Segmentation Fault in cairo_surface_create_similar
I found this bug from within gtk. I have a GtkTextView, that contains a lot of long lines. This GtkTextView can be rendered, when it is visible at first, but when there is other content in the window first, the programm dies with a segmentation fault. To reprodruce this bug, i wrote a minimal example only using cairo.
Digging deeper with gdb i found, that the segmentation fault triggered in a
_cairo_xlib_surface_create_similar_shm which is called indirectly from
cairo_surface_create_similar. A possible explanation is, that the memory allocated for the data is not as big as the calculated size through
stride * height here. This could be due to the fact, that
stride * height > 2**32 in my case.
Investigating further, i found that the allocated size for the data at this point is only a 4 byte integer. With
stride * height > 2**32 this would cause an overflow leading to a different sized allocation than is assumed later.
I would expect to see at least a meaningful error message instead of a segmentation fault, if a content can't be rendered.