Bug 87255

Summary: eog Aborted (core dumped) opening attached svg file
Product: cairo Reporter: Christopher M. Penalver <christopher.m.penalver>
Component: generalAssignee: Chris Wilson <chris>
Status: RESOLVED WORKSFORME QA Contact: cairo-bugs mailing list <cairo-bugs>
Severity: critical    
Priority: medium    
Version: unspecified   
Hardware: x86-64 (AMD64)   
OS: Linux (All)   
URL: https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1401258
Whiteboard:
i915 platform: i915 features:

Description Christopher M. Penalver 2014-12-12 05:10:04 UTC 
Downstream bug report:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1401258

1) lsb_release -rd
Description:	Ubuntu Vivid Vervet (development branch)
Release:	15.04

2) apt-cache policy eog
eog:
  Installed: 3.12.2-0ubuntu2
  Candidate: 3.12.2-0ubuntu2
  Version table:
 *** 3.12.2-0ubuntu2 0
        500 http://us.archive.ubuntu.com/ubuntu/ vivid/main amd64 Packages
        100 /var/lib/dpkg/status

libcairo* 1.13.0~20140204-0ubuntu1

3) What is expected to happen is when one opens the attached file via eog it doesn't crash:
https://bugs.launchpad.net/ubuntu/+source/eog/+bug/1401258/+attachment/4277858/+files/family_room.svg

4) What happens instead is it does consistently.

eog bug report:
https://bugzilla.gnome.org/show_bug.cgi?id=741360

Quoting from https://bugzilla.gnome.org/show_bug.cgi?id=741360#c1 :
"Felix Riemann [eog developer] 2014-12-11 21:25:01 UTC

This looks like a problem with cairo:

cairo-xlib-surface-shm.c:619: _cairo_xlib_shm_pool_create: Assertion `*ptr !=
((void *)0)' failed.

The image is "only" 18000x18000px. That's big and will take some time to show
up, but it shouldn't cause a problem as long as your system has enough memory.
The actual current limit is (or was) at 32768px in any direction due to cairo's
coordinate format and some GDK internals. Can you please report that to the
cairo bugtracker?"
Comment 1 Bryce Harrington 2016-10-20 03:00:11 UTC 
ibcairo2:
  Installed: 1.14.0+git201609091646.b207a93-10161~ubuntu14.04.1
DISTRIB_DESCRIPTION="Ubuntu 14.04.5 LTS"
uname -srvmpo = Linux 3.13.0-96-generic #143-Ubuntu SMP Mon Aug 29 20:15:20 UTC 2016 x86_64 x86_64 GNU/Linux

I checked the family_room.svg file in:
  √ eog
  √ xzgv
  √ firefox
  √ opera
  √ Inkscape

None crashed, all displayed the same image at various scales.  Some (like the browsers) couldn't zoom out far enough to see it.  eog seemed to have absolutely no problem.

Looking at the source code, the assertion is triggered when the requested allocation is larger than the available cairo_mempool size.  I'm not sure why we're using an assert here rather than just branching to cleanup and returning NULL, as some of the other OOM handling logic does, but it looks like it's intentional that it asserts.

Are you still able to reproduce the crash?  Any other suggestions on how to trigger it?
Comment 2 Christopher M. Penalver 2016-10-26 19:42:28 UTC 
Bryce Harrington, thanks for the follow up. It is greatly appreciated.

I just retested, and while it didn't crash, it now notes:
Could not load image 'family_room.svg'.
Error domain 1 code 26 on line 174 column 114 of file:///home/user/Downloads/family_room.svg: Entity 'bull' not defined

Seems like the crash issue has been fixed, but now there is a net new bug in EOG?!

apt policy eog
eog:
  Installed: 3.18.2-1ubuntu2.1
  Candidate: 3.18.2-1ubuntu2.1
  Version table:
 *** 3.18.2-1ubuntu2.1 500
        500 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
        500 http://us.archive.ubuntu.com/ubuntu xenial-security/main amd64 Packages
        100 /var/lib/dpkg/status
     3.18.2-1ubuntu1 500
        500 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 Packages

apt policy libcairo2
libcairo2:
  Installed: 1.14.6-1
  Candidate: 1.14.6-1
  Version table:
 *** 1.14.6-1 500
        500 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
        100 /var/lib/dpkg/status

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.