Latest evolution from CVS, when browsing emails i got a random crash, and looks like a cairo bug. #0 0xb6bcc2f2 in _cairo_ft_scaled_glyph_init (abstract_font=0x88e4be0, scaled_glyph=0x89020d0, info=CAIRO_SCALED_GLYPH_INFO_SURFACE) at cairo-ft-font.c:1084 1084 (*surface)->base.device_x_offset = glyphslot->bitmap_left; Backtrace: #0 0xb6bcc2f2 in _cairo_ft_scaled_glyph_init (abstract_font=0x88e4be0, scaled_glyph=0x89020d0, info=CAIRO_SCALED_GLYPH_INFO_SURFACE) at cairo-ft-font.c:1084 #1 0xb6bbf1c4 in _cairo_scaled_glyph_lookup (scaled_font=0x88e4be0, index=1, info=<value optimized out>, scaled_glyph_ret=0xbf905cec) at cairo-scaled-font.c:1224 #2 0xb6bd4f7e in _cairo_xlib_surface_old_show_glyphs (scaled_font=0x88e4be0, op=CAIRO_OPERATOR_OVER, pattern=0xbf906020, abstract_surface=0x89023f8, source_x=104, source_y=0, dest_x=104, dest_y=0, width=64, height=9, glyphs=0x8902c18, num_glyphs=5) at cairo-xlib-surface.c:2447 #3 0xb6bc217f in _cairo_surface_old_show_glyphs (scaled_font=0x0, op=CAIRO_OPERATOR_CLEAR, pattern=0x0, dst=0x0, source_x=0, source_y=0, dest_x=0, dest_y=0, width=0, height=0, glyphs=0x0, num_glyphs=0) at cairo-surface.c:1441 #4 0xb6bc37e1 in _cairo_surface_old_show_glyphs_draw_func ( closure=0xbf905f90, op=CAIRO_OPERATOR_OVER, src=0xbf906020, dst=0x89023f8, dst_x=0, dst_y=0, extents=0xbf905fa4) at cairo-surface-fallback.c:874 #5 0xb6bc2812 in _clip_and_composite (clip=0x8902b4c, op=CAIRO_OPERATOR_OVER, src=0xbf906020, draw_func=0xb6bc3720 <_cairo_surface_old_show_glyphs_draw_func>, draw_closure=0xbf905f90, dst=0x89023f8, extents=0xbf905fa4) at cairo-surface-fallback.c:391 #6 0xb6bc399b in _cairo_surface_fallback_show_glyphs (surface=0x89023f8, op=CAIRO_OPERATOR_OVER, source=0xbf906020, glyphs=0x8902c18, num_glyphs=5, scaled_font=0x88e4be0) at cairo-surface-fallback.c:937 #7 0xb6bc20b8 in _cairo_surface_show_glyphs (surface=0x89023f8, op=CAIRO_OPERATOR_OVER, source=0xbf906020, glyphs=0x8902c18, num_glyphs=5, scaled_font=0x88e4be0) at cairo-surface.c:1406 #8 0xb6bb8477 in _cairo_gstate_show_glyphs (gstate=0x8902ac8, glyphs=0xbf9060fc, num_glyphs=5) at cairo-gstate.c:1471 #9 0xb6bb3c63 in cairo_show_glyphs (cr=0x89024a0, glyphs=0x0, num_glyphs=5) at cairo.c:2158 #10 0xb6c8881f in pango_cairo_renderer_draw_glyphs (renderer=0x0, font=0x83c3000, glyphs=0x871b4b0, x=0, y=0) at pangocairo-render.c:237 #11 0xb6c43345 in pango_renderer_draw_glyphs (renderer=0x85aa6e8, font=0x0, glyphs=0x0, x=0, y=0) at pango-renderer.c:599 #12 0xb6c88dac in pango_cairo_show_glyph_string (cr=0x89024a0, font=0x83c3000, glyphs=0x871b4b0) at pangocairo-render.c:444 #13 0xb6cd7531 in gdk_pango_renderer_draw_glyphs (renderer=0x0, font=0x83c3000, glyphs=0x871b4b0, x=105471, y=11264) at gdkpango.c:210 #14 0xb6c43345 in pango_renderer_draw_glyphs (renderer=0x84a1bf0, font=0x0, glyphs=0x0, x=0, y=0) at pango-renderer.c:599 #15 0xb6c445dd in pango_renderer_draw_layout_line (renderer=0x84a1bf0, line=0x86348c0, x=71680, y=11264) at pango-renderer.c:530 #16 0xb6c449cb in pango_renderer_draw_layout (renderer=0x84a1bf0, layout=0x84b0f28, x=71680, y=-9216) at pango-renderer.c:183 #17 0xb6cd92c4 in IA__gdk_draw_layout_with_colors (drawable=0x87ff008, gc=0x8599120, x=70, y=-9, layout=0x84b0f28, foreground=0x0, background=0x0) at gdkpango.c:989 #18 0xb6cd94d1 in IA__gdk_draw_layout (drawable=0x87ff008, gc=0x8599120, x=0, ---Type <return> to continue, or q <return> to quit--- y=0, layout=0x84b0f28) at gdkpango.c:1051 #19 0xb7d5675d in ect_draw (ecell_view=0x8362038, drawable=0x87ff008, model_col=4, view_col=3, row=11, flags=10, x1=<value optimized out>, y1=<value optimized out>, x2=<value optimized out>, y2=<value optimized out>) at e-cell-text.c:759 #20 0xb7d4c7e3 in e_cell_draw (ecell_view=0x8362038, drawable=0x0, model_col=0, view_col=0, row=11, flags=E_CELL_JUSTIFY_CENTER, x1=0, y1=0, x2=0, y2=0) at e-cell.c:277 #21 0xb7d7444d in eti_draw (item=0x0, drawable=0x87ff008, x=0, y=230, width=512, height=20) at e-table-item.c:1997 #22 0xb716bc9e in gnome_canvas_group_draw (item=0x0, drawable=0x87ff008, x=0, y=230, width=512, height=20) at gnome-canvas.c:1680 #23 0xb7171ae5 in gnome_canvas_expose (widget=0x82d2220, event=0xbf9070b0) at gnome-canvas.c:2992 #24 0xb6f75440 in _gtk_marshal_BOOLEAN__BOXED (closure=0x806fa98, return_value=0xbf906cd0, n_param_values=2, param_values=0xbf906dcc, invocation_hint=0xbf906cbc, marshal_data=0xb7171410) at gtkmarshalers.c:83 #25 0xb69add69 in g_type_class_meta_marshal (closure=0x806fa98, return_value=0x0, n_param_values=0, param_values=0xbf906dcc, invocation_hint=0x0, marshal_data=0x0) at gclosure.c:567 #26 0xb69ae429 in IA__g_closure_invoke (closure=0x806fa98, return_value=0x0, n_param_values=0, param_values=0x0, invocation_hint=0x0) at gclosure.c:490 #27 0xb69bfee5 in signal_emit_unlocked_R (node=0x81fa810, detail=0, instance=0x82d2220, emission_return=0xbf906f8c, instance_and_params=0xbf906dcc) at gsignal.c:2476 #28 0xb69c1051 in IA__g_signal_emit_valist (instance=0x82d2220, signal_id=57, detail=0, var_args=0xbf907010 "(p\220\uffff\uffffp\220\uffff \"-\b\237n\006\uffff \"-\b\210x\n\b") at gsignal.c:2207 #29 0xb69c1649 in IA__g_signal_emit (instance=0x0, signal_id=0, detail=0) at gsignal.c:2241 #30 0xb7066d54 in gtk_widget_event_internal (widget=0x82d2220, event=0xbf9070b0) at gtkwidget.c:3735 #31 0xb6f73d78 in IA__gtk_main_do_event (event=0xbf9070b0) at gtkmain.c:1374 #32 0xb6ce8ffd in gdk_window_process_updates_internal (window=0x85a5330) at gdkwindow.c:2292 #33 0xb6ce9648 in IA__gdk_window_process_updates (window=0x85a5330, update_children=1) at gdkwindow.c:2382 #34 0xb6f67403 in gtk_layout_adjustment_changed (adjustment=0x80a5a40, layout=0x82d2220) at gtklayout.c:1157 #35 0xb69bc38b in IA__g_cclosure_marshal_VOID__VOID (closure=0x835eaa0, return_value=0x0, n_param_values=1, param_values=0xbf9073dc, invocation_hint=0xbf9072cc, marshal_data=0xb6f67380) at gmarshal.c:77 #36 0xb69ae429 in IA__g_closure_invoke (closure=0x835eaa0, return_value=0x0, n_param_values=0, param_values=0x0, invocation_hint=0x0) at gclosure.c:490 #37 0xb69bf76a in signal_emit_unlocked_R (node=0x82ca3b8, detail=0, instance=0x80a5a40, emission_return=0x0, instance_and_params=0xbf9073dc) at gsignal.c:2438 #38 0xb69c12fb in IA__g_signal_emit_valist (instance=0x80a5a40, signal_id=238, detail=0, var_args=<value optimized out>) at gsignal.c:2197 #39 0xb69c1649 in IA__g_signal_emit (instance=0x0, signal_id=0, detail=0) at gsignal.c:2241 #40 0xb6e9f261 in IA__gtk_adjustment_value_changed (adjustment=0x80a5a40) at gtkadjustment.c:393 #41 0xb6e9f36b in IA__gtk_adjustment_set_value (adjustment=0x80a5a40, value=230.800995) at gtkadjustment.c:376 #42 0xb7ec9823 in e_canvas_show_area (canvas=<value optimized out>, x1=0, y1=260, x2=727, y2=280) at e-canvas-utils.c:84 #43 0xb7ec9cfc in show_area_timeout (data=0x83b1038) at e-canvas-utils.c:146 #44 0xb693d046 in g_timeout_dispatch (source=0x87fdc00, callback=0, user_data=0x0) at gmain.c:3292 #45 0xb693b24c in IA__g_main_context_dispatch (context=0x809c140) at gmain.c:1916 #46 0xb693e6db in g_main_context_iterate (context=0x809c140, block=1, dispatch=1, self=0x806bb38) at gmain.c:2547 #47 0xb693ea37 in IA__g_main_loop_run (loop=0x81fd508) at gmain.c:2751 #48 0xb72b9be3 in bonobo_main () at bonobo-main.c:312 #49 0x0805cc62 in main (argc=0, argv=0xbf907b84) at main.c:603
Hi, I encountered the same bug. My firefox crashes evertime when I visit this page http://www.madore.org/~david/misc/unitest/ and scroll to the near bottom. I traced this with gdb and found that in `_render_glyph_bitmap', `_get_bitmap_surface' is called to get the surface and some fields of the surface are set, without checking whether the returned surface is NULL.
This was fixed just a couple of days ago. *** This bug has been marked as a duplicate of 5734 ***
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.