Bug 245093 - graphics/poppler: 0.86.1 broke opening PDFs with links (via graphics/evince)
Summary: graphics/poppler: 0.86.1 broke opening PDFs with links (via graphics/evince)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-desktop (Team)
URL:
Keywords: needs-qa, regression
Depends on:
Blocks:
 
Reported: 2020-03-27 06:46 UTC by Ashish SHUKLA
Modified: 2020-03-28 15:59 UTC (History)
6 users (show)

See Also:
tcberner: maintainer-feedback+
koobs: maintainer-feedback? (gnome)


Attachments
pkg info | awk '{ print $1; }' (38.62 KB, text/plain)
2020-03-27 06:46 UTC, Ashish SHUKLA
no flags Details
Workaround patch related to comment 1 (428 bytes, patch)
2020-03-27 09:40 UTC, Philippe Michel
no flags Details | Diff
Fix obtained from upstream commit 68b6dd2e (3.97 KB, patch)
2020-03-27 15:54 UTC, Ashish SHUKLA
no flags Details | Diff
Update diff (4.84 KB, patch)
2020-03-28 08:52 UTC, Ashish SHUKLA
tcberner: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ashish SHUKLA freebsd_committer 2020-03-27 06:46:35 UTC
Created attachment 212744 [details]
pkg info | awk '{ print $1; }'

I am testing with Evince 3.28.5_12, and unable to open following PDF:

   https://hott.github.io/book/nightly/hott-a4-1246-g494c5db.pdf

Evince crashes with:

λ gdb $(which evince)                              
GNU gdb (GDB) 9.1 [GDB v9.1 for FreeBSD]
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-portbld-freebsd12.1".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.
 
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/local/bin/evince...
(gdb) run /tmp/hott-a4-1246-g494c5db.pdf
Starting program: /usr/local/bin/evince /tmp/hott-a4-1246-g494c5db.pdf
[New LWP 100443 of process 68421]
[New LWP 100446 of process 68421]
[New LWP 101790 of process 68421]
 
(evince:68421): GVFS-RemoteVolumeMonitor-WARNING **: 11:44:50.132: remote volume monitor with dbus name org.gtk.vfs.HalVolumeMonitor is not supported
[New LWP 102433 of process 68421]
[New LWP 102434 of process 68421]
[New LWP 102435 of process 68421]
[LWP 102433 of process 68421 exited]
 
Thread 7 received signal SIGSEGV, Segmentation fault.
[Switching to LWP 102435 of process 68421]
0x0000000808657e18 in build_goto_dest (document=0x8083c4280 [PopplerDocument], action=0x806b5a4c0, link=0x0) at poppler-action.cc:348
348     poppler-action.cc: No such file or directory.
(gdb) bt full
#0  0x0000000808657e18 in build_goto_dest(_PopplerDocument*, _PopplerAction*, LinkGoTo const*)
    (document=0x8083c4280 [PopplerDocument], action=0x806b5a4c0, link=0x0) at poppler-action.cc:348
        link_dest = 0x7fffdf5f8bc0
        named_dest = 0x80181ca4b <g_strdup+75>
#1  0x000000080865792a in _poppler_action_new(_PopplerDocument*, LinkAction const*, char const*)
    (document=0x8083c4280 [PopplerDocument], link=0x80a149f00, title=0x80a177dc0 "Preface") at poppler-action.cc:630
        action = 0x806b5a4c0
#2  0x000000080865fd4a in poppler_index_iter_get_action(PopplerIndexIter*) (iter=0x806b3cda0) at poppler-document.cc:2662
        item = 0x80695e780
        link_action = 0x80a149f00
        action = 0x0
        title = 0x80a177dc0 "Preface"
#3  0x0000000808611a9a in build_tree(_PdfDocument*, _GtkTreeModel*, _GtkTreeIter*, _PopplerIndexIter*)
    (pdf_document=0x8071ef6f0 [PdfDocument], model=0x8083ff890, parent=0x0, iter=0x806b3cda0) at ev-poppler.cc:1463
        tree_iter = {stamp = 138410128, user_data = 0x3000000028, user_data2 = 0x7fffdf5f8e50, user_data3 = 0x7fffdf5f8d40}
        action = 0x8083c4280
        link = 0x0
        expand = 8
        child = 0x8083c4280
        title_markup = 0x7fffdf5f8e00 ""
#4  0x0000000808611790 in pdf_document_links_get_links_model(_EvDocumentLinks*) (document_links=0x8071ef6f0) at ev-poppler.cc:1516
        pdf_document = 0x8071ef6f0 [PdfDocument]
        model = 0x8083ff890
        iter = 0x806b3cda0
#5  0x00000008002f5a4a in ev_document_links_get_links_model (document_links=0x8071ef6f0) at ev-document-links.c:58
        iface = 0x8083e2580
        retval = 0x206
#6  0x00000008003475d2 in ev_job_links_run (job=0x80707b0f0 [EvJobLinks]) at ev-jobs.c:389
        job_links = 0x80707b0f0 [EvJobLinks]
#7  0x0000000800345b03 in ev_job_run (job=0x80707b0f0 [EvJobLinks]) at ev-jobs.c:216
        class = 0x8068d3060
#8  0x000000080034abaf in ev_job_thread (job=0x80707b0f0 [EvJobLinks]) at ev-job-scheduler.c:184
        result = 0
#9  0x000000080034aad8 in ev_job_thread_proxy (data=0x0) at ev-job-scheduler.c:217
        job = 0x80a147080
#10 0x000000080182b6ed in g_thread_proxy (data=0x807f52e80) at gthread.c:784
        thread = 0x807f52e80
#11 0x0000000801435736 in thread_start (curthread=0x808246900) at /usr/src/lib/libthr/thread/thr_create.c:292
        set = {__bits = {0, 0, 0, 0}}
#12 0x0000000000000000 in  ()


I am running FreeBSD 12.1-RELEASE-p2 (amd64) with following packages installed:

evince-3.28.5_12
poppler-0.86.1
poppler-data-0.4.9_2
poppler-glib-0.86.1_1

Complete output attached in pkg.txt file.

After reverting to poppler{,-glib}-0.85.0, it works fine now.

Thanks!
Comment 1 Philippe Michel 2020-03-27 09:39:16 UTC
I see a very similar problem (evince-lite on FreeBSD 12.1-STABLE r359193 with all relevant ports up to date), although the crash happens at a different place in poppler-action.cc :

Thread 5 received signal SIGSEGV, Segmentation fault.
[Switching to LWP 100573 of process 99965]
0x000000080543b185 in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::__is_long (this=0x20) at /usr/include/c++/v1/string:1426
1426            {return bool(__r_.first().__s.__size_ & __short_mask);}
(gdb) where
#0  0x000000080543b185 in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::__is_long (this=0x20) at /usr/include/c++/v1/string:1426
#1  0x000000080543b12c in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::__get_pointer (this=0x20)
    at /usr/include/c++/v1/string:1520
#2  0x000000080543b085 in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::data (this=0x20) at /usr/include/c++/v1/string:1248
#3  0x000000080543b385 in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >::c_str (this=0x20) at /usr/include/c++/v1/string:1246
#4  0x000000080543a011 in build_uri (action=0x804009480, link=0x0) at poppler-action.cc:408
#5  0x0000000805439a8f in _poppler_action_new (document=0x805116a80, link=0x8068b1d40, title=0x0) at poppler-action.cc:642
#6  0x000000080544d004 in poppler_page_get_link_mapping (page=0x806a16f80) at poppler-page.cc:1237
#7  0x000000080518b544 in ?? () from /usr/local/lib/evince/4/backends/libpdfdocument.so
#8  0x000000080031cd6d in ?? () from /usr/local/lib/libevview3.so.3
#9  0x000000080031e614 in ?? () from /usr/local/lib/libevview3.so.3
#10 0x000000080149fe4a in ?? () from /usr/local/lib/libglib-2.0.so.0
#11 0x0000000801115735 in ?? () from /lib/libthr.so.3
#12 0x0000000000000000 in ?? ()
Backtrace stopped: Cannot access memory at address 0x7fffdf9fb000

The attached patch works around the problem for me but I don't know enough c++ to really understand what happens (why does a dynamic_cast of link between frames #5 and #4 fail)
Comment 2 Philippe Michel 2020-03-27 09:40:31 UTC
Created attachment 212745 [details]
Workaround patch related to comment 1
Comment 3 Ashish SHUKLA freebsd_committer 2020-03-27 09:55:24 UTC
(In reply to Philippe Michel from comment #1)

That crash also happened with me but on a PDF that I can't share publicly.
Comment 4 Ashish SHUKLA freebsd_committer 2020-03-27 10:06:14 UTC
(In reply to Philippe Michel from comment #2)

After applying patch:

0x000000080865ee18 in build_goto_dest (document=0x8083cfd40 [PopplerDocument], action=0x806b400c0, link=0x0) at poppler-action.cc:348
348             if (! link->isOk ()) {
(gdb) bt full
#0  0x000000080865ee18 in build_goto_dest(_PopplerDocument*, _PopplerAction*, LinkGoTo const*) (document=0x8083cfd40 [PopplerDocument], action=0x806b400c0, link=0x0) at poppler-action.cc:348
        link_dest = 0x7fffdf5f8bc0
        named_dest = 0x80181ca4b <g_strdup+75>
#1  0x000000080865e92a in _poppler_action_new(_PopplerDocument*, LinkAction const*, char const*) (document=0x8083cfd40 [PopplerDocument], link=0x80a144f00, title=0x80a174dc0 "Preface")
    at poppler-action.cc:635
        action = 0x806b400c0
#2  0x0000000808666d5a in poppler_index_iter_get_action(PopplerIndexIter*) (iter=0x806b60140) at poppler-document.cc:2662
        item = 0x80695e6a0
        link_action = 0x80a144f00
        action = 0x0
        title = 0x80a174dc0 "Preface"
#3  0x0000000808618a9a in build_tree(_PdfDocument*, _GtkTreeModel*, _GtkTreeIter*, _PopplerIndexIter*) (pdf_document=0x80717a6f0 [PdfDocument], model=0x8083fe890, parent=0x0, iter=0x806b60140)
    at ev-poppler.cc:1463
        tree_iter = {stamp = 138406032, user_data = 0x3000000028, user_data2 = 0x7fffdf5f8e50, user_data3 = 0x7fffdf5f8d40}
        action = 0x8083cfd40
        link = 0x0
        expand = 8
        child = 0x8083cfd40
        title_markup = 0x7fffdf5f8e00 ""
#4  0x0000000808618790 in pdf_document_links_get_links_model(_EvDocumentLinks*) (document_links=0x80717a6f0) at ev-poppler.cc:1516
        pdf_document = 0x80717a6f0 [PdfDocument]
        model = 0x8083fe890
        iter = 0x806b60140
#5  0x00000008002f5a4a in ev_document_links_get_links_model (document_links=0x80717a6f0) at ev-document-links.c:58
        iface = 0x8083e9580
        retval = 0x206
#6  0x00000008003475d2 in ev_job_links_run (job=0x8083d04f0 [EvJobLinks]) at ev-jobs.c:389
        job_links = 0x8083d04f0 [EvJobLinks]
#7  0x0000000800345b03 in ev_job_run (job=0x8083d04f0 [EvJobLinks]) at ev-jobs.c:216
        class = 0x8068d3060
#8  0x000000080034abaf in ev_job_thread (job=0x8083d04f0 [EvJobLinks]) at ev-job-scheduler.c:184
        result = 0
#9  0x000000080034aad8 in ev_job_thread_proxy (data=0x0) at ev-job-scheduler.c:217
        job = 0x80a0e7c00
#10 0x000000080182b6ed in g_thread_proxy (data=0x807f5e280) at gthread.c:784
        thread = 0x807f5e280
#11 0x0000000801435736 in thread_start (curthread=0x808246900) at /usr/src/lib/libthr/thread/thr_create.c:292
        set = {__bits = {0, 0, 0, 0}}
#12 0x0000000000000000 in  ()
Comment 5 Philippe Michel 2020-03-27 13:25:55 UTC
The following upstream commit looks like a more proper and comprehensive fix than my quick hack :

https://gitlab.freedesktop.org/poppler/poppler/-/commit/68b6dd2ecd868c1a757cb8b9273e2e26687e5229

At least it works for me and, considering the modified source line numbers, is likely to cater to Ashish other issue and some potential other ones as well.
 
See also https://gitlab.freedesktop.org/poppler/poppler/issues/893 for a bug report there, essentially identical to this one, that led to the above commit.
Comment 6 Ashish SHUKLA freebsd_committer 2020-03-27 15:54:05 UTC
Created attachment 212758 [details]
Fix obtained from upstream commit 68b6dd2e

Patch obtained from:

https://gitlab.freedesktop.org/poppler/poppler/-/commit/68b6dd2ecd868c1a757cb8b9273e2e26687e5229

Thanks to Philippe
Comment 7 Tobias C. Berner freebsd_committer 2020-03-27 17:32:51 UTC
(In reply to Ashish SHUKLA from comment #6)

Moin moin 

Could you update the patch so that it uses PATCH_SITES and PATCHFILES and gets the commit as patch directly?
That way the origin of the code is clearly evident.


mfg Tobias
Comment 8 Ting-Wei Lan 2020-03-27 18:12:22 UTC
(In reply to Tobias C. Berner from comment #7)
Doesn't doing so cause checksum errors when the version of Git is updated on the server? GitLab includes the version of Git at the bottom of the patch file.
Comment 9 Ting-Wei Lan 2020-03-27 20:21:47 UTC
Comment on attachment 212758 [details]
Fix obtained from upstream commit 68b6dd2e

>diff -urN /usr/ports/graphics/poppler/Makefile poppler/Makefile
>--- /usr/ports/graphics/poppler/Makefile	2020-03-21 18:27:09.000000000 +0530
>+++ poppler/Makefile	2020-03-27 21:20:32.282515000 +0530
>@@ -3,6 +3,7 @@
> 
> PORTNAME=	poppler
> DISTVERSION=	0.86.1
>+PORTREVISION=	1
> CATEGORIES=	graphics print
> MASTER_SITES=	https://poppler.freedesktop.org/
> 

This should be PORTREVISION?= because poppler-glib wants to change its value.

>diff -urN /usr/ports/graphics/poppler-glib/Makefile poppler-glib/Makefile
>--- /usr/ports/graphics/poppler-glib/Makefile	2020-03-21 18:27:09.000000000 +0530
>+++ poppler-glib/Makefile	2020-03-27 21:20:45.385262000 +0530
>@@ -1,7 +1,7 @@
> # Created by: Michael Johnson <ahze@FreeBSD.org>
> # $FreeBSD: head/graphics/poppler-glib/Makefile 528853 2020-03-21 12:57:09Z tcberner $
> 
>-PORTREVISION=	1
>+PORTREVISION=	2
> 
> COMMENT=	GLib bindings to poppler
> 

You probably want to bump PORTREVISION for poppler-utils as well because the patch modifies the code under utils.
Comment 10 Ashish SHUKLA freebsd_committer 2020-03-28 08:52:24 UTC
Created attachment 212778 [details]
Update diff

- Bumped PORTREVISION for all poppler ports
Comment 11 Tobias C. Berner freebsd_committer 2020-03-28 13:50:38 UTC
If you feel the benefit of having a direct link to upstream is outweighed by the possibility of the checksum going out of date, please include at least the commit message / url to the patch in the top of the patches. 
This greatly improves the upgrade process, when the next version comes around.

mfg Tobias
Comment 12 Tobias C. Berner freebsd_committer 2020-03-28 15:12:58 UTC
Poppler 0.87 just got released :) -- which hopefully already includes the fix.
Comment 13 Tobias C. Berner freebsd_committer 2020-03-28 15:40:38 UTC
Please commit this as an intermediate solution until 0.87 has been exp-run.

It's no good to have broken viewers in ports :)

mfg Tobias
Comment 14 commit-hook freebsd_committer 2020-03-28 15:58:26 UTC
A commit references this bug:

Author: ashish
Date: Sat Mar 28 15:57:27 UTC 2020
New revision: 529740
URL: https://svnweb.freebsd.org/changeset/ports/529740

Log:
  - Add patches from upstream to fix segmentation fault with PDF files
    which include links

  PR:		245093
  Approved by:	tcberner (from desktop@)

Changes:
  head/graphics/poppler/Makefile
  head/graphics/poppler/files/
  head/graphics/poppler/files/patch-glib_poppler-action.cc
  head/graphics/poppler/files/patch-utils_HtmlOutputDev.cc
  head/graphics/poppler-glib/Makefile
  head/graphics/poppler-qt5/Makefile
  head/graphics/poppler-utils/Makefile