[cairo] segfault in cairo-xcb-surface-render.c
Chris Wilson
chris at chris-wilson.co.uk
Thu May 1 23:39:01 PDT 2014
On Thu, May 01, 2014 at 07:42:41PM +0000, Bryce W. Harrington wrote:
> On Thu, May 01, 2014 at 01:48:37PM +0200, thorsten wrote:
> > Hello all,
> >
> > when using a Firefox compiled against cairo 1.12.16 I get a segfault
> > when visiting some webpages, eg when scrolling an expose on
> > www.immobilienscout24.de.
> >
> > debugging the problem with gdb led me to line 3125 of
> > cairo-xcb-surface-render.c:
> >
> > _cairo_clip_path_destroy (clip->path);
> >
> > where on that webpage for reasons I don't know clip->path = NULL
> >
> > I changed the line to
> >
> > if (clip->path != NULL) _cairo_clip_path_destroy (clip->path);
> >
> > which fixes the segfault.
> >
> > See patch below:
>
> Hi Thorsten,
>
> The fix seems sane enough, but I am not able to reproduce the bug, using
> cairo 1.12.16 and firefox 29 on the URL you provided. Mind filing a
> bugzilla bug on this with a backtrace, to give a reference for the bug?
The fix is
index 9625953..54307d5 100644
--- a/src/cairo-xcb-surface-render.c
+++ b/src/cairo-xcb-surface-render.c
@@ -3121,6 +3121,9 @@ _clip_and_composite_boxes (cairo_xcb_surface_t *dst,
clip = _cairo_clip_copy (extents->clip);
clip = _cairo_clip_intersect_boxes (clip, boxes);
+ if (_cairo_clip_is_all_clipped (clip))
+ return CAIRO_INT_STATUS_NOTHING_TO_DO;
+
status = _cairo_clip_get_polygon (clip, &polygon,
&fill_rule, &antialias);
_cairo_clip_path_destroy (clip->path);
-Chris
--
Chris Wilson, Intel Open Source Technology Centre
More information about the cairo
mailing list