MantisBT - LibWapcaplet
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0002857LibWapcaplet[All Projects] Generalpublic2023-08-07 02:272023-08-07 23:38
ReporterMichael Orlitzky 
Assigned To 
PrioritynormalSeveritycrashReproducibilityalways
StatusnewResolutionopen 
PlatformOSOS Version
Fixed in CI build #
Reported in CI build #
Summary0002857: Segfault in lwc__intern
DescriptionI'm trying to use libsvgtiny to load SVGs for GTK, replacing the usual librsvg loader. I can only guess that this is some kind of thread-safety issue, because it happens "randomly" while also being easy to reproduce. The steps to reproduce it however are a little insane. The short version is that it happens when I try to load a lot of icons at the same time, each of which involves parsing an SVG document. That uses libdom, which in turn uses libwapcaplet. Here's the segfault; it looks like the "str" pointer has become invalid?

Thread 73 "pool-gtk4-icon-" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffb57fa6c0 (LWP 30309)]
0x00007fffe6ba83ef in lwc__intern (s=0x7fffe6c1770a "circle", slen=6,
    ret=0x7fffd00c6458, hasher=0x7fffe6ba81a7 <lwc__calculate_hash>,
    compare=0x7ffff72aeee0 <strncmp>, copy=0x7ffff72a2ea0 <memmove>)
    at src/libwapcaplet.c:107
107 if ((str->hash == h) && (str->len == slen)) {
(gdb) p str
$1 = (lwc_string *) 0xa5a5a5a5a5a5a5a5
(gdb) p str->len
Cannot access memory at address 0xa5a5a5a5a5a5a5b5
Steps To ReproduceIf you're in the mood for an adventure...

First, build this, and give it your real prefix/libdir:

  http://gitweb.michael.orlitzky.com/?p=libsvgtiny-pixbuf.git

Next, delete the pixbuf loader and thumbnailer that come with librsvg. The thumbnailers can be found in /usr/share/thumbnailers, and the loader directory can be found with,

  $ pkg-config --variable gdk_pixbuf_moduledir gdk-pixbuf-2.0

Then, install libsvgtiny-pixbuf (sudo make install), and update the loader cache:

  $ sudo gdk-pixbuf-query-loaders --update-cache

Now GTK should be using libsvgtiny to produce SVGs. One at a time, it more or less works. But if you launch the "gtk-icon-browser" and click around for a while, it will almost certainly crash with the segfault above. (If you don't have gtk-icon-browser, it comes with GTK; maybe built it from source.)

TagsNo tags attached.
Relationships
Attached Files

Notes
(0002414)
Michael Orlitzky   
2023-08-07 23:38   
Wrapping svgtiny_parse() in a mutex (to prevent concurrent executions) seems to have fixed the problem, further suggesting that it's a thread-safety issue.

If you're going to try to reproduce this issue, keep in mind that libsvgtiny-pixbuf.git now has a comit specifically intended to work around it; you'll have to revert that commit first.

Issue History
Date ModifiedUsernameFieldChange
2023-08-07 02:27Michael OrlitzkyNew Issue
2023-08-07 23:38Michael OrlitzkyNote Added: 0002414