A couple of initial queries:
Is there any way we can find out what the font was that was being
initialised when the crash occurred? I ask because if the font isn't a
graphite font, then what was causing a graphite font to try to be
created? Looking at the input text being Burmese, I'll assume it's font
linked Padauk.
The ppm value of 15024 being passed here in the source stack trace is
suspicious (even if divided by 64 it's still 234pt which is a biiiig
font). Not that such a big value alone would cause the crash. But has
some corruption occurred earlier?
#4 0x00007f3d808922d2 in gr_make_font_with_ops (ppm=15024,
appFontHandle=0x67d0d10, font_ops=font_ops@entry=0x7fff72772f50,
face=0x2512f20) at /build/buildd/graphite2-1.2.4/src/gr_font.cpp:52
In the main stack trace, the size value here looks suitably crazy but
that could be due to some wandering in the long tall grass (although
*how* anyone can get malloc to crash quite so impressively is an
interesting question in its own right):
#0 _int_malloc (av=0x7f3d8aa5c760 <main_arena>, bytes=1824) at malloc.c:3489
iters = <optimized out>
nb = 1840
idx = 76
bin = <optimized out>
victim = 0x67ec860
size = 39582418614272
Is this implying a post free memory access to mess up the free list? Are
there any other reasons that malloc could go crazy like this? I assume a
modern malloc doesn't do anything nice like use the last element on the
free list for the next malloc? So the corruption and following usage
could be far apart?
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to graphite2 in Ubuntu.
https://bugs.launchpad.net/bugs/1303516
Title:
ubiquity crashed with SIGSEGV in _int_malloc()
Status in HarfBuzz:
Confirmed
Status in “graphite2” package in Ubuntu:
Triaged
Status in “harfbuzz” package in Ubuntu:
Confirmed
Status in “graphite2” source package in Trusty:
Triaged
Status in “harfbuzz” source package in Trusty:
Confirmed
Bug description:
TEST CASE:
IMPORTANT NOTE: below will modify currently running locale/keyboard be
prepared to restore it, e.g. by enabling keyboard indicator to change keyboard
back to normal.
1. Install ubiquity on a desktop or boot from an ISO
$ sudo apt-get install ubiquity-frontend-gtk
2. If you run on a desktop start ubiquity with:
$ ubiquity --greeter
3. Scroll to the bottom of the language list, click on 5th or 4th from the
bottom
ACTUAL RESULT
python3 segmentation fault:
*** Error in `/usr/bin/python3': malloc(): memory corruption:
0x0000000003b33d80 ***
Segmentation fault (core dumped)
EXPECTED RESULT
No crash
== Original Report ==
I was testing a daily imagine of Ubuntu Gnome 14.04 (Live Image test),
and was just checking out the languages on the initial boot up. When i
was trying to click on the 4th language from the bottom ubiquitity
crashed to give me this error.
ProblemType: Crash
DistroRelease: Ubuntu 14.04
Package: ubiquity 2.17.10
ProcVersionSignature: Ubuntu 3.13.0-23.45-generic 3.13.8
Uname: Linux 3.13.0-23-generic x86_64
ApportVersion: 2.14.1-0ubuntu1
Architecture: amd64
CasperVersion: 1.339
Date: Mon Apr 7 00:06:38 2014
ExecutablePath: /usr/lib/ubiquity/bin/ubiquity
InstallCmdLine: file=/cdrom/preseed/ubuntu-gnome.seed boot=casper
initrd=/casper/initrd.lz quiet splash -- maybe-ubiquity
InterpreterPath: /usr/bin/python3.4
LiveMediaBuild: Ubuntu-GNOME 14.04 LTS "Trusty Tahr" - Daily amd64 (20140406)
ProcCmdline: /usr/bin/python3 /usr/lib/ubiquity/bin/ubiquity --greeter --only
ProcEnviron:
TERM=linux
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SegvAnalysis:
Segfault happened at: 0x7f3d8a71dd71 <_int_malloc+689>: mov
%r14,0x10(%r9)
PC (0x7f3d8a71dd71) ok
source "%r14" ok
destination "0x10(%r9)" (0x180000001210) not located in a known VMA region
(needed writable region)!
SegvReason: writing unknown VMA
Signal: 11
SourcePackage: ubiquity
StacktraceTop:
_int_malloc (av=0x7f3d8aa5c760 <main_arena>, bytes=1824) at malloc.c:3489
__GI___libc_malloc (bytes=1824) at malloc.c:2891
?? () from /usr/lib/x86_64-linux-gnu/libgraphite2.so.3
gr_make_font_with_ops () from /usr/lib/x86_64-linux-gnu/libgraphite2.so.3
gr_make_font_with_advance_fn () from
/usr/lib/x86_64-linux-gnu/libgraphite2.so.3
Title: ubiquity crashed with SIGSEGV in _int_malloc()
UpgradeStatus: No upgrade log present (probably fresh install)
UpstartUbiquity: debconf: DbDriver "templatedb":
/var/cache/debconf/templates.dat is locked by another process: Resource
temporarily unavailable
UserGroups:
To manage notifications about this bug go to:
https://bugs.launchpad.net/harfbuzz/+bug/1303516/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
