`__throw_length_error` in Poppler’s `GooString::appendfv()`
Steps to reproduce:
- Build Inkscape from branch 0.92.x (commit 424477f6) and Poppler 0.78.0
inkscape example.pdf
What happened?
Inkscape encountered an internal error and will close now.
What should have happened?
No crash.
Inkscape Version and Operating System:
$ inkscape -V # build outside git from https://gitlab.com/inkscape/inkscape/-/archive/424477f665adb9996045d92026ceecb2eeb22dbe/inkscape-424477f665adb9996045d92026ceecb2eeb22dbe.tar.bz2
Inkscape 0.92.4 (unknown)
Backtrace
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
set = {__val = {0, 0, 4630333735634468864, 0, 4618863630333509632, 0, 7954883314163414131, 8030606865272960103, 4613937818241073266, 0, 4630333735634468864, 0, 4618863630333509632, 0, 0, 0}}
pid = <optimized out>
tid = <optimized out>
ret = <optimized out>
#1 0x00007fffee0eacb1 in __GI_abort () at abort.c:79
save_stage = 1
act = {__sigaction_handler = {sa_handler = 0x7fffee460760 <_IO_helper_jumps>, sa_sigaction = 0x7fffee460760 <_IO_helper_jumps>}, sa_mask = {__val = {140737190975104, 140737190957728, 140737190975235, 140737190954848, 140737187594049, 20, 140737194667864, 140737488347200, 32686208, 140737277582896, 35, 32653248, 140737351950268, 32689720, 140737351970872, 140737190975552}}, sa_flags = -296746608, sa_restorer = 0x1f2ce38}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007fffee5031a5 in __gnu_cxx::__verbose_terminate_handler () at /scratch/local/bee-root/gcc/gcc-7.3.0-2/source/libstdc++-v3/libsupc++/vterminate.cc:95
terminating = true
t = <optimized out>
#3 0x00007fffee500f96 in __cxxabiv1::__terminate (handler=<optimized out>) at /scratch/local/bee-root/gcc/gcc-7.3.0-2/source/libstdc++-v3/libsupc++/eh_terminate.cc:47
No locals.
#4 0x00007fffee500fe1 in std::terminate () at /scratch/local/bee-root/gcc/gcc-7.3.0-2/source/libstdc++-v3/libsupc++/eh_terminate.cc:57
No locals.
#5 0x00007fffee501223 in __cxxabiv1::__cxa_throw (obj=obj@entry=0x1f24160, tinfo=0x7fffee7e4a60 <typeinfo for std::length_error>, dest=0x7fffee516310 <std::length_error::~length_error()>) at /scratch/local/bee-root/gcc/gcc-7.3.0-2/source/libstdc++-v3/libsupc++/eh_throw.cc:93
globals = <optimized out>
header = 0x1f240e0
#6 0x00007fffee5297ff in std::__throw_length_error (__s=0x7ffff36e2f26 "basic_string::append") at /scratch/local/bee-root/gcc/gcc-7.3.0-2/source/libstdc++-v3/src/c++11/functexcept.cc:78
No locals.
#7 0x00007ffff35947f1 in GooString::appendfv(char const*, __va_list_tag*) () from /usr/lib/libpoppler.so.89
No symbol table info available.
#8 0x00007ffff3594ac8 in GooString::formatv(char const*, __va_list_tag*) () from /usr/lib/libpoppler.so.89
No symbol table info available.
#9 0x00007ffff35d967c in error(ErrorCategory, long long, char const*, ...) () from /usr/lib/libpoppler.so.89
No symbol table info available.
#10 0x00007ffff3657b7c in PDFDoc::PDFDoc(GooString const*, GooString const*, GooString const*, void*) () from /usr/lib/libpoppler.so.89
No symbol table info available.
#11 0x00007ffff7010bc0 in Inkscape::Extension::Internal::PdfInput::open(Inkscape::Extension::Input*, char const*) () from /pkg/inkscape-0.92.4-1/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#12 0x00007ffff6f71e28 in Inkscape::Extension::Input::open(char const*) () from /pkg/inkscape-0.92.4-1/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#13 0x00007ffff6f7507a in Inkscape::Extension::open(Inkscape::Extension::Extension*, char const*) () from /pkg/inkscape-0.92.4-1/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#14 0x00007ffff750555a in sp_file_open(Glib::ustring const&, Inkscape::Extension::Extension*, bool, bool) () from /pkg/inkscape-0.92.4-1/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#15 0x000000000040a3ef in sp_main_gui(int, char const**) ()
No symbol table info available.
#16 0x00007fffee0d6b5e in __libc_start_main (main=0x405c80 <main>, argc=2, argv=0x7fffffffe7a8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe798) at ../csu/libc-start.c:308
self = <optimized out>
result = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -1835911502201536509, 4219296, 140737488349088, 0, 0, 1835910957127778307, 1835872899262922755}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x7fffffffe7c0, 0x7ffff7ffe170}, data = {prev = 0x0, cleanup = 0x0, canceltype = -6208}}}
not_first_call = <optimized out>
#17 0x00000000004061ca in _start () at ../sysdeps/x86_64/start.S:120
No locals.