Created attachment 320578 [details] sample pdf file that crashes evince when printing with cairo-1.12.2-r3 When printing certain PDF files (e.g. the one attached) from evince, it segfaults with the following backtrace: #0 decode_integer (p=0x0, integer=0x7fffffffc5b0) at cairo-cff-subset.c:241 #1 0x00007ffff6211697 in cairo_cff_font_read_top_dict (font=0xeb8a00) at cairo-cff-subset.c:1185 #2 0x00007ffff6212d27 in cairo_cff_font_read_font (font=0xeb8a00) at cairo-cff-subset.c:1321 #3 cairo_cff_font_generate (length=<synthetic pointer>, data=<synthetic pointer>, font=0xeb8a00) at cairo-cff-subset.c:2545 #4 _cairo_cff_subset_init (cff_subset=cff_subset@entry=0x7fffffffc880, subset_name=subset_name@entry=0x7fffffffc840 "CairoFont-5-0", font_subset=font_subset@entry=0x7fffffffc9a0) at cairo-cff-subset.c:2928 #5 0x00007ffff6258afc in _cairo_pdf_surface_emit_cff_font_subset ( font_subset=0x7fffffffc9a0, surface=0x10e0000) at cairo-pdf-surface.c:4884 #6 _cairo_pdf_surface_emit_unscaled_font_subset (font_subset=0x7fffffffc9a0, closure=0x10e0000) at cairo-pdf-surface.c:5596 #7 0x00007ffff62143fe in _cairo_sub_font_collect (closure=0x7fffffffc950, entry=0xe9baa0) at cairo-scaled-font-subsets.c:751 #8 _cairo_scaled_font_subsets_foreach_internal (font_subsets=<optimized out>, font_subset_callback=font_subset_callback@entry=0x7ffff6258a90 <_cairo_pdf_surface_emit_unscaled_font_subset>, closure=closure@entry=0x10e0000, type=type@entry=CAIRO_SUBSETS_FOREACH_UNSCALED) at cairo-scaled-font-subsets.c:1072 #9 0x00007ffff62155a7 in _cairo_scaled_font_subsets_foreach_unscaled ( font_subsets=<optimized out>, font_subset_callback=font_subset_callback@entry=0x7ffff6258a90 <_cairo_pdf_surface_emit_unscaled_font_subset>, closure=closure@entry=0x10e0000) at cairo-scaled-font-subsets.c:1100 #10 0x00007ffff6255b63 in _cairo_pdf_surface_emit_font_subsets ( surface=0x10e0000) at cairo-pdf-surface.c:5646 #11 _cairo_pdf_surface_finish (abstract_surface=0x10e0000) at cairo-pdf-surface.c:1959 #12 0x00007ffff61fa3dc in _cairo_surface_finish (surface=0x10e0000) at cairo-surface.c:919 #13 0x00007ffff61fa81d in *INT_cairo_surface_finish (surface=0x10e0000) at cairo-surface.c:963 #14 INT_cairo_surface_finish (surface=0x10e0000) at cairo-surface.c:950 #15 0x00007ffff61d3ec4 in _cairo_paginated_surface_finish ( abstract_surface=0xd82a70) at cairo-paginated-surface.c:213 #16 0x00007ffff61fa3dc in _cairo_surface_finish (surface=0xd82a70) at cairo-surface.c:919 #17 0x00007ffff61fa81d in *INT_cairo_surface_finish (surface=0xd82a70) at cairo-surface.c:963 #18 INT_cairo_surface_finish (surface=0xd82a70) at cairo-surface.c:950 #19 0x00007ffff6e350b5 in unix_end_run (op=0x7fffcc0093a0, wait=0, cancelled=0) at gtkprintoperation-unix.c:364 #20 0x00007ffff6d22c70 in print_pages_idle (user_data=0xd83820) at gtkprintoperation.c:2914 #21 0x00007ffff68fd8b0 in gdk_threads_dispatch (data=0xe54200) at gdk.c:763 #22 0x00007ffff55e5a25 in g_main_dispatch (context=0x680860) at gmain.c:2539 #23 g_main_context_dispatch (context=context@entry=0x680860) at gmain.c:3075 #24 0x00007ffff55e5d58 in g_main_context_iterate (context=0x680860, block=block@entry=1, dispatch=dispatch@entry=1, self=<error reading variable: Unhandled dwarf expression opcode 0xfa>) at gmain.c:3146 #25 0x00007ffff55e6142 in g_main_loop_run (loop=0x7e5590) at gmain.c:3340 #26 0x00007ffff6cdf255 in gtk_main () at gtkmain.c:1161 #27 0x000000000041eae5 in main (argc=1, argv=0x7fffffffcdc8) at main.c:329 This appears to be a bug in cff font handling in cairo-1.12.2 which has been fixed upstream (http://cgit.freedesktop.org/cairo/commit/?id=2f1d6b27e8b78c77346a5b603114b54400e57d83) Applying the patch from cairo commit 2f1d6b27 to x11-libs/cairo-1.12.2-r3 fixes the crash for me.
This is fixed in >=cairo-1.12.4
