search

gtkforphp / cairo

PHP extension for Cairo Graphics Library
Other
27 stars 19 forks source link

master branch segfaults in FT_Set_Transform #14

Closed medic123de closed 9 years ago

medic123de commented 9 years ago

Hi, because 0.3.2 shows a (for me very bad) memory leak, i planned to go with master. the good news: the memory leak is gone.

1st i suffered the FT_Free problem, which i solved by updating to a more recent version of libcairo + libfreetype

Now i suffer another segfault about every 10th request. I am using php-fpm, but also php-fcgi shows this behaviour:

(gdb) bt
#0  FT_Set_Transform (face=0x21b3b90, matrix=0x7fff54270010, delta=0x0) at /root/rpmbuild/BUILD/freetype-2.5.5/src/base/ftobjs.c:506
#1  0x00007f95d491f27f in _cairo_ft_unscaled_font_set_scale (unscaled=0x21b40c0, scale=) at cairo-ft-font.c:831
#2  0x00007f95d491f4d1 in _cairo_ft_font_face_scaled_font_create (abstract_font_face=0x24001d0, font_matrix=0x2181200, ctm=0x7fff54270330, options=0x7fff54270360, 
    font_out=0x7fff542702e8) at cairo-ft-font.c:1935
#3  0x00007f95d48bbe17 in cairo_scaled_font_create (font_face=, font_matrix=, ctm=, options=0x7fff54270360)
    at cairo-scaled-font.c:1135
#4  0x00007f95d4882b10 in _cairo_gstate_ensure_scaled_font (gstate=0x2181190) at cairo-gstate.c:1861
#5  0x00007f95d4882b79 in _cairo_gstate_get_scaled_font (gstate=0x2181190, scaled_font=0x7fff542703c8) at cairo-gstate.c:1733
#6  0x00007f95d487ede2 in _cairo_default_context_get_scaled_font (abstract_cr=) at cairo-default-context.c:1282
#7  0x00007f95d4878a62 in cairo_text_path (cr=0x2181160, utf8=0x7f95de4493c8 "blah") at cairo.c:3480
#8  0x00007f95d4b91fcb in zif_cairo_text_path (ht=, return_value=, return_value_ptr=, this_ptr=0x7f95de54bb90, 
    return_value_used=) at /root/rpmbuild/BUILD/php-pecl-cairo-0.3.2/NTS/cairo_context.c:2239
#9  0x00000000006596cc in zend_do_fcall_common_helper_SPEC (execute_data=) at /usr/src/debug/php-5.4.30/Zend/zend_vm_execute.h:643

(gdb) f 0
#0  FT_Set_Transform (face=0x21b3b90, matrix=0x7fff54270010, delta=0x0) at /root/rpmbuild/BUILD/freetype-2.5.5/src/base/ftobjs.c:506
506 /root/rpmbuild/BUILD/freetype-2.5.5/src/base/ftobjs.c: No such file or directory.
    in /root/rpmbuild/BUILD/freetype-2.5.5/src/base/ftobjs.c
(gdb) p *face
$31 = {num_faces = 140281616704264, face_index = 140281616704264, face_flags = 35339136, style_flags = 35339136, num_glyphs = 3417, family_name = 0x0, style_name = 0x0, 
  num_fixed_sizes = 0, available_sizes = 0x0, num_charmaps = 0, charmaps = 0x0, generic = {data = 0x0, finalizer = 0}, bbox = {xMin = -1361, yMin = -665, xMax = 4096, 
    yMax = 2060}, units_per_EM = 2048, ascender = 1854, descender = -434, height = 2355, max_advance_width = 4096, max_advance_height = 2355, underline_position = -292, 
  underline_thickness = 150, glyph = 0x0, size = 0x0, charmap = 0x2407ef0, driver = 0x24089f0, memory = 0x21bc630, stream = 0x0, sizes_list = {head = 0x0, tail = 0x0}, 
  autohint = {data = 0x0, finalizer = 0}, extensions = 0x0, internal = 0x0}
(gdb) p *face->internal
Cannot access memory at address 0x0

freetype codepath:

  FT_Set_Transform( FT_Face     face,
                    FT_Matrix*  matrix,
                    FT_Vector*  delta )
  {
    FT_Face_Internal  internal;

    if ( !face )
      return;

    internal = face->internal;

    internal->transform_flags = 0;

    if ( !matrix )
    {
      internal->transform_matrix.xx = 0x10000L;
      internal->transform_matrix.xy = 0;
      internal->transform_matrix.yx = 0;
      internal->transform_matrix.yy = 0x10000L;

      matrix = &internal->transform_matrix;
    }

i tried different versions of freetype & cairo, but the relevant component is cairo-pecl :(

i bisect'ed, it was introduced with commit 6b6fea4703977006627327d3f4c46403757873cb

The script i am using is:

  $fontFile = dirname(__FILE__) . "/arial.ttf";

  $surface = new \CairoImageSurface(
    CairoFormat::ARGB32,
    750,
    750
  );

  $context = new \CairoContext( $surface );
  $fontFaceObject = new \CairoFtFontFace($fontFile);
  $context->setFontFace( $fontFaceObject );
  $CairoFontMatrix = new \CairoMatrix();
  $CairoFontMatrix->scale( 12, 12 );

    for( $i = 0; $i < 10; ++$i ) {
        $angle = rand(1, 360);
        $CairoFontMatrix->rotate(deg2rad($angle));
        $context->setFontMatrix( $CairoFontMatrix );

       $x = rand(0, 750);
       $y = rand(0, 750);
        $context->MoveTo( $x, $y );
        $context->textPath( "blah" . $i );
    }
swen100 commented 9 years ago

this issue seems to be very related / identical to #2

medic123de commented 9 years ago

well, if "memory management" is all related to #2 for you - it is. For me it's not, so I disagree with you here. They eventually have a common cause (e.g. FT's refbased cache ), but not necessarily.

Not using Freetypes fontface apparently works. I am trying to find out if it's just FT or any FontFace. furthermore, i am able to crash in libcairo as well, not only in libfreetype ( which is IMHO a good argument against your 'identical to #2' ).

apparently repeatedly creating/destroying the cairo-object is an important step.

medic123de commented 9 years ago

works for me here https://github.com/gtkforphp/cairo/pull/15

auroraeosrose commented 9 years ago

THis should be fixed now