Mantis - graphviz
Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
4729 regular use crash always 2011-03-23 03:36 2011-12-13 14:37
Reporter: bwalton Platform:  
Assigned To: dam OS:  
Priority: normal OS Version:  
Status: closed Product Version:  
Product Build: Resolution: fixed  
Projection: none      
ETA: none Fixed in Version:  
Summary: 0004729: core dump when run against dot files from ruby 1.9
Description: dot segfaults on files in the ruby 1.9 source directory. A backtrace is below. This may be related to the recent pixman update.

The call that produces the segfault is:
dot /home/bwalton/opencsw/ruby19/trunk/work/solaris9-i386/build-isa-i386/ruby-1.9.2-p180/doc/capi/html/d8/d18/ruby_2ruby_8h__dep__incl.dot -Tpng -o ~/dot.png

I'll attach that dot file for reference.
Steps To Reproduce:
Additional Information: (gdb) bt
#0 0xce5737e5 in slow_tls_get_addr () from /usr/lib/libthread.so.1
0000001 0xce574978 in ___tls_get_addr () from /usr/lib/libthread.so.1
0000002 0xce2c9d8c in _GLOBAL_OFFSET_TABLE_ ()
   from /opt/csw/lib/i386/libpixman-1.so.0
0000003 0x08046778 in ?? ()
0000004 0xce28db6c in pixman_image_composite32 ()
   from /opt/csw/lib/i386/libpixman-1.so.0
0000005 0xce28dff4 in pixman_image_composite ()
   from /opt/csw/lib/i386/libpixman-1.so.0
0000006 0xce67930f in _cairo_image_surface_composite_trapezoids ()
   from /opt/csw/lib/i386/libcairo.so.2
#7 0xce68f987 in _cairo_surface_composite_trapezoids ()
   from /opt/csw/lib/i386/libcairo.so.2
0000008 0xce69121b in _composite_traps_draw_func ()
   from /opt/csw/lib/i386/libcairo.so.2
0000009 0xce690e97 in _clip_and_composite () from /opt/csw/lib/i386/libcairo.so.2
0000010 0xce691636 in _clip_and_composite_trapezoids ()
   from /opt/csw/lib/i386/libcairo.so.2
0000011 0xce691a71 in _cairo_surface_fallback_stroke ()
   from /opt/csw/lib/i386/libcairo.so.2
0000012 0xce68f77a in _cairo_surface_stroke () from /opt/csw/lib/i386/libcairo.so.2
0000013 0xce6743de in _cairo_gstate_stroke () from /opt/csw/lib/i386/libcairo.so.2
0000014 0xce66e736 in cairo_stroke_preserve () from /opt/csw/lib/i386/libcairo.so.2
0000015 0xce66e6f2 in cairo_stroke () from /opt/csw/lib/i386/libcairo.so.2
0000016 0xce782770 in cairogen_polygon ()
   from /opt/csw/lib/graphviz/libgvplugin_pango.so.6
#17 0xceaefe80 in gvrender_polygon () from /opt/csw/lib/i386/libgvc.so.5
0000018 0xceaeff26 in gvrender_box () from /opt/csw/lib/i386/libgvc.so.5
#19 0xceb2ffb6 in emit_background () from /opt/csw/lib/i386/libgvc.so.5
0000020 0xceb35d32 in emit_page () from /opt/csw/lib/i386/libgvc.so.5
0000021 0xceb35fa3 in emit_graph () from /opt/csw/lib/i386/libgvc.so.5
0000022 0xceb37a8a in gvRenderJobs () from /opt/csw/lib/i386/libgvc.so.5
0000023 0x08051033 in main ()
(gdb) quit
Relationships
Attached Files: dot file icon ruby_2ruby_8h__dep__incl.dot [^] (516 bytes) 2011-03-23 03:36
Issue History
Date Modified Username Field Change
2011-03-23 03:36 bwalton New Issue
2011-03-23 03:36 bwalton File Added: ruby_2ruby_8h__dep__incl.dot
2011-09-25 16:31 skayser Note Added: 0009304
2011-09-27 14:41 ellson Note Added: 0009305
2011-09-27 14:52 ellson Note Added: 0009306
2011-09-27 18:05 dam Note Added: 0009307
2011-09-27 18:48 ellson Note Added: 0009308
2011-09-27 18:56 ellson Note Added: 0009309
2011-09-27 19:21 ellson Note Added: 0009310
2011-12-13 14:36 dam Status new => assigned
2011-12-13 14:36 dam Assigned To => dam
2011-12-13 14:37 dam Note Added: 0009478
2011-12-13 14:37 dam Status assigned => closed
2011-12-13 14:37 dam Resolution open => fixed

Notes
(0009304)
skayser   
2011-09-25 16:31   
Observed similar issue, can be reproduced with the minimized dot file snipped that's pasted below. Tested with bmp and png as output formats. Both segfault, but only on Solaris 9, not on Solaris 10.

$ uname -a
SunOS unstable9s 5.9 Generic_Virtual sun4u sparc SUNW,SPARC-Enterprise-T5220

$ cat crash.dot
digraph g {
    "foo" -> "bar";
}

$ dot -Tpng -o crash.png crash.dot
Segmentation Fault (core dumped)
(0009305)
ellson   
2011-09-27 14:41   
The crash is from somewhere deep inside cairo and pixman.

Are they fully updated on Sol9 ?
(0009306)
ellson   
2011-09-27 14:52   
cairo-1.10.2 is current but pixman-0.21.4 should probably be updated to pixman-0.22.2
(0009307)
dam   
2011-09-27 18:05   
I updated pixman to 0.22.2 and removed the linkaged to libthread:
  http://sourceforge.net/apps/trac/gar/changeset/15782 [^]

However, after installation of libpixmam 0.22.2 on testing9s the dot example still crashes.

Updated packages for pixman are available for now at
    http://buildfarm.opencsw.org/experimental.html#pixman [^]
I'll release them to unstable after some more testing.
(0009308)
ellson   
2011-09-27 18:48   
Its still dying in libthread:

(gdb) where
#0 0xfea346a8 in slow_tls_get_addr () from /usr/lib/libthread.so.1

but it doesn't look like its pixman thats pulling it in:

ellson@testing9s:ellson> ldd /opt/csw/lib/sparcv8/libpixman-1.so.0
        /usr/lib/secure/s9_preload.so.1
        libm.so.1 => /usr/lib/libm.so.1
        libc.so.1 => /usr/lib/libc.so.1
        libdl.so.1 => /usr/lib/libdl.so.1
        /usr/platform/SUNW,SPARC-Enterprise-T5220/lib/libc_psr.so.1


This can't be good! 3 different thread libraries used by pango? :

ellson@testing9s:ellson> ldd /opt/csw/lib/sparcv8/libpango-1.0.so.0 | grep thread
        libgthread-2.0.so.0 => /opt/csw/lib/sparcv8/libgthread-2.0.so.0
        libpthread.so.1 => /usr/lib/libpthread.so.1
        libthread.so.1 => /usr/lib/libthread.so.1

On Fedora pango uses gthread and pthread.
(0009309)
ellson   
2011-09-27 18:56   
CSW pango-1.24.5 could be old: latest upstream is 1.29.3
(0009310)
ellson   
2011-09-27 19:21   
probably not pango directly...

threads are from libgthread which is from the glib package

AFAICT from a quick read of glib's configure.ac, it should only be using pthread, if available, or thread as a last resort.
(0009478)
dam   
2011-12-13 14:37   
The recent updates to glib2 and pango have fixed the issue. The test now runs cleanly on unstable10s.