Bug 143951 - kpdf crashes when disabling "presentation" mode
Summary: kpdf crashes when disabling "presentation" mode
Status: RESOLVED FIXED
Alias: None
Product: kpdf
Classification: Unmaintained
Component: general (show other bugs)
Version: 0.5.6
Platform: Fedora RPMs Linux
: NOR crash
Target Milestone: ---
Assignee: Albert Astals Cid
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-04-08 10:58 UTC by Dawid Gajownik
Modified: 2007-11-17 23:19 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Dawid Gajownik 2007-04-08 10:58:58 UTC 
Version:           0.5.6 (using KDE KDE 3.5.6)
Installed from:    Fedora RPMs
Compiler:          gcc-4.1.1-51.fc6 
OS:                Linux

Sometimes when turning off "Presentation" mode (press Esc), kpdf crashes.

Version-Release number of selected component (if applicable):
kdegraphics-3.5.6-0.1.fc6

[y4kk0@X ~]$ kpdf -v
Qt: 3.3.7
KDE: 3.5.6-0.3.fc6 Fedora-Core
KPDF: 0.5.6
[y4kk0@X ~]$

Steps to Reproduce:
1. open attached pdf file
2. go to view -> presentation mode
3. watch the presentation, etc.
4. press esc to turn off presentation mode
5. kpdf sometimes crashes

For backtrace and mentioned pdf file please visit https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235350
Comment 1 Albert Astals Cid 2007-04-09 13:30:28 UTC 
Can't reproduce
Comment 2 Philip Rodrigues 2007-04-09 14:28:47 UTC 
Pasting the backtrace from the fedora BR, FWIW:

#6  0x00c34524 in KPDFDocument::cleanupPixmapMemory (this=0x9542ae0)
    at document.cpp:1194
#7  0x00c346f0 in KPDFDocument::slotTimedMemoryCheck (this=0x9542ae0)
    at document.cpp:1453
#8  0x00c37648 in KPDFDocument::qt_invoke (this=0x9542ae0, _id=3, 
    _o=0xbfa43ba8) at document.moc:156
#9  0x41cd3bea in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#10 0x41cd471d in QObject::activate_signal ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#11 0x42061d29 in QTimer::timeout () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#12 0x41cfb41f in QTimer::event () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#13 0x41c6ae6b in QApplication::internalNotify ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#14 0x41c6c2e9 in QApplication::notify ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#15 0x4159f56e in KApplication::notify (this=0xbfa440c8, receiver=0x96b1788, 
    event=0xbfa43e64) at kapplication.cpp:550
#16 0x41c5ec72 in QEventLoop::activateTimers ()
   from /usr/lib/qt-3.3/lib/libqt-mt.so.3
Comment 3 Dawid Gajownik 2007-04-10 08:44:29 UTC 
I run kpdf in gdb and I got this backtrace:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1208256816 (LWP 1246)]
0x00249524 in KPDFDocument::cleanupPixmapMemory (this=0x8bbba88) at document.cpp:1194
1194                if ( d->observers[ p->id ]->canUnloadPixmap( p->page ) )
(gdb) thread apply all bt

Thread 12 (Thread -1212519536 (LWP 1269)):
#0  0x00917402 in __kernel_vsyscall ()
#1  0x46df8aa1 in __lll_mutex_unlock_wake () from /lib/libpthread.so.0
#2  0x46df57d9 in _L_mutex_unlock_101 () from /lib/libpthread.so.0
#3  0x46df5440 in __pthread_mutex_unlock_usercnt () from /lib/libpthread.so.0
#4  0x46df57d0 in pthread_mutex_unlock () from /lib/libpthread.so.0
#5  0x41fb5529 in QRecursiveMutexPrivate::unlock () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#6  0x41fb51b4 in QMutex::unlock () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#7  0x41c6b554 in QApplication::postEvent () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#8  0x00254f84 in PDFPixmapGeneratorThread::run (this=0x8c1b9f8) at generator_pdf.cpp:1193
#9  0x41c6320c in QThreadInstance::start () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#10 0x46df23db in start_thread () from /lib/libpthread.so.0
#11 0x46d4c26e in clone () from /lib/libc.so.6

Thread 1 (Thread -1208256816 (LWP 1246)):
#0  0x00249524 in KPDFDocument::cleanupPixmapMemory (this=0x8bbba88) at document.cpp:1194
#1  0x0024985c in KPDFDocument::sendGeneratorRequest (this=0x8bbba88) at document.cpp:1155
#2  0x00249a00 in KPDFDocument::requestDone (this=0x8bbba88, req=0x8d17750) at document.cpp:1130
#3  0x00255c02 in PDFGenerator::customEvent (this=0x8cc5dc0, event=0x8ba76d8) at core/generator.h:78
#4  0x41cd331e in QObject::event () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#5  0x41c6ae6b in QApplication::internalNotify () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#6  0x41c6c2e9 in QApplication::notify () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#7  0x4159f56e in KApplication::notify (this=0xbf859e58, receiver=0x8cc5dc0, event=0x8ba76d8) at kapplication.cpp:550
#8  0x41c6bd70 in QApplication::sendPostedEvents () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#9  0x41c6bf26 in QApplication::sendPostedEvents () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#10 0x41c130bd in QEventLoop::processEvents () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#11 0x41c843f0 in QEventLoop::enterLoop () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#12 0x41c842a6 in QEventLoop::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
---Type <return> to continue, or q <return> to quit---
#13 0x41c6a97f in QApplication::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
#14 0x0804ec89 in main (argc=147005320, argv=0xbf859e30) at main.cpp:79
#15 0x46c94f2c in __libc_start_main () from /lib/libc.so.6
#16 0x0804e981 in _start ()
(gdb) bt full
#0  0x00249524 in KPDFDocument::cleanupPixmapMemory (this=0x8bbba88) at document.cpp:1194
        p = (AllocatedPixmap *) 0x8cfe110
        memoryToFree = <value optimized out>
#1  0x0024985c in KPDFDocument::sendGeneratorRequest (this=0x8bbba88) at document.cpp:1155
        request = (PixmapRequest *) 0x8d30f38
        pixmapBytes = 15
#2  0x00249a00 in KPDFDocument::requestDone (this=0x8bbba88, req=0x8d17750) at document.cpp:1130
        memoryBytes = 5063680
        memoryPage = (AllocatedPixmap *) 0x8cfe110
#3  0x00255c02 in PDFGenerator::customEvent (this=0x8cc5dc0, event=0x8ba76d8) at core/generator.h:78
        request = (PixmapRequest *) 0x8d17750
        outImage = <value optimized out>
        outTextPage = (TextPage *) 0x0
        outRects = {sh = 0x8c5ca28}
#4  0x41cd331e in QObject::event () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
No symbol table info available.
#5  0x41c6ae6b in QApplication::internalNotify () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
No symbol table info available.
#6  0x41c6c2e9 in QApplication::notify () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
No symbol table info available.
#7  0x4159f56e in KApplication::notify (this=0xbf859e58, receiver=0x8cc5dc0, event=0x8ba76d8) at kapplication.cpp:550
        t = 6969
        _selectAll = (const KShortcut &) @0x41766f0c: {m_nSeqs = 1, m_rgseq = {{m_nKeys = 1 '\001', m_bTriggerOnRelease = 0 '\0',
      m_rgvar = {{m_sym = 97, m_mod = 2}, {m_sym = 0, m_mod = 0}, {m_sym = 0, m_mod = 0}, {m_sym = 0, m_mod = 0}}, d = 0x0}, {
      m_nKeys = 0 '\0', m_bTriggerOnRelease = 0 '\0', m_rgvar = {{m_sym = 0, m_mod = 0}, {m_sym = 0, m_mod = 0}, {m_sym = 0, m_mod = 0}, {
          m_sym = 0, m_mod = 0}}, d = 0x0}}, d = 0x0}
        ic = (struct QPixmap *) 0x0
#8  0x41c6bd70 in QApplication::sendPostedEvents () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
No symbol table info available.
---Type <return> to continue, or q <return> to quit---
#9  0x41c6bf26 in QApplication::sendPostedEvents () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
No symbol table info available.
#10 0x41c130bd in QEventLoop::processEvents () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
No symbol table info available.
#11 0x41c843f0 in QEventLoop::enterLoop () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
No symbol table info available.
#12 0x41c842a6 in QEventLoop::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
No symbol table info available.
#13 0x41c6a97f in QApplication::exec () from /usr/lib/qt-3.3/lib/libqt-mt.so.3
No symbol table info available.
#14 0x0804ec89 in main (argc=147005320, argv=0xbf859e30) at main.cpp:79
        about = {mAppName = 0x8050565 "kpdf", mProgramName = 0x8050560 "KPDF", mVersion = 0x8050740 "0.5.6",
  mShortDescription = 0x8050760 "kpdf, a kde pdf viewer based on xpdf", mLicenseKey = 1,
  mCopyrightStatement = 0x805069c "(C) 2002 Wilco Greven, Christophe Devriese\n(C) 2004-2005 Albert Astals Cid, Enrico Ros",
  mOtherText = 0x0, mHomepageAddress = 0x0, mBugEmailAddress = 0x805054c "submit@bugs.kde.org", mAuthorList = {sh = 0x8b074f8},
  mCreditList = {sh = 0x8b07528}, mLicenseText = 0x0, d = 0x8b07558}
        app = {<> = {<No data fields>}, <KInstance> = {_vptr.KInstance = 0x41756aa4, _dirs = 0x8b33f30, _config = 0x8b2f168,
    _iconLoader = 0x8b4ffe0, _name = <incomplete type>, _aboutData = 0xbf859dfc, d = 0x8b2ecc0}, static metaObj = 0x8b374a0,
  display = 0x8b09138, kipcCommAtom = 336, kipcEventMask = 511, static KApp = 0xbf859e58, pArgc = 1187687136, pSessionConfig = 0x0,
  static s_DCOPClient = 0x8b3eaa8, static s_dcopClientNeedsPostInit = false, aCaption = {static null = {
      static null = <same as static member of an already seen type>, d = 0x8b010c0, static shared_null = 0x8b010c0}, d = 0x8b010c0,
    static shared_null = 0x8b010c0}, bSessionManagement = true, aIconPixmap = {pm = {icon = 0x8b4ff40, miniIcon = 0x8b824a8},
    unused = "@\b$\b\000\000\000\000H\005\005\b�177�\024#A�&A\b\237\205\v\005\005\b$A&A\024!\005\b\030\237\205"}, aIconName = {
    static null = {static null = <same as static member of an already seen type>, d = 0x8b010c0, static shared_null = 0x8b010c0},
    d = 0x8b010c0, static shared_null = 0x8b010c0}, aMiniIconName = {static null = {
      static null = <same as static member of an already seen type>, d = 0x8b010c0, static shared_null = 0x8b010c0}, d = 0x8b010c0,
    static shared_null = 0x8b010c0}, useStyles = true, smw = 0x8b3cf38, static loadedByKdeinit = false, captionLayout = 134546585,
  d = 0x8b34a68}
#15 0x46c94f2c in __libc_start_main () from /lib/libc.so.6
---Type <return> to continue, or q <return> to quit---
No symbol table info available.
#16 0x0804e981 in _start ()
No symbol table info available.
(gdb)
Comment 4 Tommi Tervo 2007-04-10 09:34:58 UTC 
svn r652128

==395== Invalid read of size 4
==395==    at 0x67D7B81: KPDFDocument::cleanupPixmapMemory(int) (document.cpp:1194)
==395==    by 0x67D7D49: KPDFDocument::sendGeneratorRequest() (document.cpp:1155)
==395==    by 0x67D82E8: KPDFDocument::requestDone(PixmapRequest*) (document.cpp:1130)
==395==    by 0x67E8832: Generator::signalRequestDone(PixmapRequest*) (generator.h:78)
==395==    by 0x67E67C1: PDFGenerator::customEvent(QCustomEvent*) (generator_pdf.cpp:1022)
==395==    by 0x4C78D46: QObject::event(QEvent*) (in /usr/lib/libqt-mt.so.3.3.4)
==395==    by 0x4C1304F: QApplication::internalNotify(QObject*, QEvent*) (in /usr/lib/libqt-mt.so.3.3.4)
==395==    by 0x4C13241: QApplication::notify(QObject*, QEvent*) (in /usr/lib/libqt-mt.so.3.3.4)
==395==    by 0x4731D5B: KApplication::notify(QObject*, QEvent*) (in /opt/kde346p/lib/libkdecore.so.4.2.0)
==395==    by 0x4BA3DB6: QApplication::sendEvent(QObject*, QEvent*) (in /usr/lib/libqt-mt.so.3.3.4)
==395==    by 0x4C14572: QApplication::sendPostedEvents(QObject*, int) (in /usr/lib/libqt-mt.so.3.3.4)
==395==    by 0x4C14679: QApplication::sendPostedEvents() (in /usr/lib/libqt-mt.so.3.3.4)
==395==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
KCrash: Application 'kpdf' crashing...
==395==
Comment 5 Albert Astals Cid 2007-04-10 20:07:33 UTC 
That's really weird, happens on all pdf? Which qt are you using?
Comment 6 Tommi Tervo 2007-04-11 08:30:09 UTC 
libqt3-mt 3.3.4-8ubuntu5.1 (Breezy)
pdf mentioned in original RH bug report:
http://www.cisco.com/ca/events/pdfs/L2-security-Bootcamp-final.pdf
Comment 7 Dawid Gajownik 2007-04-11 09:59:47 UTC 
Mine is qt-3.3.7-0.1.fc6. I'm not sure whether it's important, but my KDE session is two and a half week old (it runs since 26th March). I also noticed that KPDF crashes with most of my PDFs.
Comment 8 Albert Astals Cid 2007-04-11 20:51:47 UTC 
@Dawid: Should not matter, but KPDF crashing is something i hardly see so there must be something wrong on your KPDF

@All: can't reproduce :-/
Comment 9 Pino Toscano 2007-05-17 18:40:48 UTC 
SVN commit 665684 by pino:

When getting the result of a pixmap request for an observer that went away in the meanwhile, don't create a memory entry for the pixmap, as we assume the allocated pixmaps fifo holds only descriptors for valid observers.

BUG: 143951


 M  +13 -7     document.cpp  


--- branches/KDE/3.5/kdegraphics/kpdf/core/document.cpp #665683:665684
@@ -1117,15 +1117,21 @@
             break;
         }
 
-    // [MEM] 1.2 append memory allocation descriptor to the FIFO
-    int memoryBytes = 4 * req->width * req->height;
-    AllocatedPixmap * memoryPage = new AllocatedPixmap( req->id, req->pageNumber, memoryBytes );
-    d->allocatedPixmapsFifo.append( memoryPage );
-    d->allocatedPixmapsTotalMemory += memoryBytes;
+    if ( d->observers.contains( req->id ) )
+    {
+        // [MEM] 1.2 append memory allocation descriptor to the FIFO
+        int memoryBytes = 4 * req->width * req->height;
+        AllocatedPixmap * memoryPage = new AllocatedPixmap( req->id, req->pageNumber, memoryBytes );
+        d->allocatedPixmapsFifo.append( memoryPage );
+        d->allocatedPixmapsTotalMemory += memoryBytes;
 
-    // 2. notify an observer that its pixmap changed
-    if ( d->observers.contains( req->id ) )
+        // 2. notify an observer that its pixmap changed
         d->observers[ req->id ]->notifyPageChanged( req->pageNumber, DocumentObserver::Pixmap );
+    }
+#ifndef NDEBUG
+    else
+        kdWarning() << "Receiving a done request for the defunct observer " << req->id << endl;
+#endif
 
     // 3. delete request
     delete req;
Comment 10 etienner 2007-06-24 19:30:23 UTC 
I was doing my first bug report, and I found that it is already reported and fixed. But I read that the version is 0.5.6, and I get the same problem for 0.5.7.
My sentence would have been: "KPDF krashes after pressing 2 times ESC in the presentation mode".
Comment 11 Albert Astals Cid 2007-06-24 22:54:00 UTC 
Unfortunately this bug was fixed too late to be included in KDE 3.5.7 release, so it will be fixed for KDE 3.5.8

If it is very critical for you, you can always bug your packager to update kpdf packages from SVN code.

Keep reporting all the bugs you find :-)