Control: reassign -1 libpoppler-glib8 0.71.0-6
Control: affects -1 + evince
Control: notfound -1 0.85.0-1
On Sat, 27 Jun 2020 at 21:44:46 +0200, Erik Auerswald wrote:
>I wanted to read the PDF version of the IETF RFC 8798 document using
>evince, the GNOME Document Viewer. This public standard document is
>accessible at https://www.rfc-editor.org/rfc/rfc8798.pdf .
>
>When trying to open the PDF file with evince using
>
> evince rfc8708.pdf
>
>the GNOME Document Viewer "evince" crashes with a segmentation fault.
I can reproduce this on unstable (note to poppler maintainers: the
original report was against buster). Here's a backtrace.
It looks as though a PopplerAttachment somehow has an invalid pointer
at attachment->checksum, so I'm guessing this is more likely to be a
bug in the poppler library than in evince.
This appears to have been fixed in libpoppler-glib8_0.85.0-1 in
experimental (or at least, I can't reproduce it in that version) so
perhaps there is a fix that can be backported.
Regards,
smcv
Thread 6 "EvJobScheduler" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f491e4ec700 (LWP 139528)]
0x7f4926f67c7c in g_string_free (string=0x,
free_segment=free_segment@entry=1) at ../../../glib/gstring.c:215
215 ../../../glib/gstring.c: No such file or directory.
(gdb) bt full
#0 0x7f4926f67c7c in g_string_free (string=0x,
free_segment=free_segment@entry=1) at ../../../glib/gstring.c:215
_g_boolean_var_ =
segment =
__func__ = "g_string_free"
#1 0x7f491dc22c53 in poppler_attachment_finalize(GObject*)
(obj=0x55d1dde5d460 [PopplerAttachment])
at ./glib/poppler-attachment.cc:88
attachment = 0x55d1dde5d460 [PopplerAttachment]
#2 0x7f492703509e in g_object_unref (_object=) at
../../../gobject/gobject.c:3499
weak_locations =
old_ref =
__func__ = "g_object_unref"
object = 0x55d1dde5d460 [PopplerAttachment]
__func__ = "g_object_unref"
#3 g_object_unref (_object=0x55d1dde5d460) at ../../../gobject/gobject.c:3391
object = 0x55d1dde5d460 [PopplerAttachment]
__func__ = "g_object_unref"
#4 0x7f491dc9817e in
pdf_document_attachments_get_attachments(EvDocumentAttachments*)
(document=)
at ev-poppler.cc:4222
ev_attachment =
data = 0x55d1de094960 "\nhttp://www.w3.org/2001/XInclude\; version=\"3\" category=\"std\"
consensus=\"true\" docName=\"draft-ietf-core-senml-more-units-06\"
indexInclude=\"true\" ipr"...
attachment = 0x55d1dde5d460 [PopplerAttachment]
size = 51880
error = 0x0
pdf_document =
attachments =
list = 0x55d1ddb16c20 = {0x55d1dde5d460}
retval = 0x55d1ddb17180 = {0x55d1dde3b560}
#5 0x7f4927d8b77a in ev_job_attachments_run (job=0x55d1dde5d630
[EvJobAttachments]) at ev-jobs.c:472
job_attachments = 0x55d1dde5d630 [EvJobAttachments]
#6 0x7f4927d8d7da in ev_job_thread (job=0x55d1dde5d630 [EvJobAttachments])
at ev-job-scheduler.c:184
result =
job = 0x55d1ddc582f0
#7 ev_job_thread_proxy (data=) at ev-job-scheduler.c:217
job = 0x55d1ddc582f0
#8 0x7f4926f6e52d in g_thread_proxy (data=0x55d1dde36580) at
../../../glib/gthread.c:807
thread = 0x55d1dde36580
__func__ = "g_thread_proxy"
#9 0x7f4926d97f27 in start_thread (arg=) at
pthread_create.c:479
ret =
pd =
unwind_buf =
{cancel_jmp_buf = {{jmp_buf = {139952017819392,
4879852856656241710, 140730885663534, 140730885663535, 139952017816704,
139952017819392, -4815890835605576658, -4815766494322252754}, mask_was_saved =
0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0,
canceltype = 0}}}
not_first_call = 0
#10 0x7f4926cc931f in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:95