==3429== Conditional jump or move depends on uninitialised value(s)
==3429== at 0x4E3FB0F: _cairo_box_round_to_rectangle (cairo-fixed-private.h:196)
==3429== by 0x4E34B29: _cairo_clip_intersect_to_rectangle (cairo-clip.c:162)
==3429== by 0x4E31943: cairo_push_group_with_content (cairo.c:495)
==3429== by 0x403044: draw (clip-zero.c:48)
==3429== by 0x404221: cairo_test_expecting (cairo-test.c:377)
==3429== by 0x64701C3: (below main) (libc-start.c:222)
Caused by setting extents->p2.y to zero twice.
Previously, _cairo_traps_extents () returned the extents
p1={INT_MAX, INT_MAX} p2={INT_MIN, INT_MIN} for an empty traps leading
to integer overflow when computing the width using p2-p1 and causing
further overflows within libpixman. [For example this caused the
allocation of massive regions with test/mask and the PS backend.]
In http://bugs.freedesktop.org/show_bug.cgi?id=13699, Pavel Vozenilek
reports a duplicate define for computing the appropriate length for an
on-stack array. The macro in question, and a few other places, was
performing CAIRO_STACK_BUF_SIZE/sizeof(stack[0]) so we can simplify
them slightly by using a common macro.
Simply return the error status from the traps_grow() function rather
than having an assignment in the return function and then immediately
another assignment of the error to the status member at its callsite.
Every time we assign or return a hard-coded error status wrap that value
with a call to _cairo_error(). So the idiom becomes:
status = _cairo_error (CAIRO_STATUS_NO_MEMORY);
or
return _cairo_error (CAIRO_STATUS_INVALID_DASH);
This ensures that a breakpoint placed on _cairo_error() will trigger
immediately cairo detects the error.
This patch introduces three macros: _cairo_malloc_ab,
_cairo_malloc_abc, _cairo_malloc_ab_plus_c and replaces various calls
to malloc(a*b), malloc(a*b*c), and malloc(a*b+c) with them. The macros
return NULL if int overflow would occur during the allocation. See
CODING_STYLE for more information.
It's quite simple to add a new _cairo_traps_limit call which installs
a box into the cairo_traps_t structure. Then at the time of
_cairo_traps_add we can discard any trapezoid that is wholly outside
the box and also clip any trapezoid that is partially outside the box.
We take advantage of this for both cairo_stroke and cairo_fill, (when
cairo is computing the trapezoids in cairo-surface-fallback.c). Note
that we explicitly do not do any clipping for cairo_stroke_extents,
cairo_fill_extents, cairo_in_stroke, or cairo_in_fill which are
defined to ignore clipping.
As seen by the long-lines perf case, this fix successfully works
around the bug in the X server where it creates overly large masks for
partially-outside-the-destination-surface trapezoids:
xlib-rgba long-lines-uncropped-100 545.84 -> 5.83: 93.09x speedup
██████████████████████████████████████████████
xlib-rgb long-lines-uncropped-100 554.74 -> 8.10: 69.04x speedup
██████████████████████████████████
Add a _cairo_traps_status function and use it instead of adding
error checks to callers of _cairo_traps_add_trap and
_cairo_traps_add_trap_from_points, (both of which are now given
a void return type).
Most of the time pixman_region_init is called without any extents, and
followed by a pixman_region_union_rect, used to used to initialize
rectangular regions. pixman_region_union_rect is not that cheap, but
the sequence is called quite often. So it should be worth introducing
a specialized and fast function for this sequence.
This introduces pixman_region_init_rect. This new function makes
_cairo_region_init_from_rectangle obsolete.
Also removes the extent argument from pixman_region_init as it was
called with NULL most of the time. A pixman_region_init_with_extents
is added for the general case.
The newly rewritten convex_quad code is actually simpler than the
triangle code being replaced here. This also allows us to throw
away the problematic _compute_x function which can't handle
horizontal lines, (divide by zero). So the cairo world becomes a
better place.
The previous code was not handling all cases correctly, (yes,
even something as simple as a quadrilateral can exhibit a
remarkably large number of different cases when tessellation
is attempted).
This fix now introduces slope comparison which handles several
cases that were mis-handled with the previous implementation which
only used independent sorting of the X and Y values of the
coordinates.
This fixes the skew-extreme test case and the bug reported here:
Skew transforms were broken by the cairo update in December
https://bugzilla.mozilla.org/show_bug.cgi?id=373632
This patch was produced by running git-stripspace on all *.[ch] files
within cairo. Note that this script would have also created all the changes
from the previous commits to remove trailing whitespace.
This patch was produced with the following (GNU) sed script:
sed -i -r -e 's/[ \t]+$//'
run on all *.[ch] files within cairo.
Note that the above script would have also created all the changes
from the previous commits to remove trailing whitespace.
This patch was produced with the following (GNU) sed script:
sed -i -r -e '/^[ \t]*\/?\*/ s/[ \t]+$//'
run on all *.[ch] files within cairo, (though I manually excluded
src/cairo-atsui-font.c which has a code line that appears as a comment
to this script).
This is a mega-patch that has the advantage that the entire test suite
passes both immediately before and immediately after this commit.
The disadvantage of the mega-patch is that it does not reflect the
development history of the device-offset branch, (with its various
fumblings and flailings). To capture that history, we will next merge
in that branch.
Rewrite to use new cairo_clip_t functions for manipulating the clip state, change the clip_and_composite_trapezoids call tree to use cairo_clip_t instead of cairo_gstate_t.
Use new cairo_clip_t function to maintain clip state while replaying.
Pass fill rule and tolerance directly, to break gstate dependency.
New function. Set the clip for a surface as specified by the cairo_clip_t.
Move translate_traps() from cairo-gstate.c to here and rename it.
Reviewed by: otaylor
src/cairo.c src/cairo-gstate.c src/cairoint.h: Move the implementation of cairo_paint() into cairo-gstate.c for a better fix for the problem with backend/user coordinate confusion. Also no longer clear the current path on cairo_paint()
