random crash (SIGSEGV) in NameToCharCode::hash
I got a random crash (SIGSEGV
) in NameToCharCode::hash
in evince when I
was viewing a PDF.
I am using evince 41.3-1 with GNOME 41, mesa 21.2.6-1 and the Linux kernel 5.15.5-1, with all packages provided by Debian bookworm.
I have included the relevant Linux kernel log entry and short backtrace below and attached the full backtrace and some debugging.
I am not sure if this is a poppler bug or an evince bug, please reassign to poppler if appropriate.
I am not able to reproduce this crash, so if the information provided is not useful, please close this bug report.
The core dump will be available for the next two weeks if further information is needed and after that it will be auto-deleted.
Dec 07 15:20:54 kernel: traps: EvJobScheduler[1760727] general protection fault ip:7f72dc8be856 sp:7f72dd39cb18 error:0 in libpoppler.so.102.0.0[7f72dc7ef000+177000]
#0 0x00007f72dc8be856 in NameToCharCode::hash(char const*) const (this=this@entry=0x4002604189374bc7, name=name@entry=0x7f72dc971f49 "space") at ./poppler/NameToCharCode.cc:131
#1 0x00007f72dc8be873 in NameToCharCode::lookup(char const*) const (this=0x4002604189374bc7, name=name@entry=0x7f72dc971f49 "space") at ./poppler/NameToCharCode.cc:110
#2 0x00007f72dc89f439 in GlobalParams::mapNameToUnicodeText(char const*) (this=<optimized out>, charName=charName@entry=0x7f72dc971f49 "space") at ./poppler/GlobalParams.cc:581
#3 0x00007f72dc87a009 in Gfx8BitFont::Gfx8BitFont(XRef*, char const*, Ref, GooString*, GfxFontType, Ref, Dict*) (this=0x7f72c0016830, xref=<optimized out>, tagA=<optimized out>, idA=..., nameA=<optimized out>, typeA=<optimized out>, embFontIDA=..., fontDict=0x7f72c156e8f0) at /usr/include/c++/10/bits/unique_ptr.h:413
#4 0x00007f72dc87e377 in GfxFont::makeFont(XRef*, char const*, Ref, Dict*) (xref=xref@entry=0x7f72c0040af0, tagA=0x7f72c30bf840 "TT0", idA=..., idA@entry=..., fontDict=0x7f72c156e8f0) at ./poppler/GfxFont.cc:214
#5 0x00007f72dc87e5d1 in GfxFontDict::GfxFontDict(XRef*, Ref*, Dict*) (this=0x7f72c30ba0a0, xref=0x7f72c0040af0, fontDictRef=0x0, fontDict=0x7f72c30e3bf0) at ./poppler/GfxFont.cc:2349
#6 0x00007f72dc85e6eb in GfxResources::GfxResources(XRef*, Dict*, GfxResources*) (this=0x7f72c2f7e040, xrefA=<optimized out>, resDictA=0x7f72dd39d210, nextA=0x7f72c3152d70) at ./poppler/Gfx.cc:255
#7 0x00007f72dc869c5a in Gfx::pushResources(Dict*) (this=this@entry=0x7f72c30868d0, resDict=0x7f72c274f190) at ./poppler/Gfx.cc:5321
#8 0x00007f72dc86ba48 in Gfx::drawForm(Object*, Dict*, double const*, double const*, bool, bool, GfxColorSpace*, bool, bool, bool, Function*, GfxColor*) (this=0x7f72c30868d0, str=0x7f72dd39d500, resDict=<optimized out>, matrix=0x7f72dd39d460, bbox=0x7f72dd39d440, transpGroup=<optimized out>, softMask=false, blendingColorSpace=0x0, isolated=false, knockout=false, alpha=false, transferFunc=0x0, backdropColor=0x0) at ./poppler/Gfx.cc:4715
#9 0x00007f72dc871f29 in Gfx::doForm(Object*) (this=this@entry=0x7f72c30868d0, str=str@entry=0x7f72dd39d500) at ./poppler/Gfx.cc:4696
#10 0x00007f72dc872770 in Gfx::opXObject(Object*, int) (this=0x7f72c30868d0, args=<optimized out>, numArgs=<optimized out>) at ./poppler/Gfx.cc:4115
#11 0x00007f72dc86b357 in Gfx::go(bool) (this=this@entry=0x7f72c30868d0, topLevel=topLevel@entry=true) at ./poppler/Gfx.cc:679
#12 0x00007f72dc86b870 in Gfx::display(Object*, bool) (this=this@entry=0x7f72c30868d0, obj=obj@entry=0x7f72dd39d8d0, topLevel=topLevel@entry=true) at ./poppler/Gfx.cc:640
#13 0x00007f72dc8c3978 in Page::display(Gfx*) (this=<optimized out>, gfx=gfx@entry=0x7f72c30868d0) at ./poppler/Page.cc:610
#14 0x00007f72dca78cbc in poppler_page_get_text_page(PopplerPage*) (page=0x559ec350f540 [PopplerPage]) at ./glib/poppler-page.cc:260
#15 0x00007f72dca7b041 in poppler_page_get_selection_region(PopplerPage*, gdouble, PopplerSelectionStyle, PopplerRectangle*) (page=page@entry=0x559ec350f540 [PopplerPage], scale=scale@entry=1, style=style@entry=POPPLER_SELECTION_GLYPH, selection=selection@entry=0x7f72dd39d9a0) at ./glib/poppler-page.cc:612
#16 0x00007f72dcafa1a6 in pdf_document_text_get_text_mapping (document_text=<optimized out>, page=<optimized out>) at ../backend/pdf/ev-poppler.c:2501
#17 0x00007f72e5a43696 in ev_job_page_data_run (job=0x559ec3be7640 [EvJobPageData]) at ../libview/ev-jobs.c:761
#18 0x00007f72e5a451c7 in ev_job_thread (job=0x559ec3be7640 [EvJobPageData]) at ../libview/ev-job-scheduler.c:184
#19 ev_job_thread_proxy (data=<optimized out>) at ../libview/ev-job-scheduler.c:217
#20 0x00007f72e58b1f5d in g_thread_proxy (data=0x559ec37f7920) at ../../../glib/gthread.c:827
#21 0x00007f72e44c0eae in start_thread (arg=0x7f72dd39e640) at pthread_create.c:463
#22 0x00007f72e4800a5f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
-- bye, pabs