<html>
    <head>
      <base href="https://bugs.freedesktop.org/">
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - evince abrt on a double free in cairo_truetype_font_destroy"
   href="https://bugs.freedesktop.org/show_bug.cgi?id=102922">102922</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>evince abrt on a double free in cairo_truetype_font_destroy
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>cairo
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>unspecified
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>Other
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>normal
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>medium
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>pdf backend
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>ajohnson@redneon.com
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>seb128@ubuntu.com
          </td>
        </tr>

        <tr>
          <th>QA Contact</th>
          <td>cairo-bugs@cairographics.org
          </td>
        </tr></table>
      <p>
        <div>
        <pre>Using cairo 1.14.10 on Ubuntu, evince sibabrt when printing a document (which I
got from the submitter but don't share here since it includes private info)

Backtrace

#0  0x00007f8d67db80bb in __GI_raise (sig=sig@entry=6)
    at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x00007f8d67db9f5d in __GI_abort () at abort.c:90
#2  0x00007f8d67e0229d in __libc_message (action=action@entry=
    do_abort, fmt=fmt@entry=0x7f8d67f29408 "*** Error in `%s': %s: 0x%s ***\n")
    at ../sysdeps/posix/libc_fatal.c:181
#3  0x00007f8d67e0965a in malloc_printerr (action=<optimised out>,
str=0x7f8d67f29740 "double free or corruption (!prev)", ptr=<optimised out>,
ar_ptr=<optimised out>) at malloc.c:5423
#4  0x00007f8d67e0b74e in _int_free (av=0x7f8d6815bc20 <main_arena>,
p=<optimised out>, have_lock=0) at malloc.c:4172
#5  0x00007f8d67e1040e in __GI___libc_free (mem=<optimised out>)
    at malloc.c:3142
#6  0x00007f8d6928621c in cairo_truetype_font_destroy
(font=font@entry=0x556abc58ce30) at ../../../../src/cairo-truetype-subset.c:292
#7  0x00007f8d692881df in cairo_truetype_subset_init_internal
(truetype_subset=truetype_subset@entry=0x7ffe160e3490,
font_subset=font_subset@entry=0x7ffe160e3600, is_pdf=is_pdf@entry=1) at
../../../../src/cairo-truetype-subset.c:1226
#8  0x00007f8d69288b4a in _cairo_truetype_subset_init_pdf
(truetype_subset=truetype_subset@entry=0x7ffe160e3490,
font_subset=font_subset@entry=0x7ffe160e3600)
    at ../../../../src/cairo-truetype-subset.c:1242
#9  0x00007f8d692c637b in _cairo_pdf_surface_emit_truetype_font_subset
(font_subset=0x7ffe160e3600, surface=0x556abcd1f5c0)
    at ../../../../src/cairo-pdf-surface.c:5436
#10 0x00007f8d692c637b in _cairo_pdf_surface_emit_unscaled_font_subset
(font_subset=0x7ffe160e3600, closure=0x556abcd1f5c0)
    at ../../../../src/cairo-pdf-surface.c:5910
#11 0x00007f8d69284ce1 in _cairo_sub_font_collect (closure=0x7ffe160e35b0,
entry=0x556abcb6d150) at ../../../../src/cairo-scaled-font-subsets.c:746
#12 0x00007f8d69284ce1 in _cairo_scaled_font_subsets_foreach_internal
(font_subsets=<optimised out>,
font_subset_callback=font_subset_callback@entry=0x7f8d692c6290
<_cairo_pdf_surface_emit_unscaled_font_subset>,
closure=closure@entry=0x556abcd1f5c0,
type=type@entry=CAIRO_SUBSETS_FOREACH_UNSCALED)
    at ../../../../src/cairo-scaled-font-subsets.c:1067
#13 0x00007f8d69285c77 in _cairo_scaled_font_subsets_foreach_unscaled
(font_subsets=<optimised out>,
font_subset_callback=font_subset_callback@entry=0x7f8d692c6290
<_cairo_pdf_surface_emit_unscaled_font_subset>,
closure=closure@entry=0x556abcd1f5c0) at
../../../../src/cairo-scaled-font-subsets.c:1095
#14 0x00007f8d692c20d8 in _cairo_pdf_surface_emit_font_subsets
(surface=0x556abcd1f5c0) at ../../../../src/cairo-pdf-surface.c:5956
#15 0x00007f8d692c20d8 in _cairo_pdf_surface_finish
(abstract_surface=0x556abcd1f5c0) at ../../../../src/cairo-pdf-surface.c:2031
#16 0x00007f8d69268ec6 in _cairo_surface_finish (surface=0x556abcd1f5c0)
    at ../../../../src/cairo-surface.c:1033
#17 0x00007f8d69269ad7 in INT_cairo_surface_finish (surface=0x556abcd1f5c0)
    at ../../../../src/cairo-surface.c:1080
#18 0x00007f8d6923dc8f in _cairo_paginated_surface_finish
(abstract_surface=0x556abcd189b0) at
../../../../src/cairo-paginated-surface.c:213
#19 0x00007f8d69268ec6 in _cairo_surface_finish (surface=0x556abcd189b0)
    at ../../../../src/cairo-surface.c:1033
#20 0x00007f8d69269ad7 in INT_cairo_surface_finish (surface=0x556abcd189b0)
    at ../../../../src/cairo-surface.c:1080
#21 0x00007f8d6a458b17 in unix_end_run (op=0x556abc2d5430, wait=0, cancelled=0)
    at ././gtk/gtkprintoperation-unix.c:373
#22 0x00007f8d6a32a5f8 in print_pages_idle (user_data=0x556abcd048c0)
    at ././gtk/gtkprintoperation.c:2935
#23 0x00007f8d69dc7b90 in gdk_threads_dispatch (data=0x556abc48fa00)
    at ././gdk/gdk.c:743</pre>
        </div>
      </p>


      <hr>
      <span>You are receiving this mail because:</span>

      <ul>
          <li>You are the QA Contact for the bug.</li>
      </ul>
    </body>
</html>