Bug 10386

Summary: evince crashed with SIGSEGV in poppler_attachment_save_to_callback()
Product: poppler Reporter: Sebastien Bacher <seb128>
Component: generalAssignee: poppler-bugs <poppler-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: medium    
Version: unspecified   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:

Description Sebastien Bacher 2007-03-23 06:15:04 UTC 
The bug has been opened on https://launchpad.net/bugs/94903

"Binary package hint: evince

Situation : I opened the 42.5 MB Cover_x86.pdf (obtainable from http://clete2.com/gentoocover/, it's a Gentoo DVD Cover) and Evince immediately crashed.
Steps to reproduce : probably opening the .pdf an x number of times, it opened just fine the second time around.
Version information : Evince 0.8.0, Poppler 0.5.4 (cairo)
...
.
Thread 2 (process 17501):
#0  0xb76f68f0 in FlateStream::getChar (this=0x83c1e58) at Stream.cc:3941
	c = <value optimized out>
#1  0xb76f2320 in ImageStream::getLine (this=0x8364a68) at Stream.cc:381
	buf = <value optimized out>
	bits = <value optimized out>
	c = <value optimized out>
	i = 9338
#2  0xb77be0a2 in CairoOutputDev::drawImage (this=0x8312e90, state=0x83bed40, ref=0xb6997c94, str=0x83c1e58, width=4271, height=2876, colorMap=0x83ca398, maskColors=0x0, 
    inlineImg=0) at CairoOutputDev.cc:843
	buffer = (unsigned char *) 0xb256a008 "\221¶Í"
	image = <value optimized out>
	pattern = <value optimized out>
	y = 15
	imgStr = (ImageStream *) 0x8364a68
	pix = <value optimized out>
	i = <value optimized out>
	matrix = {xx = 5.2898396800107751e-269, yx = -1.1155082287757394e-45, xy = -1.8081873687300524e-41, yy = 4.321423660979218e-269, x0 = -1.2866916418111052e-41, 
  y0 = -1.8081874039428065e-41}
#3  0xb76a98f6 in Gfx::doImage (this=0x8366688, ref=0xb6997c94, str=0x83c1e58, inlineImg=0) at Gfx.cc:3223
	dict = <value optimized out>
	maskDict = <value optimized out>
	width = 4271
	height = 2876
	bits = 8
	maskBits = <value optimized out>
	csMode = streamCSNone
	mask = 0
	invert = <value optimized out>
	colorSpace = (class GfxColorSpace *) 0x83b29b8
	maskColorSpace = <value optimized out>
	colorMap = (GfxImageColorMap *) 0x83ca398
	maskColorMap = <value optimized out>
	maskObj = {type = objNull, {booln = -1208168460, intg = -1208168460, real = -1.9287042025283492e-41, string = 0xb7fccff4, name = 0xb7fccff4 "(\237\001", 
    array = 0xb7fccff4, dict = 0xb7fccff4, stream = 0xb7fccff4, ref = {num = -1208168460, gen = -1216683560}, cmd = 0xb7fccff4 "(\237\001"}}
	smaskObj = {type = objNull, {booln = -1218064204, intg = -1218064204, real = -7.6653035788848368e-42, string = 0xb765d0b4, name = 0xb765d0b4 "", array = 0xb765d0b4, 
    dict = 0xb765d0b4, stream = 0xb765d0b4, ref = {num = -1218064204, gen = -1218093532}, cmd = 0xb765d0b4 ""}}
	maskColors = {4096, 0, 320, 160, -1223096576, 0, 385, 0, 44589056, 0, 0, 44593152, 0, -1223880783, 0, -1231455672, -1231455648, -1231455640, 13, 138157336, -1223004172, 
  -1223880783, 104, 40, -1223096576, -1222999776, 138145712, 138146192, 138145712, -1223880783, 24, -1208239397, -1223096676, 5822, -1226342412, 138146192, 0, -1223878463, 584, 
  104, -1223096576, -1208168460, -1230134008, 26, -1231455448, -1208238270, 40, 0, -1223096676, -1222999776, 153, 211026, -1231455500, -1231455500, -1231455260, -837507378, 
  -1216684000, 79, -1218106812, -1218114144, -1218044048, -837507378, -1218044020, -1218044044}
	maskWidth = <value optimized out>
	maskHeight = <value optimized out>
	maskInvert = <value optimized out>
	maskStr = <value optimized out>
	obj1 = {type = objNone, {booln = 138095048, intg = 138095048, real = 4.321467906649489e-269, string = 0x83b29c8, name = 0x83b29c8 "", array = 0x83b29c8, dict = 0x83b29c8, 
    stream = 0x83b29c8, ref = {num = 138095048, gen = 137811072}, cmd = 0x83b29c8 ""}}
	obj2 = {type = objNone, {booln = 0, intg = 0, real = 2.1219957909652723e-314, string = 0x0, name = 0x0, array = 0x0, dict = 0x0, stream = 0x0, ref = {num = 0, gen = 1}, 
    cmd = 0x0}}
	i = <value optimized out>
#4  0xb76ac451 in Gfx::opXObject (this=0x8366688, args=0xb6997d70, numArgs=1) at Gfx.cc:2902
	obj1 = {type = objStream, {booln = 138157656, intg = 138157656, real = -1.1161412188990108e-45, string = 0x83c1e58, name = 0x83c1e58 "(%y·\001", array = 0x83c1e58, 
    dict = 0x83c1e58, stream = 0x83c1e58, ref = {num = 138157656, gen = -1231454984}, cmd = 0x83c1e58 "(%y·\001"}}
	obj2 = {type = objName, {booln = 137775680, intg = 137775680, real = 4.3214679064347181e-269, string = 0x8364a40, name = 0x8364a40 "Image", array = 0x8364a40, 
    dict = 0x8364a40, stream = 0x8364a40, ref = {num = 137775680, gen = 137811072}, cmd = 0x8364a40 "Image"}}
	obj3 = {type = objNone, {booln = 137778924, intg = 137778924, real = -1.1161198367224087e-45, string = 0x83656ec, name = 0x83656ec "\n", array = 0x83656ec, 
    dict = 0x83656ec, stream = 0x83656ec, ref = {num = 137778924, gen = -1231455016}, cmd = 0x83656ec "\n"}}
	refObj = {type = objRef, {booln = 24, intg = 24, real = 1.1857575500189917e-322, string = 0x18, name = 0x18 <Address 0x18 out of bounds>, array = 0x18, dict = 0x18, 
    stream = 0x18, ref = {num = 24, gen = 0}, cmd = 0x18 <Address 0x18 out of bounds>}}
	opiDict = {type = objNull, {booln = 137812051, intg = 137812051, real = 3.2523307061869766e-269, string = 0x836d853, name = 0x836d853 "", array = 0x836d853, 
    dict = 0x836d853, stream = 0x836d853, ref = {num = 137812051, gen = 137440912}, cmd = 0x836d853 ""}}
#5  0xb76a736d in Gfx::execOp (this=0x8366688, cmd=0xb6997dd0, args=0xb6997d70, numArgs=<value optimized out>) at Gfx.cc:712
	op = (Operator *) 0xb77a2b30
	name = 0x83b2a18 "Do"
	argPtr = (Object *) 0xb6997d70
	i = 1
#6  0xb76a752b in Gfx::go (this=0x8366688, topLevel=0) at Gfx.cc:580
	obj = {type = objCmd, {booln = 138095128, intg = 138095128, real = 433.0214922247992, string = 0x83b2a18, name = 0x83b2a18 "Do", array = 0x83b2a18, dict = 0x83b2a18, 
    stream = 0x83b2a18, ref = {num = 138095128, gen = 1081806936}, cmd = 0x83b2a18 "Do"}}
	args = {{type = objName, {booln = 138095112, intg = 138095112, real = 433.02149222479829, string = 0x83b2a08, name = 0x83b2a08 "Im0", array = 0x83b2a08, dict = 0x83b2a08, 
      stream = 0x83b2a08, ref = {num = 138095112, gen = 1081806936}, cmd = 0x83b2a08 "Im0"}}, {type = objNone, {booln = 0, intg = 0, real = 1025.0322265625, string = 0x0, 
      name = 0x0, array = 0x0, dict = 0x0, stream = 0x0, ref = {num = 0, gen = 1083180065}, cmd = 0x0}}, {type = objNone, {booln = 0, intg = 0, real = 1025.0322265625, 
      string = 0x0, name = 0x0, array = 0x0, dict = 0x0, stream = 0x0, ref = {num = 0, gen = 1083180065}, cmd = 0x0}}, {type = objNone, {booln = -1553060174, intg = -1553060174, 
      real = -690.24298750000003, string = 0xa36e2eb2, name = 0xa36e2eb2 <Address 0xa36e2eb2 out of bounds>, array = 0xa36e2eb2, dict = 0xa36e2eb2, stream = 0xa36e2eb2, ref = {
        num = -1553060174, gen = -1064988175}, cmd = 0xa36e2eb2 <Address 0xa36e2eb2 out of bounds>}}, {type = objNone, {booln = -2115075544, intg = -2115075544, 
      real = -861.23266969999986, string = 0x81ee8228, name = 0x81ee8228 <Address 0x81ee8228 out of bounds>, array = 0x81ee8228, dict = 0x81ee8228, stream = 0x81ee8228, ref = {
        num = -2115075544, gen = -1064637988}, cmd = 0x81ee8228 <Address 0x81ee8228 out of bounds>}}, {type = objNone, {booln = 990879878, intg = 990879878, 
      real = 433.02154069999995, string = 0x3b0fa086, name = 0x3b0fa086 <Address 0x3b0fa086 out of bounds>, array = 0x3b0fa086, dict = 0x3b0fa086, stream = 0x3b0fa086, ref = {
        num = 990879878, gen = 1081806936}, cmd = 0x3b0fa086 <Address 0x3b0fa086 out of bounds>}}, {type = objNone, {booln = -1216793644, intg = -1216793644, 
      real = 4.2285586955225275e-269, string = 0xb77933d4, name = 0xb77933d4 "t \024", array = 0xb77933d4, dict = 0xb77933d4, stream = 0xb77933d4, ref = {num = -1216793644, 
        gen = 137778904}, cmd = 0xb77933d4 "t \024"}}, {type = objNone, {booln = -1231454744, intg = -1231454744, real = -1.1120609988449128e-41, string = 0xb6997de8, 
      name = 0xb6997de8 "(~\231¶¯~j·\210f6\b", array = 0xb6997de8, dict = 0xb6997de8, stream = 0xb6997de8, ref = {num = -1231454744, gen = -1217462290}, 
      cmd = 0xb6997de8 "(~\231¶¯~j·\210f6\b"}}}
	numArgs = 1
	i = 6
	lastAbortCheck = 0
	timer = (GooTimer *) 0x8364d58
#7  0xb76a7eaf in Gfx::display (this=0x8366688, obj=0xb6998028, topLevel=0) at Gfx.cc:543
	obj2 = {type = objNone, {booln = 0, intg = 0, real = 1.2370173889166283e-269, string = 0x0, name = 0x0, array = 0x0, dict = 0x0, stream = 0x0, ref = {num = 0, 
      gen = 135930864}, cmd = 0x0}}
	i = <value optimized out>
#8  0xb76ab813 in Gfx::doForm1 (this=0x8366688, str=0xb6998028, resDict=0x833cf18, matrix=0xb6997f28, bbox=0xb6997ef8) at Gfx.cc:3464
	oldParser = (Parser *) 0x82c7510
	oldBaseMatrix = {0.15403128760529483, 0, 0, -0.15403128760529483, -0, 89.135287605294849}
	i = <value optimized out>
#9  0xb76ac19a in Gfx::doForm (this=0x8366688, str=0xb6998028) at Gfx.cc:3304
	dict = (Dict *) 0x8364f88
	matrixObj = {type = objNone, {booln = 137605896, intg = 137605896, real = 6.7986345878803404e-316, string = 0x833b308, name = 0x833b308 "xR0\bhÎ3\b\b", array = 0x833b308, 
    dict = 0x833b308, stream = 0x833b308, ref = {num = 137605896, gen = 0}, cmd = 0x833b308 "xR0\bhÎ3\b\b"}}
	bboxObj = {type = objNone, {booln = 137613288, intg = 137613288, real = 6.7989998012057463e-316, string = 0x833cfe8, name = 0x833cfe8 "xR0\b", array = 0x833cfe8, 
    dict = 0x833cfe8, stream = 0x833cfe8, ref = {num = 137613288, gen = 0}, cmd = 0x833cfe8 "xR0\b"}}
	m = {1, 0, 0, 1, 0, 0}
	bbox = {0, 0, 791.00800000000004, 539.00800000000004, 4.2328333916310304e-269, 3.8540256214919406e-269}
	resObj = {type = objDict, {booln = 137613080, intg = 137613080, real = -1.9287034507965136e-41, string = 0x833cf18, name = 0x833cf18 "xR0\b Ë3\b\b", array = 0x833cf18, 
    dict = 0x833cf18, stream = 0x833cf18, ref = {num = 137613080, gen = -1216683560}, cmd = 0x833cf18 "xR0\b Ë3\b\b"}}
	obj1 = {type = objNone, {booln = 0, intg = 0, real = 0, string = 0x0, name = 0x0, array = 0x0, dict = 0x0, stream = 0x0, ref = {num = 0, gen = 0}, cmd = 0x0}}
	i = <value optimized out>
#10 0xb76ac4be in Gfx::opXObject (this=0x8366688, args=0xb69980e0, numArgs=1) at Gfx.cc:2906
	obj1 = {type = objStream, {booln = 138056912, intg = 138056912, real = -1.1167292271195578e-45, string = 0x83a94d0, name = 0x83a94d0 "(%y·\003", array = 0x83a94d0, 
    dict = 0x83a94d0, stream = 0x83a94d0, ref = {num = 138056912, gen = -1231454104}, cmd = 0x83a94d0 "(%y·\003"}}
	obj2 = {type = objName, {booln = 137780384, intg = 137780384, real = 6.8072554405214952e-316, string = 0x8365ca0, name = 0x8365ca0 "Form", array = 0x8365ca0, 
    dict = 0x8365ca0, stream = 0x8365ca0, ref = {num = 137780384, gen = 0}, cmd = 0x8365ca0 "Form"}}
	obj3 = {type = objNone, {booln = 137131300, intg = 137131300, real = -1.1167078448578746e-45, string = 0x82c7524, name = 0x82c7524 "\n", array = 0x82c7524, 
    dict = 0x82c7524, stream = 0x82c7524, ref = {num = 137131300, gen = -1231454136}, cmd = 0x82c7524 "\n"}}
	refObj = {type = objNone, {booln = -1217503283, intg = -1217503283, real = -1.8081881531593169e-41, string = 0xb76e5fcd, name = 0xb76e5fcd "\201Ã\aÔ\n", 
    array = 0xb76e5fcd, dict = 0xb76e5fcd, stream = 0xb76e5fcd, ref = {num = -1217503283, gen = -1216793644}, cmd = 0xb76e5fcd "\201Ã\aÔ\n"}}
	opiDict = {type = objNull, {booln = 137141779, intg = 137141779, real = -1.1166971538006645e-45, string = 0x82c9e13, name = 0x82c9e13 "", array = 0x82c9e13, 
    dict = 0x82c9e13, stream = 0x82c9e13, ref = {num = 137141779, gen = -1231454152}, cmd = 0x82c9e13 ""}}
#11 0xb76a736d in Gfx::execOp (this=0x8366688, cmd=0xb6998140, args=0xb69980e0, numArgs=<value optimized out>) at Gfx.cc:712
	op = (Operator *) 0xb77a2b30
	name = 0x831ace8 "Do"
	argPtr = (Object *) 0xb69980e0
	i = 1
#12 0xb76a752b in Gfx::go (this=0x8366688, topLevel=1) at Gfx.cc:580
	obj = {type = objCmd, {booln = 137473256, intg = 137473256, real = 539.00978125389975, string = 0x831ace8, name = 0x831ace8 "Do", array = 0x831ace8, dict = 0x831ace8, 
    stream = 0x831ace8, ref = {num = 137473256, gen = 1082185748}, cmd = 0x831ace8 "Do"}}
	args = {{type = objName, {booln = 137146336, intg = 137146336, real = 539.00978121673324, string = 0x82cafe0, name = 0x82cafe0 "Q", array = 0x82cafe0, dict = 0x82cafe0, 
      stream = 0x82cafe0, ref = {num = 137146336, gen = 1082185748}, cmd = 0x82cafe0 "Q"}}, {type = objNone, {booln = 137777256, intg = 137777256, real = 539.00978128846054, 
      string = 0x8365068, name = 0x8365068 "\004", array = 0x8365068, dict = 0x8365068, stream = 0x8365068, ref = {num = 137777256, gen = 1082185748}, cmd = 0x8365068 "\004"}}, {
    type = objNone, {booln = 2061584302, intg = 2061584302, real = 791.00999999999999, string = 0x7ae147ae, name = 0x7ae147ae <Address 0x7ae147ae out of bounds>, 
      array = 0x7ae147ae, dict = 0x7ae147ae, stream = 0x7ae147ae, ref = {num = 2061584302, gen = 1082701844}, cmd = 0x7ae147ae <Address 0x7ae147ae out of bounds>}}, {
    type = objNone, {booln = 2061584302, intg = 2061584302, real = 539.00999999999999, string = 0x7ae147ae, name = 0x7ae147ae <Address 0x7ae147ae out of bounds>, 
      array = 0x7ae147ae, dict = 0x7ae147ae, stream = 0x7ae147ae, ref = {num = 2061584302, gen = 1082185748}, cmd = 0x7ae147ae <Address 0x7ae147ae out of bounds>}}, {
    type = objNone, {booln = 0, intg = 0, real = 0, string = 0x0, name = 0x0, array = 0x0, dict = 0x0, stream = 0x0, ref = {num = 0, gen = 0}, cmd = 0x0}}, {type = objNone, {
      booln = 0, intg = 0, real = 0, string = 0x0, name = 0x0, array = 0x0, dict = 0x0, stream = 0x0, ref = {num = 0, gen = 0}, cmd = 0x0}}, {type = objNone, {booln = 1355960, 
      intg = 1355960, real = -7.7986857567543487e-42, string = 0x14b0b8, name = 0x14b0b8 <Address 0x14b0b8 out of bounds>, array = 0x14b0b8, dict = 0x14b0b8, stream = 0x14b0b8, 
      ref = {num = 1355960, gen = -1218069164}, cmd = 0x14b0b8 <Address 0x14b0b8 out of bounds>}}, {type = objNone, {booln = 137131280, intg = 137131280, 
      real = 2.7084385915710771e-269, string = 0x82c7510, name = 0x82c7510 "xR0\bø\235,\b\n", array = 0x82c7510, dict = 0x82c7510, stream = 0x82c7510, ref = {num = 137131280, 
        gen = 137141752}, cmd = 0x82c7510 "xR0\bø\235,\b\n"}}}
	numArgs = 1
	i = 2
	lastAbortCheck = 0
	timer = (GooTimer *) 0x833afe8
#13 0xb76a7eaf in Gfx::display (this=0x8366688, obj=0xb6998200, topLevel=1) at Gfx.cc:543
	obj2 = {type = objNone, {booln = -1208200496, intg = -1208200496, real = -1.1170023078666543e-45, string = 0xb7fc52d0, name = 0xb7fc52d0 "ZY\207\004$Â\b", 
    array = 0xb7fc52d0, dict = 0xb7fc52d0, stream = 0xb7fc52d0, ref = {num = -1208200496, gen = -1231453696}, cmd = 0xb7fc52d0 "ZY\207\004$Â\b"}}
	i = <value optimized out>
#14 0xb76eeadd in Page::displaySlice (this=0x8308810, out=0x8312e90, hDPI=11.090252707581229, vDPI=11.090252707581229, rotate=0, useMediaBox=0, crop=1, sliceX=0, sliceY=0, 
    sliceW=127, sliceH=89, links=0x0, catalog=0x8304da8, abortCheckCbk=0, abortCheckCbkData=0x0, annotDisplayDecideCbk=0, annotDisplayDecideCbkData=0x0) at Page.cc:375
	gfx = (Gfx *) 0x8366688
	obj = {type = objStream, {booln = 138022800, intg = 138022800, real = 2.8028285953960652e-269, string = 0x83a0f90, name = 0x83a0f90 "(%y·\003", array = 0x83a0f90, 
    dict = 0x83a0f90, stream = 0x83a0f90, ref = {num = 138022800, gen = 137207112}, cmd = 0x83a0f90 "(%y·\003"}}
	annotList = <value optimized out>
	i = <value optimized out>
#15 0xb77bab7f in poppler_page_render_to_pixbuf (page=0x833c4c0, src_x=0, src_y=0, src_width=127, src_height=89, scale=0.15403128760529483, rotation=0, pixbuf=0x82f9000)
    at poppler-page.cc:366
	data = {cairo_data = 0x8395b88 'ÿ' <repeats 200 times>..., surface = 0x833af00, cairo = 0x833c9d0}
	__PRETTY_FUNCTION__ = "void poppler_page_render_to_pixbuf(PopplerPage*, int, int, int, int, double, int, GdkPixbuf*)"
#16 0x080a08f5 in pdf_document_thumbnails_get_thumbnail (document_thumbnails=0x82d7940, rc=0x82d7650, border=1) at ev-poppler.cc:1193
	pdf_document = (PdfDocument *) 0x82d7940
	poppler_page = (PopplerPage *) 0x833c4c0
	pixbuf = (GdkPixbuf *) 0x82f9000
	border_pixbuf = <value optimized out>
	__PRETTY_FUNCTION__ = "GdkPixbuf* pdf_document_thumbnails_get_thumbnail(EvDocumentThumbnails*, EvRenderContext*, gboolean)"
#17 0x0809caea in ev_document_thumbnails_get_thumbnail (document=0x82d7940, rc=0x82d7650, border=1) at ev-document-thumbnails.c:57
	__PRETTY_FUNCTION__ = "ev_document_thumbnails_get_thumbnail"
#18 0x08069710 in ev_job_thumbnail_run (job=0x82c69a0) at ev-jobs.c:382
	__PRETTY_FUNCTION__ = "ev_job_thumbnail_run"
#19 0x08068227 in handle_job (job=0x82c69a0) at ev-job-queue.c:96
	__PRETTY_FUNCTION__ = "handle_job"
#20 0x0806888c in ev_render_thread (data=0x0) at ev-job-queue.c:187
	job = (EvJob *) 0x82c69a0
#21 0xb725db7f in g_thread_create_proxy (data=0x8138238) at gthread.c:591
	__PRETTY_FUNCTION__ = "g_thread_create_proxy"
#22 0xb782331b in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#23 0xb71393ee in clone () from /lib/tls/i686/cmov/libc.so.6
.
Thread 1 (process 17500):
#0  poppler_attachment_save_to_callback (attachment=0x82d1260, save_func=0x80a0d90 <attachment_save_to_buffer_callback>, user_data=0xbf8e155c, error=0xbf8e1568)
    at poppler-attachment.cc:196
	stream = (class Stream *) 0x0
	buf = "àk\202·¨\t\016\b°\t\016\bôo\032· \201\032·\220ñ;\bh\021\216¿\020N\r· \201\032·\220ñ;\b@T\202·pv.·àk\202·\210ñ;\b\\D\000\000ðk\202·\210\021\216¿Hg*·üg\202·\220ñ;\b\210\021\216¿\001\000\000\000\220ñ;\bpv.·àk\202·\220ñ;\b\210\021\216¿ðk\202·\030\022\216¿Y\207-·`\022-\b |3\b\000\000\000\000QT\202·\220ñ;\b\004\022\216¿\b\000\000\000\220ñ;\b¨ñ;\b`\022-\b |3\b\220ñ;\b\\D\000\000\000\000\000\000Ðý,·\001\000\000\000üg\202·Hg*·\b\000\000\000\000\000\000\000"...
	i = <value optimized out>
	eof_reached = <value optimized out>
	__PRETTY_FUNCTION__ = "gboolean poppler_attachment_save_to_callback(PopplerAttachment*, gboolean (*)(const gchar*, gsize, void*, GError**), void*, GError**)"
#1  0x080a0f69 in pdf_document_get_attachments (document=0x82d7940) at ev-poppler.cc:366
	attachment = (PopplerAttachment *) 0x82d1260
	ev_attachment = <value optimized out>
	error = (GError *) 0x0
	attachments = <value optimized out>
	list = (GList *) 0x82c1310
	retval = (GList *) 0x0
#2  0x0809bb5b in ev_document_get_attachments (document=0x82d7940) at ev-document.c:228
	retval = (GList *) 0x82d1280
#3  0x0808908c in ev_sidebar_attachments_set_document (page=0x81aaec0, document=0x82d7940) at ev-sidebar-attachments.c:624
	ev_attachbar = <value optimized out>
	attachments = <value optimized out>
	l = <value optimized out>
#4  0x08087ba0 in ev_sidebar_set_document (sidebar=0x81ade30, document=0x82d7940) at ev-sidebar.c:507
	widget = (GtkWidget *) 0x81aaec0
	menu_widget = (GtkWidget *) 0x81ae1d0
	priv = (EvSidebarPrivate *) 0x81ade80
	iter = {stamp = -139174880, user_data = 0x82bdb80, user_data2 = 0x0, user_data3 = 0x0}
	valid = <value optimized out>
	has_pages = 0
	__PRETTY_FUNCTION__ = "ev_sidebar_set_document"
#5  0x0808158f in ev_window_load_job_cb (job=0x82bd368, data=0x8143008) at ev-window.c:1084
	ev_window = <value optimized out>
	document = (EvDocument *) 0x82d7650
	__PRETTY_FUNCTION__ = "ev_window_load_job_cb"
#6  0xb72c59d9 in IA__g_cclosure_marshal_VOID__VOID (closure=0x82caa98, return_value=0x0, n_param_values=1, param_values=0xbf8e18ec, invocation_hint=0xbf8e17fc, 
    marshal_data=0x80812b0) at gmarshal.c:77
	data1 = (gpointer) 0x82bd368
	data2 = (gpointer) 0x82d1280
	__PRETTY_FUNCTION__ = "IA__g_cclosure_marshal_VOID__VOID"
#7  0xb72b862b in IA__g_closure_invoke (closure=0x82caa98, return_value=0x0, n_param_values=1, param_values=0xbf8e18ec, invocation_hint=0xbf8e17fc) at gclosure.c:490
	marshal = (GClosureMarshal) 0x8064d8c <g_cclosure_marshal_VOID__VOID@plt>
	marshal_data = (gpointer) 0x0
	__PRETTY_FUNCTION__ = "IA__g_closure_invoke"
#8  0xb72c9103 in signal_emit_unlocked_R (node=0x82ca680, detail=0, instance=0x82bd368, emission_return=0x0, instance_and_params=0xbf8e18ec) at gsignal.c:2440
	tmp = <value optimized out>
	handler = (Handler *) 0x82c6d80
	accumulator = (SignalAccumulator *) 0x0
	emission = {next = 0x0, instance = 0x82bd368, ihint = {signal_id = 257, detail = 0, run_type = G_SIGNAL_RUN_FIRST}, state = EMISSION_RUN, chain_type = 4}
	class_closure = (GClosure *) 0x81426a0
	handler_list = (Handler *) 0x82c6d80
	return_accu = (GValue *) 0x0
	accu = {g_type = 0, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, 
      v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}}}
	signal_id = 257
	max_sequential_handler_number = 790
	return_value_altered = 0
#9  0xb72ca627 in IA__g_signal_emit_valist (instance=0x82bd368, signal_id=257, detail=0, 
    var_args=0xbf8e1b2c "Hg*·àk\202·Hg*·H\033\216¿R\207\006\bhÓ+\b0Þ+\bh\033\216¿\221à#·hÓ+\b\210\2261\bh\033\216¿Ò\177%·\b") at gsignal.c:2199
	_flags = <value optimized out>
	_vtable = <value optimized out>
	_cvalues = {{v_int = -1221691792, v_long = -1221691792, v_int64 = 582885820293084784, v_double = 1.0801941714701912e-269, v_pointer = 0xb72e7670}, {v_int = 3, v_long = 3, 
    v_int64 = -4643745131793481725, v_double = -0.01469880342483521, v_pointer = 0x3}, {v_int = -1221875586, v_long = -1221875586, v_int64 = 582885837472770174, 
    v_double = 1.0801970597502928e-269, v_pointer = 0xb72ba87e}, {v_int = 3, v_long = 3, v_int64 = 8589934595, v_double = 4.2439915834127416e-314, v_pointer = 0x3}, {
    v_int = -1221875981, v_long = -1221875981, v_int64 = 582885837472769779, v_double = 1.0801970597502264e-269, v_pointer = 0xb72ba6f3}, {v_int = 1, v_long = 1, 
    v_int64 = -5256527937187872767, v_double = -1.6289418972857289e-43, v_pointer = 0x1}, {v_int = -1210790996, v_long = -1210790996, v_int64 = 582885820303985580, 
    v_double = 1.0801941733028529e-269, v_pointer = 0xb7d4cbac}, {v_int = 135563208, v_long = 135563208, v_int64 = -4643744719341058104, v_double = -0.014699518915737189, 
    v_pointer = 0x81487c8}}
	_lcopy_format = <value optimized out>
	_n_values = <value optimized out>
	return_value = {g_type = 3078844309, data = {{v_int = 1, v_uint = 1, v_long = 1, v_ulong = 1, v_int64 = -5248268856811585535, v_uint64 = 13198475216897966081, 
      v_float = 1.40129846e-45, v_double = -5.919856522227832e-43, v_pointer = 0x1}, {v_int = -1081206008, v_uint = 3213761288, v_long = -1081206008, v_ulong = 3213761288, 
      v_int64 = -5249662269837665528, v_uint64 = 13197081803871886088, v_float = -1.11019993, v_double = -4.8099390118705172e-43, v_pointer = 0xbf8e1b08}}}
	error = <value optimized out>
	instance_and_params = (GValue *) 0xbf8e18ec
	stack_values = {{g_type = 137146288, data = {{v_int = 137089896, v_uint = 137089896, v_long = 137089896, v_ulong = 137089896, v_int64 = 137089896, v_uint64 = 137089896, 
        v_float = 5.17069476e-34, v_double = 6.7731408005549321e-316, v_pointer = 0x82bd368}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, 
        v_float = 0, v_double = 0, v_pointer = 0x0}}}, {g_type = 135595332, data = {{v_int = 77, v_uint = 77, v_long = 77, v_ulong = 77, v_int64 = 326417514573, 
        v_uint64 = 326417514573, v_float = 1.07899982e-43, v_double = 1.6127168015140375e-312, v_pointer = 0x4d}, {v_int = -1216195503, v_uint = 3078771793, v_long = -1216195503, 
        v_ulong = 3078771793, v_int64 = 591017877017089105, v_uint64 = 591017877017089105, v_float = -1.55364705e-05, v_double = 3.7322544399350011e-269, 
        v_pointer = 0xb7825451}}}, {g_type = 3081392960, data = {{v_int = -1081206488, v_uint = 3213760808, v_long = -1081206488, v_ulong = 3213760808, 
        v_int64 = -5223470000193529560, v_uint64 = 13223274073516022056, v_float = -1.11014271, v_double = -2.6555782732658365e-41, v_pointer = 0xbf8e1928}, {v_int = -1216114316, 
        v_uint = 3078852980, v_long = -1216114316, v_ulong = 3078852980, v_int64 = 54618460532, v_uint64 = 54618460532, v_float = -1.56841488e-05, 
        v_double = 2.6985104977597214e-313, v_pointer = 0xb7839174}}}, {g_type = 3213760824, data = {{v_int = -1216122987, v_uint = 3078844309, v_long = -1216122987, 
        v_ulong = 3078844309, v_int64 = 7373811605, v_uint64 = 7373811605, v_float = -1.56683764e-05, v_double = 3.6431469929360038e-314, v_pointer = 0xb7836f95}, {
        v_int = -1221957816, v_uint = 3073009480, v_long = -1221957816, v_ulong = 3073009480, v_int64 = -4643746159512623288, v_uint64 = 13802997914196928328, 
        v_float = -1.01568367e-05, v_double = -0.01469702061631363, v_pointer = 0xb72a6748}}}, {g_type = 3072683698, data = {{v_int = 135137560, v_uint = 135137560, 
        v_long = 135137560, v_ulong = 135137560, v_int64 = 4430104856, v_uint64 = 4430104856, v_float = 4.27422603e-34, v_double = 2.1887626168240825e-314, 
        v_pointer = 0x80e0918}, {v_int = -1081206440, v_uint = 3213760856, v_long = -1081206440, v_ulong = 3213760856, v_int64 = 580412022350289240, 
        v_uint64 = 580412022350289240, v_float = -1.11014843, v_double = 7.1072406995116634e-270, v_pointer = 0xbf8e1958}}}, {g_type = 135137720, data = {{v_int = 8, v_uint = 8, 
        v_long = 8, v_ulong = 8, v_int64 = -4643745956427202552, v_uint64 = 13802998117282349064, v_float = 1.12103877e-44, v_double = -0.01469737291336061, v_pointer = 0x8}, {
        v_int = -1222282246, v_uint = 3072685050, v_long = -1222282246, v_ulong = 3072685050, v_int64 = 580411403733922810, v_uint64 = 580411403733922810, 
        v_float = -9.86176929e-06, v_double = 7.1067206849418028e-270, v_pointer = 0xb72573fa}}}, {g_type = 3084176300, data = {{v_int = -1081206392, v_uint = 3213760904, 
        v_long = -1081206392, v_ulong = 3213760904, v_int64 = -5223519907713508984, v_uint64 = 13223224165996042632, v_float = -1.11015415, v_double = -2.6301359480229879e-41, 
        v_pointer = 0xbf8e1988}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = -5212262084384915456, v_uint64 = 13234481989324636160, v_float = 0, 
        v_double = -1.5109921081121638e-40, v_pointer = 0x0}}}, {g_type = 3213760904, data = {{v_int = -1222260812, v_uint = 3072706484, v_long = -1222260812, 
        v_ulong = 3072706484, v_int64 = 75165000386484, v_uint64 = 75165000386484, v_float = -9.8812634e-06, v_double = 3.7136444460605764e-310, v_pointer = 0xb725c7b4}, {
        v_int = -1211031582, v_uint = 3083935714, v_long = -1211031582, v_ulong = 3083935714, v_int64 = -4643745953343266846, v_uint64 = 13802998120366284770, 
        v_float = -2.49295881e-05, v_double = -0.014697378263136277, v_pointer = 0xb7d11fe2}}}, {g_type = 3078771793, data = {{v_int = -1216190468, v_uint = 3078776828, 
        v_long = -1216190468, v_ulong = 3078776828, v_int64 = -5248268853732808708, v_uint64 = 13198475219976742908, v_float = -1.55456291e-05, 
        v_double = -5.9198589746150616e-43, v_pointer = 0xb78267fc}, {v_int = -1081206344, v_uint = 3213760952, v_long = -1081206344, v_ulong = 3213760952, 
        v_int64 = -5223470000193529416, v_uint64 = 13223274073516022200, v_float = -1.11015987, v_double = -2.6555782732659099e-41, v_pointer = 0xbf8e19b8}}}, {
    g_type = 3078852980, data = {{v_int = 1, v_uint = 1, v_long = 1, v_ulong = 1, v_int64 = -4643745887707725823, v_uint64 = 13802998186001825793, v_float = 1.40129846e-45, 
        v_double = -0.014697492122650148, v_pointer = 0x1}, {v_int = -1216122987, v_uint = 3078844309, v_long = -1216122987, v_ulong = 3078844309, v_int64 = 7373811605, 
        v_uint64 = 7373811605, v_float = -1.56683764e-05, v_double = 3.6431469929360038e-314, v_pointer = 0xb7836f95}}}, {g_type = 3073009480, data = {{v_int = -1081206264, 
        v_uint = 3213761032, v_long = -1081206264, v_ulong = 3213761032, v_int64 = -5249662269837665784, v_uint64 = 13197081803871885832, v_float = -1.11016941, 
        v_double = -4.8099390118703133e-43, v_pointer = 0xbf8e1a08}, {v_int = 135137560, v_uint = 135137560, v_long = 135137560, v_ulong = 135137560, 
        v_int64 = -5201341038978004712, v_uint64 = 13245403034731546904, v_float = 4.27422603e-34, v_double = -7.8632043842117798e-40, v_pointer = 0x80e0918}}}, {
    g_type = 3078777824, data = {{v_int = 16, v_uint = 16, v_long = 16, v_ulong = 16, v_int64 = 580412019136528400, v_uint64 = 580412019136528400, v_float = 2.24207754e-44, 
        v_double = 7.1072379979949374e-270, v_pointer = 0x10}, {v_int = 1, v_uint = 1, v_long = 1, v_ulong = 1, v_int64 = 73014444033, v_uint64 = 73014444033, 
        v_float = 1.40129846e-45, v_double = 3.6073928446903695e-313, v_pointer = 0x1}}}, {g_type = 135136540, data = {{v_int = 135903136, v_uint = 135903136, v_long = 135903136, 
        v_ulong = 135903136, v_int64 = -5201341038977239136, v_uint64 = 13245403034732312480, v_float = 4.62576129e-34, v_double = -7.8632043854606839e-40, 
        v_pointer = 0x819b7a0}, {v_int = 8, v_uint = 8, v_long = 8, v_ulong = 8, v_int64 = -5247484235006083064, v_uint64 = 13199259838703468552, v_float = 1.12103877e-44, 
        v_double = -6.5448438480498954e-43, v_pointer = 0x8}}}, {g_type = 135725592, data = {{v_int = 135563208, v_uint = 135563208, v_long = 135563208, v_ulong = 135563208, 
        v_int64 = 135563208, v_uint64 = 135563208, v_float = 4.46967401e-34, v_double = 6.697712391283124e-316, v_pointer = 0x81487c8}, {v_int = -1221775132, v_uint = 3073192164, 
        v_long = -1221775132, v_ulong = 3073192164, v_int64 = 3073192164, v_uint64 = 3073192164, v_float = -1.03229868e-05, v_double = 1.5183586713009181e-314, 
        v_pointer = 0xb72d30e4}}}, {g_type = 1076520776, data = {{v_int = -1081206232, v_uint = 3213761064, v_long = -1081206232, v_ulong = 3213761064, 
        v_int64 = -5247484231792322008, v_uint64 = 13199259841917229608, v_float = -1.11017323, v_double = -6.5448464079582667e-43, v_pointer = 0xbf8e1a28}, {v_int = 135713680, 
        v_uint = 135713680, v_long = 135713680, v_ulong = 135713680, v_int64 = 330848195472, v_uint64 = 330848195472, v_float = 4.53876736e-34, 
        v_double = 1.6346072737128466e-312, v_pointer = 0x816d390}}}, {g_type = 3213761096, data = {{v_int = -1221775132, v_uint = 3073192164, v_long = -1221775132, 
        v_ulong = 3073192164, v_int64 = 582377519503454436, v_uint64 = 582377519503454436, v_float = -1.03229868e-05, v_double = 9.9473771385823958e-270, v_pointer = 0xb72d30e4}, 
      {v_int = 1073741901, v_uint = 1073741901, v_long = 1073741901, v_ulong = 1073741901, v_int64 = 327491256397, v_uint64 = 327491256397, v_float = 2.00001836, 
        v_double = 1.6180217909914507e-312, v_pointer = 0x4000004d}}}}
	free_me = (GValue *) 0x0
	signal_return_type = 4
	param_values = (GValue *) 0xbf8e1900
	node = (SignalNode *) 0x82ca680
	i = 3072683698
	n_params = 0
	__PRETTY_FUNCTION__ = "IA__g_signal_emit_valist"
#10 0xb72ca7e9 in IA__g_signal_emit (instance=0x82bd368, signal_id=257, detail=0) at gsignal.c:2243
	var_args = 0xbf8e1b2c "Hg*·àk\202·Hg*·H\033\216¿R\207\006\bhÓ+\b0Þ+\bh\033\216¿\221à#·hÓ+\b\210\2261\bh\033\216¿Ò\177%·\b"
#11 0x08068b86 in ev_job_finished (job=0x82bd368) at ev-jobs.c:233
	__PRETTY_FUNCTION__ = "ev_job_finished"
#12 0x08068752 in notify_finished (job=0x82bd368) at ev-job-queue.c:67
No locals.
#13 0xb723e091 in g_idle_dispatch (source=0x8319688, callback=0x80e4560, user_data=0x82bd368) at gmain.c:3928
No locals.
#14 0xb723fdf2 in IA__g_main_context_dispatch (context=0x810f550) at gmain.c:2045
No locals.
#15 0xb7242dcf in g_main_context_iterate (context=0x810f550, block=1, dispatch=1, self=0x80e0258) at gmain.c:2677
	got_ownership = <value optimized out>
	max_priority = 200
	timeout = 0
	some_ready = 1
	nfds = <value optimized out>
	allocated_nfds = <value optimized out>
	fds = (GPollFD *) 0x8311048
	__PRETTY_FUNCTION__ = "g_main_context_iterate"
#16 0xb7243179 in IA__g_main_loop_run (loop=0x812c8b8) at gmain.c:2881
	got_ownership = -1216195520
	self = (GThread *) 0x80e0258
	__PRETTY_FUNCTION__ = "IA__g_main_loop_run"
#17 0xb7b37044 in IA__gtk_main () at gtkmain.c:1177
	tmp_list = (GList *) 0x812e8a8
	functions = (GList *) 0x0
	init = (GtkInitFunction *) 0x0
	loop = (GMainLoop *) 0x812c8b8
#18 0x0808dc50 in main (argc=2, argv=0xe0000038) at main.c:319
	enable_metadata = 1
	context = <value optimized out>
	args = (GHashTable *) 0x80e2140
	program = (GnomeProgram *) 0x80e9410"
Comment 1 Sebastien Bacher 2009-09-03 02:42:14 UTC 
There is a similar crash on https://bugs.launchpad.net/bugs/419777

example: http://launchpadlibrarian.net/31038402/Wiley.OpenSolaris.Bible.Feb.2009.pdf

the issue is there using 0.11.3 too
Comment 2 Carlos Garcia Campos 2009-09-03 03:31:53 UTC 
I think they are different issues. The first one was a bug in evince that we already fixed some time ago. The second looks like a broken pdf file, it contains a FileSpec object with an empty EF dictionary:

4205 0 obj <</UF(C1.jpg)/F(C1.jpg)/EF<<>>/Desc()/Type/Filespec>> endobj

I'd say this is wrong . . . 

In any case we shouldn't crash when EmbFile contains a null stream. Albert, does this make qt frontend crash too? or do I mark this bug as glib only?
Comment 3 Sebastien Bacher 2009-09-03 05:04:56 UTC 
should this bug be closed if the issue was a fixed evince one and a new one opened about the new crash?
Comment 4 Albert Astals Cid 2009-09-03 15:18:50 UTC 
Crashes too on the Qt frontend, the question is, should we "stop" reporting the Embedded file from the core when we realize it's not a valid one or still report it and fail when trying to save it.

Adobe does the later, but for us would be easier the first and for the user the result is the same as he can't extract the file.

But still i think we should go fixing the frontends, what do you say?
Comment 5 Carlos Garcia Campos 2009-09-04 00:58:07 UTC 
An attachment that can't be opened/saved/... is useless, so I think we might just show an error message saying that an invalid embedded file has been found and ignore such attachment.
Comment 6 Albert Astals Cid 2009-09-05 06:24:10 UTC 
Carlos: At the end Pino and me think that mimicking Adobe's behaviour is the best so i've added a isOk() method to EmbFile in poppler core you should use in the glib frontend to avoid the crash.
Comment 7 Carlos Garcia Campos 2009-09-06 01:48:02 UTC 
Ok, fixed in glib too. Thanks!

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.