Crash due to missing cairo_clip_init call in cairo_gstate_show_text_glyphs.
for a crash testcase. Please don't make that testcase public until
Mozilla makes it public.
Fixed in mozilla-central for Firefox 4:
I don't like the fact that clip will get initialized twice in your patch.
It would easily be forgotten and break if clip init/fini were changed.
I think it would be better to only clip_init() if _cairo_scaled_font_glyph_path() fails or to just _gstate_get_clip() in all the cases.
Created attachment 42259 [details] [review]
I haven't tested this patch, but I expect it to fix the problem.
That code is now obsolete.