Bug#1073010: evince: Crash on every beamer pdf re-compilation
Bernhard Übelacker
bernhardu at mailbox.org
Tue Jun 25 14:22:05 BST 2024
On Wed, 12 Jun 2024 10:09:08 +0200 julien.puydt at gmail.com wrote:
> Hi,
>
> I made a few more tests and found out it only happened in fullscreen
> mode: no problem in window mode.
Hello,
I am not maintainer of evince, just trying to collect some more information about the crash.
I was able to reproduce a crash by following steps inside a minimal test VM:
man -Tpdf man >man.pdf
man -Tpdf xterm >xterm.pdf
export DISPLAY=:0
export LANG=C
cat man.pdf > test.pdf
evince test.pdf
"Present as slideshow"
cat xterm.pdf > test.pdf
The backtrace with debug symbols looks like this:
(gdb) bt
#0 g_type_check_instance (type_instance=type_instance at entry=0x561f3f347eb0) at ../../../gobject/gtype.c:4259
#1 0x00007ff235e3b788 in g_signal_handlers_disconnect_matched (instance=instance at entry=0x561f3f347eb0, mask=mask at entry=(G_SIGNAL_MATCH_FUNC | G_SIGNAL_MATCH_DATA), signal_id=signal_id at entry=0, detail=detail at entry=0, closure=closure at entry=0x0, func=func at entry=0x7ff235f11af0 <job_finished_cb>, data=0x561f3f3a6560) at ../../../gobject/gsignal.c:2993
#2 0x00007ff235f120f5 in ev_view_presentation_delete_job (job=0x561f3f347eb0, pview=0x561f3f3a6560) at ../libview/ev-view-presentation.c:405
#3 ev_view_presentation_delete_job (job=0x561f3f347eb0, pview=0x561f3f3a6560) at ../libview/ev-view-presentation.c:399
#4 ev_view_presentation_reset_jobs (pview=pview at entry=0x561f3f3a6560) at ../libview/ev-view-presentation.c:413
#5 0x00007ff235f12200 in ev_view_presentation_dispose (object=0x561f3f3a6560) at ../libview/ev-view-presentation.c:972
#6 0x00007ff235e2604b in g_object_unref (_object=0x561f3f3a6560) at ../../../gobject/gobject.c:4413
#7 0x0000561f3e497a7f in ev_window_set_document (document=0x7ff204408620, ev_window=0x561f3eee8070) at ../shell/ev-window.c:1771
#8 ev_window_document_changed_cb (model=<optimized out>, pspec=<optimized out>, ev_window=0x561f3eee8070) at ../shell/ev-window.c:5251
#9 0x00007ff235e20730 in g_closure_invoke (closure=0x561f3f07f5b0, return_value=0x0, n_param_values=2, param_values=0x7ffd9b668b70, invocation_hint=0x7ffd9b668ac0) at ../../../gobject/gclosure.c:834
#10 0x00007ff235e3487c in signal_emit_unlocked_R (node=node at entry=0x7ffd9b668c40, detail=detail at entry=1305, instance=instance at entry=0x561f3ed617f0, emission_return=emission_return at entry=0x0, instance_and_params=instance_and_params at entry=0x7ffd9b668b70) at ../../../gobject/gsignal.c:3888
#11 0x00007ff235e36281 in signal_emit_valist_unlocked (instance=instance at entry=0x561f3ed617f0, signal_id=signal_id at entry=1, detail=detail at entry=1305, var_args=var_args at entry=0x7ffd9b668da0) at ../../../gobject/gsignal.c:3520
#12 0x00007ff235e3bf06 in g_signal_emit_valist (instance=0x561f3ed617f0, signal_id=1, detail=1305, var_args=0x7ffd9b668da0) at ../../../gobject/gsignal.c:3263
#13 0x00007ff235e3bfc3 in g_signal_emit (instance=instance at entry=0x561f3ed617f0, signal_id=<optimized out>, detail=<optimized out>) at ../../../gobject/gsignal.c:3583
#14 0x00007ff235e24924 in g_object_dispatch_properties_changed (object=0x561f3ed617f0, n_pspecs=<optimized out>, pspecs=<optimized out>) at ../../../gobject/gobject.c:1819
#15 0x00007ff235e283b9 in g_object_notify_by_spec_internal (pspec=<optimized out>, object=0x561f3ed617f0) at ../../../gobject/gobject.c:1924
#16 g_object_notify (object=0x561f3ed617f0, property_name=property_name at entry=0x7ff235f1553a "document") at ../../../gobject/gobject.c:1974
#17 0x00007ff235ee84a2 in ev_document_model_set_document (model=<optimized out>, document=<optimized out>) at ../libview/ev-document-model.c:384
#18 0x0000561f3e490231 in ev_window_reload_job_cb (job=0x561f3efcfef0, ev_window=0x561f3eee8070) at ../shell/ev-window.c:2018
#19 0x00007ff235e20730 in g_closure_invoke (closure=0x561f3f3cbf40, return_value=0x0, n_param_values=1, param_values=0x7ffd9b6690d0, invocation_hint=0x7ffd9b669020) at ../../../gobject/gclosure.c:834
#20 0x00007ff235e3487c in signal_emit_unlocked_R (node=node at entry=0x7ffd9b669180, detail=detail at entry=0, instance=instance at entry=0x561f3efcfef0, emission_return=emission_return at entry=0x0, instance_and_params=instance_and_params at entry=0x7ffd9b6690d0) at ../../../gobject/gsignal.c:3888
#21 0x00007ff235e36281 in signal_emit_valist_unlocked (instance=instance at entry=0x561f3efcfef0, signal_id=signal_id at entry=395, detail=detail at entry=0, var_args=var_args at entry=0x7ffd9b6692e0) at ../../../gobject/gsignal.c:3520
#22 0x00007ff235e3bf06 in g_signal_emit_valist (instance=0x561f3efcfef0, signal_id=395, detail=0, var_args=0x7ffd9b6692e0) at ../../../gobject/gsignal.c:3263
#23 0x00007ff235e3bfc3 in g_signal_emit (instance=<optimized out>, signal_id=<optimized out>, detail=detail at entry=0) at ../../../gobject/gsignal.c:3583
#24 0x00007ff235eeb2db in emit_finished (job=<optimized out>) at ../libview/ev-jobs.c:178
#25 emit_finished (job=<optimized out>) at ../libview/ev-jobs.c:168
#26 0x00007ff235d17e3f in g_main_dispatch (context=context at entry=0x561f3ecef130) at ../../../glib/gmain.c:3344
#27 0x00007ff235d19ec7 in g_main_context_dispatch_unlocked (context=0x561f3ecef130) at ../../../glib/gmain.c:4152
#28 g_main_context_iterate_unlocked (context=context at entry=0x561f3ecef130, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at ../../../glib/gmain.c:4217
#29 0x00007ff235d1a4e0 in g_main_context_iteration (context=context at entry=0x561f3ecef130, may_block=may_block at entry=1) at ../../../glib/gmain.c:4282
#30 0x00007ff23508548d in g_application_run (application=application at entry=0x561f3edc9560, argc=argc at entry=0, argv=argv at entry=0x0) at ../../../gio/gapplication.c:2712
#31 0x0000561f3e47f063 in main (argc=<optimized out>, argv=<optimized out>) at ../shell/main.c:318
Attached file contains more output and
a valgrind run, which points to a use-after-free.
There exists an upstream report which might be related,
at least has a few equal last frames.
That one needs not replacing the pdf,
just rotating in "Present as slideshow" mode e.g. by Ctrl+cursor left/right.
https://gitlab.gnome.org/GNOME/evince/-/issues/2004
Kind regards,
Bernhard
-------------- next part --------------
# Trixie/testing amd64 qemu VM 2024-06-25
apt install systemd-coredump xserver-xorg slim jwm xterm gdb valgrind
apt install man groff
apt install --no-install-recommends evince
apt install evince-dbgsym libglib2.0-0t64-dbgsym libevview3-3t64-dbgsym
man -Tpdf man >man.pdf
man -Tpdf xterm >xterm.pdf
export DISPLAY=:0
export LANG=C
cat man.pdf > test.pdf
evince test.pdf
"Present as slideshow"
cat xterm.pdf > test.pdf
benutzer at debian:~$ evince test.pdf
(evince:2701): dbind-WARNING **: 14:54:38.844: AT-SPI: Error retrieving accessibility bus address: org.freedesktop.DBus.Error.ServiceUnknown: The name org.a11y.Bus was not provided by any .service files
(evince:2701): Gtk-CRITICAL **: 14:54:38.947: Unable to create user data directory '/home/benutzer/.local/share' for storing the recently used files list: Permission denied
Segmentation fault (core dumped)
benutzer at debian:~$
journalctl -e
Jun 25 14:54:51 debian kernel: evince[2701]: segfault at 561a5ecb9067 ip 00007ff235e461ed sp 00007ffd9b6688a0 error 4 in libgobject-2.0.so.0.8000.2[7ff235e19000+35000] likely on CPU 7 (core 7, socket 0)
Jun 25 14:54:51 debian kernel: Code: 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 f3 0f 1e fa 48 83 ec 08 48 85 ff 0f 84 8f 00 00 00 48 8b 07 48 85 c0 0f 84 a3 00 00 00 <48> 8b 10 48 81 fa fc 03 00 00 76 47 48 89 d6 b8 01 00 0>
benutzer at debian:~$ coredumpctl list
Hint: You are currently not seeing messages from other users and the system.
Users in groups 'adm', 'systemd-journal' can see all messages.
Pass -q to turn off this notice.
TIME PID UID GID SIG COREFILE EXE SIZE
Tue 2024-06-25 14:54:52 CEST 2701 1000 1000 SIGSEGV present /usr/bin/evince 3.2M
benutzer at debian:~$
benutzer at debian:~$ coredumpctl gdb --debugger-argument=-q 2701
Hint: You are currently not seeing messages from other users and the system.
Users in groups 'adm', 'systemd-journal' can see all messages.
Pass -q to turn off this notice.
PID: 2701 (evince)
UID: 1000 (benutzer)
GID: 1000 (benutzer)
Signal: 11 (SEGV)
Timestamp: Tue 2024-06-25 14:54:51 CEST (1min 15s ago)
Command Line: evince test.pdf
Executable: /usr/bin/evince
Control Group: /user.slice/user-1000.slice/session-4.scope
Unit: session-4.scope
Slice: user-1000.slice
Session: 4
Owner UID: 1000 (benutzer)
Boot ID: 35a8ebfa81c6488c8f7eaeff4313c505
Machine ID: 16e4d7437c19482b8c85581d3feaba09
Hostname: debian
Storage: /var/lib/systemd/coredump/core.evince.1000.35a8ebfa81c6488c8f7eaeff4313c505.2701.1719320091000000.zst (present)
Size on Disk: 3.2M
Message: Process 2701 (evince) of user 1000 dumped core.
Module libzstd.so.1 from deb libzstd-1.5.5+dfsg2-2.amd64
Module libblkid.so.1 from deb util-linux-2.40.1-8.1.amd64
Module libmount.so.1 from deb util-linux-2.40.1-8.1.amd64
Module libudev.so.1 from deb systemd-256-1.amd64
Module libsystemd.so.0 from deb systemd-256-1.amd64
Stack trace of thread 2701:
#0 0x00007ff235e461ed g_type_check_instance (libgobject-2.0.so.0 + 0x3c1ed)
#1 0x00007ff235e3b788 g_signal_handlers_disconnect_matched (libgobject-2.0.so.0 + 0x31788)
#2 0x00007ff235f120f5 n/a (libevview3.so.3 + 0x450f5)
#3 0x00007ff235f12200 n/a (libevview3.so.3 + 0x45200)
#4 0x00007ff235e2604b g_object_unref (libgobject-2.0.so.0 + 0x1c04b)
#5 0x0000561f3e497a7f n/a (evince + 0x3ba7f)
#6 0x00007ff235e20730 g_closure_invoke (libgobject-2.0.so.0 + 0x16730)
#7 0x00007ff235e3487c n/a (libgobject-2.0.so.0 + 0x2a87c)
#8 0x00007ff235e36281 n/a (libgobject-2.0.so.0 + 0x2c281)
#9 0x00007ff235e3bf06 g_signal_emit_valist (libgobject-2.0.so.0 + 0x31f06)
#10 0x00007ff235e3bfc3 g_signal_emit (libgobject-2.0.so.0 + 0x31fc3)
#11 0x00007ff235e24924 n/a (libgobject-2.0.so.0 + 0x1a924)
#12 0x00007ff235e283b9 g_object_notify (libgobject-2.0.so.0 + 0x1e3b9)
#13 0x0000561f3e490231 n/a (evince + 0x34231)
#14 0x00007ff235e20730 g_closure_invoke (libgobject-2.0.so.0 + 0x16730)
#15 0x00007ff235e3487c n/a (libgobject-2.0.so.0 + 0x2a87c)
#16 0x00007ff235e36281 n/a (libgobject-2.0.so.0 + 0x2c281)
#17 0x00007ff235e3bf06 g_signal_emit_valist (libgobject-2.0.so.0 + 0x31f06)
#18 0x00007ff235e3bfc3 g_signal_emit (libgobject-2.0.so.0 + 0x31fc3)
#19 0x00007ff235eeb2db n/a (libevview3.so.3 + 0x1e2db)
#20 0x00007ff235d17e3f n/a (libglib-2.0.so.0 + 0x59e3f)
#21 0x00007ff235d19ec7 n/a (libglib-2.0.so.0 + 0x5bec7)
#22 0x00007ff235d1a4e0 g_main_context_iteration (libglib-2.0.so.0 + 0x5c4e0)
#23 0x00007ff23508548d g_application_run (libgio-2.0.so.0 + 0xe648d)
#24 0x0000561f3e47f063 main (evince + 0x23063)
#25 0x00007ff234bf9c8a n/a (libc.so.6 + 0x27c8a)
#26 0x00007ff234bf9d45 __libc_start_main (libc.so.6 + 0x27d45)
#27 0x0000561f3e47f1d1 _start (evince + 0x231d1)
Stack trace of thread 2713:
#0 0x00007ff234c6ae87 n/a (libc.so.6 + 0x98e87)
#1 0x00007ff234c6b7a9 malloc (libc.so.6 + 0x997a9)
#2 0x00007ff22c406078 _ZN8TextWord14ensureCapacityEi (libpoppler.so.134 + 0x206078)
#3 0x00007ff22c406107 _ZN8TextWord7addCharEPK8GfxStateP12TextFontInfoddddiijjRK6Matrix (libpoppler.so.134 + 0x206107)
#4 0x00007ff22c40e51b _ZN8TextPage7addCharEPK8GfxStateddddjiPKji (libpoppler.so.134 + 0x20e51b)
#5 0x00007ff22c3633c2 _ZN3Gfx10doShowTextEPK9GooString (libpoppler.so.134 + 0x1633c2)
#6 0x00007ff22c35b42d _ZN3Gfx15opShowSpaceTextEP6Objecti (libpoppler.so.134 + 0x15b42d)
#7 0x00007ff22c352d35 _ZN3Gfx2goEb (libpoppler.so.134 + 0x152d35)
#8 0x00007ff22c353704 _ZN3Gfx7displayEP6Objectb (libpoppler.so.134 + 0x153704)
#9 0x00007ff22c3b1638 _ZN4Page7displayEP3Gfx (libpoppler.so.134 + 0x1b1638)
#10 0x00007ff2308fb09c n/a (libpoppler-glib.so.8 + 0x2d09c)
#11 0x00007ff2308fd146 poppler_page_get_selected_region (libpoppler-glib.so.8 + 0x2f146)
#12 0x00007ff23121ef06 n/a (libpdfdocument.so + 0x9f06)
#13 0x00007ff235eec7bb n/a (libevview3.so.3 + 0x1f7bb)
#14 0x00007ff235eee5cf n/a (libevview3.so.3 + 0x215cf)
#15 0x00007ff235d47bb1 n/a (libglib-2.0.so.0 + 0x89bb1)
#16 0x00007ff234c5bdab n/a (libc.so.6 + 0x89dab)
#17 0x00007ff234cdd9f8 n/a (libc.so.6 + 0x10b9f8)
Stack trace of thread 2712:
#0 0x00007ff234cdb9f9 syscall (libc.so.6 + 0x1099f9)
#1 0x00007ff235d76114 g_cond_wait (libglib-2.0.so.0 + 0xb8114)
#2 0x00007ff235ce235b n/a (libglib-2.0.so.0 + 0x2435b)
#3 0x00007ff235ce280b g_async_queue_pop (libglib-2.0.so.0 + 0x2480b)
#4 0x00007ff2343a0257 n/a (libpangoft2-1.0.so.0 + 0xc257)
#5 0x00007ff235d47bb1 n/a (libglib-2.0.so.0 + 0x89bb1)
#6 0x00007ff234c5bdab n/a (libc.so.6 + 0x89dab)
#7 0x00007ff234cdd9f8 n/a (libc.so.6 + 0x10b9f8)
Stack trace of thread 2705:
#0 0x00007ff234cdb9f9 syscall (libc.so.6 + 0x1099f9)
#1 0x00007ff235d762e0 g_cond_wait_until (libglib-2.0.so.0 + 0xb82e0)
#2 0x00007ff235ce2333 n/a (libglib-2.0.so.0 + 0x24333)
#3 0x00007ff235ce2965 g_async_queue_timeout_pop (libglib-2.0.so.0 + 0x24965)
#4 0x00007ff235d485ad n/a (libglib-2.0.so.0 + 0x8a5ad)
#5 0x00007ff235d47bb1 n/a (libglib-2.0.so.0 + 0x89bb1)
#6 0x00007ff234c5bdab n/a (libc.so.6 + 0x89dab)
#7 0x00007ff234cdd9f8 n/a (libc.so.6 + 0x10b9f8)
Stack trace of thread 2703:
#0 0x00007ff234cd047f __poll (libc.so.6 + 0xfe47f)
#1 0x00007ff235d19e15 n/a (libglib-2.0.so.0 + 0x5be15)
#2 0x00007ff235d1a4e0 g_main_context_iteration (libglib-2.0.so.0 + 0x5c4e0)
#3 0x00007ff235d1a531 n/a (libglib-2.0.so.0 + 0x5c531)
#4 0x00007ff235d47bb1 n/a (libglib-2.0.so.0 + 0x89bb1)
#5 0x00007ff234c5bdab n/a (libc.so.6 + 0x89dab)
#6 0x00007ff234cdd9f8 n/a (libc.so.6 + 0x10b9f8)
Stack trace of thread 2702:
#0 0x00007ff234cdb9f9 syscall (libc.so.6 + 0x1099f9)
#1 0x00007ff235d76114 g_cond_wait (libglib-2.0.so.0 + 0xb8114)
#2 0x00007ff235ce235b n/a (libglib-2.0.so.0 + 0x2435b)
#3 0x00007ff235d483ea n/a (libglib-2.0.so.0 + 0x8a3ea)
#4 0x00007ff235d47bb1 n/a (libglib-2.0.so.0 + 0x89bb1)
#5 0x00007ff234c5bdab n/a (libc.so.6 + 0x89dab)
#6 0x00007ff234cdd9f8 n/a (libc.so.6 + 0x10b9f8)
Stack trace of thread 2706:
#0 0x00007ff234cd047f __poll (libc.so.6 + 0xfe47f)
#1 0x00007ff235d19e15 n/a (libglib-2.0.so.0 + 0x5be15)
#2 0x00007ff235d1a4e0 g_main_context_iteration (libglib-2.0.so.0 + 0x5c4e0)
#3 0x00007ff2313d79cd n/a (libdconfsettings.so + 0xb9cd)
#4 0x00007ff235d47bb1 n/a (libglib-2.0.so.0 + 0x89bb1)
#5 0x00007ff234c5bdab n/a (libc.so.6 + 0x89dab)
#6 0x00007ff234cdd9f8 n/a (libc.so.6 + 0x10b9f8)
Stack trace of thread 2704:
#0 0x00007ff234cd047f __poll (libc.so.6 + 0xfe47f)
#1 0x00007ff235d19e15 n/a (libglib-2.0.so.0 + 0x5be15)
#2 0x00007ff235d1a7cf g_main_loop_run (libglib-2.0.so.0 + 0x5c7cf)
#3 0x00007ff2350c3a6a n/a (libgio-2.0.so.0 + 0x124a6a)
#4 0x00007ff235d47bb1 n/a (libglib-2.0.so.0 + 0x89bb1)
#5 0x00007ff234c5bdab n/a (libc.so.6 + 0x89dab)
#6 0x00007ff234cdd9f8 n/a (libc.so.6 + 0x10b9f8)
ELF object binary architecture: AMD x86-64
Reading symbols from /usr/bin/evince...
(No debugging symbols found in /usr/bin/evince)
warning: Can't open file /SYSV00000000 (deleted) during file-backed mapping note processing
[New LWP 2701]
[New LWP 2713]
[New LWP 2712]
[New LWP 2705]
[New LWP 2703]
[New LWP 2702]
[New LWP 2706]
[New LWP 2704]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `evince test.pdf'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007ff235e461ed in g_type_check_instance () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
[Current thread is 1 (Thread 0x7ff231678ac0 (LWP 2701))]
(gdb) set pagination off
(gdb) set width 0
(gdb) bt
#0 0x00007ff235e461ed in g_type_check_instance () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#1 0x00007ff235e3b788 in g_signal_handlers_disconnect_matched () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#2 0x00007ff235f120f5 in ?? () from /lib/x86_64-linux-gnu/libevview3.so.3
#3 0x00007ff235f12200 in ?? () from /lib/x86_64-linux-gnu/libevview3.so.3
#4 0x00007ff235e2604b in g_object_unref () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#5 0x0000561f3e497a7f in ?? ()
#6 0x00007ff235e20730 in g_closure_invoke () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#7 0x00007ff235e3487c in ?? () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#8 0x00007ff235e36281 in ?? () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#9 0x00007ff235e3bf06 in g_signal_emit_valist () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#10 0x00007ff235e3bfc3 in g_signal_emit () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#11 0x00007ff235e24924 in ?? () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#12 0x00007ff235e283b9 in g_object_notify () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#13 0x0000561f3e490231 in ?? ()
#14 0x00007ff235e20730 in g_closure_invoke () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#15 0x00007ff235e3487c in ?? () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#16 0x00007ff235e36281 in ?? () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#17 0x00007ff235e3bf06 in g_signal_emit_valist () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#18 0x00007ff235e3bfc3 in g_signal_emit () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#19 0x00007ff235eeb2db in ?? () from /lib/x86_64-linux-gnu/libevview3.so.3
#20 0x00007ff235d17e3f in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#21 0x00007ff235d19ec7 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#22 0x00007ff235d1a4e0 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#23 0x00007ff23508548d in g_application_run () from /lib/x86_64-linux-gnu/libgio-2.0.so.0
#24 0x0000561f3e47f063 in main ()
(gdb)
Core was generated by `evince test.pdf'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 g_type_check_instance (type_instance=type_instance at entry=0x561f3f347eb0) at ../../../gobject/gtype.c:4259
4259 ../../../gobject/gtype.c: Datei oder Verzeichnis nicht gefunden.
[Current thread is 1 (Thread 0x7ff231678ac0 (LWP 2701))]
(gdb) set pagination off
(gdb) set width 0
(gdb) bt
#0 g_type_check_instance (type_instance=type_instance at entry=0x561f3f347eb0) at ../../../gobject/gtype.c:4259
#1 0x00007ff235e3b788 in g_signal_handlers_disconnect_matched (instance=instance at entry=0x561f3f347eb0, mask=mask at entry=(G_SIGNAL_MATCH_FUNC | G_SIGNAL_MATCH_DATA), signal_id=signal_id at entry=0, detail=detail at entry=0, closure=closure at entry=0x0, func=func at entry=0x7ff235f11af0 <job_finished_cb>, data=0x561f3f3a6560) at ../../../gobject/gsignal.c:2993
#2 0x00007ff235f120f5 in ev_view_presentation_delete_job (job=0x561f3f347eb0, pview=0x561f3f3a6560) at ../libview/ev-view-presentation.c:405
#3 ev_view_presentation_delete_job (job=0x561f3f347eb0, pview=0x561f3f3a6560) at ../libview/ev-view-presentation.c:399
#4 ev_view_presentation_reset_jobs (pview=pview at entry=0x561f3f3a6560) at ../libview/ev-view-presentation.c:413
#5 0x00007ff235f12200 in ev_view_presentation_dispose (object=0x561f3f3a6560) at ../libview/ev-view-presentation.c:972
#6 0x00007ff235e2604b in g_object_unref (_object=0x561f3f3a6560) at ../../../gobject/gobject.c:4413
#7 0x0000561f3e497a7f in ev_window_set_document (document=0x7ff204408620, ev_window=0x561f3eee8070) at ../shell/ev-window.c:1771
#8 ev_window_document_changed_cb (model=<optimized out>, pspec=<optimized out>, ev_window=0x561f3eee8070) at ../shell/ev-window.c:5251
#9 0x00007ff235e20730 in g_closure_invoke (closure=0x561f3f07f5b0, return_value=0x0, n_param_values=2, param_values=0x7ffd9b668b70, invocation_hint=0x7ffd9b668ac0) at ../../../gobject/gclosure.c:834
#10 0x00007ff235e3487c in signal_emit_unlocked_R (node=node at entry=0x7ffd9b668c40, detail=detail at entry=1305, instance=instance at entry=0x561f3ed617f0, emission_return=emission_return at entry=0x0, instance_and_params=instance_and_params at entry=0x7ffd9b668b70) at ../../../gobject/gsignal.c:3888
#11 0x00007ff235e36281 in signal_emit_valist_unlocked (instance=instance at entry=0x561f3ed617f0, signal_id=signal_id at entry=1, detail=detail at entry=1305, var_args=var_args at entry=0x7ffd9b668da0) at ../../../gobject/gsignal.c:3520
#12 0x00007ff235e3bf06 in g_signal_emit_valist (instance=0x561f3ed617f0, signal_id=1, detail=1305, var_args=0x7ffd9b668da0) at ../../../gobject/gsignal.c:3263
#13 0x00007ff235e3bfc3 in g_signal_emit (instance=instance at entry=0x561f3ed617f0, signal_id=<optimized out>, detail=<optimized out>) at ../../../gobject/gsignal.c:3583
#14 0x00007ff235e24924 in g_object_dispatch_properties_changed (object=0x561f3ed617f0, n_pspecs=<optimized out>, pspecs=<optimized out>) at ../../../gobject/gobject.c:1819
#15 0x00007ff235e283b9 in g_object_notify_by_spec_internal (pspec=<optimized out>, object=0x561f3ed617f0) at ../../../gobject/gobject.c:1924
#16 g_object_notify (object=0x561f3ed617f0, property_name=property_name at entry=0x7ff235f1553a "document") at ../../../gobject/gobject.c:1974
#17 0x00007ff235ee84a2 in ev_document_model_set_document (model=<optimized out>, document=<optimized out>) at ../libview/ev-document-model.c:384
#18 0x0000561f3e490231 in ev_window_reload_job_cb (job=0x561f3efcfef0, ev_window=0x561f3eee8070) at ../shell/ev-window.c:2018
#19 0x00007ff235e20730 in g_closure_invoke (closure=0x561f3f3cbf40, return_value=0x0, n_param_values=1, param_values=0x7ffd9b6690d0, invocation_hint=0x7ffd9b669020) at ../../../gobject/gclosure.c:834
#20 0x00007ff235e3487c in signal_emit_unlocked_R (node=node at entry=0x7ffd9b669180, detail=detail at entry=0, instance=instance at entry=0x561f3efcfef0, emission_return=emission_return at entry=0x0, instance_and_params=instance_and_params at entry=0x7ffd9b6690d0) at ../../../gobject/gsignal.c:3888
#21 0x00007ff235e36281 in signal_emit_valist_unlocked (instance=instance at entry=0x561f3efcfef0, signal_id=signal_id at entry=395, detail=detail at entry=0, var_args=var_args at entry=0x7ffd9b6692e0) at ../../../gobject/gsignal.c:3520
#22 0x00007ff235e3bf06 in g_signal_emit_valist (instance=0x561f3efcfef0, signal_id=395, detail=0, var_args=0x7ffd9b6692e0) at ../../../gobject/gsignal.c:3263
#23 0x00007ff235e3bfc3 in g_signal_emit (instance=<optimized out>, signal_id=<optimized out>, detail=detail at entry=0) at ../../../gobject/gsignal.c:3583
#24 0x00007ff235eeb2db in emit_finished (job=<optimized out>) at ../libview/ev-jobs.c:178
#25 emit_finished (job=<optimized out>) at ../libview/ev-jobs.c:168
#26 0x00007ff235d17e3f in g_main_dispatch (context=context at entry=0x561f3ecef130) at ../../../glib/gmain.c:3344
#27 0x00007ff235d19ec7 in g_main_context_dispatch_unlocked (context=0x561f3ecef130) at ../../../glib/gmain.c:4152
#28 g_main_context_iterate_unlocked (context=context at entry=0x561f3ecef130, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at ../../../glib/gmain.c:4217
#29 0x00007ff235d1a4e0 in g_main_context_iteration (context=context at entry=0x561f3ecef130, may_block=may_block at entry=1) at ../../../glib/gmain.c:4282
#30 0x00007ff23508548d in g_application_run (application=application at entry=0x561f3edc9560, argc=argc at entry=0, argv=argv at entry=0x0) at ../../../gio/gapplication.c:2712
#31 0x0000561f3e47f063 in main (argc=<optimized out>, argv=<optimized out>) at ../shell/main.c:318
(gdb) display/i $pc
1: x/i $pc
=> 0x7ff235e461ed <g_type_check_instance+29>: mov (%rax),%rdx
(gdb) print/x $rax
$1 = 0x561a5ecb9067
(gdb)
benutzer at debian:~$ valgrind evince test.pdf
==3180== Memcheck, a memory error detector
==3180== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==3180== Using Valgrind-3.20.0 and LibVEX; rerun with -h for copyright info
==3180== Command: evince test.pdf
==3180==
(evince:3180): dbind-WARNING **: 15:01:56.566: AT-SPI: Error retrieving accessibility bus address: org.freedesktop.DBus.Error.ServiceUnknown: The name org.a11y.Bus was not provided by any .service files
==3180== Thread 8 EvJobScheduler:
==3180== Conditional jump or move depends on uninitialised value(s)
==3180== at 0x104BD4AB: ??? (in /usr/lib/x86_64-linux-gnu/libpoppler-glib.so.8.26.0)
==3180== by 0x10643433: Gfx::Gfx(PDFDoc*, OutputDev*, int, Dict*, double, double, PDFRectangle const*, PDFRectangle const*, int, bool (*)(void*), void*, XRef*) (in /usr/lib/x86_64-linux-gnu/libpoppler.so.134.0.0)
==3180== by 0x106A4B12: Page::createGfx(OutputDev*, double, double, int, bool, bool, int, int, int, int, bool, bool (*)(void*), void*, XRef*) (in /usr/lib/x86_64-linux-gnu/libpoppler.so.134.0.0)
==3180== by 0x104A62EB: ??? (in /usr/lib/x86_64-linux-gnu/libpoppler-glib.so.8.26.0)
==3180== by 0x104A998B: poppler_page_get_image_mapping (in /usr/lib/x86_64-linux-gnu/libpoppler-glib.so.8.26.0)
==3180== by 0x10470DFD: ??? (in /usr/lib/x86_64-linux-gnu/evince/4/backends/libpdfdocument.so)
==3180== by 0x487888E: ev_job_page_data_run (ev-jobs.c:774)
==3180== by 0x487A5CE: ev_job_thread (ev-job-scheduler.c:184)
==3180== by 0x487A5CE: ev_job_thread_proxy (ev-job-scheduler.c:217)
==3180== by 0x4A04BB0: g_thread_proxy (gthread.c:835)
==3180== by 0x5A4DDAA: start_thread (pthread_create.c:444)
==3180== by 0x5ACF87F: clone (clone.S:100)
==3180==
==3180== Thread 1:
==3180== Invalid read of size 8
==3180== at 0x49531E1: g_type_check_instance (gtype.c:4257)
==3180== by 0x4948787: g_signal_handlers_disconnect_matched (gsignal.c:2993)
==3180== by 0x489E0F4: ev_view_presentation_delete_job (ev-view-presentation.c:405)
==3180== by 0x489E0F4: ev_view_presentation_delete_job (ev-view-presentation.c:399)
==3180== by 0x489E0F4: ev_view_presentation_reset_jobs (ev-view-presentation.c:413)
==3180== by 0x489E1FF: ev_view_presentation_dispose (ev-view-presentation.c:972)
==3180== by 0x493304A: g_object_unref (gobject.c:4413)
==3180== by 0x143A7E: ev_window_set_document (ev-window.c:1771)
==3180== by 0x143A7E: ev_window_document_changed_cb (ev-window.c:5251)
==3180== by 0x492D72F: g_closure_invoke (gclosure.c:834)
==3180== by 0x494187B: signal_emit_unlocked_R.isra.0 (gsignal.c:3888)
==3180== by 0x4943280: signal_emit_valist_unlocked (gsignal.c:3520)
==3180== by 0x4948F05: g_signal_emit_valist (gsignal.c:3263)
==3180== by 0x4948FC2: g_signal_emit (gsignal.c:3583)
==3180== by 0x4931923: g_object_dispatch_properties_changed (gobject.c:1819)
==3180== Address 0xdcb6e00 is 0 bytes inside a block of size 192 free'd
==3180== at 0x48431EF: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3180== by 0x494EE1F: g_type_free_instance (gtype.c:2030)
==3180== by 0x49332CA: g_object_unref (gobject.c:4500)
==3180== by 0x489E104: ev_view_presentation_delete_job (ev-view-presentation.c:407)
==3180== by 0x489E104: ev_view_presentation_delete_job (ev-view-presentation.c:399)
==3180== by 0x489E104: ev_view_presentation_reset_jobs (ev-view-presentation.c:413)
==3180== by 0x489E1FF: ev_view_presentation_dispose (ev-view-presentation.c:972)
==3180== by 0x49350C2: g_object_run_dispose (gobject.c:1842)
==3180== by 0x143A7E: ev_window_set_document (ev-window.c:1771)
==3180== by 0x143A7E: ev_window_document_changed_cb (ev-window.c:5251)
==3180== by 0x492D72F: g_closure_invoke (gclosure.c:834)
==3180== by 0x494187B: signal_emit_unlocked_R.isra.0 (gsignal.c:3888)
==3180== by 0x4943280: signal_emit_valist_unlocked (gsignal.c:3520)
==3180== by 0x4948F05: g_signal_emit_valist (gsignal.c:3263)
==3180== by 0x4948FC2: g_signal_emit (gsignal.c:3583)
==3180== Block was alloc'd at
==3180== at 0x48459F3: calloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==3180== by 0x49DDE29: g_malloc0 (gmem.c:133)
==3180== by 0x4950424: g_type_create_instance (gtype.c:1933)
==3180== by 0x493386F: g_object_new_internal.part.0 (gobject.c:2606)
==3180== by 0x49357F5: g_object_new_internal (gobject.c:2603)
==3180== by 0x49357F5: g_object_new_with_properties (gobject.c:2769)
==3180== by 0x49366A0: g_object_new (gobject.c:2415)
==3180== by 0x48796B7: ev_job_render_new (ev-jobs.c:697)
==3180== by 0x489D613: ev_view_presentation_schedule_new_job (ev-view-presentation.c:388)
==3180== by 0x489D613: ev_view_presentation_schedule_new_job (ev-view-presentation.c:370)
==3180== by 0x489EA1B: ev_view_presentation_update_current_page.part.0 (ev-view-presentation.c:435)
==3180== by 0x489EA5B: ev_view_presentation_update_current_page (ev-view-presentation.c:424)
==3180== by 0x489EA5B: init_presentation (ev-view-presentation.c:1276)
==3180== by 0x49D4E3E: g_main_dispatch (gmain.c:3344)
==3180== by 0x49D6EC6: g_main_context_dispatch_unlocked (gmain.c:4152)
==3180== by 0x49D6EC6: g_main_context_iterate_unlocked.isra.0 (gmain.c:4217)
==3180==
(evince:3180): GLib-GObject-CRITICAL **: 15:02:26.308: instance with invalid (NULL) class pointer
...
https://gitlab.gnome.org/GNOME/evince/-/issues/2004
More information about the pkg-gnome-maintainers
mailing list