[Bug 1391857] Re: libcairo segfaults when rendering video streams, e.g. youtube videos in webkit based browsers
Bug Watch Updater
1391857 at bugs.launchpad.net
Mon Dec 8 04:53:50 UTC 2014
Launchpad has imported 19 comments from the remote bug at
https://bugs.freedesktop.org/show_bug.cgi?id=81699.
If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://help.launchpad.net/InterBugTracking.
------------------------------------------------------------------------
On 2014-07-24T04:52:55+00:00 Henriqueleng-t wrote:
Hi,
My web browser crashes when i try to watch a youtube video or open certain web
pages with any webkit browser(that uses cairo).
I found other peoples like me with this bug but i can't found a solution.
This error already happened with me while using these web browsers: jumanji,
surf, uzbl, vimprobrable2, dwb. And using two diferents linux distributions.
Arch Linux and Gentoo, both in the same computer.
There is this problem archived on this mailing list
http://lists.cairographics.org/archives/cairo/2014-March/025089.html , but the
"solution" apresented in the end, as a patch
http://lists.cairographics.org/archives/cairo/2014-March/025103.html
didn't solved my problem. He says about the patch "This diff avoids the segfault
for me, but only papers over the bug..." So it's not the real solution.
I posted on Arch Linux and on Gentoo forum, the last have more information.
Gentoo forum post:
https://forums.gentoo.org/viewtopic-t-995484-start-0-postdays-0-postorder-asc-highlight-.html?sid=c5c15b4431456821dcc93bbbc74b9ace
This bug are kiling me, i can't watch any youtube video and lot of times
my browser suddenly close. Also the web browsers tha i most like uses
cairo.
There is the complete message from gdb while run the browser with all
dependencies compiled with debug flag.
---gdb.log---
Temporary breakpoint 1 at 0x407750: file jumanji.c, line 687.
Starting program: /usr/bin/jumanji
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
Starting program: /usr/bin/jumanji
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
Quit
A debugging session is active.
Inferior 1 [process 25926] will be killed.
Quit anyway? (y or n) Starting program: /usr/bin/jumanji
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7fffe7271700 (LWP 25999)]
[New Thread 0x7fffa6941700 (LWP 26000)]
[New Thread 0x7fffa5aec700 (LWP 26001)]
[New Thread 0x7fffa52eb700 (LWP 26002)]
[New Thread 0x7fffa4acb700 (LWP 26003)]
[New Thread 0x7fff97fff700 (LWP 26004)]
[New Thread 0x7fff977fe700 (LWP 26005)]
[New Thread 0x7fff96ffd700 (LWP 26006)]
[New Thread 0x7fff967fc700 (LWP 26007)]
[New Thread 0x7fff95ffb700 (LWP 26008)]
[New Thread 0x7fff953fa700 (LWP 26009)]
[New Thread 0x7fff7bfff700 (LWP 26010)]
[New Thread 0x7fff7b7fe700 (LWP 26011)]
[New Thread 0x7fff7affd700 (LWP 26012)]
[New Thread 0x7fff7a7fc700 (LWP 26013)]
[New Thread 0x7fff79ffb700 (LWP 26014)]
[Thread 0x7fff953fa700 (LWP 26009) exited]
[Thread 0x7fff7b7fe700 (LWP 26011) exited]
[Thread 0x7fff7affd700 (LWP 26012) exited]
[Thread 0x7fff7a7fc700 (LWP 26013) exited]
[Thread 0x7fff79ffb700 (LWP 26014) exited]
[New Thread 0x7fff79ffb700 (LWP 26015)]
[Thread 0x7fff79ffb700 (LWP 26015) exited]
[New Thread 0x7fff79ffb700 (LWP 26017)]
[New Thread 0x7fff7a7fc700 (LWP 26018)]
[New Thread 0x7fff7affd700 (LWP 26019)]
[New Thread 0x7fff7b7fe700 (LWP 26020)]
[Thread 0x7fff7a7fc700 (LWP 26018) exited]
[Thread 0x7fff7bfff700 (LWP 26010) exited]
[New Thread 0x7fff7bfff700 (LWP 26021)]
[New Thread 0x7fff7a7fc700 (LWP 26022)]
[New Thread 0x7fff5ffff700 (LWP 26023)]
[New Thread 0x7fff5f2ab700 (LWP 26024)]
[New Thread 0x7fff5eaaa700 (LWP 26025)]
[New Thread 0x7fff5e2a9700 (LWP 26026)]
[New Thread 0x7fff5daa8700 (LWP 26027)]
[New Thread 0x7fff4ffff700 (LWP 26028)]
[Thread 0x7fff5e2a9700 (LWP 26026) exited]
[New Thread 0x7fff5e2a9700 (LWP 26029)]
[Thread 0x7fff5daa8700 (LWP 26027) exited]
[Thread 0x7fff79ffb700 (LWP 26017) exited]
[Thread 0x7fff5e2a9700 (LWP 26029) exited]
[Thread 0x7fff5f2ab700 (LWP 26024) exited]
[Thread 0x7fff5e2a9700 (LWP 26029) exited]
[Thread 0x7fff5f2ab700 (LWP 26024) exited]
[New Thread 0x7fff5f2ab700 (LWP 26030)]
[New Thread 0x7fff5e2a9700 (LWP 26031)]
[New Thread 0x7fff79ffb700 (LWP 26032)]
[New Thread 0x7fff5daa8700 (LWP 26033)]
[New Thread 0x7fff4d50b700 (LWP 26034)]
[Thread 0x7fff5f2ab700 (LWP 26030) exited]
[Thread 0x7fff5daa8700 (LWP 26033) exited]
[Thread 0x7fff4ffff700 (LWP 26028) exited]
Program received signal SIGSEGV, Segmentation fault.
n sweep_line_delete (rectangle=0x7fffffff7a68, sweep=0x7fffffff7780) at cairo-bentley-ottmann-rectangu
lar.c:567
567 cairo-bentley-ottmann-rectangular.c: Arquivo ou diretório não encontrado.
#0 0x00007ffff202f052 in sweep_line_delete (rectangle=0x7fffffff7a68, sweep=0x7fffffff7780) at cairo-bentley-ottmann-rect
angular.c:567
#1 _cairo_bentley_ottmann_tessellate_rectangular (rectangles=rectangles at entry=0x7fffffff7950, num_rectangles=num_rectangl
es at entry=3, fill_rule=fill_rule at entry=CAIRO_FILL_RULE_WINDING, do_traps=do_traps at entry=0, container=container at entry=0x7fff
ffff8a50)
at cairo-bentley-ottmann-rectangular.c:659
#2 0x00007ffff202f945 in _cairo_bentley_ottmann_tessellate_boxes (in=in at entry=0x7fffffff8ca0, fill_rule=fill_rule at entry=C
AIRO_FILL_RULE_WINDING, out=out at entry=0x7fffffff8a50) at cairo-bentley-ottmann-rectangular.c:877
#3 0x00007ffff208fb84 in fixup_unbounded (extents=extents at entry=0x7fffffff9e40, boxes=boxes at entry=0x7fffffff93b0, composi
tor=0x7ffff2319940 <compositor.16699>) at cairo-traps-compositor.c:885
#4 0x00007ffff2090a6b in composite_aligned_boxes (boxes=0x7fffffff93b0, extents=0x7fffffff9e40, compositor=0x7ffff2319940
<compositor.16699>) at cairo-traps-compositor.c:1298
#5 clip_and_composite_boxes (compositor=compositor at entry=0x7ffff2319940 <compositor.16699>, extents=extents at entry=0x7ffff
fff9e40, boxes=boxes at entry=0x7fffffff93b0) at cairo-traps-compositor.c:1774
#6 0x00007ffff2090e2d in clip_and_composite_polygon (compositor=compositor at entry=0x7ffff2319940 <compositor.16699>, exten
ts=extents at entry=0x7fffffff9e40, polygon=polygon at entry=0x7fffffff9a20, antialias=antialias at entry=CAIRO_ANTIALIAS_NONE,
fill_rule=fill_rule at entry=CAIRO_FILL_RULE_WINDING, curvy=<optimized out>) at cairo-traps-compositor.c:1562
#7 0x00007ffff20915bc in _cairo_traps_compositor_fill (_compositor=0x7ffff2319940 <compositor.16699>, extents=0x7fffffff9
e40, path=0xc45708, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_NONE) at c
airo-traps-compositor.c:2250
#8 0x00007ffff203b7ea in _cairo_compositor_fill (compositor=0x7ffff2319940 <compositor.16699>, surface=0xe71a00, op=op at en
try=CAIRO_OPERATOR_IN, source=source at entry=0x7ffff20e5b60 <_cairo_pattern_white>, path=path at entry=0xc45708,
fill_rule=fill_rule at entry=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=antialias at entry=CAIRO_ANTI
ALIAS_NONE, clip=clip at entry=0xa40040) at cairo-compositor.c:203
#9 0x00007ffff20ab9b8 in _cairo_xlib_surface_fill (_surface=0xe71a00, op=CAIRO_OPERATOR_IN, source=0x7ffff20e5b60 <_cairo
_pattern_white>, path=0xc45708, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=<optimized out>, antialias=CAIRO_ANTIALIAS_NO
NE, clip=0xa40040)
at cairo-xlib-surface.c:1646
#10 0x00007ffff207ed0c in _cairo_surface_fill (surface=0xe71a00, op=CAIRO_OPERATOR_IN, source=0x7ffff20e5b60 <_cairo_patte
rn_white>, path=0xc45708, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_NONE
, clip=0xa40040)
at cairo-surface.c:2255
#11 0x00007ffff2039c2f in _cairo_clip_combine_with_surface (clip=0xa40040, dst=dst at entry=0xe71a00, dst_x=<optimized out>,
dst_y=<optimized out>) at cairo-clip-surface.c:78
#12 0x00007ffff208f857 in create_composite_mask (compositor=compositor at entry=0x7ffff2319940 <compositor.16699>, dst=<optim
ized out>, draw_closure=draw_closure at entry=0x7fffffffb170, draw_func=draw_func at entry=0x7ffff208e5e0 <composite_boxes>, mas
k_func=mask_func at entry=0x0,
extents=extents at entry=0x7fffffffb590) at cairo-traps-compositor.c:500
#13 0x00007ffff20900ef in clip_and_composite_with_mask (src_y=0, src_x=0, src=0xc54510, op=CAIRO_OPERATOR_OVER, draw_closu
re=0x7fffffffb170, mask_func=0x0, draw_func=0x7ffff208e5e0 <composite_boxes>, extents=0x7fffffffb590, compositor=0x7ffff23
19940 <compositor.16699>)
at cairo-traps-compositor.c:546
#14 clip_and_composite (compositor=compositor at entry=0x7ffff2319940 <compositor.16699>, extents=extents at entry=0x7fffffffb59
0, draw_func=draw_func at entry=0x7ffff208e5e0 <composite_boxes>, mask_func=mask_func at entry=0x0, draw_closure=draw_closure at en
try=0x7fffffffb170,
need_clip=2) at cairo-traps-compositor.c:1036
#15 0x00007ffff20905d9 in clip_and_composite_boxes (compositor=compositor at entry=0x7ffff2319940 <compositor.16699>, extents
=extents at entry=0x7fffffffb590, boxes=boxes at entry=0x7fffffffb170) at cairo-traps-compositor.c:1779
#16 0x00007ffff2091647 in _cairo_traps_compositor_fill (_compositor=0x7ffff2319940 <compositor.16699>, extents=0x7fffffffb
590, path=0xd5e2d8, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_DEFAULT)
at cairo-traps-compositor.c:2219
#17 0x00007ffff203b7ea in _cairo_compositor_fill (compositor=0x7ffff2319940 <compositor.16699>, surface=0x813a60, op=op at en
try=CAIRO_OPERATOR_OVER, source=source at entry=0x7fffffffb9a0, path=path at entry=0xd5e2d8, fill_rule=fill_rule at entry=CAIRO_FIL
L_RULE_WINDING,
tolerance=0.10000000000000001, antialias=antialias at entry=CAIRO_ANTIALIAS_DEFAULT, clip=clip at entry=0xd2c800) at cairo-c
ompositor.c:203
#18 0x00007ffff20ab9b8 in _cairo_xlib_surface_fill (_surface=0x813a60, op=CAIRO_OPERATOR_OVER, source=0x7fffffffb9a0, path
=0xd5e2d8, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=<optimized out>, antialias=CAIRO_ANTIALIAS_DEFAULT, clip=0xd2c800)
at cairo-xlib-surface.c:1646
#19 0x00007ffff207ed0c in _cairo_surface_fill (surface=0x813a60, op=CAIRO_OPERATOR_OVER, source=0x7fffffffb9a0, path=0xd5e
2d8, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_DEFAULT, clip=0xd2c800) a
t cairo-surface.c:2255
#20 0x00007ffff2043574 in _cairo_gstate_fill (gstate=0xdcc180, path=path at entry=0xd5e2d8) at cairo-gstate.c:1308
#21 0x00007ffff203d094 in _cairo_default_context_fill (abstract_cr=0xd5df70) at cairo-default-context.c:1058
#22 0x00007ffff20363d5 in cairo_fill (cr=0xd5df70) at cairo.c:2201
#23 0x00007ffff4d91b76 in fillRectWithColor (color=..., rect=..., cr=0xd5df70) at Source/WebCore/platform/graphics/cairo/G
raphicsContextCairo.cpp:78
#24 fillRectWithColor (color=..., rect=..., cr=0xd5df70) at Source/WebCore/platform/graphics/cairo/GraphicsContextCairo.cp
p:233
#25 WebCore::GraphicsContext::drawRect (this=this at entry=0x7fffffffdf30, rect=...) at Source/WebCore/platform/graphics/cair
o/GraphicsContextCairo.cpp:243
#26 0x00007ffff5463890 in WebCore::RenderBoxModelObject::drawBoxSideFromPath (this=this at entry=0x7fff940d5bc8, graphicsCont
ext=graphicsContext at entry=0x7fffffffdf30, borderRect=..., borderPath=..., edges=edges at entry=0x7fffffffc010, thickness=<opt
#26 0x00007ffff5463890 in WebCore::RenderBoxModelObject::drawBoxSideFromPath (this=this at entry=0x7fff940d5bc8, graphicsCont
ext=graphicsContext at entry=0x7fffffffdf30, borderRect=..., borderPath=..., edges=edges at entry=0x7fffffffc010, thickness=<opt
imized out>,
drawThickness=<optimized out>, side=side at entry=WebCore::BSLeft, style=style at entry=0x7fff94415420, color=..., borderSty
le=<optimized out>, bleedAvoidance=bleedAvoidance at entry=WebCore::BackgroundBleedBackgroundOverBorder,
includeLogicalLeftEdge=includeLogicalLeftEdge at entry=true, includeLogicalRightEdge=includeLogicalRightEdge at entry=true)
at Source/WebCore/rendering/RenderBoxModelObject.cpp:2261
#27 0x00007ffff5464495 in WebCore::RenderBoxModelObject::paintOneBorderSide (this=this at entry=0x7fff940d5bc8, graphicsConte
xt=graphicsContext at entry=0x7fffffffdf30, style=style at entry=0x7fff94415420, outerBorder=..., innerBorder=..., sideRect=...,
side=side at entry=WebCore::BSLeft, adjacentSide1=adjacentSide1 at entry=WebCore::BSTop, adjacentSide2=adjacentSide2 at entry=W
ebCore::BSBottom, edges=edges at entry=0x7fffffffc010, path=0x7fffffffbde0,
bleedAvoidance=bleedAvoidance at entry=WebCore::BackgroundBleedBackgroundOverBorder, includeLogicalLeftEdge=includeLogica
lLeftEdge at entry=true, includeLogicalRightEdge=includeLogicalRightEdge at entry=true, antialias=antialias at entry=true,
overrideColor=overrideColor at entry=0x0) at Source/WebCore/rendering/RenderBoxModelObject.cpp:1819
#28 0x00007ffff5464d30 in WebCore::RenderBoxModelObject::paintBorderSides (this=this at entry=0x7fff940d5bc8, graphicsContext
=graphicsContext at entry=0x7fffffffdf30, style=style at entry=0x7fff94415420, outerBorder=..., innerBorder=..., innerBorderAdju
stment=...,
edges=edges at entry=0x7fffffffc010, edgeSet=edgeSet at entry=15, bleedAvoidance=bleedAvoidance at entry=WebCore::BackgroundBle
edBackgroundOverBorder, includeLogicalLeftEdge=includeLogicalLeftEdge at entry=true, includeLogicalRightEdge=includeLogicalRi
ghtEdge at entry=true,
antialias=true, overrideColor=overrideColor at entry=0x0) at Source/WebCore/rendering/RenderBoxModelObject.cpp:1894
#29 0x00007ffff5466f2b in WebCore::RenderBoxModelObject::paintBorder (this=this at entry=0x7fff940d5bc8, info=..., rect=...,
style=0x7fff94415420, bleedAvoidance=bleedAvoidance at entry=WebCore::BackgroundBleedBackgroundOverBorder, includeLogicalLeft
Edge=4,
includeLogicalLeftEdge at entry=true, includeLogicalRightEdge=includeLogicalRightEdge at entry=true) at Source/WebCore/rende
ring/RenderBoxModelObject.cpp:2109
#30 0x00007ffff545b657 in WebCore::RenderBox::paintBoxDecorations (this=0x7fff940d5bc8, paintInfo=..., paintOffset=...) at
Source/WebCore/rendering/RenderBox.cpp:1192
#31 0x00007ffff541d3c7 in WebCore::RenderBlock::paintObject (this=0x7fff940d5bc8, paintInfo=..., paintOffset=...) at Sourc
e/WebCore/rendering/RenderBlock.cpp:3299
#32 0x00007ffff5404351 in WebCore::RenderBlock::paint (this=0x7fff940d5bc8, paintInfo=..., paintOffset=...) at Source/WebC
ore/rendering/RenderBlock.cpp:3019
#33 0x00007ffff54c35b2 in WebCore::RenderLayer::paintBackgroundForFragments (this=this at entry=0x7fff793b8ee8, layerFragment
s=..., context=context at entry=0x7fffffffdf30, transparencyLayerContext=transparencyLayerContext at entry=0x7fffffffdf30, trans
parencyPaintDirtyRect=...,
haveTransparency=haveTransparency at entry=false, localPaintingInfo=..., paintBehavior=paintBehavior at entry=0, subtreePain
tRootForRenderer=subtreePaintRootForRenderer at entry=0x0) at Source/WebCore/rendering/RenderLayer.cpp:4118
#34 0x00007ffff54ceb7b in WebCore::RenderLayer::paintLayerContents (this=this at entry=0x7fff793b8ee8, context=context at entry=
0x7fffffffdf30, paintingInfo=..., paintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3875
#35 0x00007ffff54cecb5 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=this at entry=0x7fff793b8ee8, context=c
ontext at entry=0x7fffffffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224) at Source/WebCore/rendering/RenderLayer.cp
p:3649
#36 0x00007ffff54ceecf in WebCore::RenderLayer::paintLayerByApplyingTransform (this=this at entry=0x7fff793b8ee8, context=con
text at entry=0x7fffffffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224, translationOffset=...) at Source/WebCore/ren
dering/RenderLayer.cpp:3951
#37 0x00007ffff54cf612 in WebCore::RenderLayer::paintLayer (this=this at entry=0x7fff793b8ee8, context=context at entry=0x7fffff
ffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224) at Source/WebCore/rendering/RenderLayer.cpp:3622
#38 0x00007ffff54d03aa in paintList (paintFlags=<optimized out>, paintingInfo=..., context=<optimized out>, list=<optimize
d out>, this=<optimized out>) at Source/WebCore/rendering/RenderLayer.cpp:3971
#39 WebCore::RenderLayer::paintList (this=0x7fff94152678, list=0x7fff5f362230, context=0x7fffffffdf30, paintingInfo=..., p
aintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3954
#40 0x00007ffff54ce4c6 in WebCore::RenderLayer::paintLayerContents (this=this at entry=0x7fff94152678, context=context at entry=
0x7fffffffdf30, paintingInfo=..., paintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3896
#41 0x00007ffff54cecb5 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=this at entry=0x7fff94152678, context=c
ontext at entry=0x7fffffffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224) at Source/WebCore/rendering/RenderLayer.cp
p:3649
#42 0x00007ffff54ceecf in WebCore::RenderLayer::paintLayerByApplyingTransform (this=this at entry=0x7fff94152678, context=con
text at entry=0x7fffffffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224, translationOffset=...) at Source/WebCore/ren
dering/RenderLayer.cpp:3951
#43 0x00007ffff54cf612 in WebCore::RenderLayer::paintLayer (this=this at entry=0x7fff94152678, context=context at entry=0x7fffff
ffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224) at Source/WebCore/rendering/RenderLayer.cpp:3622
#44 0x00007ffff54d03aa in paintList (paintFlags=<optimized out>, paintingInfo=..., context=<optimized out>, list=<optimize
d out>, this=<optimized out>) at Source/WebCore/rendering/RenderLayer.cpp:3971
#45 WebCore::RenderLayer::paintList (this=0x7fff94152340, list=0x7fff5f3623c0, context=0x7fffffffdf30, paintingInfo=..., p
aintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3954
#46 0x00007ffff54ce4c6 in WebCore::RenderLayer::paintLayerContents (this=this at entry=0x7fff94152340, context=context at entry=
0x7fffffffdf30, paintingInfo=..., paintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3896
#47 0x00007ffff54cecb5 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=this at entry=0x7fff94152340, context=c
ontext at entry=0x7fffffffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224) at Source/WebCore/rendering/RenderLayer.cp
p:3649
#48 0x00007ffff54cf530 in WebCore::RenderLayer::paintLayer (this=this at entry=0x7fff94152340, context=context at entry=0x7fffff
ffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224) at Source/WebCore/rendering/RenderLayer.cpp:3631
#49 0x00007ffff54d03aa in paintList (paintFlags=<optimized out>, paintingInfo=..., context=<optimized out>, list=<optimize
d out>, this=<optimized out>) at Source/WebCore/rendering/RenderLayer.cpp:3971
#50 WebCore::RenderLayer::paintList (this=0x7fff940d58c8, list=0x7fff5f3622e0, context=0x7fffffffdf30, paintingInfo=..., p
aintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3954
#51 0x00007ffff54ce4c6 in WebCore::RenderLayer::paintLayerContents (this=this at entry=0x7fff940d58c8, context=context at entry=
0x7fffffffdf30, paintingInfo=..., paintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3896
#52 0x00007ffff54cecb5 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=this at entry=0x7fff940d58c8, context=c
ontext at entry=0x7fffffffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224) at Source/WebCore/rendering/RenderLayer.cp
p:3649
#53 0x00007ffff54cf530 in WebCore::RenderLayer::paintLayer (this=this at entry=0x7fff940d58c8, context=context at entry=0x7fffff
ffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224) at Source/WebCore/rendering/RenderLayer.cpp:3631
#54 0x00007ffff54d03aa in paintList (paintFlags=<optimized out>, paintingInfo=..., context=<optimized out>, list=<optimize
d out>, this=<optimized out>) at Source/WebCore/rendering/RenderLayer.cpp:3971
#55 WebCore::RenderLayer::paintList (this=0x7fff951c5350, list=0x7fff7937c0d0, context=0x7fffffffdf30, paintingInfo=..., p
aintFlags=224) a#55 WebCore::RenderLayer::paintList (this=0x7fff951c5350, list=0x7fff7937c0d0, context=0x7fffffffdf30, paintingInfo=..., p
aintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3954
#56 0x00007ffff54ce4c6 in WebCore::RenderLayer::paintLayerContents (this=this at entry=0x7fff951c5350, context=context at entry=
0x7fffffffdf30, paintingInfo=..., paintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3896
#57 0x00007ffff54cecb5 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=this at entry=0x7fff951c5350, context=c
ontext at entry=0x7fffffffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224) at Source/WebCore/rendering/RenderLayer.cp
p:3649
#58 0x00007ffff54cf530 in WebCore::RenderLayer::paintLayer (this=this at entry=0x7fff951c5350, context=context at entry=0x7fffff
ffdf30, paintingInfo=..., paintFlags=paintFlags at entry=224) at Source/WebCore/rendering/RenderLayer.cpp:3631
#59 0x00007ffff54d03aa in paintList (paintFlags=<optimized out>, paintingInfo=..., context=<optimized out>, list=<optimize
d out>, this=<optimized out>) at Source/WebCore/rendering/RenderLayer.cpp:3971
#60 WebCore::RenderLayer::paintList (this=0x7fff951c5178, list=0x7fff94ef4fe0, context=0x7fffffffdf30, paintingInfo=..., p
aintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3954
#61 0x00007ffff54ce4c6 in WebCore::RenderLayer::paintLayerContents (this=this at entry=0x7fff951c5178, context=context at entry=
0x7fffffffdf30, paintingInfo=..., paintFlags=224) at Source/WebCore/rendering/RenderLayer.cpp:3896
#62 0x00007ffff54cecb5 in WebCore::RenderLayer::paintLayerContentsAndReflection (this=this at entry=0x7fff951c5178, context=c
ontext at entry=0x7fffffffdf30, paintingInfo=..., paintFlags=paintFlags at entry=0) at Source/WebCore/rendering/RenderLayer.cpp:
3649
#63 0x00007ffff54cf530 in WebCore::RenderLayer::paintLayer (this=this at entry=0x7fff951c5178, context=context at entry=0x7fffff
ffdf30, paintingInfo=..., paintFlags=paintFlags at entry=0) at Source/WebCore/rendering/RenderLayer.cpp:3631
#64 0x00007ffff54d05f0 in WebCore::RenderLayer::paint (this=this at entry=0x7fff951c5178, context=context at entry=0x7fffffffdf3
0, damageRect=..., paintBehavior=0, subtreePaintRoot=subtreePaintRoot at entry=0x0, region=region at entry=0x0, paintFlags=paint
Flags at entry=0)
at Source/WebCore/rendering/RenderLayer.cpp:3441
#65 0x00007ffff539ea3d in WebCore::FrameView::paintContents (this=0x7fffe69aba00, p=0x7fffffffdf30, rect=...) at Source/We
bCore/page/FrameView.cpp:3564
#66 0x00007ffff5a40bd6 in paint (rect=..., context=0x7fffffffdf30, this=0x7fffe69aba00) at Source/WebCore/platform/ScrollV
iew.cpp:1102
#67 WebCore::ScrollView::paint (this=0x7fffe69aba00, context=0x7fffffffdf30, rect=...) at Source/WebCore/platform/ScrollVi
ew.cpp:1071
#68 0x00007ffff4c9b663 in paintWebView (dirtyRegion=..., frame=0x7fffe6988c00, webView=0x7ca2c0) at Source/WebKit/gtk/WebC
oreSupport/ChromeClientGtk.cpp:562
#69 WebKit::ChromeClient::paint (this=0x7c89f0) at Source/WebKit/gtk/WebCoreSupport/ChromeClientGtk.cpp:605
#70 0x00007ffff4d8e420 in WebCore::ThreadTimers::sharedTimerFiredInternal (this=0x7fffe699bbe0) at Source/WebCore/platform
/ThreadTimers.cpp:129
#71 0x00007ffff4da0a62 in WebCore::timeout_cb () at Source/WebCore/platform/gtk/SharedTimerGtk.cpp:49
#72 0x00007ffff69902ab in g_timeout_dispatch (source=source at entry=0x7aef10, callback=<optimized out>, user_data=<optimized
out>) at /var/tmp/portage/dev-libs/glib-2.38.2-r1/work/glib-2.38.2/glib/gmain.c:4451
#73 0x00007ffff698f715 in g_main_dispatch (context=0x6767b0) at /var/tmp/portage/dev-libs/glib-2.38.2-r1/work/glib-2.38.2/
glib/gmain.c:3066
#74 g_main_context_dispatch (context=context at entry=0x6767b0) at /var/tmp/portage/dev-libs/glib-2.38.2-r1/work/glib-2.38.2/
glib/gmain.c:3642
#75 0x00007ffff698fa58 in g_main_context_iterate (context=0x6767b0, block=block at entry=1, dispatch=dispatch at entry=1, self=<
optimized out>) at /var/tmp/portage/dev-libs/glib-2.38.2-r1/work/glib-2.38.2/glib/gmain.c:3713
#76 0x00007ffff698feaa in g_main_loop_run (loop=0x7bec50) at /var/tmp/portage/dev-libs/glib-2.38.2-r1/work/glib-2.38.2/gli
b/gmain.c:3907
#77 0x00007ffff766a905 in gtk_main () at gtkmain.c:1158
#78 0x0000000000407795 in main (argc=1, argv=0x7fffffffe388) at jumanji.c:699
A debugging session is active.
Inferior 1 [process 25969] will be killed.
Quit anyway? (y or n)
---gdb.log---
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/0
------------------------------------------------------------------------
On 2014-08-10T17:40:40+00:00 Sixtysix wrote:
Created attachment 104383
quick hack
The problem here seems to be that with small areas to fill
the boxes tessellator receives empty boxes which are
evidently unexpected. The attached patch is derived going
one step back to the source of these empty boxes,
a comment there seems to imply a choice to mimic pixman.
Obviously the real problem could be earlier than there.
A different solution could be to impose a minimum 1 width/height
for the boxes generated.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/1
------------------------------------------------------------------------
On 2014-08-13T09:34:53+00:00 Sixtysix wrote:
Created attachment 104551
testcase
I cairo-traced a visit to youtube using 'surf' and reduced the trace
to the minimum still reproducing the crash in the form of a
cairo test-suite C file.
So, after applying the patch and running make -C test, if you
execute the test with:
> CAIRO_TEST_TARGET=xlib gdb -ex r -ex bt --args test/.libs/cairo-test-
suite sweep-line-delete
you'll have a similar backtrace to the one in the bug report.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/2
------------------------------------------------------------------------
On 2014-08-13T11:23:46+00:00 Psychon-d wrote:
(In reply to comment #2)
> Created attachment 104551 [details] [review]
> testcase
>
> I cairo-traced a visit to youtube using 'surf' and reduced the trace
> to the minimum still reproducing the crash in the form of a
> cairo test-suite C file.
Would it be ok with you if this test case were included with Cairo?
Would the following license header be suitable? Do you want some
copyright notice to be included? Which one?
/*
* Permission is hereby granted, free of charge, to any person
* obtaining a copy of this software and associated documentation
* files (the "Software"), to deal in the Software without
* restriction, including without limitation the rights to use, copy,
* modify, merge, publish, distribute, sublicense, and/or sell copies
* of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/3
------------------------------------------------------------------------
On 2014-08-13T15:14:16+00:00 Sixtysix wrote:
Created attachment 104568
alternative solution
An alternative patch that would make the rectangular tessellator
work also with empty boxes, so intrinsically safe also for
other (future) callers.
Obviously only valid if I understood what it's doing and it
is possible to effectively ignore empty boxes.
> Would it be ok with you if this test case were included with Cairo?
Would the > following license header be suitable? Do you want some
copyright notice to be > included? Which one?
it is ok with me, it is suitable, don't want any copyright notice,
whatever.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/4
------------------------------------------------------------------------
On 2014-08-16T04:39:09+00:00 Henriqueleng-t wrote:
Hi Massimo. Looks like you last patch with only 3 lines of code solved the problem!
I applied here and no more segfault.
How i don't understand and i know nothing about cairo, i don't know if what this patch do is the right thing or if is safe use it. All i know it is that it solved, i think.
Should i mark as solved?
I apllyied here and
(In reply to comment #4)
> Created attachment 104568 [details] [review]
> alternative solution
>
> An alternative patch that would make the rectangular tessellator
> work also with empty boxes, so intrinsically safe also for
> other (future) callers.
>
> Obviously only valid if I understood what it's doing and it
> is possible to effectively ignore empty boxes.
>
> > Would it be ok with you if this test case were included with Cairo? Would the > following license header be suitable? Do you want some copyright notice to be > included? Which one?
>
> it is ok with me, it is suitable, don't want any copyright notice, whatever.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/5
------------------------------------------------------------------------
On 2014-08-16T17:36:32+00:00 Sixtysix wrote:
(In reply to comment #5)
> Hi Massimo. Looks like you last patch with only 3 lines of code solved the
> problem!
> I applied here and no more segfault.
> How i don't understand and i know nothing about cairo, i don't know if what
> this patch do is the right thing or if is safe use it. All i know it is that
> it solved, i think.
>
To me it seems correct and safe, it only drops empty
boxes from the list of boxes to be tessellated.
Empty boxes do not alter the insideness of any pixel
because if a ray from the pixel intersects the top edge
it also intersects the bottom edge, one from the left
and the other from the right, so it should be correct
for both (EVEN_ODD, WINDING) fill rules that cairo implements.
OTOH these empty boxes are problematic as they possibly
lead to a segfault.
It is possible that there are better places to discard
these boxes.
> Should i mark as solved?
I'm not a cairo developer, but I'd say not until a fix
has been included in the official source tree. So people
experiencing the same problem can find a solution and report
shortcomings.
There are already many duplicates in many
distribution/application/library bugzilla
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/6
------------------------------------------------------------------------
On 2014-08-21T08:36:39+00:00 Chris Wilson wrote:
(In reply to comment #6)
> (In reply to comment #5)
> > Hi Massimo. Looks like you last patch with only 3 lines of code solved the
> > problem!
> > I applied here and no more segfault.
> > How i don't understand and i know nothing about cairo, i don't know if what
> > this patch do is the right thing or if is safe use it. All i know it is that
> > it solved, i think.
> >
>
> To me it seems correct and safe, it only drops empty
> boxes from the list of boxes to be tessellated.
It is. Could you please write a nice commit log, adding
Reported-by: Henrique Lengler <henriqueleng at openmailbox.org>
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=81699
and submit. Ideally we would love to have a test case to hit this problem as well. If you can capture it using cairo-trace that would be a good start.
> Empty boxes do not alter the insideness of any pixel
> because if a ray from the pixel intersects the top edge
> it also intersects the bottom edge, one from the left
> and the other from the right, so it should be correct
> for both (EVEN_ODD, WINDING) fill rules that cairo implements.
>
> OTOH these empty boxes are problematic as they possibly
> lead to a segfault.
>
> It is possible that there are better places to discard
> these boxes.
That's my only worry, I am trying to remember all the call paths that
enter here and why we have empty boxes in the first place. In this case,
the empty boxes seem to be part of the clip, which is worrisome. All the
zero height boxes should have been prefiltered...
diff --git a/src/cairo-boxes.c b/src/cairo-boxes.c
index 63b68dd..90afdbd 100644
--- a/src/cairo-boxes.c
+++ b/src/cairo-boxes.c
@@ -139,6 +139,8 @@ _cairo_boxes_add_internal (cairo_boxes_t *boxes,
if (unlikely (boxes->status))
return;
+ assert(box->x2 > box->x1 && box->y2 > box->y1);
+
chunk = boxes->tail;
if (unlikely (chunk->count == chunk->size)) {
int size;
So yes, this suggests a far deeper problem than just the tesselate
failure.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/7
------------------------------------------------------------------------
On 2014-08-21T15:20:51+00:00 Sixtysix wrote:
Created attachment 105050
proposed patch
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/8
------------------------------------------------------------------------
On 2014-08-21T15:22:45+00:00 Sixtysix wrote:
Created attachment 105051
cairo script
This is the minimum cairo-trace/script that I obtained.
To crash it I compiled util/cairo-script/csi-replay.c after
changing the #define SINGLE_SURFACE to 0
To derive a test case from it probably it is possible
to use a smaller surface size.
Enabling xlib-xcb prevents the crash, probably another code path
is executed. (Valgrind (--enable-valgrind=no) reports an invalid
read though)
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/9
------------------------------------------------------------------------
On 2014-08-23T11:43:01+00:00 Psychon-d wrote:
(In reply to comment #7)
[...]
> That's my only worry, I am trying to remember all the call paths that enter
> here and why we have empty boxes in the first place. In this case, the empty
> boxes seem to be part of the clip, which is worrisome. All the zero height
> boxes should have been prefiltered...
>
> diff --git a/src/cairo-boxes.c b/src/cairo-boxes.c
> index 63b68dd..90afdbd 100644
> --- a/src/cairo-boxes.c
> +++ b/src/cairo-boxes.c
> @@ -139,6 +139,8 @@ _cairo_boxes_add_internal (cairo_boxes_t *boxes,
> if (unlikely (boxes->status))
> return;
>
> + assert(box->x2 > box->x1 && box->y2 > box->y1);
> +
> chunk = boxes->tail;
> if (unlikely (chunk->count == chunk->size)) {
> int size;
>
> So yes, this suggests a far deeper problem than just the tesselate failure.
I guess you meant this: assert(box->p2.x > box->p1.x && box->p2.y >
box->p1.y);
That assert triggers for 61 test cases in the test suite. Most of these
are due to boxes likes this (this code appears in different places
inside of cairo, e.g. _cairo_xcb_surface_fixup_unbounded_boxes and the
span compositor's fixup_unbounded_boxes):
box.p1.x = _cairo_fixed_from_int (extents->unbounded.x + extents->unbounded.width);
box.p1.y = _cairo_fixed_from_int (extents->unbounded.y);
box.p2.x = _cairo_fixed_from_int (extents->unbounded.x);
box.p2.y = _cairo_fixed_from_int (extents->unbounded.y + extents->unbounded.height);
I guess that means that this code is wrong and should be fixed? Perhaps
we should even commit this assert to cairo?
At least I didn't find anything generating zero-height boxes.
List of tests: big-empty-box big-empty-triangle big-little-box bug-40410
bug-bo-collins bug-bo-rectangular clip-complex-bug61492 clip-complex-
shape-eo-aa clip-complex-shape-eo-mono clip-fill clip-fill-eo-unbounded
clip-fill-nz-unbounded clip-group-shapes-unaligned-rectangles clip-
mixed-antialias clip-nesting clip-operator clip-shape clip-stroke-
unbounded clip-text clip-twice copy-disjoint fill-disjoint get-path-
extents hatchings image-surface-source mask operator operator-alpha
operator-alpha-alpha paint-with-alpha-clip-mask pdf-surface-source ps-
surface-source random-clip record-paint-alpha-clip-mask record-self-
intersecting record1414x-self-intersecting record2x-self-intersecting
record90-self-intersecting recordflip-self-intersecting rectilinear-fill
rotated-clip self-copy self-copy-overlap self-intersecting subsurface-
image-repeat subsurface-modify-child subsurface-modify-parent
subsurface-pad subsurface-reflect subsurface-repeat surface-pattern-
operator svg-surface-source text-glyph-range tighten-bounds trap-clip
unantialiased-shapes unbounded-operator white-in-noop xcb-surface-source
xlib-surface-source zero-mask
Oh and the assert does not trigger for the test case attached to this
bug report (except for the "test-traps" (pseudo-)backend, which doesn't
count, I guess). But that test case doesn't crash here either...?
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/10
------------------------------------------------------------------------
On 2014-08-23T13:16:42+00:00 Chris Wilson wrote:
Hmm, nope. We only reject the empty boxes, but allow negative boxes to
represent counter winding. That's cunning.
Ok, found the problem. It's the traps-to-boxes routine that doesn't
prefilter zero height traps/boxes.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/11
------------------------------------------------------------------------
On 2014-08-23T13:22:14+00:00 Chris Wilson wrote:
commit 13a09526d2120c244471e03b6ae979016ef88e83
Author: Chris Wilson <chris at chris-wilson.co.uk>
Date: Sat Aug 23 14:16:55 2014 +0100
traps,xcb: Prefilter zero-area boxes when converting traps
The rectangular tesselation routines rely on the presuming that all the
boxes it has to handle are already filtered to remove empty boxes.
<< /width 800 /height 600 >> surface context
0.0848671 0 0 0.0848671 39.907812 5.608896 matrix transform
8 0 m 12.417969 0 16 3.582031 16 8 c 16 12.417969 12.417969 16 8 16 c
3.582031 16 0 12.417969 0 8 c 0 3.582031 3.582031 0 8 0 c h
clip
16 0 m 8 8 l 16 16 l h
clip
0 0 16 16 rectangle
fill
Triggers the error given a traps tesselator like cairo-xlib.
Reported-by: Henrique Lengler <henriqueleng at openmailbox.org>
Analyzed-by: Massimo <sixtysix at inwind.it>
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=81699
Signed-off-by: Chris Wilson <chris at chris-wilson.co.uk>
Fixed, but leaving open to add the testcase.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/12
------------------------------------------------------------------------
On 2014-08-23T13:36:10+00:00 Psychon-d wrote:
*** Bug 72244 has been marked as a duplicate of this bug. ***
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/13
------------------------------------------------------------------------
On 2014-08-23T13:38:17+00:00 Psychon-d wrote:
*** Bug 76272 has been marked as a duplicate of this bug. ***
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/14
------------------------------------------------------------------------
On 2014-08-25T07:45:19+00:00 Adrian Bunk wrote:
Created attachment 105218
Crash backtrace
Hi Chris,
thanks for the fix, it greatly increased stability.
But unfortunately sometimes there are still crashes.
Attached is a backtrace for the following (this is Debian 1.12.16-2 plus
commit 13a09526 from master):
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff2cb0f98 in sweep_line_delete_edge (edge=0x7fffffff7b00,
sweep=0x7fffffff77f0)
at /tmp/cairo-1.12.16/src/cairo-bentley-ottmann-rectangular.c:558
558 edge->next->prev = edge->prev;
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/15
------------------------------------------------------------------------
On 2014-08-25T07:58:15+00:00 Chris Wilson wrote:
/me hangs head in shame
commit a5f51588afd9d5629b03297eb29ff46350b6ba50
Author: Chris Wilson <chris at chris-wilson.co.uk>
Date: Mon Aug 25 08:55:24 2014 +0100
traps,xcb: Set the box count after filtering
After converting, the number of boxes should only count the number of
non-zero boxes and forget about the zero-sized boxes we skipped over.
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=81699
Signed-off-by: Chris Wilson <chris at chris-wilson.co.uk>
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/16
------------------------------------------------------------------------
On 2014-08-26T15:19:08+00:00 Adrian Bunk wrote:
Hi Chris,
thanks a lot, it no longer crashes for me.
Can these commits also go to the 1.12 branch?
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/17
------------------------------------------------------------------------
On 2014-08-27T09:09:19+00:00 Psychon-d wrote:
Cherry-picked 28 commits into the 1.12 branch. I just did a quick search
through the git history since 1.12 was branched off master (just after
1.12.16) and took everything which sounded harmless enough.
These two commits are commit 3bb80aa2c3f97c071f434e0fbb6704fbef963352
and commit 4b65497231d1859e03762949896da94ffde389b on the branch.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/cairo/+bug/1391857/comments/18
** Changed in: cairo
Status: Unknown => Confirmed
** Changed in: cairo
Importance: Unknown => Critical
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1391857
Title:
libcairo segfaults when rendering video streams, e.g. youtube videos
in webkit based browsers
Status in Cairo Graphics Library:
Confirmed
Status in cairo package in Ubuntu:
Triaged
Status in midori package in Ubuntu:
New
Status in webkitgtk package in Ubuntu:
New
Bug description:
The libcairo version (1.13) that is used on Ubuntu 14.04 contains a
bug the leads to a segementation fault (see
https://bugs.freedesktop.org/show_bug.cgi?id=81699) when rendering
certain video streams. E.g. webkit based browser that render Youtube
videos will eventually crash.
The bug has been fixed upstream, libcairo 1.14 does not segfault, so
it would be very desirable that the libcairo2 package in Ubuntu gets
updated to version 1.14 of libcairo.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cairo/+bug/1391857/+subscriptions
More information about the Ubuntu-sponsors
mailing list