Bug 24032

Summary: Crashes and infinite loops with cairo master
Product: cairo Reporter: Søren Sandmann Pedersen <soren.sandmann>
Component: generalAssignee: Carl Worth <cworth>
Status: RESOLVED WORKSFORME QA Contact: cairo-bugs mailing list <cairo-bugs>
Severity: normal    
Priority: medium CC: Marcelo.marchetti
Version: 1.9.3   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:
Bug Depends on:    
Bug Blocks: 24384    

Description Søren Sandmann Pedersen 2009-09-18 22:26:54 UTC 
The document here:

    http://bt.pa.msu.edu/TM/BocaRaton2006/talks/davis.pdf

when rendered with evince 2.24.2 and poppler 0.8.7, both as shipped in Fedora 10, exhibits crashes and infinite loops. 

To reproduce just display in evince and scroll up and down. Try to keep the "Loading ..." text appear as much as possible.


Backtraces:

A crash:

#0  0x001c8416 in __kernel_vsyscall ()
#1  0x00843460 in raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#2  0x00844e28 in abort () at abort.c:88
#3  0x0083c40e in __assert_fail (
    assertion=0x1af6bc "((*&(&pattern->ref_count)->ref_count) > 0)", 
    file=0x1af678 "cairo-pattern.c", line=891, 
    function=0x1af8a1 "cairo_pattern_destroy") at assert.c:78
#4  0x00161682 in cairo_pattern_destroy (pattern=0x8669fc0)
    at cairo-pattern.c:891
#5  0x00cc85f7 in CairoOutputDev::updateFillColor ()
   from /usr/lib/libpoppler-glib.so.3
#6  0x02ea5f36 in Gfx::opSetFillColorSpace () from /usr/lib/libpoppler.so.3
#7  0x02e9adb2 in Gfx::execOp () from /usr/lib/libpoppler.so.3
#8  0x02e9b00f in Gfx::go () from /usr/lib/libpoppler.so.3
#9  0x02e9e17f in Gfx::display () from /usr/lib/libpoppler.so.3
#10 0x02ee72ad in Page::displaySlice () from /usr/lib/libpoppler.so.3
#11 0x00cc03da in ?? () from /usr/lib/libpoppler-glib.so.3
#12 0x00cc0517 in poppler_page_render () from /usr/lib/libpoppler-glib.so.3
#13 0x0025e058 in ?? () from /usr/lib/evince/backends/libpdfdocument.so
#14 0x00b3ba80 in ev_document_render () from /usr/lib/libevbackend.so.0
#15 0x0806196c in gtk_icon_view_set_pixbuf_column () at gtkiconview.c:5513
#16 0x0805f130 in gtk_icon_view_set_pixbuf_column () at gtkiconview.c:5513
#17 0x0315ccaf in ?? () from /lib/libglib-2.0.so.0
#18 0x009c651f in start_thread (arg=0xb723ab90) at pthread_create.c:297
#19 0x008fc04e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

an infinite loop:

Program received signal SIGINT, Interrupt.
_cairo_clip_path_to_boxes (clip_path=0x96b0d00) at cairo-clip.c:942
942	    if (! _clip_paths_are_rectilinear (clip_path))
(gdb) bt
#0  _cairo_clip_path_to_boxes (clip_path=0x96b0d00) at cairo-clip.c:942
#1  _cairo_clip_get_boxes (clip=0xbf841d64, boxes=0xbf841af4, 
    count=0xbf841af0) at cairo-clip.c:1422
#2  0x002ff8f0 in _clip_to_boxes () at cairo-surface-fallback.c:924
#3  _cairo_surface_fallback_stroke (surface=0x967e5e0, 
    op=CAIRO_OPERATOR_OVER, source=0xbf841b54, path=0x96f0ff4, 
    stroke_style=0x96f0d98, ctm=0x96f0e24, ctm_inverse=0x96f0e54, 
    tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_DEFAULT, 
    clip=0xbf841d64) at cairo-surface-fallback.c:1158
#4  0x002fb9ef in _cairo_surface_stroke (surface=0x967e5e0, 
    op=CAIRO_OPERATOR_OVER, source=0xbf841b54, path=0x96f0ff4, 
    stroke_style=0x96f0d98, ctm=0x96f0e24, ctm_inverse=0x96f0e54, 
    tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_DEFAULT, 
    clip=0xbf841d64) at cairo-surface.c:2098
#5  0x002da101 in _cairo_gstate_stroke (gstate=0x96f0d88, path=0x96f0ff4)
    at cairo-gstate.c:1053
#6  0x002d0d56 in cairo_stroke_preserve (cr=0x96f0d68) at cairo.c:2229
#7  0x002d0d82 in cairo_stroke (cr=0x96f0d68) at cairo.c:2202
#8  0x001426a5 in gdk_rectangle_intersect () at gdkrectangle.c:80
#9  0x0576d7ce in IA__gtk_paint_shadow (style=0x9399fd0, window=0x93981e8, 
    state_type=GTK_STATE_NORMAL, shadow_type=GTK_SHADOW_IN, area=0x93a99ec, 
    widget=0x9398128, detail=0x592775a "scrolled_window", x=0, y=74, 
    width=1055, height=650) at gtkstyle.c:5706
#10 0x0575584c in gtk_scrolled_window_paint () at gtkscrolledwindow.c:980
#11 gtk_scrolled_window_expose (widget=0x9398128, event=0x93a99e0)
    at gtkscrolledwindow.c:996
#12 0x056f7616 in _gtk_marshal_BOOLEAN__BOXED (closure=0x91eec20, 
    return_value=0xbf8420b0, n_param_values=2, param_values=0xb669cf68, 
    invocation_hint=0xbf84209c, marshal_data=0x5755740)
    at gtkmarshalers.c:84
Comment 1 Pascal Terjan 2010-04-01 02:35:19 UTC 
It works fine for me with current master, can you try again?
Comment 2 Søren Sandmann Pedersen 2010-04-01 17:11:47 UTC 
I can't reproduce with current master either, though I have seen similar assertion failures pretty recently with other PDF documents.
Comment 3 Uli Schlachter 2012-02-10 13:08:59 UTC 
Since it's been almost two years: Does this still happen? Could you provide some updates on how to reproduce this?
Comment 4 Chris Wilson 2012-03-02 09:49:57 UTC 
Pretty sure I've broken this in other ways, but the code paths hit here are now obsolete, so closing as worksforme.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.