Launchpad has imported 4 comments from the remote bug at http://bugs.freedesktop.org/show_bug.cgi?id=17096.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2008-08-12T13:05:19+00:00 Pedro Villavicencio wrote: this report has been filed here: https://bugs.edge.launchpad.net/ubuntu/+source/cairo/+bug/256508 ". Thread 3 (process 7638): #0 0xb8092424 in __kernel_vsyscall () #1 0xb73a3392 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/tls/i686/cmov/libpthread.so.0 #2 0xb772913d in g_cond_timed_wait_posix_impl (cond=0x8d365b0, entered_mutex=0x80, abs_time=0x7) at /build/buildd/glib2.0-2.17.6/gthread/gthread-posix.c:242 result = <value optimized out> end_time = {tv_sec = 1218329403, tv_nsec = 179362000} timed_out = <value optimized out> __PRETTY_FUNCTION__ = "g_cond_timed_wait_posix_impl" #3 0xb75d21f9 in g_async_queue_pop_intern_unlocked (queue=0x8885600, try=<value optimized out>, end_time=0xb6926324) at /build/buildd/glib2.0-2.17.6/glib/gasyncqueue.c:365 retval = <value optimized out> __PRETTY_FUNCTION__ = "g_async_queue_pop_intern_unlocked" #4 0xb75d22f7 in IA__g_async_queue_timed_pop (queue=0x8885600, end_time=0xb6926324) at /build/buildd/glib2.0-2.17.6/glib/gasyncqueue.c:491 retval = <value optimized out> __PRETTY_FUNCTION__ = "IA__g_async_queue_timed_pop" #5 0xb7624953 in g_thread_pool_thread_proxy (data=0x88c5620) at /build/buildd/glib2.0-2.17.6/glib/gthreadpool.c:121 task = <value optimized out> pool = (GRealThreadPool *) 0x0 #6 0xb762334f in g_thread_create_proxy (data=0x88c5698) at /build/buildd/glib2.0-2.17.6/glib/gthread.c:635 __PRETTY_FUNCTION__ = "g_thread_create_proxy" #7 0xb739f4ff in start_thread () from /lib/tls/i686/cmov/libpthread.so.0 #8 0xb731c64e in clone () from /lib/tls/i686/cmov/libc.so.6 . Thread 2 (process 7637): #0 0xb8092424 in __kernel_vsyscall () #1 0xb7311de7 in poll () from /lib/tls/i686/cmov/libc.so.6 #2 0xb75fbd12 in g_main_context_iterate (context=0x8884d90, block=1, dispatch=1, self=0x8855408) at /build/buildd/glib2.0-2.17.6/glib/gmain.c:3033 max_priority = 2147483647 timeout = 500 some_ready = <value optimized out> nfds = 16 allocated_nfds = <value optimized out> fds = (GPollFD *) 0x8acdde8 __PRETTY_FUNCTION__ = "g_main_context_iterate" #3 0xb75fc3a2 in IA__g_main_loop_run (loop=0x88e1278) at /build/buildd/glib2.0-2.17.6/glib/gmain.c:2928 self = (GThread *) 0x8855408 __PRETTY_FUNCTION__ = "IA__g_main_loop_run" #4 0xb7a17ce9 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0 #5 0x080803ab in main (argc=5, argv=0xbfcae824) at nautilus-main.c:581 kill_shell = 0 restart_shell = 0 no_default_window = 0 browser_window = 0 no_desktop = 0 autostart_mode = 0 startup_id = <value optimized out> autostart_id = <value optimized out> startup_id_copy = 0x88a4b48 "My Book.volume" session_to_load = 0x0 geometry = (gchar *) 0x0 remaining = (const gchar **) 0x0 perform_self_check = 0 context = <value optimized out> application = (NautilusApplication *) 0x8881850 program = (GnomeProgram *) 0x8868858 options = {{long_name = 0x8161b5c "check", short_name = 99 'c', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0xbfcae6f0, description = 0x8161bcc "Perform a quick set of self-check tests.", arg_description = 0x0}, {long_name = 0x81657cf "geometry", short_name = 103 'g', flags = 0, arg = G_OPTION_ARG_STRING, arg_data = 0xbfcae6f8, description = 0x8161bf8 "Create the initial window with the given geometry.", arg_description = 0x81619e9 "GEOMETRY"}, {long_name = 0x81619f2 "no-default-window", short_name = 110 'n', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0xbfcae708, description = 0x8161c2c "Only create windows for explicitly specified URIs.", arg_description = 0x0}, { long_name = 0x8161a04 "no-desktop", short_name = 0 '\0', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0xbfcae700, description = 0x8161c60 "Do not manage the desktop (ignore the preference set in the preferences dialog).", arg_description = 0x0}, {long_name = 0x81648fe "browser", short_name = 0 '\0', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0xbfcae704, description = 0x8161a0f "open a browser window.", arg_description = 0x0}, {long_name = 0x8161b64 "quit", short_name = 113 'q', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0xbfcae710, description = 0x8161a26 "Quit Nautilus.", arg_description = 0x0}, {long_name = 0x8161b6b "restart", short_name = 0 '\0', flags = 1, arg = G_OPTION_ARG_NONE, arg_data = 0xbfcae70c, description = 0x8161a35 "Restart Nautilus.", arg_description = 0x0}, {long_name = 0x8166ae8 "", short_name = 0 '\0', flags = 0, arg = G_OPTION_ARG_STRING_ARRAY, arg_data = 0xbfcae6f4, description = 0x0, arg_description = 0x8161a47 "[URI...]"}, {long_name = 0x815e000 "load-session", short_name = 108 'l', flags = 0, arg = G_OPTION_ARG_STRING, arg_data = 0xbfcae6fc, description = 0x8161cb4 "Load a saved session from the specified file. Implies \"--no-default-window\".", arg_description = 0x8161a50 "FILENAME"}, {long_name = 0x0, short_name = 0 '\0', flags = 0, arg = G_OPTION_ARG_NONE, arg_data = 0x0, description = 0x0, arg_description = 0x0}} . Thread 1 (process 7671): #0 *INT_cairo_surface_get_font_options (surface=0xb78086a0, options=0x9688e80) at /build/buildd/cairo-1.6.4/src/cairo-surface.c:633 No locals. #1 0xb7228c00 in _pango_cairo_update_context (cr=0x8e36808, context=0x8dd3cf0) at /build/buildd/pango1.0-1.21.3/pango/pangocairo-context.c:104 info = (PangoCairoContextInfo *) 0x98c9840 cairo_matrix = {xx = -1.667335739498894e-41, yx = 2.6629322274470552e-267, xy = -4.2458933122252789e-43, yy = 5.6672479863462401e-266, x0 = -4.1600285101525437e-43, y0 = 1.4580379106921624e-267} target = (cairo_surface_t *) 0xb78086a0 pango_matrix = {xx = -9.9323417509544179e-42, xy = 1.4580379094910454e-267, yx = -8.8070004422276986e-42, yy = 2.1927140174974026e-314, x0 = -1.6658621865824984e-41, y0 = 5.6672479902668967e-266} current_matrix = <value optimized out> merged_options = <value optimized out> old_merged_options = <value optimized out> changed = <value optimized out> identity_matrix = {xx = 1, xy = 0, yx = 0, yy = 1, x0 = 0, y0 = 0} #2 0xb7ea4586 in rsvg_cairo_create_pango_context (ctx=0x969e878) at rsvg-cairo-draw.c:467 fontmap = <value optimized out> context = (PangoContext *) 0x8dd3cf0 render = (RsvgCairoRender *) 0x8e9c360 #3 0xb7e9cea4 in rsvg_text_render_text (ctx=0x969e878, text=0x9568440 "", x=0xb21f0d58, y=0xb21f0d50) at rsvg-text.c:847 context = <value optimized out> layout = <value optimized out> iter = <value optimized out> state = (RsvgState *) 0x8b57bd8 w = <value optimized out> h = 21 #4 0xb7e9d2c0 in _rsvg_node_text_type_children (self=0x97ba4f0, ctx=0x969e878, x=0xb21f0d58, y=0xb21f0d50, lastwasspace=0xb21f0d64) at rsvg-text.c:178 str = (GString *) 0x99fc3d0 node = (RsvgNode *) 0x97ba760 i = 0 #5 0xb7e9d60c in _rsvg_node_text_draw (self=0x97ba4f0, ctx=0x969e878, dominate=0) at rsvg-text.c:253 x = 0 y = 2 lastwasspace = 1 #6 0xb7e966e1 in rsvg_node_draw (self=0x9688e80, ctx=0x969e878, dominate=0) at rsvg-structure.c:53 state = (RsvgState *) 0xb7808ff4 stacksave = (GSList *) 0x0 #7 0xb7e9693a in _rsvg_node_draw_children (self=0x97b3828, ctx=0x969e878, dominate=0) at rsvg-structure.c:69 i = 32 #8 0xb7e966e1 in rsvg_node_draw (self=0x9688e80, ctx=0x969e878, dominate=0) at rsvg-structure.c:53 state = (RsvgState *) 0xb7808ff4 stacksave = (GSList *) 0x0 #9 0xb7e9693a in _rsvg_node_draw_children (self=0x95513c8, ctx=0x969e878, dominate=0) at rsvg-structure.c:69 i = 16 #10 0xb7e966e1 in rsvg_node_draw (self=0x9688e80, ctx=0x969e878, dominate=0) at rsvg-structure.c:53 state = (RsvgState *) 0xb7808ff4 stacksave = (GSList *) 0x0 #11 0xb7e971da in rsvg_node_svg_draw (self=0x8de8e50, ctx=0x969e878, dominate=0) at rsvg-structure.c:309 state = <value optimized out> affine = {0.99999999999998979, 0, 0, 1.0000000001779179, 0, 0} affine_old = {0.14562002275312855, 0, 0, 0.14562002275312855, 0, 0} affine_new = {0.14562002275312705, 0, 0, 0.14562002277903696, 0, 0} i = 8 nx = 0 ny = 0 nw = 878.90999999999099 nh = 878.916425156375 #12 0xb7e966e1 in rsvg_node_draw (self=0x9688e80, ctx=0x969e878, dominate=0) at rsvg-structure.c:53 state = (RsvgState *) 0xb7808ff4 stacksave = (GSList *) 0x0 #13 0xb7ea4abf in rsvg_handle_render_cairo_sub (handle=0x8dd1ea0, cr=0x8e36808, id=0x0) at rsvg-cairo-render.c:228 drawsub = (RsvgNode *) 0x8b572c8 __PRETTY_FUNCTION__ = "rsvg_handle_render_cairo_sub" #14 0xb7ea501e in rsvg_handle_get_pixbuf_sub (handle=0x8dd1ea0, id=0x0) at rsvg.c:100 dimensions = {width = 128, height = 128, em = 879, ex = 879} output = <value optimized out> surface = (cairo_surface_t *) 0x90d7250 cr = (cairo_t *) 0x8e36808 rowstride = 512 __PRETTY_FUNCTION__ = "rsvg_handle_get_pixbuf_sub" #15 0xb7ea50f5 in rsvg_handle_get_pixbuf (handle=0x8dd1ea0) at rsvg.c:133 No locals. #16 0xb45bcaea in gdk_pixbuf__svg_image_stop_load (data=0x8e624e0, error=0xb21f11d8) at io-svg.c:154 pixbuf = <value optimized out> #17 0xb7814467 in IA__gdk_pixbuf_loader_close (loader=0x8e35810, error=0x0) at /build/buildd/gtk+2.0-2.13.6/gdk-pixbuf/gdk-pixbuf-loader.c:724 tmp = (GError *) 0x0 priv = (GdkPixbufLoaderPrivate *) 0x8e9bf30 retval = 1 __PRETTY_FUNCTION__ = "IA__gdk_pixbuf_loader_close" #18 0xb7e260b8 in gnome_gdk_pixbuf_new_from_uri_at_scale (uri=0x8e0eee8 "file:///tmp/output-13437-z14.svg", width=128, height=128, preserve_aspect_ratio=1) at gnome-vfs-util.c:231 result = GNOME_VFS_OK buffer = ">\n <text x=\"1263.548\" y=\"981.392052543109\" k=\"name\" class=\"place-caption locality-caption\">Obernberg</text>\n <text x=\"503.789000000001\" y=\"664.527611808224\" k=\"name\" class=\"caption-cas"... bytes_read = <value optimized out> loader = (GdkPixbufLoader *) 0x8e35810 pixbuf = <value optimized out> animation = <value optimized out> iter = (GdkPixbufAnimationIter *) 0x80 info = {width = 128, height = 128, input_width = 879, input_height = 879, preserve_aspect_ratio = 1} file = (GFile *) 0x8de8f80 file_input_stream = (GFileInputStream *) 0x8dda2f0 __PRETTY_FUNCTION__ = "gnome_gdk_pixbuf_new_from_uri_at_scale" #19 0xb7e151dc in gnome_thumbnail_factory_generate_thumbnail (factory=0x8e03e40, uri=0x8e0eee8 "file:///tmp/output-13437-z14.svg", mime_type=0x8e37010 "image/svg+xml") at gnome-thumbnail.c:660 pixbuf = (GdkPixbuf *) 0x0 scaled = <value optimized out> tmp_pixbuf = <value optimized out> expanded_script = 0x0 width = <value optimized out> height = <value optimized out> size = 128 original_width = -1207245208 original_height = -1306582272 dimension = "\\ÑÜ·ô_\030\b\000\000\000" scale = 0 exit_status = 5 tmpname = 0x8186a9c "\020Pá·Z\\\006\bj\\\006\bz\\\006\b\212\\\006\b\232\\\006\bª\\\006\b`3j·Ê\\\006\bÚ\\\006\bàÝm·ú\\\006\b\n]\006\b\032]\006\b*]\006\bàÆ¥·J]\006\bZ]\006\bÀÝ\207·P&¡·0\n\206·\232]\006\bª]\006\bº]\006\bÊ]\006\bP\026¶·ê]\006\bú]\006\b\n^\006\b\200Ð\207·*^\006\bÐÛ¶·Ð)\225·Z^\006\bàý^·\220»o·\212^\006\b\232^\006\b \207a·°g_·Ê^\006\bÐ=¶·ê^\006\bú^\006\bp\vH·" __PRETTY_FUNCTION__ = "gnome_thumbnail_factory_generate_thumbnail" #20 0x0814c27e in thumbnail_thread_start (data=0x0) at nautilus-thumbnails.c:981 info = (NautilusThumbnailInfo *) 0x8ddafe8 pixbuf = (GdkPixbuf *) 0x0 current_orig_mtime = 1218328193 current_time = 1218329387 __PRETTY_FUNCTION__ = "thumbnail_thread_start" #21 0xb739f4ff in start_thread () from /lib/tls/i686/cmov/libpthread.so.0 #22 0xb731c64e in clone () from /lib/tls/i686/cmov/libc.so.6" SVG file: http://launchpadlibrarian.net/16728228/output-7043-z15.svg Thanks, Reply at: https://bugs.launchpad.net/libcairo/+bug/256508/comments/4 ------------------------------------------------------------------------ On 2008-08-12T13:33:33+00:00 Chris Wilson wrote: My educated guess is that 0xb78086a0 is an error surface, on which we attempt to initialize the font_options, hence the SIGSEGV. Can you test this? (If I am right, you still won't see the desired result but the crash should be resolved.) commit c73b3e43e120065e40d8fc48c9bdbd88ebe8ab40 Author: Chris Wilson <[email protected]> Date: Tue Aug 12 21:21:20 2008 +0100 [cairo-surface] Check for the error surface in _get_font_options() cairo_surface_get_font_options() has the side effect of initialising the font options on the surface, but fails to check that the surface is valid first. Therefore if we are passed a read-only error object, we will trigger a segmentation fault. Most likely this is the bug behind: http://bugs.freedesktop.org/show_bug.cgi?id=17096. Reply at: https://bugs.launchpad.net/libcairo/+bug/256508/comments/5 ------------------------------------------------------------------------ On 2008-09-12T15:48:57+00:00 John Clemens wrote: Verified that the above patch fixed the problem in that it at least prevents the segfault and the thumbnail even works. Verified by compiling the cairo from the commit just before this one, and then running firefox with the compiled library LD_LIBRARY_PATH'd in. doing File->Open File, and navigating to the directory with the bad file. With the commit before this, firefox crashes.. with this fix, it works. So, this fixes the bug in cairo, but should error surfaces be getting down this far? i.e., does this point to another bug in librsvg or pango? Thanks for the fix. Reply at: https://bugs.launchpad.net/libcairo/+bug/256508/comments/9 ------------------------------------------------------------------------ On 2008-10-10T11:06:00+00:00 Chris Wilson wrote: Given the identification that it was indeed an error surface that we tried to write to, it is indicative that the caller could check for an error early (if they so desire) although they are free to just check for any errors after all the operations are completion. Reply at: https://bugs.launchpad.net/libcairo/+bug/256508/comments/13 ** Changed in: libcairo Importance: Unknown => Medium -- nautilus crashed with SIGSEGV in cairo_surface_get_font_options() https://bugs.launchpad.net/bugs/256508 You received this bug notification because you are a member of Registry Administrators, which is the registrant for libcairo. _______________________________________________ Mailing list: https://launchpad.net/~registry Post to : [email protected] Unsubscribe : https://launchpad.net/~registry More help : https://help.launchpad.net/ListHelp
