On 13-01-07 08:40 PM, Raimund Steger wrote:
> Behdad Esfahbod wrote:
>> Oh, my bad. That was against an old fontconfig. With new one I see malloc
>> failures, perhaps because of a memory corruption... Investigating.
>
> Yes, that sounds more like it.
It's weird because I can't reproduce any error under valgrind, while it
crashes quickly in gdb.
These are what I commonly get:
#2 0x00007ffff7622bc0 in malloc_printerr (action=<optimized out>,
str=0x7ffff7722388 "malloc(): memory corruption (fast)",
ptr=<optimized out>) at malloc.c:5012
#3 0x00007ffff76253e8 in _int_malloc (av=0x7ffff795c720 <main_arena>,
bytes=33) at malloc.c:3470
#4 0x00007ffff76256d6 in malloc_check (sz=32, caller=<optimized out>)
at hooks.c:233
#5 0x00007ffff7babb22 in FcConfigValues (p=0x67db80, p_pat=0x0,
kind=FcMatchPattern, e=0x6127a8, binding=FcValueBindingSame)
at ../../src/fccfg.c:1296
#6 0x00007ffff7babf8f in IA__FcConfigSubstituteWithPat (
config=<optimized out>, p=0x67db80, p_pat=0x0, kind=<optimized out>)
at ../../src/fccfg.c:1600
#7 0x00000000004009fb in test_match (thr_num=92, test
and
#2 0x00007ffff7622bc0 in malloc_printerr (action=<optimized out>,
str=0x7ffff7722388 "malloc(): memory corruption (fast)",
ptr=<optimized out>) at malloc.c:5012
#3 0x00007ffff76253e8 in _int_malloc (av=0x7ffff795c720 <main_arena>,
bytes=26) at malloc.c:3470
#4 0x00007ffff76256d6 in malloc_check (sz=25, caller=<optimized out>)
at hooks.c:233
#5 0x00007ffff762cd72 in __GI___strdup (s=0x651970 "Bitstream Vera Sans Mono")
at strdup.c:43
#6 0x00007ffff7bbb0e8 in IA__FcValueSave (v=...) at ../../src/fcpat.c:95
#7 0x00007ffff7bab4f3 in FcConfigEvaluate (p=0x6efc30, p_pat=0x0,
kind=FcMatchPattern, e=0x60d380) at ../../src/fccfg.c:979
#8 0x00007ffff7babd3b in FcConfigMatchValueList (values=0x613600, t=0x6519d0,
kind=FcMatchPattern, p_pat=0x0, p=0x6efc30) at ../../src/fccfg.c:1263
#9 IA__FcConfigSubstituteWithPat (config=<optimized out>, p=0x6efc30,
p_pat=0x0, kind=<optimized out>) at ../../src/fccfg.c:1576
#10 0x00000000004009fb in test_match (thr_num=89, test_num=166)
I don't know how to proceed, short of wandering around fccfg code and looking
for trouble... Downloading AddressSanitizer now, don't know if it's of any help.
b
> On Solaris, it depends on what malloc library I use. With the default malloc
> (non-scalable but threadsafe allocator), the crashes are often inside malloc.
> With libmtmalloc (multi-threaded allocator), they are often in FcStrListNext,
> called from FcConfigSubstituteWithPat, like:
>
> sun2:fontconfig)dbx simple-pthread-test core
> [...]
> t@2 (l@2) terminated by signal SEGV (no mapping at the fault address)
> Current function is FcStrListNext
> 1258 return list->set->strs[list->n++];
> (dbx) where
> current thread: t@2
> =>[1] FcStrListNext(list = 0x8161960), line 1258 in "fcstr.c"
> [2] FcConfigSubstituteWithPat(config = 0x8065088, p = 0x8161948, p_pat =
> (nil), kind = FcMatchPattern), line 1508 in "fccfg.c"
> [3] FcConfigSubstitute(config = (nil), p = 0x8161948, kind =
> FcMatchPattern), line 1729 in "fccfg.c"
> [4] test_match(thr_num = 1, test_num = 40), line 53 in "simple-pthread-test.c"
> [5] run_test_in_thread(arg = 0x8046e0c), line 68 in "simple-pthread-test.c"
> [6] _thr_setup(0xfe720200), at 0xfee4875b
> [7] _lwp_start(0x0, 0x8161964, 0x8161960, 0xfe82ef6c, 0xfeeefc1f,
> 0x8161960), at 0xfee48a60
>
>
> This is also what I have now seen on another box (FreeBSD 8.3, 8 core Opteron,
> 32 bit ABI, clang 3.0 -- which supports the GCC builtins -- with unmodified
> Git master):
>
> bsd1:fontconfig)gdb simple-pthread-test simple-pthread-test.core
> [...]
> #0 0x280afc1c in IA__FcStrListNext (list=Variable "list" is not available.
> ) at fcstr.c:1258
> [...]
> (gdb) where
> #0 0x280afc1c in IA__FcStrListNext (list=Variable "list" is not available.
> ) at fcstr.c:1258
> #1 0x28096a41 in IA__FcConfigSubstituteWithPat (config=Unhandled dwarf
> expression opcode 0x0
> ) at fccfg.c:1508
> #2 0x28097534 in IA__FcConfigSubstitute (config=0x7e0e5f30, p=0x7e0e5f30,
> kind=2114871088) at fccfg.c:1729
> #3 0x08048886 in test_match (thr_num=39, test_num=243)
> at simple-pthread-test.c:53
> #4 0x080488ff in run_test_in_thread (arg=0x7fbfe8e4) at simple-pthread-test.c:68
> #5 0x280cb76f in pthread_getprio () from /lib/libthr.so.3
> #6 0x00000000 in ?? ()
>
>
>
> -Raimund
>
>
>
>
>
--
behdad
http://behdad.org/
_______________________________________________
Fontconfig mailing list
Fontconfig@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/fontconfig
