Chromium crashes with harfbuzz-1.6.1 #578

octoploid · 2017-10-23T13:19:09Z

Chromium crashes with "Aw, Snap!" when using harfbuzz-1.6.1.
harfbuzz-1.6.0 is fine.
(chromium config is "use_system_freetype=true".

I haven't been able to reproduce the issue under gdb, so sorry no backtrace.

behdad · 2017-10-23T13:22:33Z

Does it happen all the time though?

behdad · 2017-10-23T13:23:34Z

@drott

octoploid · 2017-10-23T13:26:36Z

@behdad :yes I can make it crash 100% by visiting https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/hjl/pie/static and then hitting Ctrl-h (for history).
The new history tab shows "Aw, Snap!".

BinaryKhaos · 2017-10-23T13:29:30Z

Same happens here w/ Emacs (v26 git head) and the unicode-fonts package loaded. As soon as the package initializes and processes fonts, it crashes w/ harfbuzz-1.6.1 (also git master) but not with 1.6.0.

Here the relevant backtrace outside of Emacs itself:

#0  0x00007fffee7e41e9 in hb_set_subtract () from /usr/lib64/libharfbuzz.so.0
#1  0x00007ffff3b0f765 in af_shaper_get_coverage (globals=globals@entry=0x7f52980, style_class=0x7ffff3b38c40 <af_grek_c2sc_style_class>, gstyles=gstyles@entry=0x7f52c88,
    default_script=default_script@entry=0 '\000') at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afshaper.c:347
#2  0x00007ffff3b0fa85 in af_face_globals_compute_style_coverage (globals=0x7f52980) at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afglobal.c:244
#3  af_face_globals_new (face=face@entry=0x7e105e0, aglobals=aglobals@entry=0x7fffffff27e8, module=module@entry=0x2c431b0)
    at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afglobal.c:371
#4  0x00007ffff3b10396 in af_loader_reset (face=0x7e105e0, module=0x2c431b0, loader=0x7fffffff27e0)
    at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afloader.c:56
#5  af_loader_load_glyph (load_flags=0, glyph_index=3, face=0x7e105e0, module=0x2c431b0, loader=0x7fffffff27e0)
    at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afloader.c:304
#6  af_autofitter_load_glyph (module=0x2c431b0, slot=<optimized out>, size=<optimized out>, glyph_index=3, load_flags=0)
    at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afmodule.c:561
#7  0x00007ffff3ac14b8 in FT_Load_Glyph (face=0x7e105e0, glyph_index=3, load_flags=0) at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/base/ftobjs.c:757
#8  0x00007ffff51a9eed in XftFontLoadGlyphs () from /usr/lib64/libXft.so.2
#9  0x00007ffff51a75db in XftGlyphExtents () from /usr/lib64/libXft.so.2
#10 0x00007ffff51a767a in XftTextExtents8 () from /usr/lib64/libXft.so.2

behdad · 2017-10-23T13:31:21Z

Thanks. Will figure it out later today.

behdad · 2017-10-23T18:02:44Z

Same happens here w/ Emacs (v26 git head) and the unicode-fonts package loaded. As soon as the package initializes and processes fonts, it crashes w/ harfbuzz-1.6.1 (also git master) but not with 1.6.0.

Any chance you know what font this happens with?

behdad · 2017-10-23T18:03:02Z

You can poke around the FT_Face in gdb to figure out.

behdad · 2017-10-23T18:20:09Z

Ok, reproduced.

behdad · 2017-10-23T18:29:30Z

Fixed. Rolling release now.

behdad · 2017-10-23T18:41:28Z

1.6.2 is out. Please test and let me know. Thanks. :)

octoploid · 2017-10-23T18:56:24Z

Works fine now. Thanks for the quick fix.

BinaryKhaos · 2017-10-24T07:50:34Z

@behdad Sorry, I saw your msg just minutes ago as I was busy yesterday, otherwise I would have gladly helped out with the font name.

Thanks for the fix... I can confirm, it works fine now again on my end as well.

…1.6.2 Overview of changes leading to 1.6.2 Monday, October 23nd, 2017 ==================================== - Yesterday's release had a bad crasher; don't use it. That's what happens when one works on Sunday... harfbuzz/harfbuzz#578 - Build fixes for FreeBSD and Chrome Android. commit e60350551addbd945491f662e98464c9e3e9fec5 Author: Behdad Esfahbod <behdad@behdad.org> Date: Tue Jul 18 19:14:19 2017 -0700 [hb-shape] Improve shaping-debug output Before, that was printed using --debug (and in both hb-shape and hb-view). Changed it, now hb-shape has a new command-line argument called --show-messages. When invoked, it also respects other output formatting options. The messages are better formatted and printed to te same place that hb-shape output is directed to. Previously they were written to stderr. (NEWS truncated at 15 lines)

Overview of changes leading to 1.7.1 Tuesday, November 14, 2017 ==================================== - Fix atexit object destruction regression. - Fix minor integer-overflow. Overview of changes leading to 1.7.0 Monday, November 13, 2017 ==================================== - Minor Indic fixes. - Implement kerning and glyph names in hb-ot-font. - Various DSO optimization re .data and .bss sizes. - Make C++11 optional; build fixes. - Mark all other backends "unsafe-to-break". - Graphite fix. Overview of changes leading to 1.6.3 Thursday, October 26th, 2017 ==================================== - Fix hb_set_t some more. Should be solid now. - Implement get_glyph_name() for hb-ot-font. - Misc fixes. Overview of changes leading to 1.6.2 Monday, October 23nd, 2017 ==================================== - Yesterday's release had a bad crasher; don't use it. That's what happens when one works on Sunday... harfbuzz/harfbuzz#578 - Build fixes for FreeBSD and Chrome Android. Overview of changes leading to 1.6.1 Sunday, October 22nd, 2017 ==================================== - Don't skip over COMBINING GRAPHEME JOINER when ligating, etc. To be refined: harfbuzz/harfbuzz#554 - Faster hb_set_t implementation. - Don't use deprecated ICU API. - Fix undefined-behavior in Myanmar shaper, introduced in 1.6.0 - Deprecated API: hb_set_invert() Overview of changes leading to 1.6.0 Friday, October the 13th, 2017 ==================================== - Update to Unicode 10. - Various Indic and Universal Shaping Engine fixes as a result of HarfBuzz Hackfest with Jonathan Kew at Web Engines Hackfest at the Igalia offices in A Coruña, Spain. Thanks Igalia for having us! - Implement Unicode Arabic Mark Ordering Algorithm UTR#53. - Implement optical sizing / tracking in CoreText backend, using new API hb_font_set_ptem(). - Allow notifying hb_font_t that underlying FT_Face changed sizing, using new API hb_ft_font_changed(). - More Graphite backend RTL fixes. - Fix caching of variable font shaping plans. - hb-view / hb-shape now accept following new arguments: o --unicodes: takes a list of hex numbers that represent Unicode codepoints. New API: +hb_face_get_table_tags() +hb_font_set_ptem() +hb_font_get_ptem() +hb_ft_font_changed()

behdad closed this as completed in 8170801 Oct 23, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Chromium crashes with harfbuzz-1.6.1 #578

Chromium crashes with harfbuzz-1.6.1 #578

octoploid commented Oct 23, 2017 •

edited

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

octoploid commented Oct 23, 2017

BinaryKhaos commented Oct 23, 2017

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

octoploid commented Oct 23, 2017

BinaryKhaos commented Oct 24, 2017

Chromium crashes with harfbuzz-1.6.1 #578

Chromium crashes with harfbuzz-1.6.1 #578

Comments

octoploid commented Oct 23, 2017 • edited

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

octoploid commented Oct 23, 2017

BinaryKhaos commented Oct 23, 2017

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

behdad commented Oct 23, 2017

octoploid commented Oct 23, 2017

BinaryKhaos commented Oct 24, 2017

octoploid commented Oct 23, 2017 •

edited