33935 – epdfview and evince segfault on application close with some pdfs

Bug 33935 - epdfview and evince segfault on application close with some pdfs

Summary: epdfview and evince segfault on application close with some pdfs

Status:	RESOLVED NOTABUG

Alias:	None

Product:	poppler
Classification:	Unclassified
Component:	general (show other bugs)
Version:	unspecified
Hardware:	x86-64 (AMD64) Linux (All)

Importance:	medium major
Assignee:	poppler-bugs
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2011-02-05 06:26 UTC by jakob.gruber
Modified:	2011-02-06 06:58 UTC (History)
CC List:	1 user (show)

See Also:
i915 platform:
i915 features:

Attachments
backtrace for epdfview (2.15 KB, text/plain) 2011-02-05 08:30 UTC, Ionut Biru	Details
backtrace for evince (26.05 KB, text/plain) 2011-02-05 08:31 UTC, Ionut Biru	Details
View All

Description jakob.gruber 2011-02-05 06:26:25 UTC

Using poppler 0.16.2, both epdfview and evince segfault on application exit with some pdfs.

A pdf without segfaults: http://db.tt/uJaQdMF
And one that causes segfaults: http://db.tt/Nr9ezgn
Another one with segfaults: http://www.isr.umd.edu/~jwh2/papers/faim2000ncat.pdf

Archlinux, both i686 and x86_64.

Comment 1 Albert Astals Cid 2011-02-05 06:32:50 UTC

Please provide a gdb and a valgrind trace

Comment 2 Ionut Biru 2011-02-05 08:30:24 UTC

Created attachment 42965 [details]
backtrace for epdfview

Comment 3 Ionut Biru 2011-02-05 08:31:38 UTC

Created attachment 42966 [details]
backtrace for evince

Comment 4 Ionut Biru 2011-02-05 08:33:47 UTC

for evince valgrind didn't had any errors and for epdfview

==10211== Invalid free() / delete / delete[]
==10211==    at 0x4023D2C: free (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==10211==    by 0x408FAB5: g_free (gmem.c:263)
==10211==    by 0x804F241: ePDFView::IDocument::~IDocument() (IDocument.cxx:167)
==10211==    by 0x80544F2: ePDFView::PDFDocument::~PDFDocument() (PDFDocument.cxx:49)
==10211==    by 0x805453A: ePDFView::PDFDocument::~PDFDocument() (PDFDocument.cxx:58)
==10211==    by 0x8051ECC: ePDFView::MainPter::~MainPter() (MainPter.cxx:77)
==10211==    by 0x8051F40: ePDFView::MainPter::~MainPter() (MainPter.cxx:79)
==10211==    by 0x804E5D2: main (main.cxx:95)
==10211==  Address 0x1 is not stack'd, malloc'd or (recently) free'd
==10211==

Comment 5 Jose Aliste 2011-02-05 10:21:59 UTC

This seems to be a evince bug (at least for the evince part) see https://bugzilla.gnome.org/show_bug.cgi?bug=638312

Comment 6 Albert Astals Cid 2011-02-06 03:51:19 UTC

Traces don't seem to show a poppler bug i'd say though i'm no epdfview/evince expert

Comment 7 jakob.gruber 2011-02-06 06:58:43 UTC

FYI, the following patch fixes the segfault in epdfview:

--- src/IDocument.cxx   2011-02-06 14:45:34.173334040 +0100
+++ src/IDocument.cxx    2011-02-06 14:51:23.173334040 +0100
@@ -135,7 +135,11 @@
     m_FindPage = 0;
     m_Format = NULL;
     m_Keywords = NULL;
+#if defined (HAVE_POPPLER_0_15_1)
+    m_Linearized = FALSE;
+#else
     m_Linearized = NULL;
+#endif
     m_ModifiedDate = NULL;
     m_PageCache = NULL;
     m_PageCacheAge = 0;
@@ -164,7 +168,9 @@
     g_free (m_FileName);
     g_free (m_Format);
     g_free (m_Keywords);
+#if !defined (HAVE_POPPLER_0_15_1)
     g_free (m_Linearized);
+#endif
     g_free (m_ModifiedDate);
     g_free (m_Password);
     g_free (m_Producer);

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.