(In reply to comment #0) > Created an attachment (id=217796) [details] > backtrace (midori) > > How to reproduce: > - use a GTK+2 WebKitGTK+ browser (reproduced with midori and liferea 1.6) > - go to http://www.youtube.com/watch?v=_8cISt6apoc > - Segmentation Fault before or shortly after starting the video (WebKit fillRectWithColor() -> cairo_fill() and then segfault inside cairo) > > WebKitGTK+ version tested (all segfault): > - 2.2.0 > - 2.2.2 > - 2.3.2 > > GTK+3 browsers (epiphany tested) don't seem to be affected. If it segfaults in Cairo why is this reported to WebKit ? Here you have a backtrace with 2.2.2 and GtkLauncher: Program received signal SIGSEGV, Segmentation fault. sweep_line_delete (rectangle=0x7fffffff56c0, sweep=0x7fffffff5380) at cairo-bentley-ottmann-rectangular.c:567 567 if (sweep->fill_rule == CAIRO_FILL_RULE_WINDING && (gdb) bt #0 sweep_line_delete (rectangle=0x7fffffff56c0, sweep=0x7fffffff5380) at cairo-bentley-ottmann-rectangular.c:567 #1 _cairo_bentley_ottmann_tessellate_rectangular (rectangles=rectangles@entry=0x7fffffff5550, num_rectangles=num_rectangles@entry=3, fill_rule=fill_rule@entry=CAIRO_FILL_RULE_WINDING, do_traps=do_traps@entry=0, container=container@entry=0x7fffffff6650) at cairo-bentley-ottmann-rectangular.c:659 #2 0x00007ffff0536d13 in _cairo_bentley_ottmann_tessellate_boxes (in=in@entry=0x7fffffff68a0, fill_rule=fill_rule@entry=CAIRO_FILL_RULE_WINDING, out=out@entry=0x7fffffff6650) at cairo-bentley-ottmann-rectangular.c:877 #3 0x00007ffff0594ae1 in fixup_unbounded (extents=extents@entry=0x7fffffff7a50, boxes=boxes@entry=0x7fffffff6fc0, compositor=<optimized out>) at cairo-traps-compositor.c:885 #4 0x00007ffff0595d31 in composite_aligned_boxes (boxes=0x7fffffff6fc0, extents=0x7fffffff7a50, compositor=0x7ffff082f340 <compositor.16040>) at cairo-traps-compositor.c:1290 #5 clip_and_composite_boxes (compositor=compositor@entry=0x7ffff082f340 <compositor.16040>, extents=extents@entry=0x7fffffff7a50, boxes=boxes@entry=0x7fffffff6fc0) at cairo-traps-compositor.c:1766 #6 0x00007ffff05960e3 in clip_and_composite_polygon (compositor=compositor@entry=0x7ffff082f340 <compositor.16040>, extents=extents@entry=0x7fffffff7a50, polygon=polygon@entry=0x7fffffff7630, antialias=antialias@entry=CAIRO_ANTIALIAS_NONE, fill_rule=fill_rule@entry=CAIRO_FILL_RULE_WINDING, curvy=<optimized out>) at cairo-traps-compositor.c:1554 #7 0x00007ffff05967c2 in _cairo_traps_compositor_fill (_compositor=0x7ffff082f340 <compositor.16040>, extents=0x7fffffff7a50, path=0x15a2488, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_NONE) at cairo-traps-compositor.c:2229 #8 0x00007ffff0543a27 in _cairo_compositor_fill (compositor=0x7ffff082f340 <compositor.16040>, surface=surface@entry=0x1629d20, op=op@entry=CAIRO_OPERATOR_IN, source=source@entry=0x7ffff05f3f40 <_cairo_pattern_white>, path=path@entry=0x15a2488, fill_rule=fill_rule@entry=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=antialias@entry=CAIRO_ANTIALIAS_NONE, clip=clip@entry=0x19c3350) at cairo-compositor.c:203 #9 0x00007ffff05b0368 in _cairo_xlib_surface_fill (_surface=<optimized out>, op=CAIRO_OPERATOR_IN, source=0x7ffff05f3f40 <_cairo_pattern_white>, path=0x15a2488, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=<optimized out>, antialias=CAIRO_ANTIALIAS_NONE, clip=0x19c3350) at cairo-xlib-surface.c:1594 #10 0x00007ffff05843a4 in _cairo_surface_fill (surface=0x1629d20, op=CAIRO_OPERATOR_IN, source=0x7ffff05f3f40 <_cairo_pattern_white>, path=0x15a2488, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_NONE, clip=0x19c3350) at cairo-surface.c:2222 #11 0x00007ffff054208f in _cairo_clip_combine_with_surface (clip=0x19c3350, dst=dst@entry=0x1629d20, dst_x=<optimized out>, dst_y=<optimized out>) at cairo-clip-surface.c:78 #12 0x00007ffff05947b7 in create_composite_mask (compositor=compositor@entry=0x7ffff082f340 <compositor.16040>, dst=dst@entry=0x10600a0, draw_closure=draw_closure@entry=0x7fffffff8d50, draw_func=<optimized out>, mask_func=mask_func@entry=0x0, extents=extents@entry=0x7fffffff9170) at cairo-traps-compositor.c:500 #13 0x00007ffff05953e1 in clip_and_composite_with_mask (src_y=0, src_x=0, src=0x90e400, op=CAIRO_OPERATOR_OVER, draw_closure=0x7fffffff8d50, mask_func=0x0, draw_func=<optimized out>, extents=0x7fffffff9170, compositor=0x7ffff082f340 <compositor.16040>) at cairo-traps-compositor.c:546 #14 clip_and_composite (compositor=compositor@entry=0x7ffff082f340 <compositor.16040>, extents=extents@entry=0x7fffffff9170, draw_func=draw_func@entry=0x7ffff0593a20 <composite_boxes>, mask_func=mask_func@entry=0x0, draw_closure=draw_closure@entry=0x7fffffff8d50, need_clip=2) at cairo-traps-compositor.c:1028 #15 0x00007ffff05958c1 in clip_and_composite_boxes (compositor=compositor@entry=0x7ffff082f340 <compositor.16040>, extents=extents@entry=0x7fffffff9170, boxes=boxes@entry=0x7fffffff8d50) at cairo-traps-compositor.c:1771 #16 0x00007ffff0596827 in _cairo_traps_compositor_fill (_compositor=0x7ffff082f340 <compositor.16040>, extents=0x7fffffff9170, path=0x157c6d8, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_DEFAULT) at cairo-traps-compositor.c:2198 #17 0x00007ffff0543a27 in _cairo_compositor_fill (compositor=0x7ffff082f340 <compositor.16040>, surface=surface@entry=0x10600a0, op=op@entry=CAIRO_OPERATOR_OVER, source=source@entry=0x7fffffff9570, path=path@entry=0x157c6d8, fill_rule=fill_rule@entry=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=antialias@entry=CAIRO_ANTIALIAS_DEFAULT, clip=clip@entry=0x194ea00) at cairo-compositor.c:203 #18 0x00007ffff05b0368 in _cairo_xlib_surface_fill (_surface=<optimized out>, op=CAIRO_OPERATOR_OVER, source=0x7fffffff9570, path=0x157c6d8, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=<optimized out>, antialias=CAIRO_ANTIALIAS_DEFAULT, clip=0x194ea00) at cairo-xlib-surface.c:1594 #19 0x00007ffff05843a4 in _cairo_surface_fill (surface=0x10600a0, op=CAIRO_OPERATOR_OVER, source=0x7fffffff9570, path=0x157c6d8, fill_rule=CAIRO_FILL_RULE_WINDING, tolerance=0.10000000000000001, antialias=CAIRO_ANTIALIAS_DEFAULT, clip=0x194ea00) at cairo-surface.c:2222 #20 0x00007ffff054b47c in _cairo_gstate_fill (gstate=0x2630390, path=path@entry=0x157c6d8) at cairo-gstate.c:1308 #21 0x00007ffff0544fb9 in _cairo_default_context_fill (abstract_cr=0x157c370) at cairo-default-context.c:1048 #22 0x00007ffff053e925 in cairo_fill (cr=0x157c370) at cairo.c:2201 #23 0x00007ffff3c9d3f6 in WebCore::fillRectWithColor (cr=0x157c370, rect=..., color=...) at ../../Source/WebCore/platform/graphics/cairo/GraphicsContextCairo.cpp:78 #24 0x00007ffff3c9dd61 in WebCore::GraphicsContext::drawRect (this=0x7fffffffc1b0, rect=...) at ../../Source/WebCore/platform/graphics/cairo/GraphicsContextCairo.cpp:243 #25 0x00007ffff468fdba in WebCore::RenderBoxModelObject::drawBoxSideFromPath (this=0x104a448, graphicsContext=0x7fffffffc1b0, borderRect=..., borderPath=..., edges=0x7fffffff9d90, thickness=5, drawThickness=5, side=WebCore::BSRight, style=0x2631220, color=..., borderStyle=WebCore::SOLID, bleedAvoidance=WebCore::BackgroundBleedBackgroundOverBorder, includeLogicalLeftEdge=true, includeLogicalRightEdge=true) at ../../Source/WebCore/rendering/RenderBoxModelObject.cpp:2261 #26 0x00007ffff468d81a in WebCore::RenderBoxModelObject::paintOneBorderSide (this=0x104a448, graphicsContext=0x7fffffffc1b0, style=0x2631220, outerBorder=..., innerBorder=..., sideRect=..., side=WebCore::BSRight, adjacentSide1=WebCore::BSTop, adjacentSide2=WebCore::BSBottom, edges=0x7fffffff9d90, path=0x7fffffff9bb0, bleedAvoidance=WebCore::BackgroundBleedBackgroundOverBorder, includeLogicalLeftEdge=true, includeLogicalRightEdge=true, antialias=true, overrideColor=0x0) at ../../Source/WebCore/rendering/RenderBoxModelObject.cpp:1819 #27 0x00007ffff468e39e in WebCore::RenderBoxModelObject::paintBorderSides (this=0x104a448, graphicsContext=0x7fffffffc1b0, style=0x2631220, outerBorder=..., innerBorder=..., innerBorderAdjustment=..., edges=0x7fffffff9d90, edgeSet=15, bleedAvoidance=WebCore::BackgroundBleedBackgroundOverBorder, includeLogicalLeftEdge=true, includeLogicalRightEdge=true, antialias=true, overrideColor=0x0) at ../../Source/WebCore/rendering/RenderBoxModelObject.cpp:1902 #28 0x00007ffff468f3a9 in WebCore::RenderBoxModelObject::paintBorder (this=0x104a448, info=..., rect=..., style=0x2631220, bleedAvoidance=WebCore::BackgroundBleedBackgroundOverBorder, includeLogicalLeftEdge=true, includeLogicalRightEdge=true) at ../../Source/WebCore/rendering/RenderBoxModelObject.cpp:2109 #29 0x00007ffff4669760 in WebCore::RenderBox::paintBoxDecorations (this=0x104a448, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderBox.cpp:1192 #30 0x00007ffff460893c in WebCore::RenderBlock::paintObject (this=0x104a448, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderBlock.cpp:3299 #31 0x00007ffff46067ed in WebCore::RenderBlock::paint (this=0x104a448, paintInfo=..., paintOffset=...) at ../../Source/WebCore/rendering/RenderBlock.cpp:3019 #32 0x00007ffff4708c3f in WebCore::RenderLayer::paintBackgroundForFragments (this=0x1004a98, layerFragments=WTF::Vector of length 1, capacity 1 = {...}, context=0x7fffffffc1b0, transparencyLayerContext=0x7fffffffc1b0, transparencyPaintDirtyRect=..., haveTransparency=false, localPaintingInfo=..., paintBehavior=0, subtreePaintRootForRenderer=0x0) at ../../Source/WebCore/rendering/RenderLayer.cpp:4118 ---Type <return> to continue, or q <return> to quit--- #33 0x00007ffff4707932 in WebCore::RenderLayer::paintLayerContents (this=0x1004a98, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3875 #34 0x00007ffff4706f6e in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x1004a98, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3649 #35 0x00007ffff4707ec3 in WebCore::RenderLayer::paintLayerByApplyingTransform (this=0x1004a98, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224, translationOffset=...) at ../../Source/WebCore/rendering/RenderLayer.cpp:3951 #36 0x00007ffff4706dfe in WebCore::RenderLayer::paintLayer (this=0x1004a98, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3622 #37 0x00007ffff4707f97 in WebCore::RenderLayer::paintList (this=0x1055cf8, list=0xb09e60, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3971 #38 0x00007ffff4707a9e in WebCore::RenderLayer::paintLayerContents (this=0x1055cf8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3896 #39 0x00007ffff4706f6e in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x1055cf8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3649 #40 0x00007ffff4706e70 in WebCore::RenderLayer::paintLayer (this=0x1055cf8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3631 #41 0x00007ffff4707f97 in WebCore::RenderLayer::paintList (this=0x1031c48, list=0xbd2290, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3971 #42 0x00007ffff4707a9e in WebCore::RenderLayer::paintLayerContents (this=0x1031c48, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3896 #43 0x00007ffff4706f6e in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x1031c48, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3649 #44 0x00007ffff4706e70 in WebCore::RenderLayer::paintLayer (this=0x1031c48, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3631 #45 0x00007ffff4707f97 in WebCore::RenderLayer::paintList (this=0x10450b8, list=0xb18560, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3971 #46 0x00007ffff4707a9e in WebCore::RenderLayer::paintLayerContents (this=0x10450b8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3896 #47 0x00007ffff4706f6e in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x10450b8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3649 #48 0x00007ffff4706e70 in WebCore::RenderLayer::paintLayer (this=0x10450b8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3631 #49 0x00007ffff4707f97 in WebCore::RenderLayer::paintList (this=0x10457f8, list=0x146f050, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3971 #50 0x00007ffff4707a9e in WebCore::RenderLayer::paintLayerContents (this=0x10457f8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3896 #51 0x00007ffff4706f6e in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x10457f8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3649 #52 0x00007ffff4706e70 in WebCore::RenderLayer::paintLayer (this=0x10457f8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3631 #53 0x00007ffff4707f97 in WebCore::RenderLayer::paintList (this=0x99fd38, list=0xadabb0, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3971 #54 0x00007ffff4707a9e in WebCore::RenderLayer::paintLayerContents (this=0x99fd38, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3896 #55 0x00007ffff4706f6e in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x99fd38, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3649 #56 0x00007ffff4706e70 in WebCore::RenderLayer::paintLayer (this=0x99fd38, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3631 #57 0x00007ffff4707f97 in WebCore::RenderLayer::paintList (this=0x8796b8, list=0xb05110, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3971 #58 0x00007ffff4707a9e in WebCore::RenderLayer::paintLayerContents (this=0x8796b8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=224) at ../../Source/WebCore/rendering/RenderLayer.cpp:3896 #59 0x00007ffff4706f6e in WebCore::RenderLayer::paintLayerContentsAndReflection (this=0x8796b8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3649 #60 0x00007ffff4706e70 in WebCore::RenderLayer::paintLayer (this=0x8796b8, context=0x7fffffffc1b0, paintingInfo=..., paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3631 #61 0x00007ffff47061d1 in WebCore::RenderLayer::paint (this=0x8796b8, context=0x7fffffffc1b0, damageRect=..., paintBehavior=0, subtreePaintRoot=0x0, region=0x0, paintFlags=0) at ../../Source/WebCore/rendering/RenderLayer.cpp:3441 #62 0x00007ffff4558b56 in WebCore::FrameView::paintContents (this=0x84ca00, p=0x7fffffffc1b0, rect=...) at ../../Source/WebCore/page/FrameView.cpp:3564 #63 0x00007ffff4cb2145 in WebCore::ScrollView::paint (this=0x84ca00, context=0x7fffffffc1b0, rect=...) at ../../Source/WebCore/platform/ScrollView.cpp:1102 #64 0x00007ffff3b0079b in WebKit::paintWebView (webView=0x812040, frame=0x83cb00, dirtyRegion=...) at ../../Source/WebKit/gtk/WebCoreSupport/ChromeClientGtk.cpp:562 #65 0x00007ffff3b00b15 in WebKit::ChromeClient::paint (this=0x815400) at ../../Source/WebKit/gtk/WebCoreSupport/ChromeClientGtk.cpp:605 #66 0x00007ffff3b09229 in WebCore::Timer<WebKit::ChromeClient>::fired (this=0x815470) at ../../Source/WebCore/platform/Timer.h:114 #67 0x00007ffff3c980ad in WebCore::ThreadTimers::sharedTimerFiredInternal (this=0x84c9b0) at ../../Source/WebCore/platform/ThreadTimers.cpp:129 #68 0x00007ffff3c97f9d in WebCore::ThreadTimers::sharedTimerFired () at ../../Source/WebCore/platform/ThreadTimers.cpp:105 #69 0x00007ffff3cb4853 in WebCore::timeout_cb () at ../../Source/WebCore/platform/gtk/SharedTimerGtk.cpp:49 #70 0x00007fffee2db4c3 in g_timeout_dispatch (source=source@entry=0x1bf57b0, callback=<optimized out>, user_data=<optimized out>) at gmain.c:4413 #71 0x00007fffee2da966 in g_main_dispatch (context=0x63e660) at gmain.c:3054 #72 g_main_context_dispatch (context=context@entry=0x63e660) at gmain.c:3630 #73 0x00007fffee2dacb8 in g_main_context_iterate (context=0x63e660, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3701 #74 0x00007fffee2db0ba in g_main_loop_run (loop=0x90f700) at gmain.c:3895 #75 0x00007ffff16d099d in gtk_main () at gtkmain.c:1163 #76 0x0000000000405a89 in main (argc=1, argv=0x7fffffffc918) at ../../Tools/GtkLauncher/main.c:553 (gdb)

IMHO, a bug in Cairo should be reported and this bug blocked with it or closed.

Using a GTK+3 WebKitGTK+ browser (liferea 1.10) it turned out the problem is not limited to GTK+2 (WebKit1), but also happens with GTK+3 WebKit1 (but not with WebKit2).

This bug can also be reproduced with 2.0.4 (Debian 2.0.4-5 tested).

(In reply to comment #2) > IMHO, a bug in Cairo should be reported and this bug blocked with it or closed. I've opened https://bugs.freedesktop.org/show_bug.cgi?id=72244 Let's wait for the feedback from there.

Andres was right that this was a cairo issue. This is fixed in cairo by: http://cgit.freedesktop.org/cairo/commit/?id=13a09526d2120c244471e03b6ae979016ef88e83 http://cgit.freedesktop.org/cairo/commit/?id=a5f51588afd9d5629b03297eb29ff46350b6ba50