qpdfview

Crash / core dump due to opening PDF files by clicking on hyperlinks

Bug #1647172 reported by Peter Mattern
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
qpdfview
Confirmed
High
Unassigned

Bug Description

Recent VCS commits of qpdfview are sporadically crashing and dumping core on Arch Linux when PDF files are opened by clicking a hyperlink in web browsers.

It doesn't matter whether qpdfview isn't running but is started when the link is clicked or whether it had been running before. When the same link is clicked again once more the documents are opened as expected.

Stack trace and backtrace are attached. Debug symbols hadn't been enabled yet (I'm normally building VCS packages by scripts, see discussion in AUR package qpdfview-bzr) but the output was rather verbose nonetheless.

2028 compiled against Poppler 0.49.0 on Arch Linux x86_64.

Tags: crash
Revision history for this message
Peter Mattern (pmattern) wrote :
Adam Reichold (adamreichold)
Changed in qpdfview:
status: New → Confirmed
importance: Undecided → High
Revision history for this message
Adam Reichold (adamreichold) wrote :

Hello Peter,

thank you for taking the time to report this. From a quick look at the back trace, the crash seems localized in LCMS (a "bt full" instead of a plain "bt" might be helpful). My guess is that this particular usage of LCMS via Poppler is not thread-safe but we are using Poppler concurrently as version 0.49 is advertised to be.

Of course, this implies the question on how to fix this. My guess is that we have to take this upstream to Poppler or even further up to LCMS. Poppler does contain a threading stress test [1] which does load links and should hence trigger the same issues as between threads 19653 and 19652 in your back trace. So if you are able to run that test and reproduce this issue on your system, we would probably get a simpler back trace and a solid case for a Poppler bug report and maybe even an idea how to fix this...

Best regards, Adam.

[1] https://cgit.freedesktop.org/poppler/poppler/tree/qt5/tests/stress-threads-qt5.cpp

Revision history for this message
Peter Mattern (pmattern) wrote :

I haven't used those tests so far and my time is pretty limited right now. So I fear I would need some advice in order to run those tests in a rather timely manner.

Revision history for this message
Adam Reichold (adamreichold) wrote :

Hello again,

the tests should be relatively straight forward to run if you have the build-time dependencies installed and an example document at hand. I tested this on an openSUSE machine, but I guess expect from installing build-time dependencies, it should work the same on Arch Linux:

> git clone https://anongit.freedesktop.org/git/poppler/poppler.git
> mkdir poppler-build
> cd poppler-build
> cmake ../poppler

Make sure that the configuration includes "qt5 wrapper: yes".

> make -j`nproc`
> ./qt5/tests/stress-threads-qt5 <durationInSeconds> <threadsThatOnlyRender> <threadsThatDoEverything> <documentFile>

Select a sufficiently long duration, e.g. a few minutes, have at least one thread rendering on each CPU and have a lot of threads that do everything else, e.g. three for each core or something, and use a file which triggered the issue previously. If you can reproduce the crash, do the same using the debugger.

> gdb ./qt5/tests/stress-threads-qt5
(gdb) run <durationInSeconds> <threadsThatOnlyRender> <threadsThatDoEverything> <documentFile>

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.