-c++ --program-transform-name=/^[cg][^.-]*$/s/$/-4.2/ --with-slibdir=/usr/lib --build=i686-apple-darwin10 --program-prefix=i686-apple-darwin10- --host=x86_64-apple-darwin10 --target=i686-apple-darwin10 --with-gxx-include-dir=/include/c++/4.2.1
Thread model: posix
gcc version 4.2.1 (Apple Inc. build 5659)
odradek:q marco$ pkg-config --modversion cairo
1.8.10
odradek:q marco$ pkg-config cairo --cflags --libs
-I/opt/local/include/cairo -I/opt/local/include/pixman-1 -I/opt/local/include/freetype2 -I/opt/local/include -I/opt/local/include/libpng12  -L/opt/local/lib -lcairo -lpixman-1 -lfontconfig -lexpat -lfreetype -liconv -lglitz -lm -lpng12 -lz -lXrender -lX11 -lXau -lXdmcp  
odradek:q marco$  gcc -g $(pkg-config cairo --cflags --libs) q.c -o q
odradek:q marco$ ./q
Segmentation fault
odradek:q marco$ gdb q
GNU gdb 6.3.50-20050815 (Apple version gdb-1461.2) (Fri Mar  5 04:43:10 UTC 2010)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-apple-darwin"...Reading symbols for shared libraries ............... done

(gdb) run
Starting program: /Users/marco/tmp/q/q 
Reading symbols for shared libraries .++++++++++++++....................................................... done
Reading symbols for shared libraries .. done
Reading symbols for shared libraries . done

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: 13 at address: 0x0000000000000000
0x00007fff842c61ec in CGFontCreateGlyphPath ()
(gdb) backtrace
#0  0x00007fff842c61ec in CGFontCreateGlyphPath ()
#1  0x00007fff843c0dca in CGFontGetGlyphPaths ()
#2  0x00007fff843c0ebb in CGFontGetGlyphPath ()
#3  0x000000010004668f in _cairo_quartz_font_scaled_glyph_init ()
#4  0x000000010002113d in _cairo_scaled_glyph_lookup ()
#5  0x0000000100030b51 in _cairo_scaled_font_subsets_map_glyph ()
#6  0x000000010003771d in _cairo_pdf_operators_emit_cluster ()
#7  0x0000000100037a5a in _cairo_pdf_operators_show_text_glyphs ()
#8  0x000000010005b02c in _cairo_pdf_surface_show_text_glyphs ()
#9  0x000000010002495c in _cairo_surface_show_text_glyphs ()
#10 0x00000001000151c8 in _cairo_meta_surface_replay_internal ()
#11 0x0000000100017305 in _paint_page ()
#12 0x00000001000174b8 in _cairo_paginated_surface_show_page ()
#13 0x00000001000250c4 in cairo_surface_show_page ()
#14 0x00000001000176b8 in _cairo_paginated_surface_finish ()
#15 0x0000000100026be6 in cairo_surface_finish ()
#16 0x0000000100026c73 in cairo_surface_destroy ()
#17 0x0000000100000e3e in main () at q.c:20
(gdb)

Comment 4 Andrea Canciani 2011-03-18 04:32:09 UTC

(In reply to comment #3)
> The error persists with MacPorts cairo 1.8.10 under MacOSX 10.6.3. Askos
> example saved in q.c:

git bisect seems to indicate that the problem has been fixed by
commit 449d81cd0e1ea99118d639dda8c9516d96260c5b
Author: Chris Wilson <chris@chris-wilson.co.uk>
Date:   Mon Aug 10 16:51:07 2009 +0100

    [quartz] Use the implementation font-face not the associated
    
    As the associated is now explicitly the font-face used to create the font
    by the user, whereas what we require is the current implementation
    (quartz) font.

Could you please check if you can reproduce the bug with release which
includes this change (cairo 1.10.0, 1.10.2 or from git)?

If you manage to, please reopen this bug providing further details
on how to reproduce.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.