[cairo-bugs] [Bug 87567] Toy font face causes cairo_debug_reset_static_data crash.

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Mon Dec 22 01:16:07 PST 2014


--- Comment #1 from Massimo <sixtysix at inwind.it> ---
git bisect ends with

337ab1f8d9e29086bfb4001508b28835b41c6390 is the first bad commit
commit 337ab1f8d9e29086bfb4001508b28835b41c6390
Author: Chris Wilson <chris at chris-wilson.co.uk>
Date:   Tue Sep 17 16:28:19 2013 +0100

and that commit introduced in cairo/src/cairo-font-face.c a
function __put () that hardly returns 0, it returns the ref
count before decreasing it (unless it is 1) and is called in 
2 places like this: 

    assert (CAIRO_REFERENCE_COUNT_HAS_REFERENCE (&font_face->ref_count));

    if (__put (&font_face->ref_count))

    if (! font_face->backend->destroy (font_face))

and the second if is not executed even in a single threaded

You are receiving this mail because:
You are the QA Contact for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cairographics.org/archives/cairo-bugs/attachments/20141222/21d2f8b1/attachment.html>

More information about the cairo-bugs mailing list