This file (an HP technical manual): http://www.ccs.neu.edu/~jfaulkne/c00368802.pdf causes evince to crash when scrolling past page 6 or so. Under compiz & X, it freezes with the following error: Xlib: unexpected async reply (sequence 0x105e)! Xlib: sequence lost (0x10000 > 0x110c) in reply type 0x0 Under icewm in an NX session, it crashes with this error: Floating point exception (core dumped) This problem doesn't occur on OpenSuse 11.0, which uses a slightly older version of evince (evince-2.22.1.1-26.1). Reproducible: Always Portage 2.2_rc13 (default/linux/amd64/2008.0, gcc-4.1.2, glibc-2.6.1-r0, 2.6.27.6 x86_64) ================================================================= System uname: Linux-2.6.27.6-x86_64-Intel-R-_Xeon-R-_CPU_X3210_@_2.13GHz-with-glibc2.2.5 Timestamp of tree: Sun, 16 Nov 2008 16:07:01 +0000 app-shells/bash: 3.2_p33 dev-java/java-config: 1.3.7, 2.1.6 dev-lang/python: 2.5.2-r7 dev-util/cmake: 2.4.6-r1 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r2 sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -fomit-frame-pointer -s" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -pipe -fomit-frame-pointer -s" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks parallel-fetch preserve-libs protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LANG="en_US.UTF-8" LC_ALL="en_US.UTF-8" LDFLAGS="-Wl,-O1" LINGUAS="en en_US" MAKEOPTS="-j5" PKGDIR="/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/news/tmp" PORTDIR="/var/news/portage" PORTDIR_OVERLAY="/usr/local/portage-overlay" SYNC="rsync://jove.eng.yale.edu/gentoo-portage" USE="X a52 aac acpi alsa amd64 apache2 bash-completion berkdb branding bzip2 cairo cdr cli cracklib crypt cups dbus dri dts dvb dvd dvdr dvdread encode firefox flac fortran gdbm gif glitz gnome gpm gstreamer gtk iconv imagemagick isdnlog jpeg kdeenablefinal kdehiddenvisibility lame ldap libnotify lzma lzo mailwrapper mbox midi mmap mmx mp3 mudflap multilib mysql mythtv ncurses nptl nptlonly offensive ogg opengl openmp pam pcre pda perl png pppd python readline reflection samba session spell spl sse sse2 ssl startup-notification svg sysfs tcpd threads tiff truetype unicode usb vim-syntax vorbis wavpack xorg xulrunner xv xvid xvmc zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif so speling status unique_id userdir" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_US" USERLAND="GNU" VIDEO_CARDS="nv nvidia vesa vga" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
This one is fonts/toolchain. Freetype makes a mess dividing by 0. Upstream thinks it's GCC, though. Doesn't happen on 32-bit platforms according to upstream who is on x86, using gcc 4.1.2. I can reproduce with gcc-4.3.2 on amd64 and so can poppler upstream with 4.2.3 on amd64. List of links to peruse: http://lists.gnu.org/archive/html/freetype-devel/2008-08/msg00023.html http://bugs.freedesktop.org/show_bug.cgi?id=17045 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494350 Backtrace: Program received signal SIGFPE, Arithmetic exception. [Switching to Thread 0x423bd950 (LWP 7193)] 0x00007f9dc863b47e in cff_parse_real (start=0x7f9dc11e56eb "\237\036y\232\231@/\036�", limit=<value optimized out>, power_ten=0, scaling=0x0) at /usr/src/debug/media-libs/freetype-2.3.7/freetype-2.3.7/src/cff/cffparse.c:361 361 if ( ( number / power_tens[fraction_length] ) > 0x7FFFL ) (gdb) bt #0 0x00007f9dc863b47e in cff_parse_real (start=0x7f9dc11e56eb "\237\036y\232\231@/\036�", limit=<value optimized out>, power_ten=0, scaling=0x0) at /usr/src/debug/media-libs/freetype-2.3.7/freetype-2.3.7/src/cff/cffparse.c:361 #1 0x00007f9dc863b5d0 in cff_parse_num (d=<value optimized out>) at /usr/src/debug/media-libs/freetype-2.3.7/freetype-2.3.7/src/cff/cffparse.c:389 #2 0x00007f9dc863b849 in cff_parser_run (parser=<value optimized out>, start=<value optimized out>, limit=0x7f9dc11e5731 "") at /usr/src/debug/media-libs/freetype-2.3.7/freetype-2.3.7/src/cff/cffparse.c:782 #3 0x00007f9dc863f9ad in cff_subfont_load (font=0x7f9dbd20d398, idx=<value optimized out>, font_index=<value optimized out>, stream=0x7f9dbc008c10, base_offset=0) at /usr/src/debug/media-libs/freetype-2.3.7/freetype-2.3.7/src/cff/cffload.c:1309 #4 0x00007f9dc863fe5e in cff_face_init (stream=0x7f9dbc008c10, cffface=0x7f9dbd20c830, face_index=0, num_params=<value optimized out>, params=<value optimized out>) at /usr/src/debug/media-libs/freetype-2.3.7/freetype-2.3.7/src/cff/cffload.c:1429 #5 0x00007f9dc861faaf in open_face (driver=0xc56590, stream=0x7f9dbc008c10, face_index=0, num_params=0, params=0x0, aface=0x423bc868) at /usr/src/debug/media-libs/freetype-2.3.7/freetype-2.3.7/src/base/ftobjs.c:1072 #6 0x00007f9dc8621eee in FT_Open_Face (library=0xc51970, args=0x423bc8c0, face_index=0, aface=0x423bc9e0) at /usr/src/debug/media-libs/freetype-2.3.7/freetype-2.3.7/src/base/ftobjs.c:1794 #7 0x00007f9dc8622cb2 in FT_New_Face (library=0x7f9dc11e56eb, pathname=<value optimized out>, face_index=0, aface=0xfffffffe) at /usr/src/debug/media-libs/freetype-2.3.7/freetype-2.3.7/src/base/ftobjs.c:1133 #8 0x00007f9dcad3c84d in _ft_new_face (lib=0xc51970, filename=0x7f9dbc1ebb20 "/tmp/EVXFYy", face_out=0x423bca78, font_face_out=0x423bca70) at CairoFontEngine.cc:202 #9 0x00007f9dcad3cd28 in CairoFont::create (gfxFont=0x7f9dbc00d820, xref=0xbe0de0, lib=0xc51970, useCIDs=1) at CairoFontEngine.cc:319 #10 0x00007f9dcad3d0bf in CairoFontEngine::getFont (this=0xc57350, gfxFont=0x7f9dbc00d820, xref=0xbe0de0) at CairoFontEngine.cc:563 #11 0x00007f9dcad3ff3a in CairoOutputDev::updateFont (this=0xc51800, state=0x7f9dbc00ebe0) at CairoOutputDev.cc:411 #12 0x00007f9dc6ba1afd in Gfx::opShowText (this=0x7f9dbc1cbc80, args=0x423bcbf0, numArgs=0) at Gfx.cc:3213 #13 0x00007f9dc6b99fdc in Gfx::go (this=0x7f9dbc1cbc80, topLevel=1) at Gfx.cc:642 #14 0x00007f9dc6b9d286 in Gfx::display (this=0x7f9dbc1cbc80, obj=0x423bcf20, topLevel=1) at Gfx.cc:611 #15 0x00007f9dc6bde6b0 in Page::displaySlice (this=0xbbf330, out=0xc51800, hDPI=72, vDPI=72, rotate=<value optimized out>, useMediaBox=<value optimized out>, crop=1, sliceX=-1, sliceY=-1, sliceW=-1, sliceH=-1, printing=0, catalog=0xbe0e80, abortCheckCbk=0, abortCheckCbkData=0x0, annotDisplayDecideCbk=0, annotDisplayDecideCbkData=0x0) at Page.cc:438 #16 0x00007f9dcad38c57 in _poppler_page_render (page=0x7f9dbc18e230, cairo=0x7f9dbc0430d0, printing=0) at poppler-page.cc:530 #17 0x00007f9dc0f907ad in pdf_document_render (document=<value optimized out>, rc=0x7f9dbc18d320) at ev-poppler.cc:477 #18 0x00000000004229d1 in ev_job_render_run (job=0x1470c40) at ev-jobs.c:512 #19 0x0000000000420260 in ev_job_thread_proxy (data=<value optimized out>) at ev-job-scheduler.c:183 #20 0x00007f9dc8e84724 in g_thread_create_proxy (data=0xbe64a0) at gthread.c:635 #21 0x00007f9dc98df037 in start_thread (arg=<value optimized out>) at pthread_create.c:297 #22 0x00007f9dc8b9d9fd in clone () from /lib/libc.so.6 #23 0x0000000000000000 in ?? ()
Turned out to not be a compiler bug after all.
+*freetype-2.3.7-r1 (01 Jan 2009) + + 01 Jan 2009; Peter Alfredsen <loki_val@gentoo.org> + +files/freetype-2.3.7-b.g.o-247104.patch, + +files/freetype-2.3.7-b.g.o-253029.patch, + +files/freetype-2.3.7-fix-incorrect-scaling.patch, + +files/freetype-2.3.7-no-segfault-on-load_mac_face.patch, + +freetype-2.3.7-r1.ebuild: + Fix bug 247104, segfault in cffparse.c:361, bug 253029, missing letters in + certain fonts, thanks to Andreas Turriff for the patch-pointer. Also + import patches for alien bugs: http://bugs.debian.org/487101, segfault + when building certain fonts and + http://savannah.nongnu.org/bugs/index.php?23973 , incorrect scaling of + certain fonts. +
