Chromium crashes with harfbuzz-1.6.1

[octoploid]

Chromium crashes with "Aw, Snap!" when using harfbuzz-1.6.1.
harfbuzz-1.6.0 is fine.
(chromium config is "use_system_freetype=true".

I haven't been able to reproduce the issue under gdb, so sorry no backtrace.

[behdad]

Does it happen all the time though?

[behdad]

@drott

[octoploid]

@behdad :yes I can make it crash 100% by visiting https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/hjl/pie/static and then hitting Ctrl-h (for history).
The new history tab shows "Aw, Snap!".

[BinaryKhaos]

Same happens here w/ Emacs (v26 git head) and the unicode-fonts package loaded. As soon as the package initializes and processes fonts, it crashes w/ harfbuzz-1.6.1 (also git master) but not with 1.6.0.

Here the relevant backtrace outside of Emacs itself:

#0  0x00007fffee7e41e9 in hb_set_subtract () from /usr/lib64/libharfbuzz.so.0
#1  0x00007ffff3b0f765 in af_shaper_get_coverage (globals=globals@entry=0x7f52980, style_class=0x7ffff3b38c40 <af_grek_c2sc_style_class>, gstyles=gstyles@entry=0x7f52c88,
    default_script=default_script@entry=0 '\000') at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afshaper.c:347
#2  0x00007ffff3b0fa85 in af_face_globals_compute_style_coverage (globals=0x7f52980) at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afglobal.c:244
#3  af_face_globals_new (face=face@entry=0x7e105e0, aglobals=aglobals@entry=0x7fffffff27e8, module=module@entry=0x2c431b0)
    at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afglobal.c:371
#4  0x00007ffff3b10396 in af_loader_reset (face=0x7e105e0, module=0x2c431b0, loader=0x7fffffff27e0)
    at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afloader.c:56
#5  af_loader_load_glyph (load_flags=0, glyph_index=3, face=0x7e105e0, module=0x2c431b0, loader=0x7fffffff27e0)
    at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afloader.c:304
#6  af_autofitter_load_glyph (module=0x2c431b0, slot=<optimized out>, size=<optimized out>, glyph_index=3, load_flags=0)
    at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/autofit/afmodule.c:561
#7  0x00007ffff3ac14b8 in FT_Load_Glyph (face=0x7e105e0, glyph_index=3, load_flags=0) at /usr/src/debug/media-libs/freetype-2.8.1/freetype-2.8.1/src/base/ftobjs.c:757
#8  0x00007ffff51a9eed in XftFontLoadGlyphs () from /usr/lib64/libXft.so.2
#9  0x00007ffff51a75db in XftGlyphExtents () from /usr/lib64/libXft.so.2
#10 0x00007ffff51a767a in XftTextExtents8 () from /usr/lib64/libXft.so.2

[behdad]

Thanks. Will figure it out later today.

[behdad]

Same happens here w/ Emacs (v26 git head) and the unicode-fonts package loaded. As soon as the package initializes and processes fonts, it crashes w/ harfbuzz-1.6.1 (also git master) but not with 1.6.0.

Any chance you know what font this happens with?

[behdad]

You can poke around the FT_Face in gdb to figure out.

[behdad]

Ok, reproduced.

[behdad]

Fixed. Rolling release now.

[behdad]

1.6.2 is out. Please test and let me know. Thanks. :)

[octoploid]

Works fine now. Thanks for the quick fix.

[BinaryKhaos]

@behdad Sorry, I saw your msg just minutes ago as I was busy yesterday, otherwise I would have gladly helped out with the font name.

Thanks for the fix... I can confirm, it works fine now again on my end as well.