diff options
| author | Carlos Garcia Campos <cgarcia@igalia.com> | 2017-10-18 11:33:25 +0200 |
|---|---|---|
| committer | Bryce Harrington <bryce@osg.samsung.com> | 2017-12-04 15:30:43 -0800 |
| commit | bc21c580c8eda1e04a3cd14edd0f22d0cc54ade9 (patch) | |
| tree | ac95b37db5f5e4ed7dddddfd300e7c09a8952173 | |
| parent | 96b918c4458ce0546e107af69bb7efe832c097a3 (diff) | |
| download | cairo-bc21c580c8eda1e04a3cd14edd0f22d0cc54ade9.tar.gz | |
scaled-font: Fix assert when destroying glyph page
This happens when _cairo_ft_scaled_glyph_init() returns
CAIRO_INT_STATUS_UNSUPPORTED when called from
_cairo_scaled_glyph_lookup(). In those cases
_cairo_scaled_font_free_last_glyph() is called to release the glyph that
has just been allocated. If there aren't more glyphs,
_cairo_scaled_glyph_page_destroy() is called. The problem is that
_cairo_scaled_glyph_lookup() should always be called with the cache
frozen, and _cairo_scaled_glyph_page_destroy() without the cache
frozen. We can simply thaw/freeze the font before calling
_cairo_scaled_glyph_page_destroy().
https://bugs.freedesktop.org/show_bug.cgi?id=103335
| -rw-r--r-- | src/cairo-scaled-font.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/cairo-scaled-font.c b/src/cairo-scaled-font.c index a22b36eef..53a370d3a 100644 --- a/src/cairo-scaled-font.c +++ b/src/cairo-scaled-font.c @@ -2907,6 +2907,7 @@ _cairo_scaled_font_free_last_glyph (cairo_scaled_font_t *scaled_font, { cairo_scaled_glyph_page_t *page; + assert (scaled_font->cache_frozen); assert (! cairo_list_is_empty (&scaled_font->glyph_pages)); page = cairo_list_last_entry (&scaled_font->glyph_pages, cairo_scaled_glyph_page_t, @@ -2916,6 +2917,9 @@ _cairo_scaled_font_free_last_glyph (cairo_scaled_font_t *scaled_font, _cairo_scaled_glyph_fini (scaled_font, scaled_glyph); if (--page->num_glyphs == 0) { + _cairo_scaled_font_thaw_cache (scaled_font); + CAIRO_MUTEX_LOCK (scaled_font->mutex); + CAIRO_MUTEX_LOCK (_cairo_scaled_glyph_page_cache_mutex); /* Temporarily disconnect callback to avoid recursive locking */ cairo_scaled_glyph_page_cache.entry_destroy = NULL; @@ -2924,6 +2928,9 @@ _cairo_scaled_font_free_last_glyph (cairo_scaled_font_t *scaled_font, _cairo_scaled_glyph_page_destroy (scaled_font, page); cairo_scaled_glyph_page_cache.entry_destroy = _cairo_scaled_glyph_page_pluck; CAIRO_MUTEX_UNLOCK (_cairo_scaled_glyph_page_cache_mutex); + + CAIRO_MUTEX_UNLOCK (scaled_font->mutex); + _cairo_scaled_font_freeze_cache (scaled_font); } } |