[cairo] Segfault at sweep_line_delete on video playback

Thibaut thibaut.bethune at gmail.com
Thu Mar 20 13:56:02 PDT 2014


On Mon, Mar 17, 2014, Bryce W. Harrington wrote:

> On Sun, Mar 16, 2014 at 06:29:15AM -0500, David Smith wrote:
>> Can any of the Cairo devs take a look at this bug report and determine
>> whether or not this is a Cairo bug or if it's something else?
>>
>>
>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739262#50

> Yes, it does look like a bug in the tessellation code.  ickle is
> probably the dev you should talk to.  Meanwhile, it would be helpful to
> have:

>  gdb> print *sweep
>  gdb> print *rectangle
>  gdb> print *(rectangle->left.prev)

> Detailed steps to reproduce would of course be extremely helpful here
> too.

> Bryce

Hi, I'm the initial reporter.

Here is the needed information :

gdb liferea
GNU gdb (GDB) 7.6.2 (Debian 7.6.2-1)
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/liferea...Reading symbols from
/usr/lib/debug/.build-id/1a/10cb7cd5c4742609b9460e68e9b4707b8ac9f8.debug...done.
done.
(gdb) run
Starting program: /usr/bin/liferea
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe46e9700 (LWP 25052)]
[New Thread 0x7fffe3ee8700 (LWP 25053)]
[New Thread 0x7fffe12db700 (LWP 25054)]
[New Thread 0x7fffccccd700 (LWP 25055)]
[New Thread 0x7fff8c4ca700 (LWP 25056)]
[New Thread 0x7fff8ad7c700 (LWP 25057)]
[New Thread 0x7fff8a57b700 (LWP 25058)]
[New Thread 0x7fff89d7a700 (LWP 25059)]
[New Thread 0x7fff89579700 (LWP 25060)]
[New Thread 0x7fff88880700 (LWP 25061)]
[Thread 0x7fff88880700 (LWP 25061) exited]
[New Thread 0x7fff88880700 (LWP 25063)]
[New Thread 0x7fff73787700 (LWP 25064)]
[New Thread 0x7fff72f86700 (LWP 25065)]
[New Thread 0x7fff72785700 (LWP 25066)]
[Thread 0x7fff73787700 (LWP 25064) exited]
[Thread 0x7fff88880700 (LWP 25063) exited]
[Thread 0x7fff72f86700 (LWP 25065) exited]
[New Thread 0x7fff72f86700 (LWP 25067)]
[New Thread 0x7fff88880700 (LWP 25068)]
[New Thread 0x7fff73787700 (LWP 25069)]
[New Thread 0x7fff71f84700 (LWP 25070)]
[New Thread 0x7fff71783700 (LWP 25071)]
[New Thread 0x7fff57b65700 (LWP 25073)]
[Thread 0x7fff72f86700 (LWP 25067) exited]
[Thread 0x7fffe12db700 (LWP 25054) exited]
[Thread 0x7fff72785700 (LWP 25066) exited]
[Thread 0x7fff71f84700 (LWP 25070) exited]
[Thread 0x7fff71783700 (LWP 25071) exited]
[Thread 0x7fff88880700 (LWP 25068) exited]
[New Thread 0x7fff88880700 (LWP 25075)]
[New Thread 0x7fff71783700 (LWP 25076)]
[New Thread 0x7fff71f84700 (LWP 25077)]
[New Thread 0x7fff72785700 (LWP 25078)]
[New Thread 0x7fff49d73700 (LWP 25079)]
[New Thread 0x7fff47eb8700 (LWP 25080)]
[New Thread 0x7fff476b7700 (LWP 25081)]
[New Thread 0x7fff46eb6700 (LWP 25082)]
[New Thread 0x7fff466b5700 (LWP 25083)]
[New Thread 0x7fff45633700 (LWP 25084)]
[New Thread 0x7fff44c2a700 (LWP 25085)]
[New Thread 0x7fff2f7ff700 (LWP 25086)]

Program received signal SIGSEGV, Segmentation fault.
sweep_line_delete (rectangle=0x7fffffff5c70, sweep=0x7fffffff5930)
    at /tmp/buildd/cairo-1.12.16/src/cairo-bentley-ottmann-rectangular.c:567
567   
/tmp/buildd/cairo-1.12.16/src/cairo-bentley-ottmann-rectangular.c: Aucun
fichier ou dossier de ce type.
(gdb) bt
#0  sweep_line_delete (rectangle=0x7fffffff5c70, sweep=0x7fffffff5930)
    at /tmp/buildd/cairo-1.12.16/src/cairo-bentley-ottmann-rectangular.c:567
#1  _cairo_bentley_ottmann_tessellate_rectangular (
    rectangles=rectangles at entry=0x7fffffff5b00,
    num_rectangles=num_rectangles at entry=3,
    fill_rule=fill_rule at entry=CAIRO_FILL_RULE_WINDING,
    do_traps=do_traps at entry=0, container=container at entry=0x7fffffff6c00)
    at /tmp/buildd/cairo-1.12.16/src/cairo-bentley-ottmann-rectangular.c:659
#2  0x00007ffff2f2f193 in _cairo_bentley_ottmann_tessellate_boxes (
    in=in at entry=0x7fffffff6e50,
    fill_rule=fill_rule at entry=CAIRO_FILL_RULE_WINDING,
    out=out at entry=0x7fffffff6c00)
    at /tmp/buildd/cairo-1.12.16/src/cairo-bentley-ottmann-rectangular.c:877
#3  0x00007ffff2f90e61 in fixup_unbounded (
    extents=extents at entry=0x7fffffff8000, boxes=boxes at entry=0x7fffffff7570,
    compositor=<optimized out>)
    at /tmp/buildd/cairo-1.12.16/src/cairo-traps-compositor.c:885
#4  0x00007ffff2f92081 in composite_aligned_boxes (boxes=0x7fffffff7570,
    extents=0x7fffffff8000, compositor=0x7ffff3230ac0 <compositor.16213>)
    at /tmp/buildd/cairo-1.12.16/src/cairo-traps-compositor.c:1298
#5  clip_and_composite_boxes (
    compositor=compositor at entry=0x7ffff3230ac0 <compositor.16213>,
    extents=extents at entry=0x7fffffff8000, boxes=boxes at entry=0x7fffffff7570)
---Type <return> to continue, or q <return> to quit---
    at /tmp/buildd/cairo-1.12.16/src/cairo-traps-compositor.c:1774
#6  0x00007ffff2f92433 in clip_and_composite_polygon (
    compositor=compositor at entry=0x7ffff3230ac0 <compositor.16213>,
    extents=extents at entry=0x7fffffff8000,
    polygon=polygon at entry=0x7fffffff7be0,
    antialias=antialias at entry=CAIRO_ANTIALIAS_NONE,
    fill_rule=fill_rule at entry=CAIRO_FILL_RULE_WINDING, curvy=<optimized
out>)
    at /tmp/buildd/cairo-1.12.16/src/cairo-traps-compositor.c:1562
#7  0x00007ffff2f92b72 in _cairo_traps_compositor_fill (
    _compositor=0x7ffff3230ac0 <compositor.16213>, extents=0x7fffffff8000,
    path=0x124d5a8, fill_rule=CAIRO_FILL_RULE_WINDING,
    tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_NONE)
    at /tmp/buildd/cairo-1.12.16/src/cairo-traps-compositor.c:2250
#8  0x00007ffff2f3bee7 in _cairo_compositor_fill (
    compositor=0x7ffff3230ac0 <compositor.16213>,
    surface=surface at entry=0x138da10, op=op at entry=CAIRO_OPERATOR_IN,
    source=source at entry=0x7ffff2ff38a0 <_cairo_pattern_white>,
    path=path at entry=0x124d5a8,
    fill_rule=fill_rule at entry=CAIRO_FILL_RULE_WINDING,
    tolerance=0.10000000000000001,
    antialias=antialias at entry=CAIRO_ANTIALIAS_NONE,
clip=clip at entry=0x138dd50)
    at /tmp/buildd/cairo-1.12.16/src/cairo-compositor.c:203
#9  0x00007ffff2faca58 in _cairo_xlib_surface_fill (_surface=<optimized
out>,
---Type <return> to continue, or q <return> to quit---
    op=CAIRO_OPERATOR_IN, source=0x7ffff2ff38a0 <_cairo_pattern_white>,
    path=0x124d5a8, fill_rule=CAIRO_FILL_RULE_WINDING,
    tolerance=<optimized out>, antialias=CAIRO_ANTIALIAS_NONE,
clip=0x138dd50)
    at /tmp/buildd/cairo-1.12.16/src/cairo-xlib-surface.c:1646
#10 0x00007ffff2f7ff14 in _cairo_surface_fill (surface=0x138da10,
    op=CAIRO_OPERATOR_IN, source=0x7ffff2ff38a0 <_cairo_pattern_white>,
    path=0x124d5a8, fill_rule=CAIRO_FILL_RULE_WINDING,
    tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_NONE,
    clip=0x138dd50) at /tmp/buildd/cairo-1.12.16/src/cairo-surface.c:2255
#11 0x00007ffff2f3a54f in _cairo_clip_combine_with_surface (clip=0x138dd50,
    dst=dst at entry=0x138da10, dst_x=<optimized out>, dst_y=<optimized out>)
    at /tmp/buildd/cairo-1.12.16/src/cairo-clip-surface.c:78
#12 0x00007ffff2f90b37 in create_composite_mask (
    compositor=compositor at entry=0x7ffff3230ac0 <compositor.16213>,
    dst=dst at entry=0xe9e000, draw_closure=draw_closure at entry=0x7fffffff9310,
    draw_func=<optimized out>, mask_func=mask_func at entry=0x0,
    extents=extents at entry=0x7fffffff9730)
    at /tmp/buildd/cairo-1.12.16/src/cairo-traps-compositor.c:500
#13 0x00007ffff2f91761 in clip_and_composite_with_mask (src_y=0, src_x=0,
    src=0xe5c5a0, op=CAIRO_OPERATOR_OVER, draw_closure=0x7fffffff9310,
    mask_func=0x0, draw_func=<optimized out>, extents=0x7fffffff9730,
    compositor=0x7ffff3230ac0 <compositor.16213>)
    at /tmp/buildd/cairo-1.12.16/src/cairo-traps-compositor.c:546
---Type <return> to continue, or q <return> to quit---
#14 clip_and_composite (
    compositor=compositor at entry=0x7ffff3230ac0 <compositor.16213>,
    extents=extents at entry=0x7fffffff9730,
    draw_func=draw_func at entry=0x7ffff2f8fda0 <composite_boxes>,
    mask_func=mask_func at entry=0x0,
    draw_closure=draw_closure at entry=0x7fffffff9310, need_clip=2)
    at /tmp/buildd/cairo-1.12.16/src/cairo-traps-compositor.c:1036
#15 0x00007ffff2f91c11 in clip_and_composite_boxes (
    compositor=compositor at entry=0x7ffff3230ac0 <compositor.16213>,
    extents=extents at entry=0x7fffffff9730, boxes=boxes at entry=0x7fffffff9310)
    at /tmp/buildd/cairo-1.12.16/src/cairo-traps-compositor.c:1779
#16 0x00007ffff2f92bd7 in _cairo_traps_compositor_fill (
    _compositor=0x7ffff3230ac0 <compositor.16213>, extents=0x7fffffff9730,
    path=0xce7278, fill_rule=CAIRO_FILL_RULE_WINDING,
    tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_DEFAULT)
    at /tmp/buildd/cairo-1.12.16/src/cairo-traps-compositor.c:2219
#17 0x00007ffff2f3bee7 in _cairo_compositor_fill (
    compositor=0x7ffff3230ac0 <compositor.16213>,
    surface=surface at entry=0xe9e000, op=op at entry=CAIRO_OPERATOR_OVER,
    source=source at entry=0x7fffffff9b30, path=path at entry=0xce7278,
    fill_rule=fill_rule at entry=CAIRO_FILL_RULE_WINDING,
    tolerance=0.10000000000000001,
    antialias=antialias at entry=CAIRO_ANTIALIAS_DEFAULT,
---Type <return> to continue, or q <return> to quit---
    clip=clip at entry=0x138d970)
    at /tmp/buildd/cairo-1.12.16/src/cairo-compositor.c:203
#18 0x00007ffff2faca58 in _cairo_xlib_surface_fill (_surface=<optimized
out>,
    op=CAIRO_OPERATOR_OVER, source=0x7fffffff9b30, path=0xce7278,
    fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=<optimized out>,
    antialias=CAIRO_ANTIALIAS_DEFAULT, clip=0x138d970)
    at /tmp/buildd/cairo-1.12.16/src/cairo-xlib-surface.c:1646
#19 0x00007ffff2f7ff14 in _cairo_surface_fill (surface=0xe9e000,
    op=CAIRO_OPERATOR_OVER, source=0x7fffffff9b30, path=0xce7278,
    fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001,
    antialias=CAIRO_ANTIALIAS_DEFAULT, clip=0x138d970)
    at /tmp/buildd/cairo-1.12.16/src/cairo-surface.c:2255
#20 0x00007ffff2f438ac in _cairo_gstate_fill (gstate=0x1161e90,
    path=path at entry=0xce7278)
    at /tmp/buildd/cairo-1.12.16/src/cairo-gstate.c:1308
#21 0x00007ffff2f3d499 in _cairo_default_context_fill (abstract_cr=0xce6f10)
    at /tmp/buildd/cairo-1.12.16/src/cairo-default-context.c:1058
#22 0x00007ffff2f36d85 in cairo_fill (cr=0xce6f10)
    at /tmp/buildd/cairo-1.12.16/src/cairo.c:2201
#23 0x00007ffff5a25dbd in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#24 0x00007ffff60d7982 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
---Type <return> to continue, or q <return> to quit---
#25 0x00007ffff60d84fb in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#26 0x00007ffff60d8c2b in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#27 0x00007ffff60dac75 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#28 0x00007ffff60cd0a5 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#29 0x00007ffff60936df in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#30 0x00007ffff607cb12 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#31 0x00007ffff612d3a2 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#32 0x00007ffff61398fc in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#33 0x00007ffff6139bb3 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#34 0x00007ffff613a2e0 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#35 0x00007ffff613b17a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#36 0x00007ffff613947a in ?? ()
---Type <return> to continue, or q <return> to quit---
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#37 0x00007ffff6139bb3 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#38 0x00007ffff613a2e0 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#39 0x00007ffff613b17a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#40 0x00007ffff613947a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#41 0x00007ffff6139bb3 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#42 0x00007ffff613a2e0 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#43 0x00007ffff613b17a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#44 0x00007ffff613947a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#45 0x00007ffff613a1f0 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#46 0x00007ffff613b17a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#47 0x00007ffff613947a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
---Type <return> to continue, or q <return> to quit---
#48 0x00007ffff613a1f0 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#49 0x00007ffff613a3dc in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#50 0x00007ffff601b6d5 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#51 0x00007ffff6607800 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#52 0x00007ffff61d4253 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#53 0x00007ffff61d2904 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#54 0x00007ffff606bebd in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#55 0x00007ffff6074078 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#56 0x00007ffff61d6f5c in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#57 0x00007ffff61514dd in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#58 0x00007ffff60809bd in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#59 0x00007ffff6093743 in ?? ()
---Type <return> to continue, or q <return> to quit---
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#60 0x00007ffff607cb12 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#61 0x00007ffff6080b03 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#62 0x00007ffff6080c70 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#63 0x00007ffff6080964 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#64 0x00007ffff6093743 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#65 0x00007ffff607cb12 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#66 0x00007ffff6080b03 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#67 0x00007ffff6080c70 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#68 0x00007ffff6080964 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#69 0x00007ffff6093743 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#70 0x00007ffff607cb12 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
---Type <return> to continue, or q <return> to quit---
#71 0x00007ffff6080b03 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#72 0x00007ffff6080c70 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#73 0x00007ffff6080964 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#74 0x00007ffff6093743 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#75 0x00007ffff607cb12 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#76 0x00007ffff6080b03 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#77 0x00007ffff6080c70 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#78 0x00007ffff6080964 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#79 0x00007ffff6093743 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#80 0x00007ffff607cb12 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#81 0x00007ffff6080b03 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#82 0x00007ffff6080c70 in ?? ()
---Type <return> to continue, or q <return> to quit---
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#83 0x00007ffff6080964 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#84 0x00007ffff6093743 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#85 0x00007ffff607cb12 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#86 0x00007ffff6080b03 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#87 0x00007ffff6080c70 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#88 0x00007ffff6080964 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#89 0x00007ffff6093743 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#90 0x00007ffff607cb12 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#91 0x00007ffff6080b03 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#92 0x00007ffff6080c70 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#93 0x00007ffff6080964 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
---Type <return> to continue, or q <return> to quit---
#94 0x00007ffff6093743 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#95 0x00007ffff607cb12 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#96 0x00007ffff6080b03 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#97 0x00007ffff6080c70 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#98 0x00007ffff6080964 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#99 0x00007ffff6093743 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#100 0x00007ffff607cb12 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#101 0x00007ffff6080b03 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#102 0x00007ffff6080c70 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#103 0x00007ffff6080964 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#104 0x00007ffff6093743 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#105 0x00007ffff607cb12 in ?? ()
---Type <return> to continue, or q <return> to quit---
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#106 0x00007ffff61282ac in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#107 0x00007ffff612d786 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#108 0x00007ffff6139958 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#109 0x00007ffff613a1f0 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#110 0x00007ffff613b17a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#111 0x00007ffff613947a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#112 0x00007ffff613a1f0 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#113 0x00007ffff613a3dc in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#114 0x00007ffff601b6d5 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#115 0x00007ffff6607800 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#116 0x00007ffff592ee07 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
---Type <return> to continue, or q <return> to quit---
#117 0x00007ffff5a22a09 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#118 0x00007ffff5a348a2 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libwebkitgtk-3.0.so.0
#119 0x00007ffff2a09f33 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#120 0x00007ffff2a09526 in g_main_context_dispatch ()
   from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#121 0x00007ffff2a09878 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#122 0x00007ffff2a0991c in g_main_context_iteration ()
   from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#123 0x00007ffff3738a1c in g_application_run ()
   from /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#124 0x000000000041b4fd in main (argc=1, argv=0x7fffffffe3a8) at main.c:262
(gdb) print *sweep
$1 = {rectangles = 0x7fffffff5b20, stop = 0x7fffffff5af0, head = {
    next = 0x7fffffff5bc0, prev = 0x0, right = 0x0, x = -2147483648,
    top = 218112, dir = 0}, tail = {next = 0x0, prev = 0x7fffffff5be8,
    right = 0x0, x = 2147483647, top = 32767, dir = 0},
  insert = 0x7fffffff5c70, cursor = 0x7fffffff5bc0, current_y = 256,
  last_y = 0, stop_size = 2, insert_x = 256,
  fill_rule = CAIRO_FILL_RULE_WINDING, do_traps = 0,
  container = 0x7fffffff6c00, unwind = {{__jmpbuf = {3,
-6409794171536495218,
        140737488313280, 140737488313072, 140737488313088, 140737488317440,
        -6409794172308247154, -6409805128873759346}, __mask_was_saved = 0,
      __saved_mask = {__val = {936783907097600, 936783907083008, 1, 0, 0,
          140737488311953, 0, 936783907097600, 665719930882, 218091,
          936693712552091, 936783906865408, 936783907083243, 4294967295, 0,
          140737488312832}}}}}
(gdb) print *rectangle
$2 = {left = {next = 0x7fffffff5c98, prev = 0x0, right = 0x0, x = 256,
    top = 0, dir = -1}, right = {next = 0x0, prev = 0x7fffffff5c70,
    right = 0x0, x = 256, top = 32767, dir = 1}, top = 256, bottom = 256}
(gdb) print *(rectangle->left.prev)
Cannot access memory at address 0x0

The url where the bug can be reproduced is always a page with an embeded
video.
It's doesn't always happen, therefore sometimes I have to launch several
(2-3) pages successively to make the bug happen
Here the page that was loaded when the above bug occured :
http://feedproxy.google.com/~r/KorbensBlog-UpgradeYourMind/~3/wnjYSqqVVSE/superman-sa-gopro.html
In Liferea, go to Item menu, "open in browser" and then paste the above url.

Thanks !




More information about the cairo mailing list