GNOME Bugzilla – Bug 638312
crash in ev_document_info_free
Last modified: 2011-04-11 00:33:10 UTC
Version: 2.32.0 What were you doing when the application crashed? VIewing http://download.microsoft.com/download/5/c/0/5c0bd0ab-040d-4c56-a60b-661001012dda/windows_server_2008_r2_e-book.pdf. The crash occurred when closing Evince. Distribution: Gentoo Base System release 2.0.1 Gnome Release: 2.32.1 2010-12-24 (Gentoo) BugBuddy Version: 2.32.0 System: Linux 2.6.36-gentoo-r4 #1 PREEMPT Sat Dec 11 18:22:03 CET 2010 x86_64 X Vendor: The X.Org Foundation X Vendor Release: 10902902 Selinux: No Accessibility: Disabled GTK+ Theme: Clearlooks-DarkLime Icon Theme: oxygen GTK+ Modules: canberra-gtk-module, gnomesegvhandler Memory status: size: 463028224 vsize: 463028224 resident: 57929728 share: 18546688 rss: 57929728 rss_rlim: 18446744073709551615 CPU usage: start_time: 1293666968 rtime: 919 utime: 819 stime: 100 cutime:0 cstime: 0 timeout: 0 it_real_value: 0 frequency: 100 Backtrace was generated from '/usr/bin/evince' [Thread debugging using libthread_db enabled] [New Thread 0x7fe23f932710 (LWP 16442)] [New Thread 0x7fe245007710 (LWP 16437)] [New Thread 0x7fe246009710 (LWP 16435)] 0x000000328f80ee7d in waitpid () from /lib/libpthread.so.0
+ Trace 225325
Thread 1 (Thread 0x7fe246e528e0 (LWP 16432))
A debugging session is active. Inferior 1 [process 16432] will be detached. Quit anyway? (y or n) [answered Y; input not from terminal]
I try and I try but evince don't crash version 2.32.0 Using poppler/cairo (0.14.5) FC14
Works fine even with Evince 2.30.2 Thanks for taking the time to report this bug. Unfortunately, that stack trace is missing some elements that will help a lot to solve the problem, so it will be hard for the developers to fix that crash. Can you get us a stack trace with debugging symbols? Please see http://live.gnome.org/GettingTraces for more information on how to do so. Thanks in advance!
Created attachment 179695 [details] gdb backtrace
Created attachment 179696 [details] bzip2 compressed valgrind run of evince
This bug has been seen by over 20 people in the Ubuntu 11.04 alpha - https://bugs.launchpad.net/bugs/708404 . I can reproduce it as well. Above are attached a gdb backtrace of the segmentation violation, as well as a valgrind run on evince when it crashes. My system is x86-64. Running the default evince install - evince 2.32.0. Glib is 2.27.92.
Thanks for the traces.
I have the Ubuntu 11.04 source package on my system, and got the same crash when building from the default source. I looked at the closest evince part to the backtrace and it was the same as the packaged backtrace. The line in question in the ev_document_info_free() function is $ cat -n ev-document.c | grep 756 756 g_free (info->linearized) While I don't see reference to poppler in the backtrace, I do know a lot of linearization changes have been made in poppler recently. So that is quite possibly related.
What poppler version are you using? depending on the poppler version you might need this patch: http://git.gnome.org/browse/evince/commit/?id=f77e6cf4fd7fef49ac91d8c62b6a9a993529adb8
Ubuntu 11.04 alpha uses poppler 0.16.0. I applied the patch and the segmentation violation went away, the session now ends: (evince:11527): GLib-GObject-WARNING **: g_object_weak_unref: couldn't find weak ref 0x7fb7781201a0(0x7fb770003ac0) (evince:11527): GLib-GObject-WARNING **: invalid uninstantiatable type `<invalid>' in cast to `GObject' (evince:11527): GLib-GObject-CRITICAL **: g_object_steal_data: assertion `G_IS_OBJECT (object)' failed (evince:11527): GLib-GObject-WARNING **: instance of invalid non-instantiatable type `<invalid>' (evince:11527): GLib-GObject-CRITICAL **: g_signal_handlers_disconnect_matched: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed Looking through the evince source - in this version, and in the latest git commit, I still see places where linearization is dealt with, without alternative #ifdef statements, I don't know if the patch mitigates all, or just some of that. Nonetheless, evince no longer crashes when closing with the crash, now it just spits out the assertion errors.
If you are using poppler 0.16 you shouldn't need the #ifdefs, just use the new api. Why are you still using evince 2.32 in new ubuntu?
*** Bug 639076 has been marked as a duplicate of this bug. ***
we have the same bug for evince in arch after we switched to poppler 0.16. i was thinking that is might be a bug in poppler and i reported to them. https://bugs.freedesktop.org/show_bug.cgi?id=33935 there you can find a gdb backtrace but it doesn't have any trace in poppler.
patch from https://bugzilla.gnome.org/show_bug.cgi?id=638312#c8 fix the problem
Shall we close the bug if patch attached in comment#8 fix the crash ?
> Shall we close the bug if patch attached in comment#8 fix the crash ? I would say so. The backported patch works for Ubuntu and Arch, and should work for Gentoo as well (proper poppler/evince version syncing would fix it for Gentoo as well).
*** Bug 643600 has been marked as a duplicate of this bug. ***
*** Bug 645055 has been marked as a duplicate of this bug. ***
*** Bug 645823 has been marked as a duplicate of this bug. ***
*** Bug 646265 has been marked as a duplicate of this bug. ***
*** Bug 647376 has been marked as a duplicate of this bug. ***
*** Bug 642224 has been marked as a duplicate of this bug. ***