Ubuntu
evince package

evince crashed with SIGSEGV in cairo_image_surface_get_width()

Bug #195602 reported by linovski on 2008-02-25

Affects		Status	Importance	Assigned to	Milestone
	libcairo	Fix Released	Critical	gnome-bugs #519106
	evince (Ubuntu)	Fix Released	Medium	Ubuntu Desktop Bugs

Bug Description

Binary package hint: evince

From firefox3b3, I open http://www.norg.uminho.pt/iapinho/pdfs/optim_int_DSC_NM.pdf (from http://www.norg.uminho.pt/iapinho/slides_mnb0708.html).
The password form raises up, and when I submit the password ("mnb_lei"), evince open correctly. Just a few 'pgDn' commands make 'evince' crash.

ProblemType: Crash
Architecture: i386
Date: Mon Feb 25 23:02:48 2008
DistroRelease: Ubuntu 8.04
ExecutablePath: /usr/bin/evince
NonfreeKernelModules: cdrom
Package: evince 2.21.91-0ubuntu1
PackageArchitecture: i386
ProcCmdline: /usr/bin/evince /tmp/optim_int_DSC_NM-1.pdf
ProcCwd: /home/avelino
ProcEnviron:
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
LANG=en_US.UTF-8
SHELL=/bin/bash
Signal: 11
SourcePackage: evince
Stacktrace:
#0 0xb7556968 in ?? () from /usr/lib/libcairo.so.2
#1 0xb7556bd2 in cairo_image_surface_get_width () from /usr/lib/libcairo.so.2
#2 0x0808b4be in ?? ()
#3 0x00000000 in ?? ()
StacktraceTop:
?? () from /usr/lib/libcairo.so.2
cairo_image_surface_get_width () from /usr/lib/libcairo.so.2
?? ()
?? ()
Title: evince crashed with SIGSEGV in cairo_image_surface_get_width()
Uname: Linux linovski-laptop 2.6.24-8-generic #1 SMP Thu Feb 14 20:40:45 UTC 2008 i686 GNU/Linux
UserGroups: adm admin audio cdrom dialout dip floppy lpadmin plugdev video

Tags:

Related branches

lp:ubuntu/lucid/evince

Revision history for this message

linovski (avelinorego) wrote on 2008-02-25:

Dependencies.txt Edit (4.2 KiB, text/plain; charset="utf-8")
Disassembly.txt Edit (347 bytes, text/plain; charset="utf-8")
ProcMaps.txt Edit (21.5 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (662 bytes, text/plain; charset="utf-8")
Registers.txt Edit (460 bytes, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (2.3 KiB, text/plain; charset="utf-8")

Revision history for this message

Apport retracing service (apport) wrote on 2008-02-25: Symbolic stack trace

Stacktrace.txt (retraced) Edit (18.5 KiB, text/plain)

StacktraceTop:_cairo_surface_is_image (surface=0x0)
paint_surface (cr=0x860f4f0, surface=0x0, x_offset=0, y_offset=0, alpha=0, page_area=
ev_transition_animation_paint (animation=0x8602a18, cr=0x860f4f0, page_area=
ev_view_expose_event (widget=0x837c018, event=0xbfb3da34)
_gtk_marshal_BOOLEAN__BOXED (closure=0x80e05c0, return_value=0xbfb3d660, n_param_values=2,

Revision history for this message

Apport retracing service (apport) wrote on 2008-02-25: Symbolic threaded stack trace

ThreadStacktrace.txt (retraced) Edit (48.0 KiB, text/plain)

Changed in evince:
importance:	Undecided → Medium

Revision history for this message

Pedro Villavicencio (pedro) wrote on 2008-02-27:

Thanks for your bug report. This bug has been reported to the developers of the software. You can track it and make comments here: https://bugs.freedesktop.org/show_bug.cgi?id=14701

Changed in libcairo:
status:	New → Triaged

Revision history for this message

Pedro Villavicencio (pedro) wrote on 2008-02-27:

according to cairo developers this is an evince issue:

"Evince is passing a NULL pointer to cairo_image_surface_get_width."

Revision history for this message

Pedro Villavicencio (pedro) wrote on 2008-02-27:

i've sent this to evince upstream at: http://bugzilla.gnome.org/show_bug.cgi?id=519106

Changed in evince:
assignee:	nobody → desktop-bugs

Bug Watch Updater (bug-watch-updater) on 2008-02-28

Changed in libcairo:
status:	Unknown → Confirmed

Bug Watch Updater (bug-watch-updater) on 2008-02-29

Changed in libcairo:
status:	Confirmed → Fix Released

Revision history for this message

Pedro Villavicencio (pedro) wrote on 2008-02-29:

Fixed upstream, thanks for reporting.

Changed in evince:
status:	Triaged → Fix Committed

Revision history for this message

linovski (avelinorego) wrote on 2008-03-08:

Patch was submitted for the repositories?
I still can reproduce exactly the same behavior

ls -alh /var/crash/_usr_bin_evince.1000.crash
-rw------- 1 avelino avelino 2.5M 2008-03-08 15:13 /var/crash/_usr_bin_evince.1000.crash

Revision history for this message

Launchpad Janitor (janitor) wrote on 2008-03-10:

This bug was fixed in the package evince - 2.22.0-0ubuntu1

---------------
evince (2.22.0-0ubuntu1) hardy; urgency=low

  * New upstream version:
    Bug fixes:
    - Do not print when Escape is pressed to close printing dialog (lp: #160589)
    - Fix a crash in nautilus properties page
    - Fix a crash with transition effects (lp: #195602)
    - Fix document mime type detection
    - Fix a crash in forms (lp: #195715)
    - Fix images extraction
    Translation updates
  * debian/patches/99_autoreconf.patch:
    - new version update