Segfault while generating SVG thumbnails in Nautilus

[SammysHP]

When I open a directory that contains a specific SVG file in Nautilus, a segfault in libfreetype.so occurs.

#0  0x00007ffff0dffa0d in ?? () from /usr/lib/libfreetype.so.6
#1  0x00007ffff0e035dd in ?? () from /usr/lib/libfreetype.so.6
#2  0x00007ffff0e04f7f in ?? () from /usr/lib/libfreetype.so.6
#3  0x00007ffff0dac278 in FT_Render_Glyph_Internal () from /usr/lib/libfreetype.so.6
#4  0x00007ffff5ed39fc in ?? () from /usr/lib/libcairo.so.2
#5  0x00007ffff5e71c18 in ?? () from /usr/lib/libcairo.so.2
#6  0x00007ffff5e398b7 in ?? () from /usr/lib/libcairo.so.2
#7  0x00007ffff5e8c2d8 in ?? () from /usr/lib/libcairo.so.2
#8  0x00007ffff5e8c4ed in ?? () from /usr/lib/libcairo.so.2
#9  0x00007ffff5e2ec67 in ?? () from /usr/lib/libcairo.so.2
#10 0x00007ffff5e40727 in ?? () from /usr/lib/libcairo.so.2
#11 0x00007ffff5e7a413 in ?? () from /usr/lib/libcairo.so.2
#12 0x00007ffff5e38430 in ?? () from /usr/lib/libcairo.so.2
#13 0x00007ffff5e29be4 in cairo_show_glyphs () from /usr/lib/libcairo.so.2
#14 0x00007ffff67b713b in ?? () from /usr/lib/libpangocairo-1.0.so.0
#15 0x00007ffff67b74bf in ?? () from /usr/lib/libpangocairo-1.0.so.0
#16 0x00007ffff658b1a9 in pango_renderer_draw_glyphs () from /usr/lib/libpango-1.0.so.0
#17 0x00007ffff658bb98 in pango_renderer_draw_layout_line () from /usr/lib/libpango-1.0.so.0
#18 0x00007ffff658bf25 in pango_renderer_draw_layout () from /usr/lib/libpango-1.0.so.0
#19 0x00007ffff67b766a in ?? () from /usr/lib/libpangocairo-1.0.so.0
#20 0x00007fffd4bbee4a in ?? () from /usr/lib/librsvg-2.so.2
#21 0x00007fffd4bb93ac in ?? () from /usr/lib/librsvg-2.so.2
#22 0x00007fffd4bb922e in ?? () from /usr/lib/librsvg-2.so.2
#23 0x00007fffd4bb9660 in ?? () from /usr/lib/librsvg-2.so.2
#24 0x00007fffd4bb3eee in ?? () from /usr/lib/librsvg-2.so.2
#25 0x00007fffd4bb3f73 in ?? () from /usr/lib/librsvg-2.so.2
#26 0x00007fffd4bb3eee in ?? () from /usr/lib/librsvg-2.so.2
#27 0x00007fffd4bb4313 in ?? () from /usr/lib/librsvg-2.so.2
#28 0x00007fffd4bb3eee in ?? () from /usr/lib/librsvg-2.so.2
#29 0x00007fffd4bc0ae3 in rsvg_handle_render_cairo_sub () from /usr/lib/librsvg-2.so.2
#30 0x00007fffd4bc0fe8 in rsvg_handle_get_pixbuf_sub () from /usr/lib/librsvg-2.so.2
#31 0x00007fffd4dcdf06 in ?? () from /usr/lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
#32 0x00007ffff5bed558 in gdk_pixbuf_loader_close () from /usr/lib/libgdk_pixbuf-2.0.so.0
#33 0x00007ffff757f544 in ?? () from /usr/lib/libgnome-desktop-3.so.10
#34 0x00007ffff757fae2 in gnome_desktop_thumbnail_factory_generate_thumbnail () from /usr/lib/libgnome-desktop-3.so.10
#35 0x00000000004c4d20 in ?? ()
#36 0x00007ffff4316354 in start_thread () from /usr/lib/libpthread.so.0
#37 0x00007ffff4054bfd in clone () from /usr/lib/libc.so.6

It is freetype2-infinality-ultimate 2.6-1 from your repo:

cairo-infinality-ultimate
fontconfig-infinality-ultimate
freetype2-infinality-ultimate

You can get the SVG file here: https://dl.dropboxusercontent.com/u/44720989/Keller-Raumschild.svg

As you can see, the backtrace might not be really helpful, but maybe you can reproduce the issue. If not, please tell me and I'll try to give more information.

And I don't know if this is infinality related at all. Might be an upstream bug, but I don't have the time to switch all related packages and test it. If you can reproduce it, you might get better results with debug symbols etc.

[bohoomil]

Hi SammysHP,

I can't reproduce it, unfortunately... Did you experience issues with the 2.5.5-7 build from the ib repo? 2.6-1 is almost exactly the same library as 2.5.5-7.

Did you try rebuilding the font cache?

[SammysHP]

# fc-cache -f did not help.

I did a quick bisect and the results are:

good: freetype2-infinality-ultimate 2.5.5-1 bad: freetype2-infinality-ultimate 2.5.5-2

[bohoomil]

Yep, I can reproduce it with a different svg file, though. Vanilla freetype2 2.6 from [testing] seems to be working correctly. We'll have to revise the Infinality patchset.

Thanks for reporting.

[goddesse]

From what I can tell, it has to do with the changes in upstream's build configuration that causes gcc to be a little more strict wrt to C89 and C90. The crashes are coming from strcasecmp and strcasestr which are GNU extensions and the build output complains that their declarations are implicit.

As a quick fix, I was able to eliminate the crash by simply using the more standard strncmp and strstr and create the thumbnail from the test case @SammysHP provided.

@bohoomil I think the problem can be fixed by using the standard C string functions, but we'd lose case-insensitivity in the infinality-settings.sh config without rolling our own replacements. There are also functional code paths that require case-insensitivity, but I could work around that fairly easily. We could also add _GNU_SOURCE as our own build requirement to get these extensions back.

In general, the string/config-handling needs to be overhauled anyway but just as a stopgap, we could do one of the above depending on your preferences.

[SammysHP]

Still not working with 2.6-3 from Di 25 Aug 2015 04:26:04 CEST.

[bohoomil]

As far as I can tell, the recent build (2015.11.08) fixes the issues with svg files. Would you mind checking this out on your machine(s)? Thank you in advance.

[SammysHP]

freetype2-infinality-ultimate 2.6.1-2

Still the same issue.

nautilus[11931]: segfault at 7f1865a6f268 ip 00007f1886cbb04d sp 00007f1865a6f270 error 6 in libfreetype.so.6.12.1[7f1886c4f000+be000]

[goddesse]

@SammysHP Is this still segfaulting as of the 2015-12-05 release?

[SammysHP]

It works! Thanks.