Dragging on the loading page for certain PDFs leads to a crash
Expected behavior
Nothing
Actual behavior
Crashes while sending this to stderr:
*** longjmp causes uninitialized stack frame ***: terminated
warning: Ignoring error during interpretation
zsh: IOT instruction /bin/zathura perf-zine.pdf
Steps to Reproduce
- Download https://jvns.ca/perf-zine.pdf
- Open perf-zine.pdf with zathura
- Hold Page Down and begin trying to drag
Screen recording
https://files.catbox.moe/2e7g43.mp4
Miscellaneous information
Running zathura 0.5.4-1, zathura-pdf-mupdf 0.4.1-12, and libmupdf 1.23.7-1 all from Arch's repos
gef➤ bt full
#0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=0x6, no_tid=no_tid@entry=0x0) at pthread_kill.c:44
tid = <optimized out>
ret = 0x0
pd = <optimized out>
old_mask = {
__val = {0x555555b75820}
}
ret = <optimized out>
#1 0x00007ffff6d2d8a3 in __pthread_kill_internal (signo=0x6, threadid=<optimized out>) at pthread_kill.c:78
#2 0x00007ffff6cdd668 in __GI_raise (sig=sig@entry=0x6) at ../sysdeps/posix/raise.c:26
ret = <optimized out>
#3 0x00007ffff6cc54b8 in __GI_abort () at abort.c:79
save_stage = 0x1
act = {
__sigaction_handler = {
sa_handler = 0x20,
sa_sigaction = 0x20
},
sa_mask = {
__val = {0x7ffff707f5c0, 0x5555558a1b10, 0x5555558a1b10, 0x0, 0x7ffff71f3128, 0x5555558a1b20, 0xf0f010c90ddec700, 0xffffffffffffff88, 0x0, 0x555555b1a7d0, 0x7ffff6d3c353, 0xffffffffffffff88, 0x0, 0x555555b1a7d0, 0x7ffff6d3c353, 0x1}
},
sa_flags = 0x55b1a7d0,
sa_restorer = 0x19
}
#4 0x00007ffff6cc6390 in __libc_message (fmt=fmt@entry=0x7ffff6e3d2fc "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:150
ap = {{
gp_offset = 0x10,
fp_offset = 0x7fff,
overflow_arg_area = 0x7fffffffc6b0,
reg_save_area = 0x7fffffffc640
}}
fd = 0x2
list = <optimized out>
nlist = <optimized out>
cp = <optimized out>
#5 0x00007ffff6dbdb4b in __GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:24
#6 0x00007ffff6dbcb91 in ____longjmp_chk () at ../sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S:106
#7 0x00007ffff6dbe240 in __longjmp_chk (env=0x555555b64f38, val=<optimized out>) at ../setjmp/longjmp.c:39
#8 0x00007fffd10dfd4a in () at /usr/lib/libmupdf.so
#9 0x00007fffd10dfdb5 in () at /usr/lib/libmupdf.so
#10 0x00007fffd11b16d8 in () at /usr/lib/libmupdf.so
#11 0x00007fffd118e57e in () at /usr/lib/libmupdf.so
#12 0x00007fffd1190e6a in () at /usr/lib/libmupdf.so
#13 0x00007fffd1191383 in pdf_process_raw_contents () at /usr/lib/libmupdf.so
#14 0x00007fffd1191509 in pdf_process_contents () at /usr/lib/libmupdf.so
#15 0x00007fffd1296b93 in () at /usr/lib/libmupdf.so
#16 0x00007fffd1187887 in () at /usr/lib/libmupdf.so
#17 0x00007fffd118e0ac in () at /usr/lib/libmupdf.so
#18 0x00007fffd1190e6a in () at /usr/lib/libmupdf.so
#19 0x00007fffd1191383 in pdf_process_raw_contents () at /usr/lib/libmupdf.so
#20 0x00007fffd1191509 in pdf_process_contents () at /usr/lib/libmupdf.so
#21 0x00007fffd11c089b in () at /usr/lib/libmupdf.so
#22 0x00007fffd11c0c6d in pdf_run_page_contents_with_usage () at /usr/lib/libmupdf.so
#23 0x00007fffd10aa131 in fz_run_page_contents () at /usr/lib/libmupdf.so
#24 0x00007fffd10aa314 in fz_run_page () at /usr/lib/libmupdf.so
#25 0x00007ffff57f1093 in mupdf_page_extract_text (mupdf_document=0x5555556636f0, mupdf_page=mupdf_page@entry=0x5555559c1490) at ../zathura-pdf-mupdf/utils.c:22
ctm = {
a = 1,
b = 0,
c = 0,
d = 1,
e = 0,
f = 0
}
text_device = 0x555555c9de10
#26 0x00007ffff57f158b in pdf_page_get_selection (page=<optimized out>, data=0x5555559c1490, rectangle=..., error=0x0) at ../zathura-pdf-mupdf/select.c:61
mupdf_page = 0x5555559c1490
document = <optimized out>
mupdf_document = <optimized out>
a = {
x = <optimized out>,
y = <optimized out>
}
list = <optimized out>
hits = <optimized out>
#27 0x000055555558679a in cb_zathura_page_widget_motion_notify (widget=0x555555b3eae0, event=event@entry=0x555555cb3190) at ../zathura/page-widget.c:1257
selection = {
x1 = <optimized out>,
y1 = <optimized out>,
x2 = <optimized out>,
y2 = <optimized out>
}
page = 0x555555b3eae0
priv = 0x555555b3e910
document = <optimized out>
__func__ = "cb_zathura_page_widget_motion_notify"
Python Exception <class 'gdb.error'>: value has been optimized out