Bug 90628

Summary: Specific PDF causes assertion failure
Product: poppler Reporter: bugs.freedesktop.org
Component: cairo backendAssignee: poppler-bugs <poppler-bugs>
Status: RESOLVED INVALID QA Contact:
Severity: normal    
Priority: medium    
Version: unspecified   
Hardware: x86-64 (AMD64)   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:
Attachments: Backtrace of pdftocairo

Description bugs.freedesktop.org 2015-05-25 11:59:51 UTC
Created attachment 116024 [details]
Backtrace of pdftocairo

A specific PDF file (which I cannot post publically, but I suppose I could send to people personally) causes poppler 0.32's cairo backend as used by evince and pdftocairo to crash on an assertion failure. The backtrace is attached. The crash only happens if I try to convert page 7, which contains a picture that looks to be vector-based. pdftohtml works without crash.
Comment 1 Jose Aliste 2015-05-25 23:25:45 UTC
$ coredumpctl gdb 24087
           PID: 24087 (pdftocairo)
           UID: 1000 (jona)
           GID: 1000 (jona)
        Signal: 6 (ABRT)
     Timestamp: Mo 2015-05-25 13:53:27 CEST (21s ago)
  Command Line: pdftocairo -png Studium/Recherche 2015-04-18/erkl  rung/p407-fielding.pdf -f 7 -l 7
    Executable: /usr/bin/pdftocairo
 Control Group: /user.slice/user-1000.slice/session-c2.scope
          Unit: session-c2.scope
         Slice: user-1000.slice
       Session: c2
     Owner UID: 1000 (jona)
       Boot ID: b800156b3480421d97a23016a00e2ca1
    Machine ID: 12ec684ab3604b65ac60b0feafea03d6
      Hostname: jona-crucial-m500
      Coredump: /var/lib/systemd/coredump/core.pdftocairo.1000.b800156b3480421d97a23016a00e2ca1.24087.1432554807000000.lz4
       Message: Process 24087 (pdftocairo) of user 1000 dumped core.

GNU gdb (GDB) 7.9.1
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/pdftocairo...(no debugging symbols found)...done.
[New LWP 24087]

warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
Core was generated by `pdftocairo -png Studium/Recherche 2015-04-18/erklärung/p407-fielding.pdf -f 7'.
Program terminated with signal SIGABRT, Aborted.
#0  0x00007f48d4e43528 in raise () from /usr/lib/libc.so.6
(gdb) bt
#0  0x00007f48d4e43528 in raise () from /usr/lib/libc.so.6
#1  0x00007f48d4e4493a in abort () from /usr/lib/libc.so.6
#2  0x00007f48d4e3c3a7 in __assert_fail_base () from /usr/lib/libc.so.6
#3  0x00007f48d4e3c452 in __assert_fail () from /usr/lib/libc.so.6
#4  0x00007f48d5d32a4c in _cairo_scaled_glyph_page_destroy (scaled_font=<optimized out>, page=<optimized out>) at cairo-scaled-font.c:459
#5  0x00007f48d5d32bd1 in _cairo_scaled_font_free_last_glyph (scaled_font=0x25095a0, scaled_glyph=<optimized out>) at cairo-scaled-font.c:2912
#6  0x00007f48d5d34bcf in _cairo_scaled_glyph_lookup (scaled_font=scaled_font@entry=0x25095a0, index=0, info=info@entry=CAIRO_SCALED_GLYPH_INFO_PATH, scaled_glyph_ret=scaled_glyph_ret@entry=0x7ffee16beea0) at cairo-scaled-font.c:2993
#7  0x00007f48d5d35ede in _cairo_scaled_font_glyph_path (scaled_font=0x25095a0, glyphs=glyphs@entry=0x7ffee16bef10, num_glyphs=<optimized out>, path=path@entry=0x243d4d8) at cairo-scaled-font.c:2647
#8  0x00007f48d5cfb52c in _cairo_gstate_glyph_path (gstate=0x2508950, glyphs=0x24b5b40, num_glyphs=5, path=0x243d4d8) at cairo-gstate.c:2090
#9  0x00007f48d5cec942 in cairo_glyph_path (cr=0x243d170, glyphs=<optimized out>, num_glyphs=<optimized out>) at cairo.c:3552
#10 0x000000000040c3ac in ?? ()
#11 0x00007f48d63c7011 in Gfx::doShowText(GooString*) () from /usr/lib/libpoppler.so.51
#12 0x00007f48d63c78c5 in Gfx::opShowText(Object*, int) () from /usr/lib/libpoppler.so.51
#13 0x00007f48d63bfd1e in Gfx::go(bool) () from /usr/lib/libpoppler.so.51
#14 0x00007f48d63c01c0 in Gfx::display(Object*, bool) () from /usr/lib/libpoppler.so.51
#15 0x00007f48d6405f85 in Page::displaySlice(OutputDev*, double, double, int, bool, bool, int, int, int, int, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) () from /usr/lib/libpoppler.so.51
#16 0x0000000000408cce in ?? ()
#17 0x00007f48d4e30790 in __libc_start_main () from /usr/lib/libc.so.6
#18 0x0000000000409cc9 in ?? ()
Comment 2 Jason Crain 2015-09-07 20:03:44 UTC
Can you send me the PDF? jason@aquaticape.us
Comment 3 Albert Astals Cid 2016-10-09 20:42:45 UTC
Jason did you ever get the file or should we just close this?
Comment 4 Jason Crain 2016-10-09 21:26:51 UTC
(In reply to Albert Astals Cid from comment #3)
> Jason did you ever get the file or should we just close this?

No, I never received the file.  Closing.  BTW I suspect it's a cairo bug as it looks the same as #85141.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.