Summary: | Toy font face causes cairo_debug_reset_static_data crash. | ||
---|---|---|---|
Product: | cairo | Reporter: | shin1morita |
Component: | general | Assignee: | Chris Wilson <chris> |
Status: | RESOLVED FIXED | QA Contact: | cairo-bugs mailing list <cairo-bugs> |
Severity: | normal | ||
Priority: | medium | CC: | ranma42 |
Version: | unspecified | ||
Hardware: | x86-64 (AMD64) | ||
OS: | Linux (All) | ||
Whiteboard: | |||
i915 platform: | i915 features: | ||
Attachments: |
A minimum code which reproduces this.
Proposed fix |
git bisect ends with 337ab1f8d9e29086bfb4001508b28835b41c6390 is the first bad commit commit 337ab1f8d9e29086bfb4001508b28835b41c6390 Author: Chris Wilson <chris@chris-wilson.co.uk> Date: Tue Sep 17 16:28:19 2013 +0100 and that commit introduced in cairo/src/cairo-font-face.c a function __put () that hardly returns 0, it returns the ref count before decreasing it (unless it is 1) and is called in 2 places like this: assert (CAIRO_REFERENCE_COUNT_HAS_REFERENCE (&font_face->ref_count)); ... if (__put (&font_face->ref_count)) return; if (! font_face->backend->destroy (font_face)) return; ... and the second if is not executed even in a single threaded program Created attachment 111176 [details] [review] Proposed fix This seems to be related to the issue I had mentioned here: http://lists.cairographics.org/archives/cairo/2014-November/025828.html Thank you for prodding me again, I now have patch which should fix it (i.e. in your reduced case and in the api-special-cases test). Can you confirm that it also works in more complex scenarios? In the next couple of days I will be quite busy, but if somebody reviews it, I will push it to master. Thank you for the fix. It seems ok. At least my code works fine with the proposed fix. Regards, (In reply to Andrea Canciani from comment #2) > Created attachment 111176 [details] [review] [review] > Proposed fix > > This seems to be related to the issue I had mentioned here: > http://lists.cairographics.org/archives/cairo/2014-November/025828.html > > Thank you for prodding me again, I now have patch which should fix it (i.e. > in your reduced case and in the api-special-cases test). > Can you confirm that it also works in more complex scenarios? > > In the next couple of days I will be quite busy, but if somebody reviews it, > I will push it to master. Yes, looks correct. Thanks. Should be fixed in master by: commit 02e4efc961be40d266d4df0acaf3271219529017 Author: Andrea Canciani <ranma42@gmail.com> Date: Mon Dec 22 12:49:00 2014 +0100 font: Actually perform destruction of fonts Commit 337ab1f8d9e29086bfb4001508b28835b41c6390 introduced delayed font destruction to overcome a race, but prevented the correct cleanup of the font cache. This caused fonts to stay in the cache and caused a crash in the api-special-cases (when running the test suite with -f). Fixes api-special-cases, https://bugs.freedesktop.org/show_bug.cgi?id=87567 |
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.
Created attachment 111131 [details] A minimum code which reproduces this. Hi team, When my program calls cairo_debug_reset_static_data, it crashes with assertion failure. I found it happens after toy font faces are created and destroyed. I would attach a minimum code which reproduces it. ---- $ make toy CFLAGS=`pkg-config --cflags cairo` LDFLAGS=`pkg-config --libs cairo` $ ./toy toy: cairo-hash.c:217: _cairo_hash_table_destroy: Assersion `hash_table->live_entries == 0' failed. $ pkg-config --modversion cairo 1.14.0 ---- Thank you.