Public bug reported:
On Ubuntu 24.04 (Noble), Pango 1.52.1 crashes with a segmentation fault
inside pango_coverage_get() when the fontconfig database is in an
inconsistent state (e.g. after mixed manual/system font installations).
The library should not segfault even if font metadata is inconsistent.
Ubuntu 24.04 LTS (Noble)
KDE Plasma (X11 session)
pango version: 1.52.1+ds-1build1
fontconfig rebuilt using fc-cache -r -v
Affected applications
Example application where crash was observed:
FileZilla (GTK3 / wxWidgets based)
However, this appears to be independent of the application and happens
in the Pango text rendering layer.
Thread 1 "filezilla" received signal SIGSEGV, Segmentation fault.
0x00007ffff5a906f4 in pango_coverage_get ()
from /lib/x86_64-linux-gnu/libpango-1.0.so.0
(The crash consistently occurred inside libpango during text rendering.)
Steps to reproduce
Have a non-clean font setup (mixture of:
system fonts
manually installed fonts under /usr/local
possibly duplicate or cyclic font paths)
Rebuild font cache:
fc-cache -r -v
Start a GTK application that renders complex dialogs with many text elements.
Application crashes with SIGSEGV in pango_coverage_get().
Observed behavior
Application crashes immediately.
Segfault originates in libpango (pango_coverage_get()).
No graceful fallback or error handling.
Expected behavior
Pango should:
Detect invalid or inconsistent coverage/font data.
Gracefully handle the situation.
Avoid dereferencing invalid pointers.
Not crash the application.
A corrupted or inconsistent font database should not cause a
segmentation fault in a core text rendering library.
Workaround
Completely rebuilding the font tree resolved the issue:
Removed /usr/share/fonts
Reinstalled core fonts (fonts-dejavu-core)
Gradually restored font directories
Rebuilt font cache
After reconstruction, crash disappeared.
This indicates that Pango does not robustly handle certain inconsistent
fontconfig states.
Additional Notes
The issue appears to be triggered during coverage lookup for glyph rendering.
It may be related to malformed coverage tables or duplicate font registrations.
** Affects: pango1.0 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2141879
Title:
Segmentation fault in pango_coverage_get() with inconsistent
fontconfig database (Ubuntu 24.04)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pango1.0/+bug/2141879/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
