Evince crashs after last update of libpoppler2

Bug #242865 reported by jan-teichmann on 2008-06-25
Affects Status Importance Assigned to Milestone
Fix Released
evince (Ubuntu)
Ubuntu Desktop Bugs
Ubuntu Desktop Bugs
poppler (Ubuntu)
Sebastien Bacher
Sebastien Bacher

Bug Description

Binary package hint: evince

Evince 2.22.2-0ubuntu1
libpoppler2 0.6.4-1ubuntu2
ubuntu 8.04

After the last update of libpoppler2 Evince crashs by reloding a PDF document produced by pdflatex.

jan-teichmann (teichmann-jan) wrote :
Sebastien Bacher (seb128) wrote :

thank you for your bug report. what poppler update are you speaking about? could you attach an example to the bug?

Changed in evince:
assignee: nobody → desktop-bugs
importance: Undecided → Medium
status: New → Incomplete
Sebastian Breier (tomcat42) wrote :

I got exactly the same problem.
Started when poppler got updated from 0.6.4-1ubuntu1 to 0.6.4-1ubuntu2.

Sebastien Bacher (seb128) wrote :

seems similar to bug #240999

Sebastian Breier (tomcat42) wrote :

Example: http://www.artofproblemsolving.com/LaTeX/Examples/mathfanBasics.tex

Install "texlive-latex-base".
Run "pdflatex mathfanBasics.tex".
Run "evince mathfanBasics.pdf".

Do the following repeatedly until crash:
Run "pdflatex mathfanBasics.tex".
Switch to evince and press Ctrl-R (Reload).

Works every time. ;)

Sebastian Breier (tomcat42) wrote :

Yep, it looks the same.
So, which one is the duplicate?

Sebastien Bacher (seb128) wrote :

not an evince issue

Changed in evince:
status: Incomplete → Invalid
Sebastien Bacher (seb128) wrote :

the bug is a recent change right? that's likely due to bug #208485 then, I've added some comments on the upstream bug now

Changed in poppler:
importance: Undecided → Medium
status: New → Triaged
Martin Pitt (pitti) wrote :

Regression from SRU.

Changed in evince:
status: New → Invalid
Changed in poppler:
importance: Undecided → High
status: New → Confirmed
Changed in poppler:
status: Unknown → Fix Released
Download full text (5.6 KiB)

the change on bug #15302 fixed the printing issue described but now evince crashes sometimes when reloading documents

(gdb) bt
#0 FT_Done_Face (face=0xb455dd48) at
#1 0xb75ceb0d in _ft_done_face (data=0xb455dd48) at CairoFontEngine.cc:37
#2 0xb74601b0 in _cairo_user_data_array_fini (array=0xb455dc7c) at
#3 0xb74640b3 in *INT_cairo_font_face_destroy (font_face=0xb455dc70) at
#4 0xb74aa8b0 in _cairo_ft_unscaled_font_destroy (abstract_font=0xb455e010) at
#5 0xb7463e98 in _cairo_unscaled_font_destroy (unscaled_font=0xb455e010) at
#6 0xb74717e7 in _cairo_scaled_font_fini (scaled_font=0xb4560210) at
#7 0xb74718ac in *INT_cairo_scaled_font_destroy (scaled_font=0xb455e0e8) at
#8 0xb75ce0ff in CairoFont::getSubstitutionCorrection (this=0xb44046a0,
gfxFont=0x83f0870) at CairoFontEngine.cc:307
#9 0xb75d1f4f in CairoOutputDev::updateFont (this=0x8411a60, state=0x84405f8)
at CairoOutputDev.cc:390
#10 0xb6d0d0c2 in Gfx::opShowSpaceText () from /usr/lib/libpoppler.so.3
#11 0xb6d08e02 in Gfx::execOp () from /usr/lib/libpoppler.so.3
#12 0xb6d0905f in Gfx::go () from /usr/lib/libpoppler.so.3
#13 0xb6d0c1bf in Gfx::display () from /usr/lib/libpoppler.so.3
#14 0xb6d551cd in Page::displaySlice () from /usr/lib/libpoppler.so.3
#15 0xb75ca01a in _poppler_page_render (page=0x83bd518, cairo=0x83edda0,
printing=0) at poppler-page.cc:529
#16 0xb75ca157 in poppler_page_render (page=0x83bd518, cairo=0x83edda0) at

corresponding valgrind log

==30405== Invalid read of size 4
==30405== at 0x507AF64: FT_Done_Face (ftobjs.c:2017)
==30405== by 0x494EB0C: _ZL13_ft_done_facePv (CairoFontEngine.cc:37)
==30405== by 0x4A661AF: _cairo_user_data_array_fini (cairo-array.c:378)
==30405== by 0x4A6A0B2: cairo_font_face_destroy (cairo-font-face.c:144)
==30405== by 0x4AB08AF: _cairo_ft_unscaled_font_destroy
==30405== by 0x4A69E97: _cairo_unscaled_font_destroy (cairo-font-face.c:531)
==30405== by 0x4A777E6: _cairo_scaled_font_fini (cairo-scaled-font.c:587)
==30405== by 0x4A778AB: cairo_scaled_font_destroy (cairo-scaled-font.c:843)
==30405== by 0x4A6B4E7: _cairo_gstate_unset_scaled_font
==30405== by 0x4A6B53D: _cairo_gstate_set_font_face (cairo-gstate.c:1492)
==30405== by 0x4A634CE: cairo_set_font_face (cairo.c:2688)
==30405== by 0x4951F2D: CairoOutputDev::updateFont(GfxState*)
==30405== Address 0x70758d8 is 16 bytes inside a block of size 84 free'd
==30405== at 0x4023B4A: free (vg_replace_malloc.c:323)
==30405== by 0x4B455B5: g_free (gmem.c:190)
==30405== by 0x4A3CFB9: pango_parse_markup (in
==30405== by 0x458C796: (within /usr/lib/libgtk-x11-2.0.so.0.1303.0)
==30405== by 0x4AD34CE: g_object_set_property (gobject.c:697)
==30405== by 0...


Yes, that patch is now in git master, so the problem should be fixed now. Could you confirm it, please?

Changed in poppler:
status: Unknown → Confirmed
Sebastian Breier (tomcat42) wrote :

This is really annoying.
What do I have to do to get it into the updates?
Test the debdiff?
Or is everything taken care of already? :-)

Martin Pitt (pitti) wrote :

Accepted into -proposed, please test and give feedback here. Please see https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in poppler:
status: Confirmed → Fix Committed
Martin Pitt (pitti) wrote :

I worked a lot with pdflatex yesterday, and evince crashed a lot. Now I updated to the new poppler packages, and evince didn't crash a single time so far.

However, since this is a bit undefined to reproduce, I'll wait for a second positive feedback until I chalk this off as verified.

Sebastian Breier (tomcat42) wrote :

I'll test it.
Working with pdflatex all day today.

Sebastian Breier (tomcat42) wrote :

I've had no more crashes.
Reloaded quite often, but nothing.
Seems to work well. :-)

On 04/07/08 10:07 Sebastian Breier wrote:
> I've had no more crashes.
> Reloaded quite often, but nothing.
> Seems to work well. :-)

I can confirm this as well. I've been working with pdflatex and reloading
the file in evince with no crashes.

Martin Pitt (pitti) wrote :

Please upload this to intrepid ASAP.

Changed in poppler:
milestone: none → intrepid-alpha-3
assignee: nobody → seb128
status: Triaged → Fix Committed
Martin Pitt (pitti) wrote :

Copied to hardy-updates.

Changed in poppler:
status: Fix Committed → Fix Released
Steve Langasek (vorlon) wrote :

intrepid appears to have poppler 0.8.4-1.1 now; does that mean this bug is fixed there?

Sebastien Bacher (seb128) wrote :

the issue is already fixed in the intrepid version

Changed in poppler:
status: Fix Committed → Fix Released
Craig Huffstetler (xq) wrote :

Has anyone else encountered this bug in Alpha 4?

Judging from 0.10.4-2ubuntu1 in Ubuntu 9.04 Beta, this is fixed (and I've not encountered the bug for a looong time).


Changed in poppler:
status: Confirmed → Fix Released
Changed in poppler:
importance: Unknown → Medium
Changed in poppler:
importance: Medium → Unknown
Changed in poppler:
importance: Unknown → Medium
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.