Bug 438970
| Summary: | evince in rawhide crashing on alot of PDFs | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Peter Robinson <pbrobinson> | ||||
| Component: | poppler | Assignee: | Kristian Høgsberg <krh> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | rawhide | CC: | cra, drepper, dwalsh, eric, jfrieben, mat.booth, paul, petrosyan, scottt.tw, sean, tcallawa, zkabelac | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2008-04-01 20:58:43 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Peter Robinson
2008-03-26 09:49:23 UTC
Created attachment 299113 [details]
PDF that crashes evince
*** Bug 438927 has been marked as a duplicate of this bug. *** *** Bug 439041 has been marked as a duplicate of this bug. *** Here is an example of a PDF that crashes evince: http://www.juniper.net/training/certification/JNCIP_studyguide.pdf Here is a backtrace: $ gdb /usr/bin/evince GNU gdb Fedora (6.7.50.20080227-3.fc9) Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu"... (gdb) run JNCIP_studyguide.pdf Starting program: /usr/bin/evince JNCIP_studyguide.pdf [Thread debugging using libthread_db enabled] [New Thread 0x7f80945a27b0 (LWP 10209)] warning: "/usr/lib/debug/usr/lib64/libpanel-applet-2.so.0.2.29.debug": The separate debug info file has no debug info [New Thread 0x42053950 (LWP 10291)] ** ** ERROR:(ev-poppler.cc:868):EvLinkDest* ev_link_dest_from_dest(PdfDocument*, PopplerDest*): assertion failed: (dest != NULL) Program received signal SIGABRT, Aborted. [Switching to Thread 0x42053950 (LWP 10291)] 0x0000003d27432f75 in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 64 return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig); Missing separate debuginfos, use: debuginfo-install alsa-lib.x86_64 at-spi.x86_64 audiofile.x86_64 avahi.x86_64 bug-buddy.x86_64 elfutils.x86_64 esound.x86_64 expat.x86_64 fontconfig.x86_64 freetype.x86_64 gail.x86_64 gamin.x86_64 gcc.x86_64 gtk-nodoka-engine.x86_64 gvfs.x86_64 keyutils.x86_64 libXau.x86_64 libXcomposite.x86_64 libXcursor.x86_64 libXdmcp.x86_64 libXfixes.x86_64 libXi.x86_64 libXinerama.x86_64 libXrandr.x86_64 libXrender.x86_64 libXtst.x86_64 libcap.x86_64 libgail-gnome.x86_64 libjpeg.x86_64 libpng.x86_64 libselinux.x86_64 libxcb.x86_64 pixman.x86_64 (gdb) where #0 0x0000003d27432f75 in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #1 0x0000003d27434ae3 in abort () at abort.c:88 #2 0x0000003f6da5cf17 in IA__g_assertion_message ( domain=<value optimized out>, file=<value optimized out>, line=<value optimized out>, func=<value optimized out>, message=<value optimized out>) at gtestutils.c:1218 #3 0x0000003f6da5d3b2 in IA__g_assertion_message_expr ( domain=<value optimized out>, file=<value optimized out>, line=<value optimized out>, func=<value optimized out>, expr=<value optimized out>) at gtestutils.c:1229 #4 0x00000000073756e1 in ev_link_dest_from_dest ( pdf_document=<value optimized out>, dest=0x0) at ev-poppler.cc:868 #5 0x00000000073757e9 in ev_link_from_action (pdf_document=0x27e1, action=0x2f59e80) at ev-poppler.cc:973 #6 0x0000000007375a82 in build_tree (pdf_document=0x2b19e80, model=0x2cbd560, parent=0x0, iter=0x2dc77d0) at ev-poppler.cc:1053 #7 0x0000000007375ca8 in pdf_document_links_get_links_model ( document_links=<value optimized out>) at ev-poppler.cc:1103 #8 0x000000000041df2c in ev_job_links_run (job=0x2d77d90) at ev-jobs.c:270 #9 0x000000000041babb in handle_job (job=0x2d77d90) at ev-job-queue.c:131 #10 0x000000000041c05a in ev_render_thread (data=<value optimized out>) at ev-job-queue.c:264 ---Type <return> to continue, or q <return> to quit--- #11 0x0000003f6da60404 in g_thread_create_proxy (data=<value optimized out>) at gthread.c:635 #12 0x0000003d2800740a in start_thread (arg=<value optimized out>) at pthread_create.c:297 #13 0x0000003d274e5d1d in clone () from /lib64/libc.so.6 (gdb) (gdb) (gdb) (gdb) (gdb) thread apply all bt Thread 2 (Thread 0x42053950 (LWP 10291)): #0 0x0000003d27432f75 in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #1 0x0000003d27434ae3 in abort () at abort.c:88 #2 0x0000003f6da5cf17 in IA__g_assertion_message ( domain=<value optimized out>, file=<value optimized out>, line=<value optimized out>, func=<value optimized out>, message=<value optimized out>) at gtestutils.c:1218 #3 0x0000003f6da5d3b2 in IA__g_assertion_message_expr ( domain=<value optimized out>, file=<value optimized out>, line=<value optimized out>, func=<value optimized out>, expr=<value optimized out>) at gtestutils.c:1229 #4 0x00000000073756e1 in ev_link_dest_from_dest ( pdf_document=<value optimized out>, dest=0x0) at ev-poppler.cc:868 #5 0x00000000073757e9 in ev_link_from_action (pdf_document=0x27e1, action=0x2f59e80) at ev-poppler.cc:973 #6 0x0000000007375a82 in build_tree (pdf_document=0x2b19e80, model=0x2cbd560, parent=0x0, iter=0x2dc77d0) at ev-poppler.cc:1053 #7 0x0000000007375ca8 in pdf_document_links_get_links_model ( document_links=<value optimized out>) at ev-poppler.cc:1103 #8 0x000000000041df2c in ev_job_links_run (job=0x2d77d90) at ev-jobs.c:270 #9 0x000000000041babb in handle_job (job=0x2d77d90) at ev-job-queue.c:131 ---Type <return> to continue, or q <return> to quit--- #10 0x000000000041c05a in ev_render_thread (data=<value optimized out>) at ev-job-queue.c:264 #11 0x0000003f6da60404 in g_thread_create_proxy (data=<value optimized out>) at gthread.c:635 #12 0x0000003d2800740a in start_thread (arg=<value optimized out>) at pthread_create.c:297 #13 0x0000003d274e5d1d in clone () from /lib64/libc.so.6 Thread 1 (Thread 0x7f80945a27b0 (LWP 10209)): #0 0x0000003d274de582 in select () from /lib64/libc.so.6 #1 0x0000003d29808a96 in ?? () from /usr/lib64/libxcb.so.1 #2 0x0000003d29809139 in ?? () from /usr/lib64/libxcb.so.1 #3 0x0000003d298096be in xcb_send_request () from /usr/lib64/libxcb.so.1 #4 0x0000003d28c4c217 in _XPutXCBBuffer (dpy=<value optimized out>) at xcb_lock.c:148 #5 0x0000003d28c4d70f in _XSend (dpy=<value optimized out>, data=<value optimized out>, size=<value optimized out>) at xcb_io.c:233 #6 0x0000003d28c39128 in PutSubImage (dpy=<value optimized out>, d=<value optimized out>, gc=<value optimized out>, image=<value optimized out>, req_xoffset=<value optimized out>, req_yoffset=<value optimized out>, x=<value optimized out>, y=<value optimized out>, req_width=<value optimized out>, req_height=<value optimized out>, ---Type <return> to continue, or q <return> to quit--- dest_bits_per_pixel=<value optimized out>, dest_scanline_pad=<value optimized out>) at PutImage.c:841 #7 0x0000003d28c3857d in PutSubImage (dpy=<value optimized out>, d=<value optimized out>, gc=<value optimized out>, image=<value optimized out>, req_xoffset=<value optimized out>, req_yoffset=<value optimized out>, x=<value optimized out>, y=<value optimized out>, req_width=<value optimized out>, req_height=<value optimized out>, dest_bits_per_pixel=<value optimized out>, dest_scanline_pad=<value optimized out>) at PutImage.c:919 #8 0x0000003d28c39580 in XPutImage (dpy=<value optimized out>, d=<value optimized out>, gc=<value optimized out>, image=<value optimized out>, req_xoffset=<value optimized out>, req_yoffset=<value optimized out>, x=Could not find the frame base for "XPutImage". ) at PutImage.c:1029 #9 0x0000003f4b04d27a in _draw_image_surface (surface=<value optimized out>, image=<value optimized out>, src_x=<value optimized out>, src_y=<value optimized out>, width=<value optimized out>, height=<value optimized out>, dst_x=Could not find the frame base for "_draw_image_surface". ) at cairo-xlib-surface.c:959 #10 0x0000003f4b04d528 in _cairo_xlib_surface_clone_similar ( abstract_surface=<value optimized out>, src=<value optimized out>, src_x=<value optimized out>, src_y=<value optimized out>, width=<value optimized out>, height=<value optimized out>, clone_out=Could not find the frame base for "_cairo_xlib_surface_clone_similar". ) at cairo-xlib-surface.c:1086 ---Type <return> to continue, or q <return> to quit--- #11 0x0000003f4b0213da in _cairo_surface_clone_similar ( surface=<value optimized out>, src=<value optimized out>, src_x=<value optimized out>, src_y=<value optimized out>, width=<value optimized out>, height=<value optimized out>, clone_out=Could not find the frame base for "_cairo_surface_clone_similar". ) at cairo-surface.c:1093 #12 0x0000003f4b026165 in _cairo_pattern_acquire_surface ( pattern=<value optimized out>, dst=<value optimized out>, x=<value optimized out>, y=<value optimized out>, width=<value optimized out>, height=<value optimized out>, surface_out=Could not find the frame base for "_cairo_pattern_acquire_surface". ) at cairo-pattern.c:1725 #13 0x0000003f4b0276bc in _cairo_pattern_acquire_surfaces ( src=<value optimized out>, mask=<value optimized out>, dst=<value optimized out>, src_x=<value optimized out>, src_y=<value optimized out>, mask_x=<value optimized out>, mask_y=Could not find the frame base for "_cairo_pattern_acquire_surfaces". ) at cairo-pattern.c:1923 #14 0x0000003f4b04bb96 in _cairo_xlib_surface_composite ( op=<value optimized out>, src_pattern=<value optimized out>, mask_pattern=<value optimized out>, abstract_dst=<value optimized out>, src_x=<value optimized out>, src_y=<value optimized out>, mask_x=Could not find the frame base for "_cairo_xlib_surface_composite". ) at cairo-xlib-surface.c:1512 #15 0x0000003f4b0211be in _cairo_surface_composite (op=<value optimized out>, src=<value optimized out>, mask=<value optimized out>, dst=<value optimized out>, src_x=<value optimized out>, ---Type <return> to continue, or q <return> to quit--- src_y=<value optimized out>, mask_x=<value optimized out>, mask_y=<value optimized out>, dst_x=<value optimized out>, dst_y=<value optimized out>, width=<value optimized out>, height=<value optimized out>) at cairo-surface.c:1224 #16 0x0000003f4b02345b in _clip_and_composite_trapezoids ( src=<value optimized out>, op=<value optimized out>, dst=<value optimized out>, traps=<value optimized out>, clip=<value optimized out>, antialias=<value optimized out>) at cairo-surface-fallback.c:449 #17 0x0000003f4b023b74 in _cairo_surface_fallback_paint ( surface=<value optimized out>, op=<value optimized out>, source=<value optimized out>) at cairo-surface-fallback.c:709 #18 0x0000003f4b020930 in _cairo_surface_paint (surface=<value optimized out>, op=<value optimized out>, source=<value optimized out>) at cairo-surface.c:1429 #19 0x0000003f4b01155a in _cairo_gstate_paint (gstate=<value optimized out>) at cairo-gstate.c:894 #20 0x0000003f4b00a3f9 in cairo_paint (cr=<value optimized out>) at cairo.c:1939 #21 0x0000000000433d3b in ev_view_expose_event (widget=0x2ae4100, event=0x7fff9c5e14f0) at ev-view.c:3776 #22 0x0000003f70387f12 in _gtk_marshal_BOOLEAN__BOXED (closure=Could not find the frame base for "_gtk_marshal_BOOLEAN__BOXED". ) at gtkmarshalers.c:84 ---Type <return> to continue, or q <return> to quit--- #23 0x0000003f6de0b6dd in IA__g_closure_invoke (closure=<value optimized out>, return_value=<value optimized out>, n_param_values=<value optimized out>, param_values=<value optimized out>, invocation_hint=<value optimized out>) at gclosure.c:490 #24 0x0000003f6de1f392 in signal_emit_unlocked_R (node=<value optimized out>, detail=<value optimized out>, instance=<value optimized out>, emission_return=<value optimized out>, instance_and_params=<value optimized out>) at gsignal.c:2478 #25 0x0000003f6de20a1f in IA__g_signal_emit_valist ( instance=<value optimized out>, signal_id=<value optimized out>, detail=<value optimized out>, var_args=<value optimized out>) at gsignal.c:2209 #26 0x0000003f6de210e3 in IA__g_signal_emit (instance=<value optimized out>, signal_id=<value optimized out>, detail=<value optimized out>) at gsignal.c:2243 #27 0x0000003f704f4df1 in gtk_widget_event_internal (widget=Could not find the frame base for "gtk_widget_event_internal". ) at gtkwidget.c:4678 #28 0x0000003f704f4a61 in IA__gtk_widget_send_expose (widget=Could not find the frame base for "IA__gtk_widget_send_expose". ) at gtkwidget.c:4510 #29 0x0000003f7038506f in IA__gtk_main_do_event (event=Could not find the frame base for "IA__gtk_main_do_event". ) at gtkmain.c:1514 #30 0x0000003f6f23d183 in gdk_window_process_updates_internal (window=Could not find the frame base for "gdk_window_process_updates_internal". ) at gdkwindow.c:2378 #31 0x0000003f6f23d2cb in IA__gdk_window_process_all_updates () ---Type <return> to continue, or q <return> to quit--- at gdkwindow.c:2444 #32 0x0000003f6f23cf57 in gdk_window_update_idle (data=Could not find the frame base for "gdk_window_update_idle". ) at gdkwindow.c:2288 #33 0x0000003f6f21a656 in gdk_threads_dispatch (data=Could not find the frame base for "gdk_threads_dispatch". ) at gdk.c:470 #34 0x0000003f6da3747b in IA__g_main_context_dispatch ( context=<value optimized out>) at gmain.c:2003 #35 0x0000003f6da3ac5d in g_main_context_iterate ( context=<value optimized out>, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:2636 #36 0x0000003f6da3b18d in IA__g_main_loop_run (loop=<value optimized out>) at gmain.c:2844 #37 0x0000003f70384870 in IA__gtk_main () at gtkmain.c:1163 #38 0x0000000000447f5d in main (argc=41881816, argv=<value optimized out>) at main.c:401 0x0000003d27432f75 64 return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig); (gdb) (gdb) c Continuing. evince: xcb_lock.c:77: _XGetXCBBuffer: Assertion `((int) ((xcb_req) - (dpy->request)) >= 0)' failed. Program received signal SIGABRT, Aborted. [Switching to Thread 0x7f80945a27b0 (LWP 10209)] 0x0000003d27432f75 in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 64 return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig); (gdb) c Continuing. Multiple segmentation faults occurred; can't display error dialog Program exited with code 01. The above crash happens with these versions: evince-djvu-2.22.0-3.fc9.x86_64 evince-2.22.0-3.fc9.x86_64 evince-debuginfo-2.22.0-3.fc9.x86_64 evince-dvi-2.22.0-3.fc9.x86_64 poppler-glib-0.7.3-1.fc9.x86_64 poppler-0.7.3-1.fc9.x86_64 poppler-debuginfo-0.7.3-1.fc9.x86_64 poppler-utils-0.7.3-1.fc9.x86_64 poppler-qt-0.7.3-1.fc9.x86_64 poppler-qt4-0.7.3-1.fc9.x86_64 Downgrading just poppler to these versions fixes the problem and evince no longer crashes: poppler-0.7.2-1.fc9.x86_64 poppler-debuginfo-0.7.2-1.fc9.x86_64 poppler-glib-0.7.2-1.fc9.x86_64 poppler-qt-0.7.2-1.fc9.x86_64 poppler-qt4-0.7.2-1.fc9.x86_64 poppler-utils-0.7.2-1.fc9.x86_64 Still crashing for poppler-0.8.0-1.fc9. Downgrading to 0.7.2 fixes the issue. Maybe better reassigned to component 'poppler'? Good point. Updated ticket to poppler. Also upstream at http://bugzilla.gnome.org/show_bug.cgi?id=524735 with a smaller test case attached. *** Bug 439511 has been marked as a duplicate of this bug. *** *** Bug 439673 has been marked as a duplicate of this bug. *** Rebuilding evince-2.22.0-3.fc9 locally in mock fixed it for me. It now runs without crashes with poppler-0.8.0-1.fc9.x86_64. That sounds promising. Any chance of getting someone with the required permissions to push a build for rawhide tomorrow so it can be tested? I've made a scratch-build in Koji. You can download the RPMs from there and test them: http://koji.fedoraproject.org/koji/taskinfo?taskID=542284 I've downloaded and tested the latest build from koji and it fixes the problem for all (well at least half a dozen so I assume all) the PDFs that I was seeing crashes for. Looks good :-) This is fixing the problem for all the problems PDFs I had as well (all of which can be found at http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2008/#mailing2008-03 ) Kristian rebuilt evince against the latest poppler today. *** Bug 439684 has been marked as a duplicate of this bug. *** *** Bug 439620 has been marked as a duplicate of this bug. *** *** Bug 439399 has been marked as a duplicate of this bug. *** |