<html>
    <head>
      <base href="https://bugs.freedesktop.org/">
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - Segmentaion failt in _cairo_traps_compositor_glyphs"
   href="https://bugs.freedesktop.org/show_bug.cgi?id=103037">103037</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>Segmentaion failt in _cairo_traps_compositor_glyphs
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>cairo
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>unspecified
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>x86-64 (AMD64)
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>Linux (All)
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>normal
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>medium
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>general
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>chris@chris-wilson.co.uk
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>fludkov.me@gmail.com
          </td>
        </tr>

        <tr>
          <th>QA Contact</th>
          <td>cairo-bugs@cairographics.org
          </td>
        </tr></table>
      <p>
        <div>
        <pre>Created <span class=""><a href="attachment.cgi?id=134564" name="attach_134564" title="gdb stacktrace">attachment 134564</a> <a href="attachment.cgi?id=134564&action=edit" title="gdb stacktrace">[details]</a></span>
gdb stacktrace

Hello,
We use Cairo & Pango for rendering in multiple threads. No memory is shared
between the threads. The rendering is done on independent image surfaces. I
have seen crashes with similar looking stacktraces for a while and think
finally got to the bottom of it. I think it happens due to a race condition in
libcairo. 

The program segfaults while trying to call NULL function pointer here
<a href="https://cgit.freedesktop.org/cairo/tree/src/cairo-traps-compositor.c?h=1.14#n2314">https://cgit.freedesktop.org/cairo/tree/src/cairo-traps-compositor.c?h=1.14#n2314</a>
I found that `compositor` points to a static structure and its contents are
half initialized. At the same time, there is another thread in
<a href="https://cgit.freedesktop.org/cairo/tree/src/cairo-image-compositor.c?h=1.14#n1259">https://cgit.freedesktop.org/cairo/tree/src/cairo-image-compositor.c?h=1.14#n1259</a>
in a process of initializing `static cairo_traps_compositor_t compositor;`
which is used in the first thread.

I'm attaching gdb stacktrace as an example of the crash. Looking at the code
there are a couple of other places where libcairo lazily initializes it's
statically allocated memory. Is there a way to "prepare" the library and
initialize it's structures and static mutexes to "workaround" the race
conditions like the one I'm facing right now?

The libraries used libcairo 1.14.0, libpango1.0-0 1.36.8</pre>
        </div>
      </p>


      <hr>
      <span>You are receiving this mail because:</span>

      <ul>
          <li>You are the QA Contact for the bug.</li>
      </ul>
    </body>
</html>