Bug 315794 – Reloading a ps via CNTR-R crashes evince

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 315794 - Reloading a ps via CNTR-R crashes evince


Summary:	Reloading a ps via CNTR-R crashes evince


Status:	RESOLVED DUPLICATE of bug 314986

Product:	evince
Classification:	Core
Component:	general
Version:	0.3.x
Hardware:	Other other

Importance:	Normal critical
Target Milestone:	---
Assigned To:	Evince Maintainers
QA Contact:	Evince Maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2005-08-31 20:50 UTC by grs8g
Modified:	2005-09-11 05:31 UTC

See Also:
GNOME target:	---
GNOME version:	2.9/2.10

Description grs8g 2005-09-09 16:28:30 UTC

Distribution: Fedora Core release 4 (Stentz)
Package: evince
Severity: critical
Version: GNOME2.10.0 0.3.x
Gnome-Distributor: Red Hat, Inc
Synopsis: Reloading a ps via CNTR-R crashes evince
Bugzilla-Product: evince
Bugzilla-Component: general
Bugzilla-Version: 0.3.x
BugBuddy-GnomeVersion: 2.0 (2.10.0)
Description:
Description of the crash:
Reloading a ps file in evince via CNTR-R causes it to crash

Steps to reproduce the crash:
1.  evince a postscript file
2. press CNTR-R

Expected Results:
Crash occurs with following error message

*** glibc detected *** evince: free(): invalid pointer: 0x0a1fb498 ***
======= Backtrace: =========
/lib/libc.so.6[0xac9124]
/lib/libc.so.6(__libc_free+0x77)[0xac965f]
/usr/lib/libglib-2.0.so.0(g_free+0x22)[0x33bb44]
evince[0x8080448]
/usr/lib/libgobject-2.0.so.0(g_object_unref+0xc0)[0x5f6c42]
/usr/lib/libgobject-2.0.so.0(g_object_set_valist+0x5cd)[0x5fb7d6]
/usr/lib/libgobject-2.0.so.0(g_object_set+0x52)[0x5fba5a]
evince(ev_page_action_set_document+0x46)[0x805c893]
evince[0x8066392]
evince(ev_window_open+0x130)[0x8066705]
evince[0x8066e99]
/usr/lib/libgobject-2.0.so.0(g_cclosure_marshal_VOID__VOID+0x47)[0x600817]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x10a)[0x5f5285]
/usr/lib/libgobject-2.0.so.0[0x60378b]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x6ab)[0x604ee0]
/usr/lib/libgobject-2.0.so.0(g_signal_emit+0x29)[0x605254]
/usr/lib/libgtk-x11-2.0.so.0[0x76d136]
/usr/lib/libgtk-x11-2.0.so.0[0x76dbdb]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x10a)[0x5f5285]
/usr/lib/libgobject-2.0.so.0[0x60378b]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x41e)[0x604c53]
/usr/lib/libgobject-2.0.so.0(g_signal_emit+0x29)[0x605254]
/usr/lib/libgtk-x11-2.0.so.0(gtk_accel_group_activate+0xd1)[0x768083]
/usr/lib/libgtk-x11-2.0.so.0(gtk_accel_groups_activate+0xe3)[0x768a1b]
/usr/lib/libgtk-x11-2.0.so.0(gtk_window_activate_key+0xff)[0x920686]
/usr/lib/libgtk-x11-2.0.so.0[0x9206ee]
/usr/lib/libgtk-x11-2.0.so.0[0x832352]
/usr/lib/libgobject-2.0.so.0[0x5f4d9b]
/usr/lib/libgobject-2.0.so.0(g_closure_invoke+0x10a)[0x5f5285]
/usr/lib/libgobject-2.0.so.0[0x603917]
/usr/lib/libgobject-2.0.so.0(g_signal_emit_valist+0x41e)[0x604c53]
/usr/lib/libgobject-2.0.so.0(g_signal_emit+0x29)[0x605254]
/usr/lib/libgtk-x11-2.0.so.0[0x90dac3]
/usr/lib/libgtk-x11-2.0.so.0(gtk_propagate_event+0x1d3)[0x830bc9]
/usr/lib/libgtk-x11-2.0.so.0(gtk_main_do_event+0x329)[0x830ef4]
/usr/lib/libgdk-x11-2.0.so.0[0x14cd6e]
/usr/lib/libglib-2.0.so.0(g_main_context_dispatch+0x1dc)[0x3353ee]
/usr/lib/libglib-2.0.so.0[0x3383f6]
/usr/lib/libglib-2.0.so.0(g_main_loop_run+0x1a1)[0x3386e3]
/usr/lib/libgtk-x11-2.0.so.0(gtk_main+0xb4)[0x8301b5]
evince(main+0x230)[0x806d1f0]
/lib/libc.so.6(__libc_start_main+0xdf)[0xa7ad5f]
evince(__gxx_personality_v0+0x291)[0x8059b61]
======= Memory map: ========
00111000-0018d000 r-xp 00000000 03:03 1708452   
/usr/lib/libgdk-x11-2.0.so.0.600.7
0018d000-00194000 rwxp 0007c000 03:03 1708452   
/usr/lib/libgdk-x11-2.0.so.0.600.7
00194000-001b7000 r-xp 00000000 03:03 1708457   
/usr/lib/libk5crypto.so.3.0
001b7000-001b8000 rwxp 00023000 03:03 1708457   
/usr/lib/libk5crypto.so.3.0
001b8000-001bc000 r-xp 00000000 03:03 1708473   
/usr/lib/libORBitCosNaming-2.so.0.0.0
001bc000-001bd000 rwxp 00004000 03:03 1708473   
/usr/lib/libORBitCosNaming-2.so.0.0.0
001bd000-001bf000 r-xp 00000000 03:03 1856703   
/usr/X11R6/lib/X11/locale/lib/common/xlcDef.so.2
001bf000-001c0000 rwxp 00001000 03:03 1856703   
/usr/X11R6/lib/X11/locale/lib/common/xlcDef.so.2
001c0000-001c1000 r-xp 00000000 03:03 1755794   
/usr/lib/gconv/ISO8859-1.so
001c1000-001c3000 rwxp 00000000 03:03 1755794   
/usr/lib/gconv/ISO8859-1.so
001c3000-001d3000 r-xp 00000000 03:03 1890295   
/usr/lib/gtk-2.0/2.4.0/engines/libclearlooks.so
001d3000-001d4000 rwxp 0000f000 03:03 1890295   
/usr/lib/gtk-2.0/2.4.0/engines/libclearlooks.so
001d4000-001db000 r-xp 00000000 03:03 1984173   
/usr/lib/gnome-vfs-2.0/modules/libfile.so
001db000-001dc000 rwxp 00006000 03:03 1984173   
/usr/lib/gnome-vfs-2.0/modules/libfile.so
001dc000-001e2000 r-xp 00000000 03:03 1701655   
/usr/lib/libfam.so.0.0.0
001e2000-001e3000 rwxp 00006000 03:03 1701655   
/usr/lib/libfam.so.0.0.0
001e3000-001e7000 r-xp 00000000 03:03 1887549   
/usr/lib/gtk-2.0/2.4.0/loaders/libpixbufloader-png.so
001e7000-001e8000 rwxp 00003000 03:03 1887549   
/usr/lib/gtk-2.0/2.4.0/loaders/libpixbufloader-png.so
001e8000-001ea000 r-xp 00000000 03:03 1887489   
/usr/lib/pango/1.4.0/modules/pango-basic-fc.so
001ea000-001eb000 rwxp 00001000 03:03 1887489   
/usr/lib/pango/1.4.0/modules/pango-basic-fc.so
001f6000-0020d000 r-xp 00000000 03:03 1708463   
/usr/X11R6/lib/libICE.so.6.3
0020d000-0020e000 rwxp 00016000 03:03 1708463   
/usr/X11R6/lib/libICE.so.6.3
0020e000-00210000 rwxp 0020e000 00:00 0
00212000-00230000 r-xp 00000000 03:03 1697371   
/usr/lib/libjpeg.so.62.0.0
00230000-00231000 rwxp 0001d000 03:03 1697371   
/usr/lib/libjpeg.so.62.0.0
00233000-00248000 r-xp 00000000 03:03 1708382   
/usr/lib/libart_lgpl_2.so.2.3.17
00248000-00249000 rwxp 00014000 03:03 1708382   
/usr/lib/libart_lgpl_2.so.2.3.17
0024b000-00252000 r-xp 00000000 03:03 1708249   
/usr/X11R6/lib/libXi.so.6.0
00252000-00253000 rwxp 00006000 03:03 1708249   
/usr/X11R6/lib/libXi.so.6.0
00255000-00278000 r-xp 00000000 03:03 1708370   
/usr/lib/libpng12.so.0.1.2.8
00278000-00279000 rwxp 00023000 03:03 1708370   
/usr/lib/libpng12.so.0.1.2.8
0027b000-002c6000 r-xp 00000000 03:03 1708471   
/usr/lib/libORBit-2.so.0.0.0
002c6000-002d3000 rwxp 0004a000 03:03 1708471   
/usr/lib/libORBit-2.so.0.0.0
002d9000-002dd000 r-xp 00000000 03:03 1708470   
/usr/lib/libgthread-2.0.so.0.600.4
002dd000-002de000 rwxp 00003000 03:03 1708470   
/usr/lib/libgthread-2.0.so.0.600.4
002e0000-002f1000 r-xp 00000000 03:03 1708474   
/usr/lib/libbonobo-activation.so.4.0.0
002f1000-002f4000 rwxp 00010000 03:03 170847Killed


How often does this happen?

Every time

Additional Information:



Debugging Information:

Backtrace was generated from '/usr/bin/evince'

(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread -1208555040 (LWP 11613)]
[New Thread -1211106384 (LWP 11614)]
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
0x0067e402 in ?? ()

+ Trace 62876

Thread 1 (Thread -1208555040 (LWP 11613))

#0 ??
#1 __waitpid_nocancel
from /lib/libpthread.so.0
#2 libgnomeui_module_info_get
from /usr/lib/libgnomeui-2.so.0
#3 <signal handler called>
#4 ??
#5 g_closure_invoke
from /usr/lib/libgobject-2.0.so.0
#6 g_signal_stop_emission
from /usr/lib/libgobject-2.0.so.0
#7 g_signal_emit_valist
from /usr/lib/libgobject-2.0.so.0
#8 g_signal_emit
from /usr/lib/libgobject-2.0.so.0
#9 ev_job_finished
#10 ev_document_find_changed
#11 g_child_watch_add
from /usr/lib/libglib-2.0.so.0
#12 g_main_context_dispatch
from /usr/lib/libglib-2.0.so.0
#13 g_main_context_check
from /usr/lib/libglib-2.0.so.0
#14 g_main_loop_run
from /usr/lib/libglib-2.0.so.0
#15 gtk_main
from /usr/lib/libgtk-x11-2.0.so.0
#16 main





------- Bug moved to this database by unknown@gnome.bugs 2005-09-09 16:28 UTC -------


The original reporter of this bug does not have
   an account here. Reassigning to the person who moved
   it here, unknown@gnome.bugs.
   Previous reporter was grs8g@virginia.edu.

Comment 1 Brent Smith (smitten) 2005-09-11 05:31:46 UTC

I can reproduce this with 0.4.0 after reloading about 3-4 times, but not with
the double free() error.  However, it looks like it has been fixed in CVS.
Tentatively marking this as a duplicate of bug 314986, correct me if I'm wrong here.

*** This bug has been marked as a duplicate of 314986 ***