Arch Linux

Description:
librsvg 2.41.0 in [testing] makes ibus-chewing unusable. During the startup, ibus-chewing tries to load its SVG icon to the notification area. librsvg 2.40.16 can render it correctly, while 2.41.0 just crashes with SIGSEGV.

Upstream report: https://bugzilla.gnome.org/show_bug.cgi?id=776947

Additional info:
librsvg 2:2.41.0-1
ibus-chewing 1.5.1-1

Steps to reproduce:
1. gdb /usr/lib/ibus/ibus-engine-chewing
2. ibus-daemon -r -v
3. Switch to ibus-chewing (Chinese - Chewing in ibus status icon)

Now ibus-engine-chewing crashes with a probability of ~80%.

Thread 1 "ibus-engine-che" received signal SIGSEGV, Segmentation fault.
0x00007fffe68da59b in rsvg_internals::length::RsvgLength::normalize::h5c9c1794f7b06aba ()
from /usr/lib/librsvg-2.so.2
(gdb) bt
#0 0x00007fffe68da59b in rsvg_internals::length::RsvgLength::normalize::h5c9c1794f7b06aba ()
at /usr/lib/librsvg-2.so.2
#1 0x00007fffe68be373 in get_light_direction (source=source@entry=0x75ae80, x1=x1@entry=0, y1=y1@entry=0, z=z@entry=0, affine=affine@entry=0x7ffffffecd20, ctx=0x7490d0) at rsvg-filter.c:4321
#2 0x00007fffe68c4fe4 in rsvg_filter_primitive_diffuse_lighting_render (self=0x754ff0, ctx=0x751170)
at rsvg-filter.c:4537
#3 0x00007fffe68bfb95 in rsvg_filter_primitive_render (ctx=0x751170, self=0x754ff0) at rsvg-filter.c:149
#4 0x00007fffe68bfb95 in render_child_if_filter_primitive (node=0x754ff0, data=0x751170) at rsvg-filter.c:553
#5 0x00007fffe68d00ea in rsvg_node_foreach_child (node=node@entry=0x751c20, fn=fn@entry=0x7fffe68bfb70 <render_child_if_filter_primitive>, data=data@entry=0x751170) at rsvg-base.c:466
#6 0x00007fffe68c5b20 in rsvg_filter_render (self=self@entry=0x751c20, source=source@entry=0x750fe0, context=context@entry=0x7490d0, bounds=bounds@entry=0x765488, channelmap=channelmap@entry=0x7fffe694dfc3 "2103")
at rsvg-filter.c:599
#7 0x00007fffe68d40fb in rsvg_cairo_pop_render_stack (ctx=0x7490d0) at rsvg-cairo-draw.c:872
#8 0x00007fffe68d40fb in rsvg_cairo_pop_discrete_layer (ctx=ctx@entry=0x7490d0) at rsvg-cairo-draw.c:927
#9 0x00007fffe68d4b33 in rsvg_cairo_render_path_builder (ctx=0x7490d0, builder=<optimized out>)
at rsvg-cairo-draw.c:574
#10 0x00007fffe68c81b6 in _rsvg_node_rect_draw (self=0x76d370, ctx=0x7490d0, dominate=0) at rsvg-shapes.c:460
#11 0x00007fffe68c9568 in rsvg_node_draw (self=0x76d370, ctx=0x7490d0, dominate=dominate@entry=0)
at rsvg-structure.c:56
#12 0x00007fffe68c958b in draw_child (node=<optimized out>, data=<optimized out>) at rsvg-structure.c:71
#13 0x00007fffe68d00ea in rsvg_node_foreach_child (node=node@entry=0x75e660, fn=fn@entry=0x7fffe68c9580 <draw_child>, data=data@entry=0x7490d0) at rsvg-base.c:466
#14 0x00007fffe68c9286 in rsvg_node_svg_draw (self=0x75e660, ctx=0x7490d0, dominate=<optimized out>)
at rsvg-structure.c:319
---Type <return> to continue, or q <return> to quit---
#15 0x00007fffe68c9568 in rsvg_node_draw (self=0x75e660, ctx=ctx@entry=0x7490d0, dominate=dominate@entry=0)
at rsvg-structure.c:56
#16 0x00007fffe68d576b in rsvg_handle_render_cairo_sub (handle=handle@entry=0x6c05a0, cr=cr@entry=0x767410, id=id@entry=0x0) at rsvg-cairo-render.c:230
#17 0x00007fffe68d5c5f in rsvg_handle_get_pixbuf_sub (handle=0x6c05a0, id=id@entry=0x0) at rsvg.c:90
#18 0x00007fffe68d5ce7 in rsvg_handle_get_pixbuf (handle=<optimized out>) at rsvg.c:119
#19 0x00007fffe6b9ce30 in gdk_pixbuf__svg_image_stop_load (data=0x75bbd0, error=0x0) at io-svg.c:159
#20 0x00007ffff42d3362 in () at /usr/lib/libgdk_pixbuf-2.0.so.0
#21 0x00007ffff42d5092 in gdk_pixbuf_new_from_file () at /usr/lib/libgdk_pixbuf-2.0.so.0
#22 0x00007ffff6bb9657 in gtk_status_icon_set_from_file () at /usr/lib/libgtk-x11-2.0.so.0
#23 0x0000000000413674 in ibus_chewing_systray_icon_new (defaultValue=defaultValue@entry=1, leftClickFunc=leftClickFunc@entry=0x413980 <ibus_chewing_systray_chi_eng_toggle_callback>, leftClickData=leftClickData@entry=0x6c90f0, rightClickFunc=rightClickFunc@entry=0x4139b0 <ibus_chewing_systray_full_half_toggle_callback>, rightClickData=rightClickData@entry=0x6c90f0) at /home/yen/tmp/ibus-chewing/src/ibus-chewing/src/IBusChewingSystray.c:55
#24 0x0000000000413864 in ibus_chewing_systray_chi_eng_icon_new (iEngine=iEngine@entry=0x6c90f0)
at /home/yen/tmp/ibus-chewing/src/ibus-chewing/src/IBusChewingSystray.c:143
#25 0x0000000000413910 in ibus_chewing_systray_chi_eng_icon_create_or_hide (iEngine=iEngine@entry=0x6c90f0)
at /home/yen/tmp/ibus-chewing/src/ibus-chewing/src/IBusChewingSystray.c:173
#26 0x00000000004107db in ibus_chewing_engine_refresh_property (self=0x6c90f0, prop_name=0x415d32 "InputMode")
at /home/yen/tmp/ibus-chewing/src/ibus-chewing/src/IBusChewingEngine.gob:386
#27 0x0000000000410e09 in ibus_chewing_engine_start (self=0x6c90f0)
at /home/yen/tmp/ibus-chewing/src/ibus-chewing/src/IBusChewingEngine-signal.c:28
#28 0x000000000041158b in ibus_chewing_engine_focus_in (self=0x6c90f0)
at /home/yen/tmp/ibus-chewing/src/ibus-chewing/src/IBusChewingEngine-signal.c:76
#29 0x00007ffff7376f75 in g_closure_invoke () at /usr/lib/libgobject-2.0.so.0
---Type <return> to continue, or q <return> to quit---
#30 0x00007ffff738937d in () at /usr/lib/libgobject-2.0.so.0
#31 0x00007ffff7391bcc in g_signal_emit_valist () at /usr/lib/libgobject-2.0.so.0
#32 0x00007ffff7391faf in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#33 0x00007ffff79648c7 in () at /usr/lib/libibus-1.0.so.5
#34 0x00007ffff7674c6c in () at /usr/lib/libgio-2.0.so.0
#35 0x00007ffff709e43a in g_main_context_dispatch () at /usr/lib/libglib-2.0.so.0
#36 0x00007ffff709e7f0 in () at /usr/lib/libglib-2.0.so.0
#37 0x00007ffff709eb12 in g_main_loop_run () at /usr/lib/libglib-2.0.so.0
#38 0x00007ffff7960a4c in ibus_main () at /usr/lib/libibus-1.0.so.5
#39 0x000000000040aa01 in start_component () at /home/yen/tmp/ibus-chewing/src/ibus-chewing/src/main.c:122
#40 0x000000000040aa01 in main (argc=<optimized out>, argv=<optimized out>)
at /home/yen/tmp/ibus-chewing/src/ibus-chewing/src/main.c:195