[Devel] FreeType 2.1.5+fontconfig 2.2.1=fc-cache segv

[Kelledin]

I just discovered that FreeType-2.1.5 causes fc-cache to segfault 
on my system.  Judging from the gdb backtrace, it appears to be 
a double free bug in libfreetype:

[ address@hidden ~ ] # gdb fc-cache
GNU gdb 5.3
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, 
and you are
welcome to change it and/or distribute copies of it under certain 
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" 
for details.
This GDB was configured as "i486-incept-linux-gnu"...(no 
debugging symbols found)...
(gdb) run
Starting program: /usr/bin/fc-cache
(no debugging symbols found)...(no debugging symbols found)...(no 
debugging symbols found)...(no debugging symbols found)...(no 
debugging symbols found)...(no debugging symbols found)...
Program received signal SIGSEGV, Segmentation fault.
0x401508d7 in free () from /lib/libc.so.6
(gdb) bt full
#0  0x401508d7 in free () from /lib/libc.so.6
No symbol table info available.
#1  0x4005c21c in _init () from /usr/lib/libfreetype.so.6
No symbol table info available.
#2  0x4005c648 in FT_Free () from /usr/lib/libfreetype.so.6
No symbol table info available.
#3  0x400944eb in gray_raster_render () from 
/usr/lib/libfreetype.so.6
No symbol table info available.
#4  0x4005fb70 in FT_Load_Char () from /usr/lib/libfreetype.so.6
No symbol table info available.
#5  0x40060e4a in FT_Done_Face () from /usr/lib/libfreetype.so.6
No symbol table info available.
#6  0x400386b2 in FcFreeTypeQuery () from 
/usr/lib/libfontconfig.so.1
No symbol table info available.
#7  0x40039672 in FcFileScan () from /usr/lib/libfontconfig.so.1
No symbol table info available.
#8  0x400399d2 in FcDirScan () from /usr/lib/libfontconfig.so.1
No symbol table info available.
#9  0x08048d13 in FcFontSetDestroy ()
No symbol table info available.
#10 0x08049074 in FcFontSetDestroy ()
No symbol table info available.
#11 0x400f1b6c in __libc_start_main () from /lib/libc.so.6
No symbol table info available.

(Yes, I like to strip libraries.  Sorry 'bout that.)

As for system stats:
gcc             3.2.3 (EVERYTHING built from this)
glibc           2.3.2
binutils        2.14
kernel          2.4.21+SGI XFS
XFree86         4.3.0.1+xfs vuln patch

(I expect XFree86 doesn't even enter into the equation though,
aside from providing the font files.)

The problem doesn't occur in freetype-2.1.4.  It might not occur 
in recent fontconfig CVS--but the fontconfig home page is 
currently in a mess, so I don't know. :(

Anyone seen this before?  For now I'm just switching back to 
freetype-2.1.4, so it's not a big catastrophe.  Also, please CC 
me off-list, as I'm not subscribed.

-- 
Kelledin
"If a server crashes in a server farm and no one pings it, does 
it still cost four figures to fix?"