Bug 1291226

Summary: multiple programs crash after update to librsvg2-2.40.12-1
Product: [Fedora] Fedora Reporter: Freddy Willemsen <freddy>
Component: librsvg2Assignee: Matthias Clasen <mclasen>
Status: CLOSED EOL QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 23CC: mclasen, otte
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-12-20 16:59:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
affected logo.svg none

Description Freddy Willemsen 2015-12-14 11:16:35 UTC 
Created attachment 1105545 [details]
affected logo.svg

Description of problem:
After update to librsvg2-2.40.12-1 I noticed multiple programs crashing when accessing certain svg files. Nautilus for instance, and the preferences dialog of dash-to-dock extension


Version-Release number of selected component (if applicable):
2.40.12-1

How reproducible:
OPen Nautilus and browse to the folder containing the logo.svg file supplied by the dash-to-dock extension

Steps to Reproduce:
1. install dash-to-dock extension
2. open nautilus
3. browse to media folder of dash-to-dock, containing the logo.svg

Actual results:
Crash. journalctl shows:
nautilus-autostart.desktop[3083]: nautilus: cairo-surface.c:928: cairo_surface_reference: Assertion `((*&(&surface->ref_count)->ref_count) > 0)' failed.
audit[3895]: ANOM_ABEND auid=1000 uid=1000 gid=1000 ses=1 pid=3895 comm="nautilus" exe="/usr/bin/nautilus" sig=6
systemd-coredump[3897]: Process 3083 (nautilus) of user 1000 dumped core.
                                                
                                                Stack trace of thread 3895:
                                                #0  0x00007f810199da98 raise (libc.so.6)
                                                #1  0x00007f810199f69a abort (libc.so.6)
                                                #2  0x00007f8101996227 __assert_fail_base (libc.so.6)
                                                #3  0x00007f81019962d2 __assert_fail (libc.so.6)
                                                #4  0x00007f810403979a cairo_surface_reference (libcairo.so.2)
                                                #5  0x00007f80e4e30618 rsvg_filter_render (librsvg-2.so.2)
                                                #6  0x00007f80e4e3ff2c rsvg_cairo_pop_discrete_layer (librsvg-2.so.2)
                                                #7  0x00007f80e4e33f10 _rsvg_node_draw_children (librsvg-2.so.2)
                                                #8  0x00007f80e4e33f10 _rsvg_node_draw_children (librsvg-2.so.2)
                                                #9  0x00007f80e4e33f10 _rsvg_node_draw_children (librsvg-2.so.2)
                                                #10 0x00007f80e4e343d2 rsvg_node_svg_draw (librsvg-2.so.2)
                                                #11 0x00007f80e4e34ce8 rsvg_node_draw (librsvg-2.so.2)
                                                #12 0x00007f80e4e41413 rsvg_handle_render_cairo_sub (librsvg-2.so.2)
                                                #13 0x00007f80e4e41908 rsvg_handle_get_pixbuf_sub (librsvg-2.so.2)
                                                #14 0x00007f80e504eed6 gdk_pixbuf__svg_image_stop_load (libpixbufloader-svg.so)
                                                #15 0x00007f8103db3f9b gdk_pixbuf_loader_close (libgdk_pixbuf-2.0.so.0)
                                                #16 0x00007f810577e821 _gdk_pixbuf_new_from_uri_at_scale.constprop.7 (libgnome-desktop-3.so.12)
                                                #17 0x00007f810577ed92 gnome_desktop_thumbnail_factory_generate_thumbnail (libgnome-desktop-3.so.12)
                                                #18 0x00005570e46891a0 thumbnail_thread_start (nautilus)
                                                #19 0x00007f8101d3160a start_thread (libpthread.so.0)
                                                #20 0x00007f8101a6ba9d __clone (libc.so.6)


Expected results:
No crash, logo file being displayed

Additional info:
Worked flawlessly with librsvg2-2.40.11-1
Fedora is not the only distro affected:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807281
Comment 1 Fedora End Of Life 2016-11-24 14:13:30 UTC 
This message is a reminder that Fedora 23 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 23. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '23'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 23 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 2 Fedora End Of Life 2016-12-20 16:59:51 UTC 
Fedora 23 changed to end-of-life (EOL) status on 2016-12-20. Fedora 23 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.