[cairo] Clipping bogosity
Chris Wilson
chris at chris-wilson.co.uk
Wed Apr 16 11:57:36 PDT 2008
On Wed, 2008-04-16 at 13:51 -0400, Behdad Esfahbod wrote:
> I'm not really qualified to comment on the meat of the patch, but I
> don't like the repeated dupped code in error paths. Just do the goto
> thing...
Hmm, that isn't the worst of it. Digging deeper into
_cairo_meta_surface_replay_internal() shows that we set the target->clip
to point to an on-stack cairo_clip_t but do not reset the original clip
before leaving the function (and the cairo_clip_t going out of scope).
So I can make the problem disappear just by moving the
cairo_surface_(get|set)_clip() into the replay function. (Which means
that the code in pdf/ps to save/restore the clip becomes redundant and
can be safely deleted.)
However, I haven't yet worked out the circumstances where the call to
_cairo_surface_get_clip() inside _cairo_pdf_surface_emit_meta_surface()
could receive an invalid pointer. So I'm trying hard to reproduce the
original bug with a simple test case to understand just how and why this
blows up.
--
Chris Wilson
More information about the cairo
mailing list