Application: okular (1.11.1) Qt Version: 5.15.2 Frameworks Version: 5.79.0 Operating System: Linux 5.11.11-200.fc33.x86_64 x86_64 Windowing system: X11 Distribution: Fedora 33 (KDE Plasma) -- Information about the crash: - What I was doing when the application crashed: I opened a pdf with okular. The pdf has been opened correctly. The pdf contained a form, so I used the suggestion (Visualize->See forms) to start the modify-mode. When entered the modify-mode, I saw changing font of the form field. So, I clicked on one field and okular crashed. Something odd I noticed is that not all the form field of the pdf were marked up as form field while in the modify-mode. Indeed I opened the same pdf-form with Chromium and there I could see many more fields than the ones seen in okular. The crash can be reproduced every time. -- Backtrace: Application: Okular (okular), signal: Segmentation fault [KCrash Handler] #4 0x00007f75b0361bf1 in Poppler::Document::formCalculateOrder() const () from /lib64/libpoppler-qt5.so.1 #5 0x00007f75b03e3d4f in PDFGenerator::metaData(QString const&, QVariant const&) const () from /usr/lib64/qt5/plugins/okular/generators/okularGenerator_poppler.so #6 0x00007f75b3560a61 in Okular::Document::metaData(QString const&, QVariant const&) const () from /lib64/libOkular5Core.so.9 #7 0x00007f75b3550343 in Okular::DocumentPrivate::recalculateForms() () from /lib64/libOkular5Core.so.9 #8 0x00007f75b3576fd7 in Okular::EditFormButtonsCommand::redo() () from /lib64/libOkular5Core.so.9 #9 0x00007f75ccd1019a in QUndoStack::push(QUndoCommand*) () from /lib64/libQt5Widgets.so.5 #10 0x00007f75cbe8f386 in void doActivate<false>(QObject*, int, void**) () from /lib64/libQt5Core.so.5 #11 0x00007f75b81bd4b2 in FormWidgetsController::slotButtonClicked(QAbstractButton*) () from /usr/lib64/qt5/plugins/okularpart.so #12 0x00007f75cbe8f386 in void doActivate<false>(QObject*, int, void**) () from /lib64/libQt5Core.so.5 #13 0x00007f75cca765d3 in QButtonGroup::buttonClicked(QAbstractButton*) () from /lib64/libQt5Widgets.so.5 #14 0x00007f75cca71d7f in QAbstractButtonPrivate::emitClicked() () from /lib64/libQt5Widgets.so.5 #15 0x00007f75cca73673 in QAbstractButtonPrivate::click() () from /lib64/libQt5Widgets.so.5 #16 0x00007f75cca73855 in QAbstractButton::mouseReleaseEvent(QMouseEvent*) () from /lib64/libQt5Widgets.so.5 #17 0x00007f75cc9c2b1e in QWidget::event(QEvent*) () from /lib64/libQt5Widgets.so.5 #18 0x00007f75cc981ec3 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5 #19 0x00007f75cc988eeb in QApplication::notify(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5 #20 0x00007f75cbe5fbd8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt5Core.so.5 #21 0x00007f75cc987efa in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) () from /lib64/libQt5Widgets.so.5 #22 0x00007f75cc9db375 in QWidgetWindow::handleMouseEvent(QMouseEvent*) () from /lib64/libQt5Widgets.so.5 #23 0x00007f75cc9de6be in QWidgetWindow::event(QEvent*) () from /lib64/libQt5Widgets.so.5 #24 0x00007f75cc981ec3 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5 #25 0x00007f75cbe5fbd8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt5Core.so.5 #26 0x00007f75cc328143 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () from /lib64/libQt5Gui.so.5 #27 0x00007f75cc3098cc in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Gui.so.5 #28 0x00007f75ba55e47e in xcbSourceDispatch(_GSource*, int (*)(void*), void*) () from /lib64/libQt5XcbQpa.so.5 #29 0x00007f75ca63fa9f in g_main_context_dispatch () from /lib64/libglib-2.0.so.0 #30 0x00007f75ca691a98 in g_main_context_iterate.constprop () from /lib64/libglib-2.0.so.0 #31 0x00007f75ca63ce73 in g_main_context_iteration () from /lib64/libglib-2.0.so.0 #32 0x00007f75cbeac6f3 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Core.so.5 #33 0x00007f75cbe5e57b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Core.so.5 #34 0x00007f75cbe661b4 in QCoreApplication::exec() () from /lib64/libQt5Core.so.5 #35 0x000055d0165be8ce in main () [Inferior 1 (process 3678) detached] The reporter indicates this bug may be a duplicate of or related to bug 234280. Possible duplicates by query: bug 395029, bug 366785, bug 366617, bug 334348, bug 332693. Reported using DrKonqi
can we have that file?
Created attachment 137525 [details] The pdf-form written in the bug description To reproduce the bug: open the PDF-form, click on See forms, then you will see in the first page, above on the right, the section "Death saves, success and failure" which becomes editable, so you can select and unselect the squares. Furthermore, all the sections of the sheet are text boxes forms, but they are not editable with okular.
Of course. I forgot it. So, if you click in the squares following what described here above, okular will crash
Doesn't crash here :/ 2 things: a) Which poppler version are you running? b) can you run in a terminal valgrind okular thefile.pdf and try to make it crash? Even if it doesn't crash, can you attach the valgrind output?
(In reply to Albert Astals Cid from comment #4) > Doesn't crash here :/ I can reproduce this with poppler 20.12.1, so it must have been fixed somewhere in between.
To Albert: (0) Even without reproducing that specific bug, can you see all the form-fields? As descripted in the description of the attachment mostly of the pdf is editable (1) Poppler version I'm using: Poppler 0.90.0 (2) I reproduced the bug and the outcome was the same. Here it is the valgrind output: [espirito@localhost Scrivania]$ valgrind okular Presticulo_47775440.pdf ==3701== Memcheck, a memory error detector ==3701== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==3701== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright info ==3701== Command: okular Presticulo_47775440.pdf ==3701== ==3701== Conditional jump or move depends on uninitialised value(s) ==3701== at 0x21A40C61: ??? ==3701== by 0x1DEDA5A7: ??? ==3701== ==3701== Conditional jump or move depends on uninitialised value(s) ==3701== at 0x21A40C61: ??? ==3701== by 0x1DE8EA27: ??? ==3701== ==3701== Conditional jump or move depends on uninitialised value(s) ==3701== at 0x1C28316A: ??? (in /usr/lib64/qt5/plugins/okularpart.so) ==3701== by 0x5133573: QWidget::event(QEvent*) (in /usr/lib64/libQt5Widgets.so.5.15.2) ==3701== by 0x51DC6F1: QFrame::event(QEvent*) (in /usr/lib64/libQt5Widgets.so.5.15.2) ==3701== by 0x5F53994: QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) (in /usr/lib64/libQt5Core.so.5.15.2) ==3701== by 0x50F1EB1: QApplicationPrivate::notify_helper(QObject*, QEvent*) (in /usr/lib64/libQt5Widgets.so.5.15.2) ==3701== by 0x5F53BD7: QCoreApplication::notifyInternal2(QObject*, QEvent*) (in /usr/lib64/libQt5Core.so.5.15.2) ==3701== by 0x512985F: QWidgetPrivate::setGeometry_sys(int, int, int, int, bool) (in /usr/lib64/libQt5Widgets.so.5.15.2) ==3701== by 0x512A6DF: QWidget::setGeometry(QRect const&) (in /usr/lib64/libQt5Widgets.so.5.15.2) ==3701== by 0x51DDB76: QAbstractScrollAreaPrivate::layoutChildren_helper(bool*, bool*) (in /usr/lib64/libQt5Widgets.so.5.15.2) ==3701== by 0x51DE01E: QAbstractScrollAreaPrivate::layoutChildren() (in /usr/lib64/libQt5Widgets.so.5.15.2) ==3701== by 0x51DF633: QAbstractScrollArea::event(QEvent*) (in /usr/lib64/libQt5Widgets.so.5.15.2) ==3701== by 0x50F1EC2: QApplicationPrivate::notify_helper(QObject*, QEvent*) (in /usr/lib64/libQt5Widgets.so.5.15.2) ==3701== ==3701== Thread 12 Okular::PixmapGe: ==3701== Use of uninitialised value of size 8 ==3701== at 0x2B2343C8: GfxImageColorMap::getRGBXLine(unsigned char*, unsigned char*, int) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B2DA1E5: SplashOutputDev::imageSrc(void*, unsigned char*, unsigned char*) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B2EFF21: Splash::scaleImageYdXd(bool (*)(void*, unsigned char*, unsigned char*), void*, SplashColorMode, int, bool, int, int, int, int, SplashBitmap*) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B2F46D3: Splash::scaleImage(bool (*)(void*, unsigned char*, unsigned char*), void*, SplashColorMode, int, bool, int, int, int, int, bool, bool) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B2F95E0: Splash::drawImage(bool (*)(void*, unsigned char*, unsigned char*), void (*)(void*, SplashBitmap*), void*, SplashColorMode, bool, int, int, double*, bool, bool) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B2E0757: SplashOutputDev::drawSoftMaskedImage(GfxState*, Object*, Stream*, int, int, GfxImageColorMap*, bool, Stream*, int, int, GfxImageColorMap*, bool) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B2174C3: Gfx::doImage(Object*, Stream*, bool) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B211012: Gfx::opXObject(Object*, int) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B206BD1: Gfx::go(bool) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B207593: Gfx::display(Object*, bool) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B26B362: Page::displaySlice(OutputDev*, double, double, int, bool, bool, int, int, int, int, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) (in /usr/lib64/libpoppler.so.101.0.0) ==3701== by 0x2B0591CB: Poppler::Page::renderToImage(double, double, int, int, int, int, Poppler::Page::Rotation, void (*)(QImage const&, QVariant const&), bool (*)(QVariant const&), bool (*)(QVariant const&), QVariant const&) const (in /usr/lib64/libpoppler-qt5.so.1.25.0) ==3701== QSocketNotifier: Invalid socket 8 and type 'Read', disabling... QSocketNotifier: Invalid socket 9 and type 'Read', disabling... ==3627== ==3627== HEAP SUMMARY: ==3627== in use at exit: 52,897,422 bytes in 115,284 blocks ==3627== total heap usage: 2,143,872 allocs, 2,028,588 frees, 1,459,454,060 bytes allocated ==3627== ==3627== LEAK SUMMARY: ==3627== definitely lost: 8 bytes in 1 blocks ==3627== indirectly lost: 32 bytes in 1 blocks ==3627== possibly lost: 1,245,720 bytes in 4,401 blocks ==3627== still reachable: 51,651,662 bytes in 110,881 blocks ==3627== of which reachable via heuristic: ==3627== newarray : 456 bytes in 13 blocks ==3627== multipleinheritance: 142,456 bytes in 173 blocks ==3627== suppressed: 0 bytes in 0 blocks ==3627== Rerun with --leak-check=full to see details of leaked memory ==3627== ==3627== Use --track-origins=yes to see where uninitialised values come from ==3627== For lists of detected and suppressed errors, rerun with: -s ==3627== ERROR SUMMARY: 3479134 errors from 5 contexts (suppressed: 0 from 0) ==3701== Thread 1: ==3701== Invalid read of size 8 ==3701== at 0x2B04CBF1: Poppler::Document::formCalculateOrder() const (in /usr/lib64/libpoppler-qt5.so.1.25.0) ==3701== by 0x2AFB8D4E: ??? (in /usr/lib64/qt5/plugins/okular/generators/okularGenerator_poppler.so) ==3701== Address 0x50 is not stack'd, malloc'd or (recently) free'd ==3701== KCrash: Application 'okular' crashing... KCrash: Attempting to start /usr/libexec/drkonqi [1] Uscita 253 valgrind okular Presticulo_47775440.pdf [2]+ Fermato valgrind okular Presticulo_47775440.pdf
To Albert and Yuri: After this valgrind output of the bug: do you think it is just due to my old version of Poppler? If so, how can I update it to a version which is supported and stable?
(In reply to Emanuele Spirito from comment #7) > To Albert and Yuri: > After this valgrind output of the bug: do you think it is just due to my old > version of Poppler? If so, how can I update it to a version which is > supported and stable? I can confirm that the file does not crash Okular with poppler 21.04 (the current version from git). I think that the most constructive way to fix it would be filing bug report in Fedora Bugzilla with the hash of the commit that fixes the bug (Albert knows better as the fix was probably made by him). The wrong way which breaks Inkscape, Okular and other packages, as they should be recompiled, is building it from scratch: http://www.linuxfromscratch.org/blfs/view/svn/general/poppler.html
(In reply to Yuri Chornoivan from comment #8) > I can confirm that the file does not crash Okular with poppler 21.04 (the > current version from git). I think that the most constructive way to fix it > would be filing bug report in Fedora Bugzilla with the hash of the commit > that fixes the bug (Albert knows better as the fix was probably made by him). Ok, so, I wait for Albert reply, then I open a bug report in bugzilla for the poppler component with: - description of the issue of opening that pdf (ecc...); - the current bug report; - I'll say that the latest git poppler version doesn't have that problem; - I put the commit of the fix you cited above. Do I have your permission to put you two in cc list for that bug in bugzilla? > The wrong way which breaks Inkscape, Okular and other packages, as they > should be recompiled, is building it from scratch: > > http://www.linuxfromscratch.org/blfs/view/svn/general/poppler.html Ok, I won't do that!
I don't really have the time to figure out which of the commits in poppler fixed this issue, but since both me and Yuri can confirm that with modern versions of it it doesn't crash i'm closing the bug. I understand that's not super helpful for you that still have a crash issue, you may want to try https://flathub.org/apps/details/org.kde.okular that should provide a recent enough okular+poppler combination.