Closed Bug 357254 Opened 18 years ago Closed 18 years ago

Crash in _moz_cairo_image_surface_get_stride

Categories

(Core :: SVG, defect)

Product:
Core
Component:
SVG
Platform:
PowerPC
macOS
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 349837

People

(Reporter: robin, Unassigned)

References

Details

(Keywords: crash, testcase)

User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en) AppleWebKit/418 (KHTML, like Gecko) Safari/417.9.2 Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.9a1) Gecko/20061018 Minefield/3.0a1 Thread 0 Crashed: 0 _moz_cairo_image_surface_get_stride + 264 1 _cairo_surface_clone_similar + 54 2 _cairo_clip_init_deep_copy + 107 3 _cairo_gstate_redirect_target + 109 4 _moz_cairo_push_group_with_content + 267 5 _moz_cairo_push_group + 25 6 nsSVGUtils::PaintChildWithEffects(nsISVGRendererCanvas*, nsRect*, nsIFrame*) + 655 7 nsSVGContainerFrame::GetCoordContextProvider() + 192 8 nsSVGUtils::PaintChildWithEffects(nsISVGRendererCanvas*, nsRect*, nsIFrame*) + 842 9 nsSVGContainerFrame::GetCoordContextProvider() + 192 Reproducible: Always Steps to Reproduce: I might try and produce a test case, currently I can't release the code that it crashes on. The line that causes it to crash sets the opacity attribute.
Keywords: crash
A few more details: - it blows up when trying to set opacity on a use element. The code is like this: left.setAttributeNS(null, 'opacity', '0.5'); and the SVG is: <use xlink:href='#flickerArrowLeft' fill='#fff' stroke='#fff' x='8' y='58' width='21' height='24'/> - setting other properties, include fill-opacity and stroke-opacity works fine - it crashes bad enough that it then takes down other applications. Which other application changes between reboots but is consistent otherwise. The other apps crash with: EXC_BAD_ACCESS (0x0001) KERN_INVALID_ADDRESS (0x0001) at 0x74632338 Thread 0 Crashed: 0 -[NDProcess(ProcessInfoRec) path] + 43
(In reply to comment #2) > Probably this: > > http://lists.freedesktop.org/archives/cairo/2006-August/007698.html Yes, almost certainly. And that bug is fixed in upstream cairo now. See: http://gitweb.freedesktop.org/?p=cairo;a=commit;h=b1944e1672ee6faa034dba4d8cf730886c35e848 -Carl
So what's the procedure for fixing something like this in Mozilla? I guess this gets in the way of developing SVG in Mozilla trunk quite a lot, so can we apply this patch to our version of cairo? Or do we have to wait for our next update?
Status: UNCONFIRMED → NEW
Ever confirmed: true
*** Bug 357477 has been marked as a duplicate of this bug. ***
Vlad, can we update cairo on trunk again soon, or backport the patch for this crash? This blocks my testing of SVG and apparently also blocks some SVG development.
Flags: blocking1.9?
Keywords: testcase
Sure, I'll sync us up next week.
Vlad, did you sync cairo since your last comment here? The testcase in bug 357477 still crashes for me.
Not yet; I probably won't before the alpha, but I will check in the one patch that fixes this bit.
*** This bug has been marked as a duplicate of 349837 ***
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
Removing blocking flag on dup of fixed bug.
Flags: blocking1.9?
You need to log in before you can comment on or make changes to this bug.