Opened 9 years ago

Closed 9 years ago

Last modified 8 years ago

#762 closed defect (fixed)

Cairo or SDL cause a crash in this example

Reported by: Christian Kellermann Owned by: Christian Kellermann
Priority: major Milestone: 4.9.0
Component: extensions Version: 4.7.x
Keywords: sdl cairo segfault no fun Cc:
Estimated difficulty:

Description

Markus Klotzbuecher reported a segfault with the attached program using the SDL and cairo egg.

His platform is debian testing amd64, sdl-egg v0.5.4, cairo-egg 0.1.12 with chicken

CHICKEN Version 4.7.0
linux-unix-gnu-x86-64 [ 64bit manyargs dload ptables ]
compiled 2011-09-05 on gladstone.duckburg.org (Linux)

Attachments (2)

cairocrash.scm (4.4 KB) - added by Christian Kellermann 9 years ago.
drag around the window and segfault will occur
test-cairo.scm (2.6 KB) - added by mrk 9 years ago.
Reduced test case with heavier use of extents

Download all attachments as: .zip

Change History (6)

Changed 9 years ago by Christian Kellermann

Attachment: cairocrash.scm added

drag around the window and segfault will occur

Changed 9 years ago by mrk

Attachment: test-cairo.scm added

Reduced test case with heavier use of extents

comment:1 Changed 9 years ago by mrk

The problem seems to be with the extents handling.
test-cairo.scm makes heavier usage of extents and crashes qicker.
If no text-extents are used (define no-extents #f), the crash seems not to occur anymore.

Below a new backtrace built with CHICKEN Version 4.7.0.4-st, DEBUGBUILD=1

$ gdb test-cairo
GNU gdb (GDB) 7.3-debian
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/mk/prog/chicken/test-cairo/test-cairo...(no debugging symbols found)...done.
(gdb) core-file core
[New LWP 27531]
warning: Can't read pathname for load map: Input/output error.
w[Thread debugging using libthread_db enabled]
Core was generated by `./test-cairo'.
Program terminated with signal 11, Segmentation fault.
#0 0x00007fbc5f39d19d in f_2129 () from /usr/local/lib/chicken/6/cairo.so
(gdb) where
#0 0x00007fbc5f39d19d in f_2129 () from /usr/local/lib/chicken/6/cairo.so
#1 0x00007fbc67399adf in C_values (c=3, closure=140447169421272, k=140733929207552) at runtime.c:6008
#2 0x00007fbc5f3a30e7 in f_2124 () from /usr/local/lib/chicken/6/cairo.so
#3 0x0000000000401a09 in f_227 ()
#4 0x00007fbc5f39d10b in f_2087 () from /usr/local/lib/chicken/6/cairo.so
#5 0x00007fbc67399adf in C_values (c=3, closure=140447169421272, k=140733929208064) at runtime.c:6008
#6 0x00007fbc5f3a2f2b in f_2082 () from /usr/local/lib/chicken/6/cairo.so
#7 0x0000000000401a63 in f_238 ()
#8 0x00007fbc6739acf9 in C_minus (c=3, closure=0, k=140733929208776, n1=140733929208664) at runtime.c:6271
#9 0x0000000000403c3b in f_242 ()
#10 0x00007fbc5f39d87f in f_2223 () from /usr/local/lib/chicken/6/cairo.so
#11 0x0000000000401f52 in f_234 ()
#12 0x00007fbc5f39d793 in f_2213 () from /usr/local/lib/chicken/6/cairo.so
#13 0x0000000000402061 in f_224 ()
#14 0x00007fbc5f39c390 in f_1614 () from /usr/local/lib/chicken/6/cairo.so
#15 0x00007fbc67399adf in C_values (c=3, closure=140447169421272, k=140733929209496) at runtime.c:6008
#16 0x00007fbc5f3a19b1 in f_1609 () from /usr/local/lib/chicken/6/cairo.so
#17 0x000000000040214a in f_221 ()
#18 0x00007fbc5f39c0fd in f_1497 () from /usr/local/lib/chicken/6/cairo.so
#19 0x00007fbc67399adf in C_values (c=3, closure=140447169421272, k=140733929210096) at runtime.c:6008
#20 0x00007fbc5f3a14ed in f_1492 () from /usr/local/lib/chicken/6/cairo.so
#21 0x000000000040224c in f_218 ()
#22 0x00007fbc5f39cbdf in f_1929 () from /usr/local/lib/chicken/6/cairo.so
#23 0x00007fbc67399adf in C_values (c=3, closure=140447169421272, k=140733929210624) at runtime.c:6008
#24 0x00007fbc5f3a2809 in f_1924 () from /usr/local/lib/chicken/6/cairo.so
#25 0x000000000040232e in f_215 ()
#26 0x00007fbc5f39e99c in f_2512 () from /usr/local/lib/chicken/6/cairo.so
#27 0x00007fbc66f410f9 in f_19626 (c=2, t0=140733929211712, t1=140733929210944) at library.c:15909
#28 0x00007fbc6739e329 in allocate_vector_2 (dummy=0x0) at runtime.c:7076
#29 0x00007fbc6739df7d in C_allocate_vector (c=6, closure=140447169422536, k=140733929211712, size=13, bvecf=22, init=8202, align8=6)

at runtime.c:7026

#30 0x00007fbc66faea18 in f_6738r (t0=140447169423488, t1=140733929211712, t2=13, t3=14) at library.c:37322
#31 0x00007fbc66fae909 in f_6738 (c=3, t0=140447169423488, t1=140733929211712, t2=13) at library.c:37303
#32 0x00007fbc66f40feb in f_19620 (c=2, t0=140733929211824, t1=140447169345944) at library.c:15892
#33 0x00007fbc66f40e02 in f_19616r (t0=140447169427784, t1=140447169708928, t2=34387168, t3=14) at library.c:15866
#34 0x00007fbc66f03e0c in tr3r (k=0x7fbc66f40d35 <f_19616r>) at library.c:6634
#35 0x00007fbc6734f2df in CHICKEN_run (toplevel=0x0) at runtime.c:1324
#36 0x00007fbc6734d05c in CHICKEN_main (argc=1, argv=0x7fff2bdbc9f8, toplevel=0x401119) at runtime.c:540
#37 0x00007fbc66698ead in libc_start_main (main=<optimized out>, argc=<optimized out>, ubp_av=<optimized out>, init=<optimized out>,

fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff2bdbc9e8) at libc-start.c:228

#38 0x0000000000400fc5 in _start ()
(gdb)

comment:2 Changed 9 years ago by mrk

Here is a smaller testcase that reliably crashes on my machine:

(use cairo)
(define t1 (make-cairo-text-extents-type))
(display t1)
(cairo-text-extents-x-bearing-set! t1 1)
(display t1)

comment:3 Changed 9 years ago by Christian Kellermann

Resolution: fixed
Status: newclosed

r25812 fixes this. The cairo wrapping did not unwrap the extents-types and hand the buffer to C but the scheme record, which caused the crashes. Credit goes to Felix and Peter for helping me find this and comming up with a solution.

comment:4 Changed 8 years ago by felix winkelmann

Milestone: 4.8.04.9.0

Milestone 4.8.0 deleted

Note: See TracTickets for help on using tickets.