Segfaults on a certain PDF file
This file somewhat reproducibly crashes poppler-based PDF viewers, evince and zathura in particular. To trigger the crash, flip through the pages.
The pdf file in question was generated by gluing together PDFs exported from draw.io with pdfunite
.
Version 23.05.0
from arch linux.
Backtrace:
#0 0x00007f02ddf806ac in Gfx::restoreState() (this=this@entry=0x7f02d013b220) at /usr/src/debug/poppler/poppler-23.05.0/poppler/Gfx.cc:5375
#1 0x00007f02ddf80717 in Gfx::popStateGuard() (this=0x7f02d013b220) at /usr/src/debug/poppler/poppler-23.05.0/poppler/Gfx.cc:5355
#2 0x00007f02ddf6b881 in Gfx::~Gfx() (this=this@entry=0x7f02d013b220, this=<optimized out>) at /usr/src/debug/poppler/poppler-23.05.0/poppler/Gfx.cc:606
#3 0x00007f02def4fefe in _free_type3_font_info(void*) (closure=0x7f02d0268bd0) at /usr/src/debug/poppler/poppler-23.05.0/poppler/CairoFontEngine.cc:423
#4 0x00007f02f2ee3c7f in _cairo_user_data_array_fini (array=0x7f02d00f3fe0) at ../cairo/src/cairo-array.c:392
#5 0x00007f02f2ef4981 in INT_cairo_font_face_destroy (font_face=0x7f02d00f3fd0) at ../cairo/src/cairo-font-face.c:189
#6 INT_cairo_font_face_destroy (font_face=0x7f02d00f3fd0) at ../cairo/src/cairo-font-face.c:171
#7 0x00007f02f2f26a8a in _cairo_scaled_font_fini_internal (scaled_font=0x7f02d0285730) at ../cairo/src/cairo-scaled-font.c:920
#8 0x00007f02f2f2e25d in INT_cairo_scaled_font_destroy (scaled_font=<optimized out>) at ../cairo/src/cairo-scaled-font.c:1408
#9 0x00007f02f2f27f7c in INT_cairo_scaled_font_create (font_face=<optimized out>, font_matrix=<optimized out>, ctm=<optimized out>, options=0x7f02de9fc810) at ../cairo/src/cairo-scaled-font.c:1224
#10 0x00007f02f2ef6249 in _cairo_gstate_ensure_scaled_font (gstate=0x7f02d0252c30) at ../cairo/src/cairo-gstate.c:1917
#11 _cairo_gstate_ensure_scaled_font (gstate=gstate@entry=0x7f02d0252c30) at ../cairo/src/cairo-gstate.c:1896
#12 0x00007f02f2ef640e in _cairo_gstate_show_text_glyphs (gstate=0x7f02d0252c30, glyphs=0x7f02d02819c0, num_glyphs=<optimized out>, info=0x0) at ../cairo/src/cairo-gstate.c:2006
#13 0x00007f02f2f48b96 in cairo_show_glyphs (num_glyphs=<optimized out>, glyphs=<optimized out>, cr=0x7f02d2bfceb0) at ../cairo/src/cairo.c:3687
#14 cairo_show_glyphs (cr=0x7f02d2bfceb0, glyphs=<optimized out>, num_glyphs=<optimized out>) at ../cairo/src/cairo.c:3667
#15 0x00007f02def54980 in CairoOutputDev::endString(GfxState*) (state=<optimized out>, this=0x7f02d0057de0) at /usr/src/debug/poppler/poppler-23.05.0/poppler/CairoOutputDev.cc:1553
#16 CairoOutputDev::endString(GfxState*) (this=0x7f02d0057de0, state=<optimized out>) at /usr/src/debug/poppler/poppler-23.05.0/poppler/CairoOutputDev.cc:1519
#17 0x00007f02ddf787e9 in Gfx::doShowText(GooString const*) (this=this@entry=0x7f02d013b050, s=0x7f02d01aab60) at /usr/src/debug/poppler/poppler-23.05.0/poppler/Gfx.cc:4033
#18 0x00007f02ddf7943a in Gfx::opShowText(Object*, int) (this=0x7f02d013b050, args=0x7f02de9fded0, numArgs=<optimized out>) at /usr/src/debug/poppler/poppler-23.05.0/poppler/Gfx.cc:3720
#19 0x00007f02ddf6bbfc in Gfx::go(bool) (this=this@entry=0x7f02d013b050, topLevel=topLevel@entry=true) at /usr/src/debug/poppler/poppler-23.05.0/poppler/Gfx.cc:684
#20 0x00007f02ddf6c797 in Gfx::display(Object*, bool) (this=0x7f02d013b050, obj=0x7f02de9fe1e0, topLevel=true) at /usr/src/debug/poppler/poppler-23.05.0/poppler/Gfx.cc:645
#21 0x00007f02ddfd94c2 in Page::displaySlice(OutputDev*, double, double, int, bool, bool, int, int, int, int, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool)
(this=0x7f02d0040fc0, out=0x7f02d0057de0, hDPI=72, vDPI=72, rotate=<optimized out>, useMediaBox=false, crop=true, sliceX=-1, sliceY=-1, sliceW=-1, sliceH=-1, printing=false, abortCheckCbk=0x0, abortCheckCbkData=0x0, annotDisplayDecideCbk=0x0, annotDisplayDecideCbkData=0x0, copyXRef=false) at /usr/src/debug/poppler/poppler-23.05.0/poppler/Page.cc:584
#22 0x00007f02def3c822 in _poppler_page_render(PopplerPage*, cairo_t*, bool, PopplerPrintFlags) (page=0x7f02d2ee4c70, cairo=0x7f02d2bfceb0, printing=<optimized out>, print_flags=<optimized out>)
at /usr/src/debug/poppler/poppler-23.05.0/glib/poppler-page.cc:331
#23 0x00007f02ec00942b in pdf_page_render (page=page@entry=0x7f02d2ee4c70, width=1722, height=971, rc=rc@entry=0x7f02d01fbb30) at ../evince/backend/pdf/ev-poppler.c:431
#24 0x00007f02ec009565 in pdf_document_render (document=<optimized out>, rc=0x7f02d01fbb30) at ../evince/backend/pdf/ev-poppler.c:457
#25 0x00007f02f3c26a06 in ev_job_render_run (job=0x55b681da9010) at ../evince/libview/ev-jobs.c:645
#26 0x00007f02f3c266b9 in ev_job_thread (job=0x55b681da9010) at ../evince/libview/ev-job-scheduler.c:184
#27 ev_job_thread_proxy (data=<optimized out>) at ../evince/libview/ev-job-scheduler.c:217
#28 0x00007f02f3a73cc5 in g_thread_proxy (data=0x55b681b008a0) at ../glib/glib/gthread.c:831
#29 0x00007f02f299544b in start_thread (arg=<optimized out>) at pthread_create.c:444
#30 0x00007f02f2a18e40 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81