SEGV at fbFetch from fbCompositeRect in fbcompose.o from fbpict.o This is similar to bug 4945 but without any "remote" issues. Here's the relevant stack trace: [1] 0x0(0x203e790, 0x0, 0x17, 0xffbe5910, 0x0, 0x0), at 0xffffffffffffffff =>[2] fbFetch(pict = 0x203e918, x = 0, y = 23, width = -4302484, buffer = (nil)), line 2673 in "fbcompose.c" [3] fbCompositeRect(data = 0x203e918, scanline_buffer = (nil)), line 3565 in "fbcompose.c" [4] pixman_compositeGeneral(op = 33810712, pSrc = (nil), pMask = 0x17, pDst = 0xffbe596c, xSrc = 0, ySrc = 0, xMask = 0, yMask = -25648, xDst = 0, yDst = 0, width = 0, height = 0), line 3677 in "fbcompose.c" [5] _cairo_pixman_composite(op = 33810712, pSrc = (nil), pMask = 0x17, pDst = 0xffbe596c, xSrc = 0, ySrc = 0, xMask = 0, yMask = -40920112, xDst = 0, yDst = 0, width = 0, height = 0), line 1825 in "fbpict.c" [6] _cairo_image_surface_composite(operator = 33810712, src_pattern = (nil), mask_pattern = 0x17, abstract_dst = 0xffbe596c, src_x = 0, src_y = 0, mask_x = 0, mask_y = -40920112, dst_x = 0, dst_y = 0, width = 0, height = 0), line 614 in "cairo-image-surface.c" [7] _fallback_composite(operator = 33810712, src = (nil), mask = 0x17, dst = 0xffbe596c, src_x = 0, src_y = 0, mask_x = 0, mask_y = -40920112, dst_x = 0, dst_y = 0, width = 0, height = 0), line 805 in "cairo-surface.c" [8] _cairo_surface_composite(operator = 33810712, src = (nil), mask = 0x17, dst = 0xffbe596c, src_x = 0, src_y = 0, mask_x = 0, mask_y = -40920112, dst_x = 0, dst_y = 0, width = 0, height = 0), line 856 in "cairo-surface.c" [9] _cairo_ft_scaled_font_show_glyphs(abstract_font = 0x203e918, operator = CAIRO_OPERATOR_CLEAR, pattern = 0x17, surface = 0xffbe596c, source_x = 0, source_y = 0, dest_x = 0, dest_y = -40920112, width = 0, height = 0, glyphs = (nil), num_glyphs = 0), line 2052 in "cairo-ft-font.c" [10] _cairo_scaled_font_show_glyphs(scaled_font = 0x203e918, operator = CAIRO_OPERATOR_CLEAR, pattern = 0x17, surface = 0xffbe596c, source_x = 0, source_y = 0, dest_x = 0, dest_y = -40920112, width = 0, height = 0, glyphs = (nil), num_glyphs = 0), line 945 in "cairo-font.c" [11] _cairo_gstate_show_glyphs_draw_func(closure = 0x203e918, operator = CAIRO_OPERATOR_CLEAR, src = 0x17, dst = 0xffbe596c, dst_x = 0, dst_y = 0, extents = (nil)), line 2060 in "cairo-gstate.c" [12] _cairo_gstate_clip_and_composite(clip = 0x203e918, operator = CAIRO_OPERATOR_CLEAR, src = 0x17, draw_func = 0xffbe596c, draw_closure = (nil), dst = (nil), extents = (nil)), line 1097 in "cairo-gstate.c" [13] _cairo_gstate_show_glyphs(gstate = 0x203e918, glyphs = (nil), num_glyphs = 23), line 2135 in "cairo-gstate.c" [14] cairo_show_glyphs(cr = 0x203e918, glyphs = (nil), num_glyphs = 23), line 2158 in "cairo.c" [15] pango_cairo_renderer_draw_glyphs(0x203df80, 0x2036300, 0x1fae4c0, 0x0, 0x0, 0x0), at 0xfdb63f98
I have recently verified the same bug in IRIX, OS version 6.5.28, MIPSpro compilers 7.4.4.m. Trying to run ethereal compiled with gtk 2.8.11 and cairo 1.0.2 yields a core dump. Debugging ethereak along with the corefile gives that the SIGSEGV appeared in line 2673.
So much has changed since... If the stack-trace is to be believed then we passed a NULL source into pixman_image_composite, which would cause a SIGSEGV. However, given that entire code path has been removed, all I can say with confidence is that the error checking at the _cairo_image_surface_composite() level has been tested using fault injection and so a similar problem should not now be possible.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.