After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 626298 - Evince segfaults on djvu files containing bookmark information
Evince segfaults on djvu files containing bookmark information
Status: RESOLVED INCOMPLETE
Product: evince
Classification: Core
Component: backends
2.30.x
Other Linux
: Normal normal
: ---
Assigned To: Evince Maintainers
Evince Maintainers
Depends on:
Blocks:
 
 
Reported: 2010-08-07 09:47 UTC by Strephil
Modified: 2013-11-01 21:24 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Strephil 2010-08-07 09:47:50 UTC 
Evince segfaults on the djvu file. (I can not attach this file because it is not redistributable).

Backtrace is here:
(gdb) run
Starting program: /usr/bin/evince 
[Thread debugging using libthread_db enabled]

** (evince:26725): WARNING **: Failed to create dbus proxy for org.gnome.SettingsDaemon: Could not get owner of name 'org.gnome.SettingsDaemon': no such name
[New Thread 0xb03a2b70 (LWP 26728)]
[New Thread 0xaf99fb70 (LWP 26739)]
[New Thread 0xaeea8b70 (LWP 26740)]
[Thread 0xaeea8b70 (LWP 26740) exited]

Program received signal SIGSEGV, Segmentation fault.

+ Trace 223148

Thread 2946104176 (LWP 26739)

  • #0 miniexp_cons
    from /usr/lib/libdjvulibre.so.21
  • #1 outline_sub(DJVU::GP<DJVU::DjVmNav> const&, int&, int)
    from /usr/lib/libdjvulibre.so.21
  • #2 outline_sub(DJVU::GP<DJVU::DjVmNav> const&, int&, int)
    from /usr/lib/libdjvulibre.so.21
  • #3 outline_sub(DJVU::GP<DJVU::DjVmNav> const&, int&, int)
    from /usr/lib/libdjvulibre.so.21
  • #4 ddjvu_document_get_outline
    from /usr/lib/libdjvulibre.so.21
  • #5 djvu_links_get_links_model
    at djvu-links.c line 419
  • #6 ev_document_links_get_links_model
    at ev-document-links.c line 52
  • #7 ev_job_links_run
    at ev-jobs.c line 340
  • #8 ev_job_run
    at ev-jobs.c line 210
  • #9 ev_job_thread
    at ev-job-scheduler.c line 183
  • #10 ev_job_thread_proxy
    at ev-job-scheduler.c line 213
  • #11 g_thread_create_proxy
    from /usr/lib/libglib-2.0.so.0
  • #12 start_thread
    from /lib/libpthread.so.0
  • #13 clone
    from /lib/libc.so.6 

If dbus, gvfs etc are not launched, evince displays this file properly.
If I run Evince by different user using sux or gksu, evince displays this file properly.
DjView always work properly with this file.

My system: Arch Linux (current), glib2 2.24.1, gtk2 2.20.1, evince 2.30.3, libdjvu 3.5.22
Comment 1 Strephil 2010-08-09 05:51:14 UTC 
I launced evine in gdb several times. Sometimes it does not crash. It seems to be depend upon work of various threads.

Breakpoint 1, djvu_links_get_links_model (document_links=0x81cb6f0) at djvu-links.c:415
415		DjvuDocument *djvu_document = DJVU_DOCUMENT (document_links);
(gdb) info threads
* 3 Thread 0xafb80b70 (LWP 3493)  djvu_links_get_links_model (document_links=0x81cb6f0) at djvu-links.c:415
  2 Thread 0xb0381b70 (LWP 3492)  0xb7fe1424 in __kernel_vsyscall ()
  1 Thread 0xb707c800 (LWP 3491)  0xb75ca3f3 in g_type_check_instance_is_a () from /usr/lib/libgobject-2.0.so.0
(gdb) next
[Thread 0xb0381b70 (LWP 3492) exited]
419		while ((outline = ddjvu_document_get_outline (djvu_document->d_document)) == miniexp_dummy)
(gdb) next
[New Thread 0xb0381b70 (LWP 3495)]
[New Thread 0xaef04b70 (LWP 3496)]
422		if (outline) {
(gdb) next
423			model = (GtkTreeModel *) gtk_tree_store_new (EV_DOCUMENT_LINKS_COLUMN_NUM_COLUMNS,
(gdb) next
[Thread 0xaef04b70 (LWP 3496) exited]
428			build_tree (djvu_document, model, NULL, outline);
(gdb) next
430			ddjvu_miniexp_release (djvu_document->d_document, outline);
(gdb) continue 

No crash!

But it does not work more often…
Breakpoint 1, djvu_links_get_links_model (document_links=0x81cb6f0) at djvu-links.c:415
415		DjvuDocument *djvu_document = DJVU_DOCUMENT (document_links);
(gdb) info threads
* 3 Thread 0xafb80b70 (LWP 3556)  djvu_links_get_links_model (document_links=0x81cb6f0) at djvu-links.c:415
  2 Thread 0xb0381b70 (LWP 3555)  0xb7fe1424 in __kernel_vsyscall ()
  1 Thread 0xb707c800 (LWP 3554)  0xb7feb0b5 in check_match.8333 () from /lib/ld-linux.so.2
(gdb) next
419		while ((outline = ddjvu_document_get_outline (djvu_document->d_document)) == miniexp_dummy)
(gdb) next

Program received signal SIGSEGV, Segmentation fault.
0xaf19b3be in miniexp_object(miniobj_t*) () from /usr/lib/libdjvulibre.so.21

and

Breakpoint 1, djvu_links_get_links_model (document_links=0x81cb6f0) at djvu-links.c:415
415		DjvuDocument *djvu_document = DJVU_DOCUMENT (document_links);
(gdb) info threads
* 3 Thread 0xafb80b70 (LWP 3560)  djvu_links_get_links_model (document_links=0x81cb6f0) at djvu-links.c:415
  2 Thread 0xb0381b70 (LWP 3559)  0xb7fe1424 in __kernel_vsyscall ()
  1 Thread 0xb707c800 (LWP 3558)  0xb748f0b6 in g_atomic_pointer_get () from /usr/lib/libglib-2.0.so.0
(gdb) next
419		while ((outline = ddjvu_document_get_outline (djvu_document->d_document)) == miniexp_dummy)
(gdb) next

Program received signal SIGSEGV, Segmentation fault.
0xaf19b3be in miniexp_object(miniobj_t*) () from /usr/lib/libdjvulibre.so.21
Comment 2 Strephil 2010-08-14 09:25:24 UTC 
I have found yet another file, which causes Evince segemtation fault. It is http://djvu.org/docs/DjVu3Spec.djvu , djvu-file contains NAVM chunks.
Comment 3 José Aliste 2013-04-04 20:38:15 UTC 
Hi, thanks for reporting this. Recently, I have been reworking on the djvu backend, and I can't get evince to crash with the file provided in Comment 2. Can you try to reproduce the bug in a newer version of evince. If you manage to get it crash, can you provide specific steps to reproduce the crash. 

Thanks
Comment 4 Germán Poo-Caamaño 2013-11-01 21:24:22 UTC 
Closing this bug report as no further information has been provided. Please feel free to reopen this bug if you can provide the information asked for.
Thanks!