dx-packages team mailing list archive

Thread
Date

[Bug 1199571] Re: compiz crashed with SIGSEGV in af_latin_hints_compute_edges()

To: dx-packages@xxxxxxxxxxxxxxxxxxx
From: Alexey Borzenkov <snaury@xxxxxxxxx>
Date: Sun, 13 Apr 2014 14:04:03 -0000
Reply-to: Bug 1199571 <1199571@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I looked at my coredump on trusty (it crashed for me twice already!)
with gdb and I see evidence that this crash might be due to
multithreading issues. The reason is that when inspecting memory at %rdx
(edge) and I see that a pointer at %rdx+0x48 (edge->first) doesn't match
with a pointer in %rcx (edge->first taken at the start of the loop).
Besides, freetype code can never produce %rax == 0 at the crash
location, this would only happen if af_latin_hints_compute_edges is
called concurrently on the same hints structure, which causes pointers
to change for segments that are processed in another thread. Best of
luck, ThreadStackTrace.txt shows exactly that, two threads are in
af_latin_hints_compute_edges with same parameters!

Now the real question is which application or library is actually
violating thread-safety here...

-- 
You received this bug notification because you are a member of DX
Packages, which is subscribed to unity in Ubuntu.
Matching subscriptions: dx-packages
https://bugs.launchpad.net/bugs/1199571

Title:
  compiz crashed with SIGSEGV in af_latin_hints_compute_edges()

Status in “unity” package in Ubuntu:
  Triaged

Bug description:
  Fresh dist-upgrade; brought up the dash, typed "term"; single clicked
  on the terminal app and _bang_.

  ProblemType: Crash
  DistroRelease: Ubuntu 13.10
  Package: unity 7.0.2+13.10.20130705.1-0ubuntu1
  ProcVersionSignature: Ubuntu 3.10.0-2.10-generic 3.10.0
  Uname: Linux 3.10.0-2-generic x86_64
  ApportVersion: 2.10.2-0ubuntu4
  Architecture: amd64
  Date: Tue Jul  9 17:47:10 2013
  EcryptfsInUse: Yes
  ExecutablePath: /usr/bin/compiz
  InstallationDate: Installed on 2013-06-06 (33 days ago)
  InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
  MarkForUpload: True
  ProcCmdline: compiz
  ProcEnviron:
   LANGUAGE=en_US
   PATH=(custom, user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SegvAnalysis:
   Segfault happened at: 0x7ff3b4ed7a10:	mov    %rdx,0x10(%rax)
   PC (0x7ff3b4ed7a10) ok
   source "%rdx" ok
   destination "0x10(%rax)" (0x00000010) not located in a known VMA region (needed writable region)!
   Stack memory exhausted (SP below stack segment)
  SegvReason: writing NULL VMA
  Signal: 11
  SourcePackage: unity
  StacktraceTop:
   ?? () from /usr/lib/x86_64-linux-gnu/libfreetype.so.6
   ?? () from /usr/lib/x86_64-linux-gnu/libfreetype.so.6
   ?? () from /usr/lib/x86_64-linux-gnu/libfreetype.so.6
   ?? () from /usr/lib/x86_64-linux-gnu/libfreetype.so.6
   FT_Load_Glyph () from /usr/lib/x86_64-linux-gnu/libfreetype.so.6
  Title: compiz crashed with SIGSEGV in FT_Load_Glyph()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1199571/+subscriptions