Bug 230282 - Crash (reproducible) in PagePainter::scalePixmapOnImage()
Summary: Crash (reproducible) in PagePainter::scalePixmapOnImage()
Status: RESOLVED FIXED
Alias: None
Product: okular
Classification: Applications
Component: general (show other bugs)
Version: 0.9.4
Platform: Debian testing Linux
: NOR crash
Target Milestone: ---
Assignee: Okular developers
URL:
Keywords:
: 232060 (view as bug list)
Depends on:
Blocks:
 
Reported: 2010-03-11 01:19 UTC by Sami Liedes
Modified: 2010-03-25 21:48 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:


Attachments
PDF file from http://www.laulut.fi/Tiedotteet/Mallivihko.pdf (77.48 KB, application/pdf)
2010-03-11 01:22 UTC, Sami Liedes
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Sami Liedes 2010-03-11 01:19:54 UTC
Version:           0.9.4 (using KDE 4.3.4)
OS:                Linux
Installed from:    Debian testing/unstable Packages

Okular reproducibly crashes when I first open the attached PDF file, then scroll down. The backtrace seems (significantly) different from what I found from other bug reports.

Steps to reproduce:

1. Open the attached PDF file
2. Ensure that it's zoomed in enough (~1200 px wide, i.e. as wide as my 1600x1200 screen is, seems to be generally enough, but it doesn't crash on lesser zoom levels)
3. Scroll down (by e.g. mouse wheel)
4. Okular crashes at around the second half of page 2.

Here's a backtrace. It looks substantially similar every time I reproduce the crash.

------------------------------------------------------------
Application: Okular (okular), signal: Segmentation fault
The current source language is "auto; currently c".
[KCrash Handler]
#5  0x00007f887e3ccb98 in PagePainter::scalePixmapOnImage (dest=<value optimized out>, src=<value optimized out>, scaledWidth=<value optimized out>, scaledHeight=1382, 
    cropRect=<value optimized out>, format=<value optimized out>) at ../../okular/ui/pagepainter.cpp:752
#6  0x00007f887e3d1545 in PagePainter::paintCroppedPageOnPainter (destPainter=<value optimized out>, page=<value optimized out>, pixID=<value optimized out>, flags=<value optimized out>, 
    scaledWidth=<value optimized out>, scaledHeight=<value optimized out>, limits=..., crop=...) at ../../okular/ui/pagepainter.cpp:604
#7  0x00007f887e3de8b3 in PageView::drawDocumentOnPainter (this=<value optimized out>, contentsRect=<value optimized out>, p=0x7fff06118720) at ../../okular/ui/pageview.cpp:2368
#8  0x00007f887e3df712 in PageView::contentsPaintEvent (this=0x1f27850, pe=<value optimized out>) at ../../okular/ui/pageview.cpp:1250
#9  0x00007f8886b96196 in QWidget::event (this=0x1f35e30, event=0x7fff06118e50) at kernel/qwidget.cpp:7692
#10 0x00007f887e3ed66d in PageViewWidget::event (this=0x1f35e30, e=0x7fff06118e50) at ../../okular/ui/pageview.cpp:264
#11 0x00007f8886b4601d in QApplicationPrivate::notify_helper (this=0x1d6cfd0, receiver=0x1f35e30, e=0x7fff06118e50) at kernel/qapplication.cpp:4065
#12 0x00007f8886b4e07a in QApplication::notify (this=0x7fff06119e80, receiver=0x1f35e30, e=0x7fff06118e50) at kernel/qapplication.cpp:4030
#13 0x00007f88882e7de6 in KApplication::notify (this=0x7fff06119e80, receiver=0x1f35e30, event=0x7fff06118e50) at ../../kdeui/kernel/kapplication.cpp:302
#14 0x00007f88876ccc9c in QCoreApplication::notifyInternal (this=0x7fff06119e80, receiver=0x1f35e30, event=0x7fff06118e50) at kernel/qcoreapplication.cpp:610
#15 0x00007f8886b9d1be in QWidgetPrivate::drawWidget (this=0x1f1e190, pdev=0x1e80198, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x1e7bdb0) at kernel/qwidget.cpp:5084
#16 0x00007f8886d12e6e in QWidgetBackingStore::sync (this=0x1e7bdb0) at painting/qbackingstore.cpp:1264
#17 0x00007f8886b8f220 in QWidgetPrivate::syncBackingStore (this=0x1e789f0) at kernel/qwidget.cpp:1603
#18 0x00007f8886b96031 in QWidget::event (this=0x1e7e210, event=0x1f05a70) at kernel/qwidget.cpp:7832
#19 0x00007f8886f18d2b in QMainWindow::event (this=0x1e7e210, event=0x1f05a70) at widgets/qmainwindow.cpp:1399
#20 0x00007f88883f2353 in KXmlGuiWindow::event (this=0x0, ev=0x18a4) at ../../kdeui/xmlgui/kxmlguiwindow.cpp:131
#21 0x00007f8886b4601d in QApplicationPrivate::notify_helper (this=0x1d6cfd0, receiver=0x1e7e210, e=0x1f05a70) at kernel/qapplication.cpp:4065
#22 0x00007f8886b4e07a in QApplication::notify (this=0x7fff06119e80, receiver=0x1e7e210, e=0x1f05a70) at kernel/qapplication.cpp:4030
#23 0x00007f88882e7de6 in KApplication::notify (this=0x7fff06119e80, receiver=0x1e7e210, event=0x1f05a70) at ../../kdeui/kernel/kapplication.cpp:302
#24 0x00007f88876ccc9c in QCoreApplication::notifyInternal (this=0x7fff06119e80, receiver=0x1e7e210, event=0x1f05a70) at kernel/qcoreapplication.cpp:610
#25 0x00007f88876cd8e4 in QCoreApplication::sendEvent (receiver=0x0, event_type=0, data=0x1d54950) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:213
#26 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x1d54950) at kernel/qcoreapplication.cpp:1247
#27 0x00007f88876f57d3 in QCoreApplication::sendPostedEvents (s=<value optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218
#28 postEventSourceDispatch (s=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:276
#29 0x00007f8882f3890e in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#30 0x00007f8882f3c2c8 in ?? () from /lib/libglib-2.0.so.0
#31 0x00007f8882f3c3f0 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#32 0x00007f88876f539c in QEventDispatcherGlib::processEvents (this=0x1d54160, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:407
#33 0x00007f8886bdcf1f in QGuiEventDispatcherGlib::processEvents (this=0x0, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:202
#34 0x00007f88876cb562 in QEventLoop::processEvents (this=<value optimized out>, flags=...) at kernel/qeventloop.cpp:149
#35 0x00007f88876cb934 in QEventLoop::exec (this=0x7fff06119dd0, flags=...) at kernel/qeventloop.cpp:201
#36 0x00007f88876cdba4 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#37 0x000000000040891c in main (argc=<value optimized out>, argv=<value optimized out>) at ../../../okular/shell/main.cpp:81
------------------------------------------------------------

List of installed related packages (ones the Debian package depends on or that it recommends or suggests):

--------------------
ii  ghostscript          8.71~dfsg-2          The GPL Ghostscript PostScript/PDF interpreter
ii  kdebase-runtime      4:4.3.4-2            runtime components from the official KDE 4 release
ii  kdelibs5             4:4.3.4-3            core libraries for all KDE 4 applications
ii  libc6                2.10.2-6             Embedded GNU C Library: Shared libraries
ii  libfreetype6         2.3.11-1             FreeType 2 font engine, shared library files
ii  libjpeg62            6b-16.1              The Independent JPEG Group's JPEG runtime library (versi
ii  libokularcore1       4:4.3.4-1+b1         libraries for the Okular document viewer
ii  libphonon4           4:4.5.3-4            Qt 4 Phonon module
ii  libpoppler-qt4-3     0.12.2-2.1           PDF rendering library (Qt 4 based shared library)
ii  libqca2              2.0.2-1              libraries for the Qt Cryptographic Architecture
ii  libqimageblitz4      1:0.0.4-4            QImageBlitz image effects library
ii  libqt4-dbus          4:4.5.3-4            Qt 4 D-Bus module
ii  libqt4-qt3support    4:4.5.3-4            Qt 3 compatibility library for Qt 4
ii  libqt4-svg           4:4.5.3-4            Qt 4 SVG module
ii  libqt4-xml           4:4.5.3-4            Qt 4 XML module
ii  libqtcore4           4:4.5.3-4            Qt 4 core module
ii  libqtgui4            4:4.5.3-4            Qt 4 GUI module
ii  libspectre1          0.2.4-1              Library for rendering PostScript documents
ii  libstdc++6           4.4.3-3              The GNU Standard C++ Library v3
ii  okular-extra-backend 4:4.3.4-1+b1         additional document format support for Okular
ii  phonon               4:4.5.3-4            Qt 4 Phonon module metapackage
ii  unrar                1:3.9.7-1            Unarchiver for .rar files (non-free version)
ii  zlib1g               1:1.2.3.4.dfsg-3     compression library - runtime
--------------------

If you need further information, ask me.
Comment 1 Sami Liedes 2010-03-11 01:22:09 UTC
Created attachment 41526 [details]
PDF file from http://www.laulut.fi/Tiedotteet/Mallivihko.pdf
Comment 2 Pino Toscano 2010-03-11 01:27:51 UTC
Is the "trim margins" option set?
Comment 3 Sami Liedes 2010-03-11 01:31:08 UTC
No, trim margins was/is unset.

I tried to set it. Then I get a similar backtrace on thread 1 (thread 2 is in pthread_cond_wait()).
Comment 4 Albert Astals Cid 2010-03-11 21:58:08 UTC
What happens if you run okular with valgrind?

$ valgrind okular file.pdf
Comment 5 Sami Liedes 2010-03-11 22:17:44 UTC
I take it you can't reproduce this. Ok, I'll run it under valgrind. FWIW I can reproduce it both on my desktop and my laptop (both running Debian unstable on amd64), but even on my laptop, I need to zoom until the page is something like 1600 px wide.

Here's the valgrind output. I'll recompile it without optimizations and try to reproduce it then for better traces unless you can figure it out by then, but here's first the valgrind output from the stock (optimized) okular in Debian. From that it seems to be a read through a null pointer.

==1236== Memcheck, a memory error detector
==1236== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==1236== Using Valgrind-3.5.0-Debian and LibVEX; rerun with -h for copyright info
==1236== Command: okular Mallivihko.pdf
==1236==
==1236== Conditional jump or move depends on uninitialised value(s)
==1236==    at 0x7B68290: inflateReset2 (in /usr/lib/libz.so.1.2.3.4)
==1236==    by 0x7B6837F: inflateInit2_ (in /usr/lib/libz.so.1.2.3.4)
==1236==    by 0x7B62AD8: uncompress (in /usr/lib/libz.so.1.2.3.4)
==1236==    by 0x62CC9AB: qUncompress(unsigned char const*, int) (qbytearray.cpp:543)
==1236==    by 0x57D8820: KPixmapCache::Private::loadData(int, QPixmap&) (qbytearray.h:579)
==1236==    by 0x57D9905: KPixmapCache::find(QString const&, QPixmap&) (kpixmapcache.cpp:1314)
==1236==    by 0x573B479: KIconCache::find(QString const&, QPixmap&, QString*) (kiconcache.cpp:277)
==1236==    by 0x572E751: KIconLoader::loadIcon(QString const&, KIconLoader::Group, int, int, QStringList const&, QString*, bool) const (kiconloader.cpp:1083)
==1236==    by 0x57269AC: KIconEngine::pixmap(QSize const&, QIcon::Mode, QIcon::State) (kiconengine.cpp:119)
==1236==    by 0x6913404: QIcon::pixmap(QSize const&, QIcon::Mode, QIcon::State) const (qicon.cpp:716)
==1236==    by 0x6902514: QWidgetPrivate::setWindowIcon_sys(bool) (qwidget_x11.cpp:1347)
==1236==    by 0x68CC43F: QWidget::create(unsigned long, bool, bool) (qwidget.cpp:1283)
==1236==
==1236== Conditional jump or move depends on uninitialised value(s)
==1236==    at 0x10490137: PageView::resizeEvent(QResizeEvent*) (pageview.cpp:1279)
==1236==    by 0x68CA1C9: QWidget::event(QEvent*) (qwidget.cpp:7700)
==1236==    by 0x6C3292A: QFrame::event(QEvent*) (qframe.cpp:559)
==1236==    by 0x63AAFB7: QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) (qcoreapplication.cpp:726)
==1236==    by 0x6879FEB: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4061)
==1236==    by 0x6882079: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4030)
==1236==    by 0x575EDE5: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:302)
==1236==    by 0x63ABC9B: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:610)
==1236==    by 0x69085DA: QWidgetPrivate::setGeometry_sys(int, int, int, int, bool) (qcoreapplication.h:213)
==1236==    by 0x68C9096: QWidget::setGeometry(QRect const&) (qwidget.cpp:6237)
==1236==    by 0x6CC17B3: QAbstractScrollAreaPrivate::layoutChildren() (qabstractscrollarea.cpp:459)
==1236==    by 0x6CC1DB0: QAbstractScrollArea::event(QEvent*) (qabstractscrollarea.cpp:874)
==1236==
==1236== Invalid read of size 4
==1236==    at 0x1047FB98: PagePainter::scalePixmapOnImage(QImage&, QPixmap const*, int, int, QRect const&, QImage::Format) (pagepainter.cpp:752)
==1236==    by 0x10484544: PagePainter::paintCroppedPageOnPainter(QPainter*, Okular::Page const*, int, int, int, int, QRect const&, Okular::NormalizedRect const&) (pagepainter.cpp:604)
==1236==    by 0x104918B2: PageView::drawDocumentOnPainter(QRect const&, QPainter*) (pageview.cpp:2368)
==1236==    by 0x10492711: PageView::contentsPaintEvent(QPaintEvent*) (pageview.cpp:1250)
==1236==    by 0x68CA195: QWidget::event(QEvent*) (qwidget.cpp:7692)
==1236==    by 0x104A066C: PageViewWidget::event(QEvent*) (pageview.cpp:264)
==1236==    by 0x687A01C: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4065)
==1236==    by 0x6882079: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4030)
==1236==    by 0x575EDE5: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:302)
==1236==    by 0x63ABC9B: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:610)
==1236==    by 0x68D11BD: QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) (qwidget.cpp:5084)
==1236==    by 0x6A46E6D: QWidgetBackingStore::sync() (qbackingstore.cpp:1264)
==1236==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==1236==
KCrash: Application 'okular' crashing...
sock_file=/home/sliedes/.kde/socket-lh/kdeinit4_localhost_10
kdeinit4: preparing to launch /usr/lib/kde4/libexec/drkonqi
==1236==
==1236== HEAP SUMMARY:
==1236==     in use at exit: 6,163,041 bytes in 49,127 blocks
==1236==   total heap usage: 222,236 allocs, 173,109 frees, 360,064,743 bytes allocated
==1236==
==1236== LEAK SUMMARY:
==1236==    definitely lost: 2,812 bytes in 8 blocks
==1236==    indirectly lost: 10,600 bytes in 332 blocks
==1236==      possibly lost: 1,747,733 bytes in 20,205 blocks
==1236==    still reachable: 4,401,896 bytes in 28,582 blocks
==1236==         suppressed: 0 bytes in 0 blocks
==1236== Rerun with --leak-check=full to see details of leaked memory
==1236==
==1236== For counts of detected and suppressed errors, rerun with: -v
==1236== Use --track-origins=yes to see where uninitialised values come from
==1236== ERROR SUMMARY: 14 errors from 3 contexts (suppressed: 7 from 5)
Comment 6 Sami Liedes 2010-03-11 22:49:36 UTC
Here's a backtrace from the unoptimized packages, showing that actually the pixmap is being scaled to width 1925, not ~1600 as I said before. Not sure if that's significant. This is the backtrace as shown by crash handler.

------------------------------------------------------------
Application: Okular (okular), signal: Segmentation fault
The current source language is "auto; currently c".
[KCrash Handler]
#5  0x00007fbd19a9f3a2 in PagePainter::scalePixmapOnImage (dest=..., src=0x7fff808ca190, scaledWidth=1925, scaledHeight=1445, cropRect=..., format=QImage::Format_ARGB32)
    at ../../okular/ui/pagepainter.cpp:752
#6  0x00007fbd19a9e5a8 in PagePainter::paintCroppedPageOnPainter (destPainter=0x7fff808cb100, page=0x167f340, pixID=3, flags=63, scaledWidth=1648, scaledHeight=2133, limits=..., crop=...)
    at ../../okular/ui/pagepainter.cpp:604
#7  0x00007fbd19ab8032 in PageView::drawDocumentOnPainter (this=0x139bc20, contentsRect=..., p=0x7fff808cb100) at ../../okular/ui/pageview.cpp:2368
#8  0x00007fbd19ab1ed2 in PageView::contentsPaintEvent (this=0x139bc20, pe=0x7fff808cb980) at ../../okular/ui/pageview.cpp:1250
#9  0x00007fbd19abe417 in PageViewWidget::paintEvent (this=0x13ca420, e=0x7fff808cb980) at ../../okular/ui/pageview.cpp:270
#10 0x00007fbd222a0196 in QWidget::event (this=0x13ca420, event=0x7fff808cb980) at kernel/qwidget.cpp:7692
#11 0x00007fbd19abe3e3 in PageViewWidget::event (this=0x13ca420, e=0x7fff808cb980) at ../../okular/ui/pageview.cpp:264
#12 0x00007fbd2225001d in QApplicationPrivate::notify_helper (this=0x1201fd0, receiver=0x13ca420, e=0x7fff808cb980) at kernel/qapplication.cpp:4065
#13 0x00007fbd2225807a in QApplication::notify (this=0x7fff808cc960, receiver=0x13ca420, e=0x7fff808cb980) at kernel/qapplication.cpp:4030
#14 0x00007fbd239f1de6 in KApplication::notify (this=0x7fff808cc960, receiver=0x13ca420, event=0x7fff808cb980) at ../../kdeui/kernel/kapplication.cpp:302
#15 0x00007fbd22dd6c9c in QCoreApplication::notifyInternal (this=0x7fff808cc960, receiver=0x13ca420, event=0x7fff808cb980) at kernel/qcoreapplication.cpp:610
#16 0x00007fbd222a71be in QWidgetPrivate::drawWidget (this=0x13d29b0, pdev=0x1315798, rgn=..., offset=..., flags=4, sharedPainter=0x0, backingStore=0x13113b0) at kernel/qwidget.cpp:5084
#17 0x00007fbd2241ce6e in QWidgetBackingStore::sync (this=0x13113b0) at painting/qbackingstore.cpp:1264
#18 0x00007fbd22299220 in QWidgetPrivate::syncBackingStore (this=0x130dff0) at kernel/qwidget.cpp:1603
#19 0x00007fbd222a0031 in QWidget::event (this=0x1313810, event=0x16983c0) at kernel/qwidget.cpp:7832
#20 0x00007fbd22622d2b in QMainWindow::event (this=0x1313810, event=0x16983c0) at widgets/qmainwindow.cpp:1399
#21 0x00007fbd23afc353 in KXmlGuiWindow::event (this=0x7fff808c9aa0, ev=0x0) at ../../kdeui/xmlgui/kxmlguiwindow.cpp:131
#22 0x00007fbd2225001d in QApplicationPrivate::notify_helper (this=0x1201fd0, receiver=0x1313810, e=0x16983c0) at kernel/qapplication.cpp:4065
#23 0x00007fbd2225807a in QApplication::notify (this=0x7fff808cc960, receiver=0x1313810, e=0x16983c0) at kernel/qapplication.cpp:4030
#24 0x00007fbd239f1de6 in KApplication::notify (this=0x7fff808cc960, receiver=0x1313810, event=0x16983c0) at ../../kdeui/kernel/kapplication.cpp:302
#25 0x00007fbd22dd6c9c in QCoreApplication::notifyInternal (this=0x7fff808cc960, receiver=0x1313810, event=0x16983c0) at kernel/qcoreapplication.cpp:610
#26 0x00007fbd22dd78e4 in QCoreApplication::sendEvent (receiver=0x0, event_type=0, data=0x11e9950) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:213
#27 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x11e9950) at kernel/qcoreapplication.cpp:1247
#28 0x00007fbd22dff7d3 in QCoreApplication::sendPostedEvents (s=<value optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218
#29 postEventSourceDispatch (s=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:276
#30 0x00007fbd1e64290e in g_main_dispatch (context=0x1204920) at /tmp/buildd/glib2.0-2.22.4/glib/gmain.c:1960
#31 IA__g_main_context_dispatch (context=0x1204920) at /tmp/buildd/glib2.0-2.22.4/glib/gmain.c:2513
#32 0x00007fbd1e6462c8 in g_main_context_iterate (context=0x1204920, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>)
    at /tmp/buildd/glib2.0-2.22.4/glib/gmain.c:2591
#33 0x00007fbd1e6463f0 in IA__g_main_context_iteration (context=0x1204920, may_block=1) at /tmp/buildd/glib2.0-2.22.4/glib/gmain.c:2654
#34 0x00007fbd22dff39c in QEventDispatcherGlib::processEvents (this=0x11e9160, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:407
#35 0x00007fbd222e6f1f in QGuiEventDispatcherGlib::processEvents (this=0x7fff808c9aa0, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:202
#36 0x00007fbd22dd5562 in QEventLoop::processEvents (this=<value optimized out>, flags=...) at kernel/qeventloop.cpp:149
#37 0x00007fbd22dd5934 in QEventLoop::exec (this=0x7fff808cc900, flags=...) at kernel/qeventloop.cpp:201
#38 0x00007fbd22dd7ba4 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#39 0x0000000000407f10 in main (argc=2, argv=0x7fff808ccc08) at ../../../okular/shell/main.cpp:81
------------------------------------------------------------

For some reason, srcData is NULL in PagePainter::scalePixmapOnImage():

------------------------------------------------------------
Program received signal SIGSEGV, Segmentation fault.
0x00007fffed37f3a2 in PagePainter::scalePixmapOnImage (dest=..., src=0x7fffffffbba0, scaledWidth=1925, scaledHeight=1445, cropRect=...,
    format=QImage::Format_ARGB32) at ../../okular/ui/pagepainter.cpp:752
752                 (*destData++) = srcData[ srcOffset + xOffset[x] ];
(gdb) print destData
$1 = (unsigned int *) 0xa9dfc0
(gdb) print srcData
$2 = (unsigned int *) 0x0
(gdb) print srcImage
$3 = {<QPaintDevice> = {_vptr.QPaintDevice = 0x7ffff65288f0, painters = 0}, d = 0x0}
(gdb) print *src
$5 = {<QPaintDevice> = {_vptr.QPaintDevice = 0x7ffff6528d70, painters = 0}, data = 0xa39a60}
(gdb) print *src->data
$7 = {_vptr.QPixmapData = 0x7ffff65295b0, ref = {<QBasicAtomicInt> = {_q_value = 2}, <No data fields>}, detach_no = 0,
  type = QPixmapData::PixmapType, id = 1, ser_no = 479, is_cached = 0}
------------------------------------------------------------

And valgrind output (this time with even zlib debug syms, although I doubt that's significant :-):

------------------------------------------------------------
==23790== Memcheck, a memory error detector
==23790== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==23790== Using Valgrind-3.5.0-Debian and LibVEX; rerun with -h for copyright info
==23790== Command: okular Mallivihko.pdf
==23790==
==23790== Conditional jump or move depends on uninitialised value(s)
==23790==    at 0x7B68290: inflateReset2 (inflate.c:157)
==23790==    by 0x7B6837F: inflateInit2_ (inflate.c:193)
==23790==    by 0x7B62AD8: uncompress (uncompr.c:47)
==23790==    by 0x62CC9AB: qUncompress(unsigned char const*, int) (qbytearray.cpp:543)
==23790==    by 0x57D8820: KPixmapCache::Private::loadData(int, QPixmap&) (qbytearray.h:579)
==23790==    by 0x57D9905: KPixmapCache::find(QString const&, QPixmap&) (kpixmapcache.cpp:1314)
==23790==    by 0x573B479: KIconCache::find(QString const&, QPixmap&, QString*) (kiconcache.cpp:277)
==23790==    by 0x572E751: KIconLoader::loadIcon(QString const&, KIconLoader::Group, int, int, QStringList const&, QString*, bool) const (kiconloader.cpp:1083)
==23790==    by 0x57269AC: KIconEngine::pixmap(QSize const&, QIcon::Mode, QIcon::State) (kiconengine.cpp:119)
==23790==    by 0x6913404: QIcon::pixmap(QSize const&, QIcon::Mode, QIcon::State) const (qicon.cpp:716)
==23790==    by 0x6902514: QWidgetPrivate::setWindowIcon_sys(bool) (qwidget_x11.cpp:1347)
==23790==    by 0x68CC43F: QWidget::create(unsigned long, bool, bool) (qwidget.cpp:1283)
==23790==
==23790== Conditional jump or move depends on uninitialised value(s)
==23790==    at 0x4192127: PageView::resizeEvent(QResizeEvent*) (pageview.cpp:1279)
==23790==    by 0x68CA1C9: QWidget::event(QEvent*) (qwidget.cpp:7700)
==23790==    by 0x6C3292A: QFrame::event(QEvent*) (qframe.cpp:559)
==23790==    by 0x63AAFB7: QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) (qcoreapplication.cpp:726)
==23790==    by 0x6879FEB: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4061)
==23790==    by 0x6882079: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4030)
==23790==    by 0x575EDE5: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:302)
==23790==    by 0x63ABC9B: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:610)
==23790==    by 0x69085DA: QWidgetPrivate::setGeometry_sys(int, int, int, int, bool) (qcoreapplication.h:213)
==23790==    by 0x68C9096: QWidget::setGeometry(QRect const&) (qwidget.cpp:6237)
==23790==    by 0x6CC17B3: QAbstractScrollAreaPrivate::layoutChildren() (qabstractscrollarea.cpp:459)
==23790==    by 0x6CC1DB0: QAbstractScrollArea::event(QEvent*) (qabstractscrollarea.cpp:874)
==23790==
==23790== Invalid read of size 4
==23790==    at 0x417F3A2: PagePainter::scalePixmapOnImage(QImage&, QPixmap const*, int, int, QRect const&, QImage::Format) (pagepainter.cpp:752)
==23790==    by 0x417E5A7: PagePainter::paintCroppedPageOnPainter(QPainter*, Okular::Page const*, int, int, int, int, QRect const&, Okular::NormalizedRect const&) (pagepainter.cpp:604)
==23790==    by 0x4198031: PageView::drawDocumentOnPainter(QRect const&, QPainter*) (pageview.cpp:2368)
==23790==    by 0x4191ED1: PageView::contentsPaintEvent(QPaintEvent*) (pageview.cpp:1250)
==23790==    by 0x419E416: PageViewWidget::paintEvent(QPaintEvent*) (pageview.cpp:270)
==23790==    by 0x68CA195: QWidget::event(QEvent*) (qwidget.cpp:7692)
==23790==    by 0x419E3E2: PageViewWidget::event(QEvent*) (pageview.cpp:264)
==23790==    by 0x687A01C: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4065)
==23790==    by 0x6882079: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4030)
==23790==    by 0x575EDE5: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:302)
==23790==    by 0x63ABC9B: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:610)
==23790==    by 0x68D11BD: QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) (qwidget.cpp:5084)
==23790==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==23790==
------------------------------------------------------------

If there's something you want me to inspect further, I'll be happy to be of assistance.
Comment 7 Albert Astals Cid 2010-03-11 23:59:03 UTC
Can you print src->isNull()?
Comment 8 Albert Astals Cid 2010-03-12 00:00:09 UTC
Actually if you are online now it would be much better if you could go into the #okular channel in irc.freenode.net IRC network to have a much smaller turnaround in time of question<->answer
Comment 9 Sami Liedes 2010-03-12 01:41:13 UTC
Per IRC discussion before you ping timeouted, the problem is the canReturnNull=true argument to KIconLoader::loadIcon() in GuiUtils::loadStamp().

However this fix is not enough:

184 pixmap = il->loadIcon( name, KIconLoader::User, minSize, KIconLoader::DefaultState, QStringList(), &path, true );
185 if ( path.isEmpty() || pixmap.isNull() )
186     pixmap = il->loadIcon( name, KIconLoader::NoGroup, minSize );
187 return pixmap;

apparently because the loadIcon call in 186 can't find an unknown icon for size 1660.

I use the oxygen theme. Oxygen (and indeed all other themes I have installed besides crystalsvg) only seems to have mimetype/unknown.png icons with preset sizes (and no svgs):

$ find /usr/share/icons/ -name unknown\*
[...]
/usr/share/icons/oxygen/32x32/mimetypes/unknown.png                     
/usr/share/icons/oxygen/128x128/mimetypes/unknown.png                   
/usr/share/icons/oxygen/22x22/mimetypes/unknown.png                     
/usr/share/icons/oxygen/256x256/mimetypes/unknown.png
/usr/share/icons/oxygen/16x16/mimetypes/unknown.png
/usr/share/icons/oxygen/16x16/apps/unknownapp.png
/usr/share/icons/oxygen/64x64/mimetypes/unknown.png
/usr/share/icons/oxygen/48x48/mimetypes/unknown.png

I don't know enough to tell if loadIcon() should scale the 256x256 icon to size 1660, in any case it fails to find an icon (it outputs "Warning: could not find \"Unknown\" icon for size = 1660" into kDebug(264)) and returns a null QPixmap, even with canReturnNull=false, which okular cannot handle (kiconloader.cpp:1137).
Comment 10 Albert Astals Cid 2010-03-12 09:34:25 UTC
Sorry for that, my internet connection died and i was unable to resurrect it until this morning, i will investigate why loadIcon is returning a null pixmap since this is the root cause of the problem.
Comment 11 Albert Astals Cid 2010-03-23 22:49:12 UTC
SVN commit 1106763 by aacid:

do not trust kdelibs to give a pixmap even if we ask for it since sometimes it fails
BUGS: 230282


 M  +14 -8     pagepainter.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1106763
Comment 12 Albert Astals Cid 2010-03-23 22:50:51 UTC
SVN commit 1106764 by aacid:

backport r1106763 | aacid | 2010-03-23 21:50:13 +0000 (Tue, 23 Mar 2010) | 3 lines

do not trust kdelibs to give a pixmap even if we ask for it since sometimes it fails
BUGS: 230282


 M  +14 -8     pagepainter.cpp  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1106764
Comment 13 Albert Astals Cid 2010-03-25 20:11:03 UTC
*** Bug 232060 has been marked as a duplicate of this bug. ***
Comment 14 Christoph Feck 2010-03-25 21:48:38 UTC
*** Bug 232060 has been marked as a duplicate of this bug. ***