Bug 460954

Summary: Crash in _cairo_gstate_has_show_text_glyphs
Product: [Fedora] Fedora Reporter: Pete Zaitcev <zaitcev>
Component: lifereaAssignee: Steven M. Parrish <tuxbrewr>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: low    
Version: rawhide   
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-09-30 01:05:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
atom.xml none

Description Pete Zaitcev 2008-09-02 19:49:43 UTC 
Description of problem:

Liferea crashes when clicking a certain feed (it is
http://www.iwanihana.info/atom.xml, but it may rotate away with time).

Version-Release number of selected component (if applicable):

liferea-1.4.18-1.fc10.x86_64
cairo-1.7.4-1.fc10.x86_64
xulrunner-1.9.0.1-2.fc10.x86_64
pango-1.21.5-1.fc10.x86_64
gtk2-2.13.7-4.fc10.x86_64

How reproducible:

100% here, but may depend on desktop configuration

Steps to Reproduce:
1. Click to pre-subscribed iwanihana.info
  
Actual results:

Crash

Expected results:

No crash

Additional info:

Program received signal SIGSEGV, Segmentation fault.
_cairo_gstate_has_show_text_glyphs (gstate=<value optimized out>)
    at cairo-gstate.c:1511
1511        return _cairo_surface_has_show_text_glyphs (gstate->target);
(gdb) where
#0  _cairo_gstate_has_show_text_glyphs (gstate=<value optimized out>)
    at cairo-gstate.c:1511
#1  0x00007fedeb7cd51a in save_current_point (renderer=0x2255bc0)
    at pangocairo-render.c:713
#2  0x00007fedeb7cda7f in _pango_cairo_do_glyph_string (cr=0x3be9a5a9a0,
    font=0x226d800, glyphs=0x1c4d160, do_path=0) at pangocairo-render.c:741
#3  0x00007fedec0bfb68 in ?? () from /usr/lib64/libgdk-x11-2.0.so.0
#4  0x00007fedeb5a676e in pango_renderer_draw_glyphs (renderer=0x28130b0,
    font=0x226d800, glyphs=0x1c4d160, x=63488, y=68608) at pango-renderer.c:639
#5  0x00007fedeb5a66be in pango_renderer_draw_glyph_item (renderer=0x28130b0,
    text=0x27db1e0 "Aug 17 10:45 AM", glyph_item=0x307e240, x=63488, y=68608)
    at pango-renderer.c:703
#6  0x00007fedeb5a6eda in pango_renderer_draw_layout_line (renderer=0x28130b0,
    line=0x3063c00, x=63488, y=68608) at pango-renderer.c:568
#7  0x00007fedeb5a71ad in pango_renderer_draw_layout (renderer=0x28130b0,
    layout=<value optimized out>, x=63488, y=55296) at pango-renderer.c:192
#8  0x00007fedec0c14d5 in gdk_draw_layout_with_colors ()
   from /usr/lib64/libgdk-x11-2.0.so.0
#9  0x00007fedec0c17c2 in gdk_draw_layout ()
   from /usr/lib64/libgdk-x11-2.0.so.0
#10 0x00007fede266547e in gdk_rectangle_intersect ()
   from /usr/lib64/gtk-2.0/2.10.0/engines/libnodoka.so
#11 0x00007fedec5711f7 in gtk_paint_layout ()
   from /usr/lib64/libgtk-x11-2.0.so.0
#12 0x00007fedec402af2 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#13 0x00007fedec3f9e7d in gtk_cell_renderer_render ()
   from /usr/lib64/libgtk-x11-2.0.so.0
#14 0x00007fedec61b907 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#15 0x00007fedec61c7f1 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#16 0x00007fedec5fbca9 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#17 0x00007fedec5fcd15 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#18 0x00007fedec4c9528 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#19 0x00007fedeac897fd in g_closure_invoke () from /lib64/libgobject-2.0.so.0
#20 0x00007fedeaca0264 in ?? () from /lib64/libgobject-2.0.so.0
#21 0x00007fedeaca1b58 in g_signal_emit_valist ()
   from /lib64/libgobject-2.0.so.0
#22 0x00007fedeaca2213 in g_signal_emit () from /lib64/libgobject-2.0.so.0
#23 0x00007fedec634331 in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#24 0x00007fedec633f88 in gtk_widget_send_expose ()
   from /usr/lib64/libgtk-x11-2.0.so.0
#25 0x00007fedec4c6112 in gtk_main_do_event ()
   from /usr/lib64/libgtk-x11-2.0.so.0
#26 0x00007fedec0d7efa in ?? () from /usr/lib64/libgdk-x11-2.0.so.0
#27 0x00007fedec0d8058 in gdk_window_process_all_updates ()
   from /usr/lib64/libgdk-x11-2.0.so.0
#28 0x00007fedec4237af in ?? () from /usr/lib64/libgtk-x11-2.0.so.0
#29 0x00007fedec0b3e14 in ?? () from /usr/lib64/libgdk-x11-2.0.so.0
#30 0x00007fedea9d48c2 in g_main_context_dispatch ()
   from /lib64/libglib-2.0.so.0
#31 0x00007fedea9d805d in ?? () from /lib64/libglib-2.0.so.0
#32 0x00007fedea9d821b in g_main_context_iteration ()
   from /lib64/libglib-2.0.so.0
#33 0x0000003bead71321 in nsBaseAppShell::DoProcessNextNativeEvent (
    this=<value optimized out>, mayWait=<value optimized out>)
    at nsBaseAppShell.cpp:151
#34 0x0000003bead714d2 in nsBaseAppShell::OnProcessNextEvent (
    this=<value optimized out>, thr=<value optimized out>,
    mayWait=<value optimized out>, recursionDepth=<value optimized out>)
    at nsBaseAppShell.cpp:278
#35 0x0000003beae3b7cf in nsThread::ProcessNextEvent (
    this=<value optimized out>, mayWait=<value optimized out>,
    result=<value optimized out>) at nsThread.cpp:497
#36 0x0000003beae0d0fe in NS_ProcessPendingEvents_P (
    thread=<value optimized out>, timeout=<value optimized out>)
    at nsThreadUtils.cpp:180
#37 0x0000003bead715f4 in nsBaseAppShell::NativeEventCallback (
    this=<value optimized out>) at nsBaseAppShell.cpp:121
#38 0x0000003bead5bf40 in nsAppShell::EventProcessorCallback (
    source=<value optimized out>, condition=<value optimized out>,
    data=<value optimized out>) at nsAppShell.cpp:69
#39 0x00007fedea9d48c2 in g_main_context_dispatch ()
   from /lib64/libglib-2.0.so.0
#40 0x00007fedea9d805d in ?? () from /lib64/libglib-2.0.so.0
#41 0x00007fedea9d858d in g_main_loop_run () from /lib64/libglib-2.0.so.0
#42 0x00007fedec4c58d9 in gtk_main () from /usr/lib64/libgtk-x11-2.0.so.0
#43 0x000000000042ee93 in main (argc=1, argv=0x7ffff531c198) at main.c:293
(gdb) 

The component is approximate. The problem may be in XULrunner, Cairo,
or Pango. Please investigate, I have no clue how to find out.
Comment 1 Pete Zaitcev 2008-09-02 20:05:29 UTC 
Created attachment 315586 [details]
atom.xml

Just in case, the XML file of the Atom subscription.
Comment 2 Pete Zaitcev 2008-09-30 01:05:16 UTC 
The bug is fixed by this stack:

liferea-1.4.18-1.fc10.x86_64    (same as crashed previously)
cairo-1.8.0-1.fc10.x86_64
xulrunner-1.9.0.2-2.fc10.x86_64
pango-1.22.0-1.1.fc10.x86_64
gtk2-2.14.3-2.fc10.x86_64