evince crashed with SIGSEGV in CairoOutputDev::setSoftMask()
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
poppler (Ubuntu) |
Expired
|
Medium
|
Unassigned |
Bug Description
evince crashes with the following backtrace after an out of bounds read.
#0 0x1a65e1e0 in CairoOutputDev:
state=
backdropCol
#1 0x129b0e62 in Gfx::doForm1 (this=0x2193a800, str=0xb307c748,
resDict=
softMask=true, blendingColorSp
alpha=false, transferFunc=0x0, backdropColor=
#2 0x129b5b95 in Gfx::doSoftMask (this=0x2193a800, str=0xb307c748,
alpha=false, blendingColorSp
transferFun
#3 0x129b6f32 in Gfx::opSetExtGState (this=0x2193a800, args=0xb307c824,
numArgs=1) at Gfx.cc:1143
#4 0x129a9ae6 in Gfx::execOp (this=0x2193a800, cmd=0xb307c9c4,
args=
#5 0x129b03e8 in Gfx::go (this=0x2193a800, topLevel=false) at Gfx.cc:711
#6 0x129b08f7 in Gfx::display (this=0x2193a800, obj=0xb307cc44,
topLevel=false) at Gfx.cc:678
#7 0x129b0cd7 in Gfx::doForm1 (this=0x2193a800, str=0xb307cc44,
resDict=
softMask=false, blendingColorSp
alpha=false, transferFunc=0x0, backdropColor=0x0) at Gfx.cc:4525
#8 0x129b1df0 in Gfx::doForm (this=0x2193a800, str=0xb307cc44) at Gfx.cc:4451
#9 0x129b4672 in Gfx::opXObject (this=0x2193a800, args=0xb307cd04, numArgs=1)
ProblemType: Crash
DistroRelease: Ubuntu 11.04
Package: evince 2.32.0-0ubuntu10
ProcVersionSign
Uname: Linux 2.6.38-1-generic i686
Architecture: i386
Date: Sun Feb 27 22:30:44 2011
ExecutablePath: /usr/bin/evince
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Alpha i386 (20110202)
ProcCmdline: evince sample1.pdf
ProcCmdline_: BOOT_IMAGE=
ProcEnviron:
SHELL=/bin/bash
LC_MESSAGES=
LANG=en_US.UTF-8
LANGUAGE=en_US:en
ProcVersionSign
SegvAnalysis:
Segfault happened at: 0x83fb1e0 <CairoOutputDev
PC (0x083fb1e0) ok
source "(%eax)" (0x00000000) not located in a known VMA region (needed readable region)!
destination "%ecx" ok
Stack memory exhausted (SP below stack segment)
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: evince
StacktraceTop:
CairoOutputDev
Gfx::doForm1 (this=0x22959b60, str=0xb31a4748, resDict=0x2295ad08, matrix=0xb31a4588, bbox=0xb31a45b8, transpGroup=true, softMask=true, blendingColorSp
Gfx::doSoftMask (this=0x22959b60, str=0xb31a4748, alpha=false, blendingColorSp
Gfx::opSetExtG
Gfx::execOp (this=0x22959b60, cmd=0xb31a49c4, args=0xb31a4824, numArgs=1) at Gfx.cc:851
Title: evince crashed with SIGSEGV in CairoOutputDev:
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare
XsessionErrors: (nautilus:1366): GConf-CRITICAL **: gconf_value_free: assertion `value != NULL' failed
visibility: | private → public |
StacktraceTop: ::setSoftMask (this=0x228d4800, state=0x22986ff8, bbox=0xb31a45b8, alpha=false, transferFunc=0x0, backdropColor= 0xb31a4664) at CairoOutputDev. cc:1258 ace=0x0, isolated=true, knockout=false, alpha=false, transferFunc=0x0, backdropColor= 0xb31a4664) at Gfx.cc:4557 ace=0x0, isolated=true, knockout=false, transferFunc=0x0, backdropColor= 0xb31a4664) at Gfx.cc:1299 State (this=0x22959b60, args=0xb31a4824, numArgs=1) at Gfx.cc:1143
CairoOutputDev
Gfx::doForm1 (this=0x22959b60, str=0xb31a4748, resDict=0x2295ad08, matrix=0xb31a4588, bbox=0xb31a45b8, transpGroup=true, softMask=true, blendingColorSp
Gfx::doSoftMask (this=0x22959b60, str=0xb31a4748, alpha=false, blendingColorSp
Gfx::opSetExtG
Gfx::execOp (this=0x22959b60, cmd=0xb31a49c4, args=0xb31a4824, numArgs=1) at Gfx.cc:851