Bug 97131 - kpdf crashes scrolling thumbnail bar (backtrace)
Summary: kpdf crashes scrolling thumbnail bar (backtrace)
Status: RESOLVED FIXED
Alias: None
Product: kpdf
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Compiled Sources Linux
: NOR crash
Target Milestone: ---
Assignee: Albert Astals Cid
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-01-16 11:35 UTC by Andreas Leuner
Modified: 2005-01-16 14:22 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Leuner 2005-01-16 11:35:05 UTC 
Version:            (using KDE Devel)
Installed from:    Compiled sources
OS:                Linux

Hi all, 
showing a quite heavily graphic pdf document kpdf reliably crashes if I scroll the thumbnail view. The document can be found at 
http://www.ee.ncu.edu.tw/~jerry/CIC_92/Introduction_to_Jitter.pdf

kpdf is compiled with C(XX)FLAGS including "-O2 -g2".
This is the backtrace:
________________________________________________________
Using host libthread_db library "/lib/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread 16384 (LWP 24781)]
[New Thread 32769 (LWP 24782)]
[New Thread 229378 (LWP 24796)]
[KCrash handler]
#6  SplashXPathScanner (this=0x82edd60, xPathA=0x0, eoA=0)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/splash/SplashXPathScanner.cc:44
#7  0x41acd48b in Splash::fillWithPattern (this=0x8294928, path=0x8327268, 
    eo=0, pattern=0x8271068)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/splash/Splash.cc:636
#8  0x41acd3c4 in Splash::fill (this=0x8294928, path=0x8327268, eo=0)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/splash/Splash.cc:621
#9  0x41a992ed in SplashOutputDev::fill (this=0x823b290, state=0x0)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/xpdf/SplashOutputDev.cc:735
#10 0x41a592f8 in Gfx::opFill (this=0x8296b60)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/xpdf/Gfx.cc:1140
#11 0x41a575df in Gfx::execOp (this=0x8296b60, cmd=0x0, args=0xbf7ff7b4, 
    numArgs=0)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/xpdf/Gfx.cc:660
#12 0x41a57196 in Gfx::go (this=0x8296b60, topLevel=1)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/xpdf/Gfx.cc:551
#13 0x41a57011 in Gfx::display (this=0x8296b60, obj=0xbf7ff924, topLevel=0)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/xpdf/Gfx.cc:523
#14 0x41a8d426 in Page::displaySlice (this=0x8246e88, out=0x823b290, 
    hDPI=18.600000000000001, vDPI=18.533333333333335, rotate=0, crop=1, 
    sliceX=-1, sliceY=-1, sliceW=-1, sliceH=-1, links=0x0, catalog=0x823b890, 
    abortCheckCbk=0, abortCheckCbkData=0x0)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/xpdf/Page.cc:422
#15 0x41a8d082 in Page::display (this=0x0, out=0x0, hDPI=0, vDPI=0, rotate=0, 
    crop=0, links=0x0, catalog=0x0, abortCheckCbk=0, abortCheckCbkData=0x0)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/xpdf/Page.cc:329
#16 0x41a8ad8c in PDFDoc::displayPage (this=0x81869c0, out=0x823b290, 
    page=26, hDPI=18.600000000000001, vDPI=18.533333333333335, rotate=0, 
    crop=1, doLinks=0, abortCheckCbk=0, abortCheckCbkData=0x0)
    at $kde-srcdir/kdegraphics/kpdf/xpdf/xpdf/PDFDoc.cc:218
#17 0x41afe2f0 in PDFPixmapGeneratorThread::run (this=0x8168260) at page.h:41
#18 0x40c2981a in QThreadInstance::start ()
   from $QTDIR/lib/libqt-mt.so.3
#19 0x4129be51 in pthread_start_thread () from /lib/libpthread.so.0
#20 0x4158e6ea in clone () from /lib/libc.so.6
________________________________________________________

Just scroll quickly from the top to the bottom of the document, maybe several times and you should get this crash.
Comment 1 Andreas Leuner 2005-01-16 11:42:39 UTC 
BTW, I just learned that none of those kpdf processes were killed after closing drkonqi. I had to kill them "manually".
Comment 2 Albert Astals Cid 2005-01-16 12:40:20 UTC 
For reference the same crash happens on the first page of http://www.ozgear.com.au/scgi-bin/load.cgi?yaesu/PDF/FT-857.pdf
Comment 3 Albert Astals Cid 2005-01-16 12:47:12 UTC 
CVS commit by aacid: 

xpdf code is not prepared for paths with only 1 point, skip paths that have only one point, have to check in pdf spec if paths can have 1 point (in that case should fix the fix :-) or that pdf are buggy and the fix is correct in all senses. Pages that crash are 18, 20 and 26 on Introduction_to_Jitter.pdf and page 1 on FT-857.pdf 
BUG: 97131


  M +1 -0      TODO   1.21
  M +1 -1      xpdf/splash/Splash.cc   1.2


--- kdegraphics/kpdf/TODO  #1.20:1.21
@@ -86,4 +86,5 @@
 -> use shortcuts for next and prev page even in presenatation mode (by Tobias Koenig)
 -> move some document related features from part to the document (see find, goto dialog, ...)
+-> Albert: Read pdf specification and see if paths with length = 1 are allowed, in case they are allowed see how to fix 97131 without skipping paths with length = 1
 
 Done (newest features come first):

--- kdegraphics/kpdf/xpdf/splash/Splash.cc  #1.1:1.2
@@ -629,5 +629,5 @@ SplashError Splash::fillWithPattern(Spla
   SplashClipResult clipRes, clipRes2;
 
-  if (path->length == 0) {
+  if (path->length == 0 || path->length == 1) {
     return splashErrEmptyPath;
   }
Comment 4 Andreas Leuner 2005-01-16 14:22:50 UTC 
Wow that was fast! I just came from lunch and this bug wasn't even in "my bugs" anymore. Thank you very much for that fix - works fine for me.