2024-11-24 16:40 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0002857LibWapcaplet[All Projects] Generalpublic2023-08-07 23:38
ReporterMichael Orlitzky 
Assigned To 
PrioritynormalSeveritycrashReproducibilityalways
StatusnewResolutionopen 
Summary0002857: Segfault in lwc__intern
DescriptionI'm trying to use libsvgtiny to load SVGs for GTK, replacing the usual librsvg loader. I can only guess that this is some kind of thread-safety issue, because it happens "randomly" while also being easy to reproduce. The steps to reproduce it however are a little insane. The short version is that it happens when I try to load a lot of icons at the same time, each of which involves parsing an SVG document. That uses libdom, which in turn uses libwapcaplet. Here's the segfault; it looks like the "str" pointer has become invalid?

Thread 73 "pool-gtk4-icon-" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffb57fa6c0 (LWP 30309)]
0x00007fffe6ba83ef in lwc__intern (s=0x7fffe6c1770a "circle", slen=6,
    ret=0x7fffd00c6458, hasher=0x7fffe6ba81a7 <lwc__calculate_hash>,
    compare=0x7ffff72aeee0 <strncmp>, copy=0x7ffff72a2ea0 <memmove>)
    at src/libwapcaplet.c:107
107 if ((str->hash == h) && (str->len == slen)) {
(gdb) p str
$1 = (lwc_string *) 0xa5a5a5a5a5a5a5a5
(gdb) p str->len
Cannot access memory at address 0xa5a5a5a5a5a5a5b5
Steps To ReproduceIf you're in the mood for an adventure...

First, build this, and give it your real prefix/libdir:

  http://gitweb.michael.orlitzky.com/?p=libsvgtiny-pixbuf.git

Next, delete the pixbuf loader and thumbnailer that come with librsvg. The thumbnailers can be found in /usr/share/thumbnailers, and the loader directory can be found with,

  $ pkg-config --variable gdk_pixbuf_moduledir gdk-pixbuf-2.0

Then, install libsvgtiny-pixbuf (sudo make install), and update the loader cache:

  $ sudo gdk-pixbuf-query-loaders --update-cache

Now GTK should be using libsvgtiny to produce SVGs. One at a time, it more or less works. But if you launch the "gtk-icon-browser" and click around for a while, it will almost certainly crash with the segfault above. (If you don't have gtk-icon-browser, it comes with GTK; maybe built it from source.)

TagsNo tags attached.
Fixed in CI build #
Reported in CI build #
Attached Files

-Relationships
+Relationships

-Notes
Michael Orlitzky

~0002414

Michael Orlitzky (reporter)

Wrapping svgtiny_parse() in a mutex (to prevent concurrent executions) seems to have fixed the problem, further suggesting that it's a thread-safety issue.

If you're going to try to reproduce this issue, keep in mind that libsvgtiny-pixbuf.git now has a comit specifically intended to work around it; you'll have to revert that commit first.
+Notes

-Issue History
Date Modified Username Field Change
2023-08-07 02:27 Michael Orlitzky New Issue
2023-08-07 23:38 Michael Orlitzky Note Added: 0002414
+Issue History