Ubuntu
poppler package

evince crashed with SIGSEGV in DCTStream::reset()

Bug #739472 reported by smpahlman
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Poppler
Fix Released
Low
poppler (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

poppler crashes with the following backtrace:

#0 0x1775f277 in DCTStream::reset() () from /usr/lib/libpoppler.so.12
#1 0x177e5a63 in ImageStream::reset() () from /usr/lib/libpoppler.so.12
#2 0x1d7b3f94 in CairoOutputDev::drawImage (this=0x231d9458,
    state=0x2580db18, ref=0x0, str=0x24662200, width=64, height=64,
    colorMap=0x24662c38, interpolate=false, maskColors=0x0, inlineImg=true)
    at CairoOutputDev.cc:2335
#3 0x177a3665 in Gfx::doImage(Object*, Stream*, bool) ()
   from /usr/lib/libpoppler.so.12
#4 0x177a4211 in Gfx::opBeginImage(Object*, int) ()
   from /usr/lib/libpoppler.so.12
#5 0x17799ae6 in Gfx::execOp(Object*, Object*, int) ()
   from /usr/lib/libpoppler.so.12
#6 0x177a03e8 in Gfx::go(bool) () from /usr/lib/libpoppler.so.12
#7 0x177a08f7 in Gfx::display(Object*, bool) () from /usr/lib/libpoppler.so.12
#8 0x1d7af610 in CairoOutputDev::tilingPatternFill (this=0x231d9458,
    state=0x24ddc800, str=0x2425113c, paintType=1, resDict=0x251cf758,
    mat=0xb3634b80, bbox=0x242510d0, x0=12, y0=59, x1=22, y1=68, xStep=10,
    yStep=10) at CairoOutputDev.cc:735
#9 0x177a2be5 in Gfx::doTilingPatternFill(GfxTilingPattern*, bool, bool) ()
   from /usr/lib/libpoppler.so.12
#10 0x177a2f04 in Gfx::doPatternFill(bool) () from /usr/lib/libpoppler.so.12
#11 0x177a4ee8 in Gfx::opFill(Object*, int) () from /usr/lib/libpoppler.so.12
#12 0x17799ae6 in Gfx::execOp(Object*, Object*, int) ()
   from /usr/lib/libpoppler.so.12

ProblemType: Crash
DistroRelease: Ubuntu 11.04
Package: evince 2.32.0-0ubuntu11
ProcVersionSignature: Ubuntu 2.6.38-5.32-generic 2.6.38-rc6
Uname: Linux 2.6.38-5-generic i686
Architecture: i386
Date: Mon Mar 21 17:53:42 2011
ExecutablePath: /usr/bin/evince
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Alpha i386 (20110302)
ProcCmdline: evince b.pdf
ProcCmdline_: BOOT_IMAGE=/boot/vmlinuz-2.6.38-5-generic root=UUID=83bee68d-2185-40c0-bf3f-9c7e6003e0d1 ro quiet splash vt.handoff=7
ProcEnviron:
 SHELL=/bin/bash
 LANG=en_US.UTF-8
 LANGUAGE=en_US:en
ProcVersionSignature_: Ubuntu 2.6.38-5.32-generic 2.6.38-rc6
SegvAnalysis:
 Segfault happened at: 0x1bf0277 <_ZN9DCTStream5resetEv+503>: cmpl $0x52,(%eax)
 PC (0x01bf0277) ok
 source "$0x52" ok
 destination "(%eax)" (0x00000000) not located in a known VMA region (needed writable region)!
 Stack memory exhausted (SP below stack segment)
SegvReason: writing NULL VMA
Signal: 11
SourcePackage: evince
StacktraceTop:
 DCTStream::reset() () from /usr/lib/libpoppler.so.12
 ImageStream::reset() () from /usr/lib/libpoppler.so.12
 CairoOutputDev::drawImage (this=0x2491f000, state=0x246e3708, ref=0x0, str=0x244e4518, width=64, height=64, colorMap=0x243e7308, interpolate=false, maskColors=0x0, inlineImg=true) at CairoOutputDev.cc:2335
 Gfx::doImage(Object*, Stream*, bool) () from /usr/lib/libpoppler.so.12
 Gfx::opBeginImage(Object*, int) () from /usr/lib/libpoppler.so.12
Title: evince crashed with SIGSEGV in DCTStream::reset()
UpgradeStatus: Upgraded to natty on 2011-03-21 (0 days ago)
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare
XsessionErrors:
 Error: No Symbols named "mac" in the include file "macintosh_vndr/fi"
 (nautilus:1248): GConf-CRITICAL **: gconf_value_free: assertion `value != NULL' failed

Revision history for this message
smpahlman (sauli-pahlman) wrote :
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 DCTStream::reset (this=0x244e4518) at DCTStream.cc:152
 ImageStream::reset (this=0x227fc548) at Stream.cc:435
 CairoOutputDev::drawImage (this=0x2491f000, state=0x246e3708, ref=0x0, str=0x244e4518, width=64, height=64, colorMap=0x243e7308, interpolate=false, maskColors=0x0, inlineImg=true) at CairoOutputDev.cc:2335
 Gfx::doImage (this=0x2266b728, ref=0x0, str=0x244e4518, inlineImg=true) at Gfx.cc:4338
 Gfx::opBeginImage (this=0x2266b728, args=0xb36176a4, numArgs=0) at Gfx.cc:4578

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in poppler (Ubuntu):
importance: Undecided → Medium
tags: removed: need-i386-retrace
smpahlman (sauli-pahlman)
visibility: private → public
Revision history for this message
madbiologist (me-again) wrote :

It seems someone forwarded this bug upstream for you - see https://bugs.freedesktop.org/show_bug.cgi?id=36693
This bug has been fixed upstream in Poppler 0.17.2 (0.18 Beta 2).

Changed in poppler (Ubuntu):
status: New → Fix Committed
Bug Watch Updater (bug-watch-updater)
Changed in poppler:
importance: Unknown → Low
status: Unknown → Fix Released
Revision history for this message
Sebastien Bacher (seb128) wrote :

the bug should be fixed in the current version

Changed in poppler (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.