registry team mailing list archive

Thread
Date
[Bug 149570] Re: xchat-gnome crashed with SIGSEGV in cairo_surface_finish()

To: registry@xxxxxxxxxxxxxxxxxxx
From: Bug Watch Updater <149570@xxxxxxxxxxxxxxxxxx>
Date: Tue, 14 Sep 2010 10:14:07 -0000
Reply-to: Bug 149570 <149570@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Launchpad has imported 2 comments from the remote bug at
http://bugs.freedesktop.org/show_bug.cgi?id=12715.

If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://help.launchpad.net/InterBugTracking.

------------------------------------------------------------------------
On 2007-10-06T05:12:44+00:00 Sebastien Bacher wrote:

The bug has been opened on https://bugs.launchpad.net/ubuntu/+source
/xchat-gnome/+bug/149570

"Binary package hint: xchat-gnome

entered '/list' command
...
libcairo2 1.4.10-1ubuntu4
...
#0  _cairo_xlib_remove_close_display_hooks (dpy=<value optimized out>, key=0x1a3f1c0)
    at /build/buildd/libcairo-1.4.10/src/cairo-xlib-display.c:336
	display = (cairo_xlib_display_t *) 0x13ecf50
	hook = (cairo_xlib_hook_t *) 0x656469762073276c
	next = (cairo_xlib_hook_t *) 0x656469762073276c
	prev = (cairo_xlib_hook_t **) 0x144fab0
#1  0x00002b3625159c61 in _cairo_xlib_surface_finish (abstract_surface=<value optimized out>)
    at /build/buildd/libcairo-1.4.10/src/cairo-xlib-surface.c:333
	status2 = <value optimized out>
	surface = (cairo_xlib_surface_t *) 0x1a3f1c0
	display = (cairo_xlib_display_t *) 0x13ecf50
	status = CAIRO_STATUS_SUCCESS
#2  0x00002b3625134e13 in *INT_cairo_surface_finish (surface=0x1a3f1c0)
    at /build/buildd/libcairo-1.4.10/src/cairo-surface.c:504
	status = <value optimized out>
#3  0x00002b3625134e95 in *INT_cairo_surface_destroy (surface=0x13ecfb0)
    at /build/buildd/libcairo-1.4.10/src/cairo-surface.c:401
	__PRETTY_FUNCTION__ = "cairo_surface_destroy"
#4  0x00002b3621775793 in IA__gdk_window_end_paint (window=0x13e0ad0) at /build/buildd/gtk+2.0-2.12.0/gdk/gdkwindow.c:1087
	composited = <value optimized out>
	paint = (GdkWindowPaint *) 0x1a94420
	tmp_gc = (GdkGC *) 0x13ddc80
	clip_box = {x = 0, y = 0, width = 559, height = 27}
	x_offset = 0
	y_offset = 0
	__PRETTY_FUNCTION__ = "IA__gdk_window_end_paint"
#5  0x00002b36212b36b9 in IA__gtk_main_do_event (event=0x7fff8af1c740) at /build/buildd/gtk+2.0-2.12.0/gtk/gtkmain.c:1496
	event_widget = (GtkWidget *) 0x875000
	grab_widget = (GtkWidget *) 0x875000
	window_group = (GtkWindowGroup *) 0x13d4100
	rewritten_event = (GdkEvent *) 0x0
	tmp_list = <value optimized out>
	__PRETTY_FUNCTION__ = "IA__gtk_main_do_event"
#6  0x00002b36217748da in gdk_window_process_updates_internal (window=0x13e0ad0)
    at /build/buildd/gtk+2.0-2.12.0/gdk/gdkwindow.c:2383
	event = {type = GDK_EXPOSE, any = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0'}, expose = {
    type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', area = {x = 0, y = 0, width = 559, height = 27}, 
    region = 0x14beb90, count = 0}, no_expose = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0'}, 
  visibility = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', state = GDK_VISIBILITY_UNOBSCURED}, motion = {
    type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', time = 0, x = 1.1861956471495872e-311, 
    y = 1.3339772437713657e-322, axes = 0x14beb90, state = 0, is_hint = 0, device = 0x0, 
    x_root = 4.9406564584124654e-324, y_root = 2.347380196441317e-310}, button = {type = GDK_EXPOSE, window = 0x13e0ad0, 
    send_event = 0 '\0', time = 0, x = 1.1861956471495872e-311, y = 1.3339772437713657e-322, axes = 0x14beb90, state = 0, 
    button = 0, device = 0x0, x_root = 4.9406564584124654e-324, y_root = 2.347380196441317e-310}, scroll = {
    type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', time = 0, x = 1.1861956471495872e-311, 
    y = 1.3339772437713657e-322, state = 21752720, direction = GDK_SCROLL_UP, device = 0x0, x_root = 0, 
    y_root = 4.9406564584124654e-324}, key = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', time = 0, 
    state = 0, keyval = 559, length = 27, string = 0x14beb90 "\b", hardware_keycode = 0, group = 0 '\0', 
    is_modifier = 0}, crossing = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', subwindow = 0x22f00000000, 
    time = 27, x = 1.0747271655603801e-316, y = 0, x_root = 0, y_root = 4.9406564584124654e-324, mode = 575884516, 
    detail = 11062, focus = 590118224, state = 11062}, focus_change = {type = GDK_EXPOSE, window = 0x13e0ad0, 
    send_event = 0 '\0', in = 0}, configure = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', x = 0, y = 0, 
    width = 559, height = 27}, property = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', 
    atom = 0x22f00000000, time = 27, state = 0}, selection = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', 
    selection = 0x22f00000000, target = 0x1b, property = 0x14beb90, time = 0, requestor = 0}, owner_change = {
    type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', owner = 0, reason = GDK_OWNER_CHANGE_NEW_OWNER, 
    selection = 0x1b, time = 21752720, selection_time = 0}, proximity = {type = GDK_EXPOSE, window = 0x13e0ad0, 
    send_event = 0 '\0', time = 0, device = 0x22f00000000}, client = {type = GDK_EXPOSE, window = 0x13e0ad0, 
    send_event = 0 '\0', message_type = 0x22f00000000, data_format = 27, data = {
      b = "\220ëK\001", '\0' <repeats 15 times>, s = {-5232, 331, 0, 0, 0, 0, 0, 0, 0, 0}, l = {21752720, 0, 0, 1, 
        47511504112868}}}, dnd = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', context = 0x22f00000000, 
    time = 27, x_root = 0, y_root = 0}, window_state = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', 
    changed_mask = 0, new_window_state = 0}, setting = {type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', 
    action = GDK_SETTING_ACTION_NEW, name = 0x22f00000000 <Address 0x22f00000000 out of bounds>}, grab_broken = {
    type = GDK_EXPOSE, window = 0x13e0ad0, send_event = 0 '\0', keyboard = 0, implicit = 0, grab_window = 0x1b}}
	private = <value optimized out>
	save_region = 1
#7  0x00002b3621774eaa in IA__gdk_window_process_all_updates () at /build/buildd/gtk+2.0-2.12.0/gdk/gdkwindow.c:2435
	old_update_windows = (GSList *) 0x1a8eab0
	tmp_list = <value optimized out>
#8  0x00002b3621774f09 in IA__gdk_window_process_all_updates () at /build/buildd/gtk+2.0-2.12.0/gdk/gdkwindow.c:2450
	private = <value optimized out>
	old_update_windows = (GSList *) 0x2b36227cf9f0
	tmp_list = (GSList *) 0x1a8ed40
#9  0x00002b36232c7d50 in ?? () from /lib/libpthread.so.0
#10 0x0000000001550b00 in ?? ()
#11 0x00002b3622534fd3 in IA__g_main_context_dispatch (context=0x6cb2d0) at /build/buildd/glib2.0-2.14.1/glib/gmain.c:2061
No locals.
#12 0x00002b36225382dd in g_main_context_iterate (context=0x6cb2d0, block=1, dispatch=1, self=<value optimized out>)
    at /build/buildd/glib2.0-2.14.1/glib/gmain.c:2694
	got_ownership = <value optimized out>
	max_priority = 120
	timeout = 0
	some_ready = 1
	nfds = <value optimized out>
	allocated_nfds = <value optimized out>
	fds = (GPollFD *) 0x13d5060
	__PRETTY_FUNCTION__ = "g_main_context_iterate"
#13 0x00002b36225385ea in IA__g_main_loop_run (loop=0x143bba0) at /build/buildd/glib2.0-2.14.1/glib/gmain.c:2898
	got_ownership = <value optimized out>
	self = (GThread *) 0x68f850
	__PRETTY_FUNCTION__ = "IA__g_main_loop_run"
#14 0x00002b36212b3883 in IA__gtk_main () at /build/buildd/gtk+2.0-2.12.0/gtk/gtkmain.c:1144
	tmp_list = (GList *) 0x477f2d
	functions = (GList *) 0x0
	init = (GtkInitFunction *) 0x471a06
	loop = (GMainLoop *) 0x143bba0
#15 0x0000000000422f39 in fe_main () at fe-gnome.c:184
No locals.
#16 0x000000000045d0f8 in main (argc=1, argv=<value optimized out>) at xchat.c:1071
	ret = <value optimized out>
..."

Reply at: https://bugs.launchpad.net/libcairo/+bug/149570/comments/2

------------------------------------------------------------------------
On 2008-10-10T06:40:54+00:00 Chris Wilson wrote:

The symptoms of this bug have been treated (the way the
remove_close_display_hooks() now functions completely erradicates any
possibility of this triggering again). I can't recall fixing any bugs in
that loop, nor immediately identify the issue from the stack trace, so I
can not say for sure that the true cause has been resolved.

Closing, but warily.

Reply at: https://bugs.launchpad.net/libcairo/+bug/149570/comments/7


** Changed in: libcairo
   Importance: Unknown => Medium

-- 
xchat-gnome crashed with SIGSEGV in cairo_surface_finish()
https://bugs.launchpad.net/bugs/149570
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for libcairo.