Ubuntu
poppler package

evince crashed with SIGSEGV in SampledFunction::transform()q

Bug #267324 reported by Sebastian Kuzminsky
10
Affects Status Importance Assigned to Milestone
Poppler
Fix Released
Medium
poppler (Ubuntu)
Fix Released
Medium
Ubuntu Desktop Bugs

Bug Description

Binary package hint: evince

The attached pdf crashes evince on my laptop.

ProblemType: Crash
Architecture: amd64
CrashCounter: 1
DistroRelease: Ubuntu 8.10
ExecutablePath: /usr/bin/evince
Package: evince 2.23.91-0ubuntu2
ProcAttrCurrent: unconfined
ProcCmdline: evince file:///tmp/2008SPYSupplement.pdf
ProcEnviron:
 PATH=/home/username/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
 LANG=en_US.UTF-8
 SHELL=/bin/bash
Signal: 11
SourcePackage: evince
StacktraceTop:
 SampledFunction::transform ()
 StitchingFunction::transform ()
 GfxAxialShading::getColor ()
 Gfx::doAxialShFill () from /usr/lib/libpoppler.so.3
 Gfx::doShadingPatternFill ()
Title: evince crashed with SIGSEGV in SampledFunction::transform()
Uname: Linux 2.6.26-5-generic x86_64
UserGroups: adm admin cdrom dialout fuse lpadmin plugdev sambashare

Revision history for this message
Sebastian Kuzminsky (seb-highlab) wrote :
Revision history for this message
Apport retracing service (apport) wrote : Possible regression detected

This crash has the same stack trace characteristics as bug #185226. However, the latter was already fixed in an earlier package version than the one in this report. This might be a regression or because the problem is in a dependent package.

Revision history for this message
Pedro Villavicencio (pedro) wrote :

It works fine for me with intrepid in a i386 system this is maybe only amd64 related, can you get a backtrace as described here: http://wiki.ubuntu.com/DebuggingProgramCrash ; thanks a lot.

Changed in evince:
assignee: nobody → desktop-bugs
importance: Undecided → Medium
status: New → Incomplete
Revision history for this message
Sebastian Kuzminsky (seb-highlab) wrote : Re: [Bug 267324] Re: evince crashed with SIGSEGV in SampledFunction::transform()q

Pedro Villavicencio wrote:
> It works fine for me with intrepid in a i386 system this is maybe only
> amd64 related, can you get a backtrace as described here:
> http://wiki.ubuntu.com/DebuggingProgramCrash ; thanks a lot.
>
> ** Changed in: evince (Ubuntu)
> Importance: Undecided => Medium
> Assignee: (unassigned) => Ubuntu Desktop Bugs (desktop-bugs)
> Status: New => Incomplete

Thanks for looking at this.

I installed the evince-dbgsym package, but the version of evince there
wont run. Maybe there's some step in the debugging setup that's not on
the DebuggingProgramCrash page?

I'm guessing you're not interested in a backtrace of the standard evince?

--
Sebastian Kuzminsky
"Much of what we learned from the sense of touch was unscientific
prejudice, which must be rejected if we are to have a true picture
of the world." -- Bertrand Russell

Revision history for this message
Sebastian Kuzminsky (seb-highlab) wrote : Re: [Bug 267324] Re: evince crashed with SIGSEGV in SampledFunction::transform()q

Problem still happens with evince 2.23.92-0ubuntu1.

> 0 seb@water /home/seb> dpkg -l evince{,-dbgsym}
> Desired=Unknown/Install/Remove/Purge/Hold
> | Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
> |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
> ||/ Name Version Description
> +++-=========================-=========================-==================================================================
> ii evince 2.23.92-0ubuntu1 Document (postscript, pdf) viewer
> ii evince-dbgsym 2.23.92-0ubuntu1 debug symbols for package evince
> 0 seb@water /home/seb> ldd /usr/lib*/debug/usr/bin/evince
> /usr/lib64/debug/usr/bin/evince:
> /usr/bin/ldd: line 117: /usr/lib64/debug/usr/bin/evince: cannot execute binary file
> /usr/lib/debug/usr/bin/evince:
> /usr/bin/ldd: line 117: /usr/lib/debug/usr/bin/evince: cannot execute binary file
> 1 seb@water /home/seb> file /usr/lib*/debug/usr/bin/evince
> /usr/lib64/debug/usr/bin/evince: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for GNU/Linux 2.6.8, dynamically linked (uses shared libs), not stripped
> /usr/lib/debug/usr/bin/evince: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for GNU/Linux 2.6.8, dynamically linked (uses shared libs), not stripped
> 0 seb@water /home/seb> /usr/lib/debug/usr/bin/evince
> bash: /usr/lib/debug/usr/bin/evince: cannot execute binary file
> 126 seb@water /home/seb> /usr/lib64/debug/usr/bin/evince
> bash: /usr/lib64/debug/usr/bin/evince: cannot execute binary file

What am I doing wrong when trying to run the dbgsym programs?

Revision history for this message
Brian Murray (brian-murray) wrote :

evince did not crash for me using the test document provided on an amd64 machine.

Revision history for this message
Sebastian Kuzminsky (seb-highlab) wrote : Re: [Bug 267324] Re: evince crashed with SIGSEGV in SampledFunction::transform()q

It crashed on my amd64 machine after paging down a couple of times.

Revision history for this message
In , Sebastian Kuzminsky (seb-highlab) wrote :

I have a repeatable crash with evince 2.24.0 (poppler 0.8.7) on Ubuntu Intrepid alpha 6, on an amd64 CPU (Intel Core 2 Duo). To crash it i page-down in this PDF a couple of times: <http://launchpadlibrarian.net/17355619/2008SPYSupplement.pdf>

Here's the Ubuntu bug that I originally filed: <https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/267324>

The Ubuntu bug includes a stacktrace and some other hopefully useful stuff.

Let me know what I can do to help from here...

Revision history for this message
Sebastien Bacher (seb128) wrote :

do you still get the issue? could you get a debug stacktrace?

Revision history for this message
In , Albert Astals Cid (aacid) wrote :

Should be fixed in poppler 0.10.0 due for release in October 9th

If you can try poppler from git master as of *now* and tell me if it still crashes it would be nice. I made it not crash here but a second opinion is always welcome.

Revision history for this message
Sebastian Kuzminsky (seb-highlab) wrote : Re: [Bug 267324] Re: evince crashed with SIGSEGV in SampledFunction::transform()q

I still get the crash.

I've attached a crashdump (from the regular evince package) to this
email, because I couldnt figure out how to get apport to attach it to an
existing bug.

I also couldnt figure out how to run the executable from evince-dbgsym
and i've attached a log of my attempt.

Revision history for this message
Sebastien Bacher (seb128) wrote :

don't attach crash file to bug they can contain sensible informations and should be sent using apport, you can close one of the bug as duplicate then, you need libpoppler3-dbgsym to get a debug stacktrace and use gdb on evince, gdb will use the debug symbols automatically

Revision history for this message
Sebastian Kuzminsky (seb-highlab) wrote :

Thanks for the info, i've attached a backtrace.

Revision history for this message
Sebastien Bacher (seb128) wrote :

the crash is a libpoppler one, since you are able to trigger the issue could you open the bug on bugs.freedesktop.org too where people writting the software will read it too rather than only ubuntu bug triages?

Changed in evince:
status: Incomplete → New
Revision history for this message
Sebastian Kuzminsky (seb-highlab) wrote :

Sebastien Bacher wrote:
> the crash is a libpoppler one, since you are able to trigger the issue
> could you open the bug on bugs.freedesktop.org too where people writting
> the software will read it too rather than only ubuntu bug triages?
>
> ** Changed in: poppler (Ubuntu)
> Sourcepackagename: evince => poppler
> Status: Incomplete => New

Here it is:

<https://bugs.freedesktop.org/show_bug.cgi?id=17852>

--
Sebastian Kuzminsky
Distances obtained as the speed of light multiplied by a cosmological
time interval have no direct physical significance.
<http://en.wikipedia.org/wiki/Observable_universe>

Revision history for this message
Greg Grossmeier (greg.grossmeier) wrote :

From upstream (a request for confirmation of the fix)
----
Should be fixed in poppler 0.10.0 due for release in October 9th

If you can try poppler from git master as of *now* and tell me if it still
crashes it would be nice. I made it not crash here but a second opinion is
always welcome.
----

Changed in poppler:
status: New → Triaged
Bug Watch Updater (bug-watch-updater)
Changed in poppler:
status: Unknown → Fix Released
Revision history for this message
Pedro Villavicencio (pedro) wrote :

fixed upstream, thanks for reporting.

Changed in poppler:
status: Triaged → Fix Committed
Revision history for this message
DSHR (s-heuer) wrote :

Will the new poppler version make it into intrepid? I encounter the same bug in intrepid beta.

Revision history for this message
Sebastien Bacher (seb128) wrote :

the new version has been uploaded to jaunty now

Changed in poppler:
status: Fix Committed → Fix Released
Revision history for this message
DSHR (s-heuer) wrote :

Seems to be fixed for me in jaunty ...

Revision history for this message
In , Albert Astals Cid (aacid) wrote :

*** Bug 21491 has been marked as a duplicate of this bug. ***

Bug Watch Updater (bug-watch-updater)
Changed in poppler:
importance: Unknown → Medium
Bug Watch Updater (bug-watch-updater)
Changed in poppler:
importance: Medium → Unknown
Bug Watch Updater (bug-watch-updater)
Changed in poppler:
importance: Unknown → Medium
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.