[Bug 738836] tracker-extract dumps core on a few SVG files

GStreamer (bugzilla.gnome.org) bugzilla at gnome.org
Tue Oct 28 09:29:16 PDT 2014 

https://bugzilla.gnome.org/show_bug.cgi?id=738836
  GStreamer | don't know | unspecified

--- Comment #10 from Felipe Lessa <felipe.lessa at gmail.com> 2014-10-28 16:29:09 UTC ---
It seems that this bug is not gstreamer's fault after all.  I've just noticed
that eog also crashes with this file (stack trace below), and only rsvg and
cairo are mentioned.  (Or perhaps both are buggy.)

It looks like the problem is related to the fact that the SVG file defines its
own size as 20000pt x 19031.425365pt.  These process use at least 2 GiB of RAM
before dying.  Still, something else must be at play: I can see why it would
use lots of RAM and thrash the system, but segfaulting looks unacceptable.

Thanks for looking into this issue :).


$ gdb eog
GNU gdb (GDB) 7.8
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from eog...done.
(gdb) run rfam61-upgma-microRNAs.svg 
Starting program: /usr/bin/eog rfam61-upgma-microRNAs.svg
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
[New Thread 0x7fffe9e99700 (LWP 21237)]
[New Thread 0x7fffe9494700 (LWP 21239)]
[New Thread 0x7fffe318d700 (LWP 21240)]
[New Thread 0x7fffe298c700 (LWP 21241)]

(eog:21233): GLib-GObject-WARNING **: The property GtkSettings:gtk-menu-images
is deprecated and shouldn't be used anymore. It will be removed in a future
version.

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe318d700 (LWP 21240)]
_fill_xrgb32_lerp_opaque_spans (abstract_renderer=0x7fffe318aa20, y=23789,
h=24305, spans=0x7fffe3189900, num_spans=3)
    at cairo-image-compositor.c:2280
2280    cairo-image-compositor.c: Arquivo ou diretório não encontrado.
(gdb) thread apply all bt

Thread 5 (Thread 0x7fffe298c700 (LWP 21241)):
#0  0x00007ffff62a758d in poll () at ../sysdeps/unix/syscall-template.S:81
#1  0x00007ffff67d693c in g_main_context_poll (priority=2147483647, n_fds=2,
fds=0x7fffd80008c0, timeout=-1, context=0x813550)
    at gmain.c:4076
#2  g_main_context_iterate (context=context at entry=0x813550,
block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>)
    at gmain.c:3776
#3  0x00007ffff67d6a6c in g_main_context_iteration (context=0x813550,
may_block=may_block at entry=1) at gmain.c:3842
#4  0x00007ffff67d6ab9 in glib_worker_main (data=<optimized out>) at
gmain.c:5589
#5  0x00007ffff67fe2f5 in g_thread_proxy (data=0x895b70) at gthread.c:764
#6  0x00007ffff6575486 in start_thread (arg=0x7fffe298c700) at
pthread_create.c:310
#7  0x00007ffff62b090d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:109

Thread 4 (Thread 0x7fffe318d700 (LWP 21240)):
#0  _fill_xrgb32_lerp_opaque_spans (abstract_renderer=0x7fffe318aa20, y=23789,
h=24305, spans=0x7fffe3189900, num_spans=3)
    at cairo-image-compositor.c:2280
#1  0x00007ffff3f19371 in generate_row (renderer=renderer at entry=0x7fffe318aa20,
r=r at entry=0x7fffe318a218, y=y at entry=14623, 
    h=h at entry=9166, coverage=coverage at entry=256) at
cairo-rectangular-scan-converter.c:625
#2  0x00007ffff3f1aa03 in generate_box (self=<optimized out>,
renderer=0x7fffe318aa20) at cairo-rectangular-scan-converter.c:643
#3  _cairo_rectangular_scan_converter_generate (converter=<optimized out>,
renderer=0x7fffe318aa20)
    at cairo-rectangular-scan-converter.c:673
#4  0x00007ffff3f22133 in composite_boxes (extents=0x7fffe318c3b0,
boxes=<optimized out>, compositor=<optimized out>, 
    compositor=<optimized out>) at cairo-spans-compositor.c:741
#5  0x00007ffff3f22e20 in clip_and_composite_boxes (compositor=0x7ffff41e2968
<spans+104>, extents=0x7fffe318c3b0, 
    boxes=0x7fffe318bf90) at cairo-spans-compositor.c:887
#6  0x00007ffff3f23696 in clip_and_composite_boxes (compositor=0x7ffff41e2900
<spans>, extents=0x7fffe318c3b0, boxes=0x7fffe318bf90)
    at cairo-spans-compositor.c:901
#7  0x00007ffff3f23b39 in _cairo_spans_compositor_fill
(_compositor=0x7ffff41e2900 <spans>, extents=0x7fffe318c3b0, 
    path=0x7fffd0174c68, fill_rule=CAIRO_FILL_RULE_WINDING,
tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_DEFAULT)
    at cairo-spans-compositor.c:1126
#8  0x00007ffff3eda2e0 in _cairo_compositor_fill (compositor=0x7ffff41e2900
<spans>, surface=0x7fffd0010800, op=<optimized out>, 
    source=<optimized out>, path=0x7fffd0174c68,
fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, 
    antialias=CAIRO_ANTIALIAS_DEFAULT, clip=0x0) at cairo-compositor.c:203
#9  0x00007ffff3eed067 in _cairo_image_surface_fill
(abstract_surface=<optimized out>, op=<optimized out>, source=<optimized out>, 
    path=<optimized out>, fill_rule=<optimized out>, tolerance=<optimized out>,
antialias=<optimized out>, clip=0x0)
    at cairo-image-surface.c:985
#10 0x00007ffff3f27197 in _cairo_surface_fill (surface=0x7ffec2368bb8,
op=3258354612, source=0x5ef1, path=0x71711000, 
    fill_rule=(unknown: 16777472), tolerance=3.1027822467502477e-310,
antialias=113, clip=0x0) at cairo-surface.c:2315
#11 0x00007ffff3ee3964 in _cairo_gstate_fill (gstate=0x7fffd0010b80,
path=0x7fffd0174c68) at cairo-gstate.c:1317
#12 0x00007ffff3ed48f5 in INT_cairo_fill_preserve (cr=0x7ffec2368bb8,
cr at entry=0x7fffd0174900) at cairo.c:2231
#13 0x00007ffff44339d9 in rsvg_cairo_render_path (ctx=0x7fffd0172af0,
path=<optimized out>) at rsvg-cairo-draw.c:532
#14 0x00007ffff442ffd2 in rsvg_render_path (ctx=0x7fffd0172af0,
path=0x7fffd006aa90) at rsvg-base.c:1994
#15 0x00007ffff4427616 in rsvg_node_draw (self=0x7fffd006a4f0,
ctx=ctx at entry=0x7fffd0172af0, dominate=dominate at entry=0)
    at rsvg-structure.c:69
#16 0x00007ffff44276a2 in _rsvg_node_draw_children (self=0x7fffd0069b90,
ctx=0x7fffd0172af0, dominate=0) at rsvg-structure.c:87
#17 0x00007ffff4427616 in rsvg_node_draw (self=0x7fffd0069b90,
ctx=ctx at entry=0x7fffd0172af0, dominate=dominate at entry=0)
    at rsvg-structure.c:69
#18 0x00007ffff4427a62 in rsvg_node_svg_draw (self=0x7fffd00175f0,
ctx=0x7fffd0172af0, dominate=<optimized out>)
    at rsvg-structure.c:323
#19 0x00007ffff4427616 in rsvg_node_draw (self=0x7fffd00175f0,
ctx=ctx at entry=0x7fffd0172af0, dominate=dominate at entry=0)
    at rsvg-structure.c:69
#20 0x00007ffff44346fb in rsvg_handle_render_cairo_sub
(handle=handle at entry=0x7fffd00110d0, cr=cr at entry=0x7fffd0174900, 
    id=id at entry=0x0) at rsvg-cairo-render.c:225
#21 0x00007ffff4434c4c in rsvg_handle_get_pixbuf_sub (handle=0x7fffd00110d0,
id=0x0) at rsvg.c:90
#22 0x00007ffff7b7dd8b in eog_image_real_load (error=<optimized out>,
job=<optimized out>, data2read=<optimized out>, 
    img=<optimized out>) at eog-image.c:1220
#23 eog_image_load (img=0xbece80, 
    data2read=(EOG_IMAGE_DATA_IMAGE | EOG_IMAGE_DATA_DIMENSION |
EOG_IMAGE_DATA_EXIF | EOG_IMAGE_DATA_XMP), job=0x5ef1, 
    job at entry=0xbef8a0, error=0xbef8c0) at eog-image.c:1359
#24 0x00007ffff7b82117 in eog_job_load_run (job=0xbef8a0) at eog-jobs.c:563
#25 0x00007ffff7b8029a in eog_job_process (job=<optimized out>) at
eog-job-scheduler.c:153
#26 eog_job_scheduler (data=0x7ffec2368bb8) at eog-job-scheduler.c:128
#27 0x00007ffff67fe2f5 in g_thread_proxy (data=0x8959e0) at gthread.c:764
#28 0x00007ffff6575486 in start_thread (arg=0x7fffe318d700) at
pthread_create.c:310
#29 0x00007ffff62b090d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:109

Thread 3 (Thread 0x7fffe9494700 (LWP 21239)):
#0  0x00007ffff62a758d in poll () at ../sysdeps/unix/syscall-template.S:81
#1  0x00007ffff67d693c in g_main_context_poll (priority=2147483647, n_fds=2,
fds=0x7fffdc0010c0, timeout=-1, context=0x7fffe400f280)
    at gmain.c:4076
#2  g_main_context_iterate (context=0x7fffe400f280, block=block at entry=1,
dispatch=dispatch at entry=1, self=<optimized out>)
    at gmain.c:3776
#3  0x00007ffff67d6d32 in g_main_loop_run (loop=0x7fffe400f210) at gmain.c:3975
#4  0x00007ffff7006ef6 in gdbus_shared_thread_func (user_data=0x7fffe400f250)
at gdbusprivate.c:273
#5  0x00007ffff67fe2f5 in g_thread_proxy (data=0x69c6d0) at gthread.c:764
#6  0x00007ffff6575486 in start_thread (arg=0x7fffe9494700) at
pthread_create.c:310
#7  0x00007ffff62b090d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:109

Thread 2 (Thread 0x7fffe9e99700 (LWP 21237)):
#0  0x00007ffff62a758d in poll () at ../sysdeps/unix/syscall-template.S:81
#1  0x00007ffff67d693c in g_main_context_poll (priority=2147483647, n_fds=1,
fds=0x7fffe40010e0, timeout=-1, context=0x6cd920)
    at gmain.c:4076
#2  g_main_context_iterate (context=context at entry=0x6cd920,
block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>)
    at gmain.c:3776
#3  0x00007ffff67d6a6c in g_main_context_iteration (context=0x6cd920,
may_block=1) at gmain.c:3842
#4  0x00007fffe9eb525d in ?? () from /usr/lib/gio/modules/libdconfsettings.so
#5  0x00007ffff67fe2f5 in g_thread_proxy (data=0x69c400) at gthread.c:764
#6  0x00007ffff6575486 in start_thread (arg=0x7fffe9e99700) at
pthread_create.c:310
#7  0x00007ffff62b090d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:109

Thread 1 (Thread 0x7ffff7f94900 (LWP 21233)):
#0  0x00007ffff62a758d in poll () at ../sysdeps/unix/syscall-template.S:81
#1  0x00007ffff67d693c in g_main_context_poll (priority=2147483647, n_fds=5,
fds=0xbf2090, timeout=16325, context=0x6ac360)
    at gmain.c:4076
#2  g_main_context_iterate (context=context at entry=0x6ac360,
block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>)
    at gmain.c:3776
#3  0x00007ffff67d6a6c in g_main_context_iteration (context=0x6ac360,
context at entry=0x0, may_block=may_block at entry=1) at gmain.c:3842
#4  0x00007ffff6fcef4c in g_application_run (application=0x6b7190,
argc=argc at entry=2, argv=argv at entry=0x7fffffffe6f8)
    at gapplication.c:2282
#5  0x00000000004010d2 in main (argc=2, argv=0x7fffffffe6f8) at main.c:133

-- 
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.

More information about the gstreamer-bugs mailing list