After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 456850 - crash in Image Viewer: Opening an 1.1MB SVG fil...
crash in Image Viewer: Opening an 1.1MB SVG fil...
Status: RESOLVED NOTGNOME
Product: librsvg
Classification: Core
Component: general
2.16.x
Other All
: High critical
: ---
Assigned To: librsvg maintainers
librsvg maintainers
Depends on:
Blocks:
 
 
Reported: 2007-07-14 13:04 UTC by Russ
Modified: 2007-07-16 19:45 UTC
See Also:
GNOME target: ---
GNOME version: 2.17/2.18

Attachments
bz2'd svg (184.47 KB, application/x-bzip)
2007-07-15 11:58 UTC, Dominic Lachowicz 		Details

Description Russ 2007-07-14 13:04:06 UTC 
Version: 2.18.2

What were you doing when the application crashed?
Opening an 1.1MB SVG file. For the next 60 days, a bzip of the file will be available from http://www.mybigdir.com/1485


Distribution: Fedora release 7 (Moonshine)
Gnome Release: 2.18.3 2007-07-02 (Red Hat, Inc)
BugBuddy Version: 2.18.0

System: Linux 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686
X Vendor: The X.Org Foundation
X Vendor Release: 10300000
Selinux: No
Accessibility: Disabled
GTK+ Theme: Clearlooks
Icon Theme: Fedora

Memory status: size: 421634048 vsize: 421634048 resident: 325275648 share: 4833280 rss: 325275648 rss_rlim: 4294967295
CPU usage: start_time: 1184417799 rtime: 453 utime: 159 stime: 294 cutime:0 cstime: 0 timeout: 0 it_real_value: 0 frequency: 100

Backtrace was generated from '/usr/bin/eog'

(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread -1208756512 (LWP 3787)]
[New Thread -1210856560 (LWP 3788)]
(no debugging symbols found)
0x00655402 in __kernel_vsyscall ()

+ Trace 147980

Thread 2 (Thread -1210856560 (LWP 3788))

  • #0 __kernel_vsyscall
  • #1 waitpid
    from /lib/libpthread.so.0
  • #2 ??
    from /usr/lib/libgnomeui-2.so.0
  • #3 <signal handler called>
  • #4 ??
    from /usr/lib/librsvg-2.so.2
  • #5 rsvg_handle_get_pixbuf_sub
    from /usr/lib/librsvg-2.so.2
  • #6 rsvg_handle_get_pixbuf
    from /usr/lib/librsvg-2.so.2
  • #7 ??
    from /usr/lib/gtk-2.0/2.10.0/loaders/svg_loader.so
  • #8 gdk_pixbuf_loader_close
    from /usr/lib/libgdk_pixbuf-2.0.so.0
  • #9 eog_image_load
  • #10 ??
  • #11 eog_job_call_action
  • #12 ??
  • #13 ??
    from /lib/libglib-2.0.so.0
  • #14 start_thread
    from /lib/libpthread.so.0
  • #15 clone
    from /lib/libc.so.6 


----------- .xsession-errors (106 sec old) ---------------------
13:56:05 : Setup Yum : Package Sacks
13:56:05 : Setup Yum : Updates
13:56:19 : Setup Yum : Groups
13:56:20 : Setup Yum : Base setup completed
13:56:21 : Building Package Lists
13:56:28 : Building Package Lists Completed
13:56:28 : Building Groups Lists
13:56:29 : Building Group Lists Completed
13:56:29 : Getting packages : installed
13:56:30 : Found 1 installed packages
13:56:30 : Getting packages : available
13:56:31 : Found 0 available packages
13:56:31 : Sorting packages
13:56:31 : Population view with packages
13:56:31 : Population Completed
--------------------------------------------------
Comment 1 Felix Riemann 2007-07-15 09:26:17 UTC 
This appears to be a problem wit librsvg as it is reproducable with rsvg-view.
Moving this over to librsvg for checking.

Here is a backtrace from rsvg-view (librsvg trunk):

Program received signal SIGSEGV, Segmentation fault.

+ Trace 148145

Thread NaN (LWP 24750)

  • #0 rsvg_cairo_to_pixbuf
    at rsvg-cairo-draw.c line 1058
  • #1 rsvg_handle_get_pixbuf_sub
    at rsvg.c line 101
  • #2 pixbuf_from_data_with_size_data
    at test-display.c line 86
  • #3 main
    at test-display.c line 821 






Comment 2


Dominic Lachowicz





          2007-07-15 11:58:21 UTC
        



Created attachment 91809 [details]
bz2'd svg






Comment 3


Dominic Lachowicz





          2007-07-16 19:41:28 UTC
        



Looks like a cairo bug. Here's what I see with rsvg-convert:





+
Trace
    148442






    

  • 
#0
memcpy

    
                from
                /lib/tls/i686/cmov/libc.so.6

    

    • 

  • 
#1
png_memcpy_check

    
                from
                /usr/lib/libpng12.so.0

    

    • 

  • 
#2
png_write_row

    
                from
                /usr/lib/libpng12.so.0

    

    • 

  • 
#3
png_write_image

    
                from
                /usr/lib/libpng12.so.0

    

    • 

  • 
#4
write_png

    
                from
                /usr/lib/libcairo.so.2

    

    • 

  • 
#5
cairo_surface_write_to_png_stream

    • 

  • 
#6
main

    
                at rsvg-convert.c
                  line
                  293

    

    • 













Comment 4


Dominic Lachowicz





          2007-07-16 19:45:22 UTC
        



Refiled @ https://bugs.freedesktop.org/show_bug.cgi?id=11627

Closing NOTGNOME. Will re-open if it turns out not to be a cairo or libpng bug.