349837 - cairo crash [@ _cairo_clip_init_deep_copy()]

Status: RESOLVED FIXED

(Core :: Graphics, defect)

Description

[Alex Fritze]

I'm experiencing a crash in _cairo_clip_init_deep_copy() in a xulrunner app that draws SVG onto a custom widget. I don't have a simple testcase unfortunately.

The problem is that _cairo_clip_init_deep_copy() tries to copy the wrong surface (clip->surface is null):

Index: cairo-clip.c
===================================================================
--- cairo-clip.c        (revision 13297)
+++ cairo-clip.c        (working copy)
@@ -525,7 +525,7 @@
         }

         if (other->surface) {
-            _cairo_surface_clone_similar (target, clip->surface, &clip->surface);
+            _cairo_surface_clone_similar (target, other->surface, &clip->surface);
             clip->surface_rect = other->surface_rect;
         }

Comment 1

[Adam Guthrie]

Hrm... maybe this should be filed upstream?

Comment 2

[Stuart Parmenter]

please file this upstream. bugzilla.freedesktop.org

Comment 3

[Vladimir Vukicevic [:vlad] [:vladv] (needinfo me, slow to respond)]

Er, no idea why this was closed as invalid, because it's still a valid crash.

Comment 4

[Vladimir Vukicevic [:vlad] [:vladv] (needinfo me, slow to respond)]

Attachment: cairo crash fix

Patch from upstream-ish; we'll take this as a band-aid before we upgrade our cairo to the trunk.

Comment 5

[Vladimir Vukicevic [:vlad] [:vladv] (needinfo me, slow to respond)]

*** Bug 357254 has been marked as a duplicate of this bug. ***

Comment 6

[Vladimir Vukicevic [:vlad] [:vladv] (needinfo me, slow to respond)]

Checked in.