Closed
Bug 357254
Opened 18 years ago
Closed 18 years ago
Crash in _moz_cairo_image_surface_get_stride
Categories
(Core :: SVG, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 349837
People
(Reporter: robin, Unassigned)
References
Details
(Keywords: crash, testcase)
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en) AppleWebKit/418 (KHTML, like Gecko) Safari/417.9.2
Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.9a1) Gecko/20061018 Minefield/3.0a1
Thread 0 Crashed:
0 _moz_cairo_image_surface_get_stride + 264
1 _cairo_surface_clone_similar + 54
2 _cairo_clip_init_deep_copy + 107
3 _cairo_gstate_redirect_target + 109
4 _moz_cairo_push_group_with_content + 267
5 _moz_cairo_push_group + 25
6 nsSVGUtils::PaintChildWithEffects(nsISVGRendererCanvas*, nsRect*, nsIFrame*) + 655
7 nsSVGContainerFrame::GetCoordContextProvider() + 192
8 nsSVGUtils::PaintChildWithEffects(nsISVGRendererCanvas*, nsRect*, nsIFrame*) + 842
9 nsSVGContainerFrame::GetCoordContextProvider() + 192
Reproducible: Always
Steps to Reproduce:
I might try and produce a test case, currently I can't release the code that it crashes on. The line that causes it to crash sets the opacity attribute.
Reporter | ||
Comment 1•18 years ago
|
||
A few more details:
- it blows up when trying to set opacity on a use element. The code is like this:
left.setAttributeNS(null, 'opacity', '0.5');
and the SVG is:
<use xlink:href='#flickerArrowLeft' fill='#fff' stroke='#fff' x='8' y='58' width='21' height='24'/>
- setting other properties, include fill-opacity and stroke-opacity works fine
- it crashes bad enough that it then takes down other applications. Which other application changes between reboots but is consistent otherwise. The other apps crash with:
EXC_BAD_ACCESS (0x0001)
KERN_INVALID_ADDRESS (0x0001) at 0x74632338
Thread 0 Crashed:
0 -[NDProcess(ProcessInfoRec) path] + 43
Comment 3•18 years ago
|
||
(In reply to comment #2)
> Probably this:
>
> http://lists.freedesktop.org/archives/cairo/2006-August/007698.html
Yes, almost certainly. And that bug is fixed in upstream cairo now. See:
http://gitweb.freedesktop.org/?p=cairo;a=commit;h=b1944e1672ee6faa034dba4d8cf730886c35e848
-Carl
Comment 4•18 years ago
|
||
So what's the procedure for fixing something like this in Mozilla? I guess this gets in the way of developing SVG in Mozilla trunk quite a lot, so can we apply this patch to our version of cairo? Or do we have to wait for our next update?
Status: UNCONFIRMED → NEW
Ever confirmed: true
*** Bug 357477 has been marked as a duplicate of this bug. ***
Comment 6•18 years ago
|
||
Vlad, can we update cairo on trunk again soon, or backport the patch for this crash? This blocks my testing of SVG and apparently also blocks some SVG development.
Flags: blocking1.9?
Keywords: testcase
Sure, I'll sync us up next week.
Comment 8•18 years ago
|
||
Vlad, did you sync cairo since your last comment here? The testcase in
bug 357477 still crashes for me.
Not yet; I probably won't before the alpha, but I will check in the one patch that fixes this bit.
*** This bug has been marked as a duplicate of 349837 ***
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•