Bug#598166: http://code.google.com/webfonts crashes Iceweasel inside libpangoft2-1.0.so.0

Zack Weinberg zackw at panix.com
Mon Sep 27 03:15:20 UTC 2010 

Package: libpango1.0-0
Version: 1.28.1-1
Severity: important

Attempting to load http://code.google.com/webfonts in Iceweasel (3.6.10
from experimental) causes a crash deep inside libpango:

Program received signal SIGFPE, Arithmetic exception.
(gdb) bt
#0  0x00007ffff185abf8 in _hb_sanitize_array (this=0x7fffcd1225bc, context=0x7ffffffebf70)
    at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-open-type-private.hh:213
#1  sanitize (this=0x7fffcd1225bc, context=0x7ffffffebf70) at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-ot-layout-gpos-private.hh:711
#2  PairPos::sanitize (this=0x7fffcd1225bc, context=0x7ffffffebf70)
    at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-ot-layout-gpos-private.hh:765
#3  0x00007ffff185d45c in sanitize (this=<value optimized out>, context=0x7ffffffebf70)
    at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-open-type-private.hh:479
#4  sanitize (this=<value optimized out>, context=0x7ffffffebf70) at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-open-type-private.hh:550
#5  sanitize (this=<value optimized out>, context=0x7ffffffebf70)
    at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-ot-layout-gpos-private.hh:1538
#6  sanitize (this=<value optimized out>, context=0x7ffffffebf70) at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-open-type-private.hh:465
#7  sanitize (this=<value optimized out>, context=0x7ffffffebf70) at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-open-type-private.hh:532
#8  sanitize (this=<value optimized out>, context=0x7ffffffebf70) at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-open-type-private.hh:591
#9  sanitize (this=<value optimized out>, context=0x7ffffffebf70) at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-open-type-private.hh:465
#10 GPOS::sanitize (this=<value optimized out>, context=0x7ffffffebf70)
    at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-ot-layout-gpos-private.hh:1569
#11 0x00007ffff18535be in sanitize (face=0x7fffdfb66800) at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-open-type-private.hh:279
#12 _hb_ot_layout_init (face=0x7fffdfb66800) at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-ot-layout.cc:55
#13 0x00007ffff184fb6c in hb_face_create_for_data (blob=<value optimized out>, index=<value optimized out>)
    at /tmp/buildd/pango1.0-1.28.1/pango/opentype/hb-font.cc:182
#14 0x00007ffff184ccee in pango_ot_info_get (face=0x7fffcd4a4000) at /tmp/buildd/pango1.0-1.28.1/pango/pango-ot-info.c:154
#15 0x00007fffe19f4566 in basic_engine_shape (engine=<value optimized out>, font=<value optimized out>, text=0x7ffffffec353 "Philosopher", 
    length=<value optimized out>, analysis=0x7fffd316a850, glyphs=<value optimized out>)
    at /tmp/buildd/pango1.0-1.28.1/modules/basic/basic-fc.c:209
#16 0x00007ffff161f43a in pango_shape (text=0x7ffffffec353 "Philosopher", length=11, analysis=0x7fffd316a850, glyphs=0x7fffd220f960)
    at /tmp/buildd/pango1.0-1.28.1/pango/shape.c:55
#17 0x00007ffff64f6a4e in gfxPangoFontGroup::CreateGlyphRunsItemizing (this=0x7fffcd502160, aTextRun=0x7fffeacc1440, 
    aUTF8=<value optimized out>, aUTF8Length=<value optimized out>, aUTF8HeaderLen=<value optimized out>)
    at ../../../../gfx/thebes/src/gfxPangoFonts.cpp:3088
#18 0x00007ffff64f782f in gfxPangoFontGroup::MakeTextRun (this=0x7fffcd502160, aString=0x7ffffffec950 "Philosopher", 
    aLength=<value optimized out>, aParams=<value optimized out>, aFlags=<value optimized out>)
    at ../../../../gfx/thebes/src/gfxPangoFonts.cpp:2373
[many more stack frames from iceweasel]




-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.35-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libpango1.0-0 depends on:
ii  libc6                   2.11.2-6         Embedded GNU C Library: Shared lib
ii  libcairo2               1.8.10-6         The Cairo 2D vector graphics libra
ii  libfontconfig1          2.8.0-2.1        generic font configuration library
ii  libfreetype6            2.4.2-2          FreeType 2 font engine, shared lib
ii  libglib2.0-0            2.24.2-1         The GLib library of C routines
ii  libpango1.0-common      1.28.1-1         Modules and configuration files fo
ii  libthai0                0.1.14-2         Thai language support library
ii  libx11-6                2:1.3.3-3        X11 client-side library
ii  libxft2                 2.1.14-2         FreeType-based font drawing librar
ii  libxrender1             1:0.9.6-1        X Rendering Extension client libra
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

libpango1.0-0 recommends no packages.

libpango1.0-0 suggests no packages.

-- no debconf information

More information about the pkg-gnome-maintainers mailing list