That bug has been opened on https://launchpad.net/bugs/83744 "Binary package hint: evolution When I select to print a message, Evolution crashes. I just can see the printing dialog to appear. ... " Debug backtrace for the crash: 711 cairo_matrix_transform_point (&gstate->target->device_transform_inverse, x, y); (gdb) bt full #0 0xb75e53bd in _cairo_gstate_backend_to_user (gstate=0x0, x=0xbfc9e508, y=0xbfc9e500) at /build/buildd/libcairo-1.3.12/src/cairo-gstate.c:711 No locals. #1 0xb75ddd38 in *INT_cairo_get_current_point (cr=0x87c7dc0, x_ret=0x85238b8, y_ret=0x85238c0) at /build/buildd/libcairo-1.3.12/src/cairo.c:2828 status = <value optimized out> x_fixed = 31928960 y_fixed = 52340096 x = 487.197265625 y = 798.646484375 #2 0xb7684dab in _pango_cairo_do_glyph_string (cr=0x87c7dc0, font=0x85d2348, glyphs=0x8885120, do_path=0) at /build/buildd/pango1.0-1.15.5/./pango/pangocairo-render.c:482 free_renderer = <value optimized out> crenderer = (PangoCairoRenderer *) 0x8523890 #3 0xb74cc060 in draw_glyphs (painter=0x88021f0, x=5648, y=11280, item=0x879b8a0, glyphs=0x8885120, fg=0x0, bg=0x0) at htmlprinter.c:632 printer = (HTMLPrinter *) 0x88021f0 print_x = 23.515625 print_y = 11.015625 log_rect = {x = 0, y = -11264, width = 439296, height = 14336} properties = {underline = 0, strikethrough = 0, fg_color = 0xb1e5663c, bg_color = 0x0} cr = (cairo_t *) 0x87c7dc0 #4 0xb74c9229 in html_painter_draw_glyphs (painter=0x88021f0, x=5648, y=11280, item=0x879b8a0, glyphs=0x8885120, fg=0x0, bg=0x0) at htmlpainter.c:637 No locals. #5 0xb74e0b2d in draw (o=0x87b6d00, p=0x88021f0, x=-528, y=5104, width=525594, height=799744, tx=5648, ty=16) at htmltextslave.c:789 owner = (HTMLText *) 0xb1e4d8a0 paint = {x = 0, y = 5104, width = 439296, height = 9232} #6 0xb74c4172 in html_object_draw (o=0x87b6d00, p=0x88021f0, x=-528, y=5104, width=525594, height=799744, tx=5648, ty=16) at htmlobject.c:1042 No locals. #7 0xb74911b6 in draw (o=0xb1e4d7c8, p=0x88021f0, x=-528, y=1473520, width=525594, height=799744, tx=5648, ty=-1468400) at htmlclue.c:268 obj = (HTMLObject *) 0x87b6d00 #8 0xb74950f1 in draw (self=0xb1e4d7c8, painter=0x88021f0, x=-528, y=1473520, width=525594, height=799744, tx=5648, ty=-1468400) at htmlclueflow.c:1371 No locals. #9 0xb74c4172 in html_object_draw (o=0xb1e4d7c8, p=0x88021f0, x=-528, y=1473520, width=525594, height=799744, tx=5648, ty=-1468400) at htmlobject.c:1042 No locals. #10 0xb74911b6 in draw (o=0xb1e41300, p=0x88021f0, x=-528, y=1473520, width=525594, height=799744, tx=5648, ty=-1468400) at htmlclue.c:268 obj = (HTMLObject *) 0xb1e4d7c8 ... from gdb on the frame 1: (gdb) p *cr $1 = {ref_count = 1, status = CAIRO_STATUS_INVALID_RESTORE, path = {op_buf_head = 0x886f9f0, op_buf_tail = 0x886f9f0, arg_buf_head = 0x888e598, arg_buf_tail = 0x888e598, last_move_point = {x = 31928960, y = 52340096}, current_point = { x = 31928960, y = 52340096}, has_current_point = 1, has_curve_to = 0}, gstate = 0x0}
(In reply to comment #0) > (gdb) p *cr > $1 = {ref_count = 1, status = CAIRO_STATUS_INVALID_RESTORE, path = {op_buf_head > = 0x886f9f0, op_buf_tail = 0x886f9f0, > arg_buf_head = 0x888e598, arg_buf_tail = 0x888e598, last_move_point = {x = > 31928960, y = 52340096}, current_point = { > x = 31928960, y = 52340096}, has_current_point = 1, has_curve_to = 0}, > gstate = 0x0} This part is very interesting. If you've hit an INVALID_RESTORE case then cairo_t should shut down and you shouldn't be able to get it to do anything after that anymore, (and especially not crash). Could you break on _cairo_error which should show you where the INVALID_RESTORE is first happening, and then step through to see how you're getting from there to the crash? Thanks, -Carl
(In reply to comment #1) > Could you break on _cairo_error which should show you where the INVALID_RESTORE > is first happening, and then step through to see how you're getting from there > to the crash? Oh, never mind. It's clear enough from the existing backtrace already. Any INVALID_RESTORE condition was leaving a NULL gstate and almost any cairo_get_* call would dererference that and trigger the crash. I augmented cairo's test suite to exercise the crash, then I fixed the bug. You can see the commit I just pushed out here: http://gitweb.freedesktop.org/?p=cairo;a=commitdiff;h=6da7f140334835be9a972db75de78d99b8bd24b1 This is currently available in cairo 1.3.15 as made available in git, and will be pushed out very shortly in the cairo 1.4 release. Meanwhile, there's still a bug in evolution somewhere that's leading to the INVALID_RESTORE in the first place, (that is, calling cairo_restore without a matching call to cairo_save). This fix will prevent the crash, and will instead replace it with cairo simply refusing to draw anything after the invalid restore state. So you'll still want to fix that. -Carl
Thank you for fixing the bug Carl. I didn't update the bug with the informations you asked for because the Ubuntu bug submitter didn't reply to that question, he updated the bug to say it works fine for him now though which means the evolution hackers probably also fixed their part of the bug
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.