Bug 24032 - Crashes and infinite loops with cairo master
Summary: Crashes and infinite loops with cairo master
Status: RESOLVED WORKSFORME
Alias: None
Product: cairo
Classification: Unclassified
Component: general (show other bugs)
Version: 1.9.3
Hardware: Other All
: medium normal
Assignee: Carl Worth
QA Contact: cairo-bugs mailing list
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: cairo-1.10
  Show dependency treegraph
 
Reported: 2009-09-18 22:26 UTC by Søren Sandmann Pedersen
Modified: 2019-02-10 21:43 UTC (History)
1 user (show)

See Also:
i915 platform:
i915 features:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Søren Sandmann Pedersen 2009-09-18 22:26:54 UTC
The document here:

    http://bt.pa.msu.edu/TM/BocaRaton2006/talks/davis.pdf

when rendered with evince 2.24.2 and poppler 0.8.7, both as shipped in Fedora 10, exhibits crashes and infinite loops. 

To reproduce just display in evince and scroll up and down. Try to keep the "Loading ..." text appear as much as possible.


Backtraces:

A crash:

#0  0x001c8416 in __kernel_vsyscall ()
#1  0x00843460 in raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#2  0x00844e28 in abort () at abort.c:88
#3  0x0083c40e in __assert_fail (
    assertion=0x1af6bc "((*&(&pattern->ref_count)->ref_count) > 0)", 
    file=0x1af678 "cairo-pattern.c", line=891, 
    function=0x1af8a1 "cairo_pattern_destroy") at assert.c:78
#4  0x00161682 in cairo_pattern_destroy (pattern=0x8669fc0)
    at cairo-pattern.c:891
#5  0x00cc85f7 in CairoOutputDev::updateFillColor ()
   from /usr/lib/libpoppler-glib.so.3
#6  0x02ea5f36 in Gfx::opSetFillColorSpace () from /usr/lib/libpoppler.so.3
#7  0x02e9adb2 in Gfx::execOp () from /usr/lib/libpoppler.so.3
#8  0x02e9b00f in Gfx::go () from /usr/lib/libpoppler.so.3
#9  0x02e9e17f in Gfx::display () from /usr/lib/libpoppler.so.3
#10 0x02ee72ad in Page::displaySlice () from /usr/lib/libpoppler.so.3
#11 0x00cc03da in ?? () from /usr/lib/libpoppler-glib.so.3
#12 0x00cc0517 in poppler_page_render () from /usr/lib/libpoppler-glib.so.3
#13 0x0025e058 in ?? () from /usr/lib/evince/backends/libpdfdocument.so
#14 0x00b3ba80 in ev_document_render () from /usr/lib/libevbackend.so.0
#15 0x0806196c in gtk_icon_view_set_pixbuf_column () at gtkiconview.c:5513
#16 0x0805f130 in gtk_icon_view_set_pixbuf_column () at gtkiconview.c:5513
#17 0x0315ccaf in ?? () from /lib/libglib-2.0.so.0
#18 0x009c651f in start_thread (arg=0xb723ab90) at pthread_create.c:297
#19 0x008fc04e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

an infinite loop:

Program received signal SIGINT, Interrupt.
_cairo_clip_path_to_boxes (clip_path=0x96b0d00) at cairo-clip.c:942
942	    if (! _clip_paths_are_rectilinear (clip_path))
(gdb) bt
#0  _cairo_clip_path_to_boxes (clip_path=0x96b0d00) at cairo-clip.c:942
#1  _cairo_clip_get_boxes (clip=0xbf841d64, boxes=0xbf841af4, 
    count=0xbf841af0) at cairo-clip.c:1422
#2  0x002ff8f0 in _clip_to_boxes () at cairo-surface-fallback.c:924
#3  _cairo_surface_fallback_stroke (surface=0x967e5e0, 
    op=CAIRO_OPERATOR_OVER, source=0xbf841b54, path=0x96f0ff4, 
    stroke_style=0x96f0d98, ctm=0x96f0e24, ctm_inverse=0x96f0e54, 
    tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_DEFAULT, 
    clip=0xbf841d64) at cairo-surface-fallback.c:1158
#4  0x002fb9ef in _cairo_surface_stroke (surface=0x967e5e0, 
    op=CAIRO_OPERATOR_OVER, source=0xbf841b54, path=0x96f0ff4, 
    stroke_style=0x96f0d98, ctm=0x96f0e24, ctm_inverse=0x96f0e54, 
    tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_DEFAULT, 
    clip=0xbf841d64) at cairo-surface.c:2098
#5  0x002da101 in _cairo_gstate_stroke (gstate=0x96f0d88, path=0x96f0ff4)
    at cairo-gstate.c:1053
#6  0x002d0d56 in cairo_stroke_preserve (cr=0x96f0d68) at cairo.c:2229
#7  0x002d0d82 in cairo_stroke (cr=0x96f0d68) at cairo.c:2202
#8  0x001426a5 in gdk_rectangle_intersect () at gdkrectangle.c:80
#9  0x0576d7ce in IA__gtk_paint_shadow (style=0x9399fd0, window=0x93981e8, 
    state_type=GTK_STATE_NORMAL, shadow_type=GTK_SHADOW_IN, area=0x93a99ec, 
    widget=0x9398128, detail=0x592775a "scrolled_window", x=0, y=74, 
    width=1055, height=650) at gtkstyle.c:5706
#10 0x0575584c in gtk_scrolled_window_paint () at gtkscrolledwindow.c:980
#11 gtk_scrolled_window_expose (widget=0x9398128, event=0x93a99e0)
    at gtkscrolledwindow.c:996
#12 0x056f7616 in _gtk_marshal_BOOLEAN__BOXED (closure=0x91eec20, 
    return_value=0xbf8420b0, n_param_values=2, param_values=0xb669cf68, 
    invocation_hint=0xbf84209c, marshal_data=0x5755740)
    at gtkmarshalers.c:84
Comment 1 Pascal Terjan 2010-04-01 02:35:19 UTC
It works fine for me with current master, can you try again?
Comment 2 Søren Sandmann Pedersen 2010-04-01 17:11:47 UTC
I can't reproduce with current master either, though I have seen similar assertion failures pretty recently with other PDF documents.
Comment 3 Uli Schlachter 2012-02-10 13:08:59 UTC
Since it's been almost two years: Does this still happen? Could you provide some updates on how to reproduce this?
Comment 4 Chris Wilson 2012-03-02 09:49:57 UTC
Pretty sure I've broken this in other ways, but the code paths hit here are now obsolete, so closing as worksforme.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.