PDF Viewer Shows "Sad Plugin" on specific files
Reported by
nticomp...@gmail.com,
Aug 8 2016
|
||||||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0 Steps to reproduce the problem: Open a specific PDF file either from the web or local What is the expected behavior? PDF is viewable with built-in plugin What went wrong? The browser crashes with a "sad plugin" and shows the following in my terminal: nticompass@ArchLinux Downloads % chromium Report.pdf [25069:25069:0808/122533:ERROR:sandbox_linux.cc(343)] InitializeSandbox() called with multiple threads in process gpu-process. Received signal 6 #0 0x561b7107a24e <unknown> #1 0x561b7107a629 <unknown> #2 0x7fdee5a940a0 <unknown> #3 0x7fdee3edc08f __GI_raise #4 0x7fdee3edd4ba __GI_abort #5 0x561b74fdf5b2 <unknown> #6 0x561b74fdf877 <unknown> #7 0x561b74fd6faa <unknown> #8 0x561b74fd8b3b <unknown> #9 0x561b74f7c07e <unknown> #10 0x561b7104d857 <unknown> #11 0x561b71054b01 <unknown> #12 0x561b7105d583 <unknown> #13 0x561b7105b19c <unknown> #14 0x561b73984500 <unknown> #15 0x561b74990558 <unknown> #16 0x561b7494dc01 <unknown> #17 0x561b710e94fd <unknown> #18 0x561b7109995d <unknown> #19 0x561b7109a56d <unknown> #20 0x561b7109a858 <unknown> #21 0x561b7109c349 <unknown> #22 0x561b710b3bd4 <unknown> #23 0x561b71098895 <unknown> #24 0x561b7524a863 <unknown> #25 0x561b710470de <unknown> #26 0x561b710475e8 <unknown> #27 0x561b71046829 <unknown> #28 0x561b70ba3fca ChromeMain #29 0x7fdee3ec92d1 __libc_start_main #30 0x561b70ba3e79 _start r8: 0000000000000000 r9: 00007ffd0e13fc40 r10: 0000000000000008 r11: 0000000000000246 r12: 0000000000000015 r13: 0000000000000645 r14: 00007ffd0e13ff40 r15: 0000000000000013 di: 0000000000000002 si: 00007ffd0e13fc40 bp: 00000000ffffffe9 bx: 0000000000000006 dx: 0000000000000000 ax: 0000000000000000 cx: 00007fdee3edc08f sp: 00007ffd0e13fcb8 ip: 00007fdee3edc08f efl: 0000000000000246 cgf: 002b000000000033 erf: 0000000000000000 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000 [end of stack trace] Crashed report ID: How much crashed? Just one plugin Is it a problem with a plugin? Yes Chromium PDF Viewer Did this work before? N/A Chrome version: 52.0.2743.85 Channel: dev OS Version: 4.6.4-1-ARCH Flash Version: 22.0.0.209 Most PDFs work fine, but there are some specific ones that do not. The one I am using here, I cannot provide because it contains confidential information. If it helps, the PDF was created with "Amyuni PDF Converter version 4.0.0.7".
,
Aug 10 2016
nticompass@Could you please check the issue on latest dev 54.0.2824.0 and provide crash ID from chrome://crashes if issue still persists for further triaging the issue.
,
Aug 10 2016
I installed Chrome Canary 54.0.2825.0 and opened one of the PDF files. The PDF viewer crashed. Opening chrome://crashes, I see the following Crash ID: ba75743a-3cf8-4549-86ea-02a794a258d2
,
Aug 10 2016
It also had the following Server ID: Server ID: 50bbc38100000000
,
Aug 10 2016
Is Report.pdf available somewhere? BTW, the crash as seen on your terminal is useless because there's no debugging symbols. Every frame shows up as <unknown>.
,
Aug 10 2016
If the PDF that triggers the crash can be attached to this bug, or perhaps shared with me via email, then I can verify any fixes we make actually works. Note to self: See also crash id 1a94a38100000000
,
Aug 10 2016
I realize that all the symbols say <unknown>, I guess the version of Chromium in Arch Linux doesn't have debugging symbols. The PDF file contains private info, so I can't post it here.
,
Aug 10 2016
I've emailed a PDF file to you that can hopefully help.
,
Aug 10 2016
It is very helpful. The PDF hint table stream contains a value that's close to UINT_MAX. The PDFium code does not like that and just commits suicide. It's not obvious if the value is valid, and PDFium is interpreting it incorrectly, or if the PDF generator wrote out a bad value. Need to read the PDF spec a bit more to answer that question. In any case, PDFium can definitely improve and handle this situation more gracefully. Since it's only a hint table, it is not required to load the PDF.
,
Aug 10 2016
Assuming I read the spec correctly, the PDF generation software is writing out PDFs with bad values in the shared object hint table. In the PDF 1.7 spec, Table F.6 says the entry we have with 4294967252 as the value should be interpreted as follows: "A number that, when added to the least shared object group length (Table F.5, item 6), gives the length of the object group in bytes." The value to be added is 32, giving us 4294967284 bytes... The PDF isn't that big. The crash looks something like the following from running pdfium_test. #0 0x00007ffff695ec37 in __GI_raise (sig=sig@entry=6) at raise.c:56 #1 0x00007ffff6962028 in __GI_abort () at abort.c:89 #2 0x0000000000d50690 in pdfium::base::checked_cast<int, unsigned int> (value=4294967273) at third_party/base/numerics/safe_conversions.h:29 #3 0x0000000000d4f747 in CPDF_HintTables::ReadSharedObjHintTable (this=0x1d36080, hStream=0x7fffffffcea0, offset=412) at core/fpdfapi/fpdf_parser/cpdf_hint_tables.cpp:309 #4 0x0000000000d500c3 in CPDF_HintTables::LoadHintStream (this=0x1d36080, pHintStream=0x1d35c80) at core/fpdfapi/fpdf_parser/cpdf_hint_tables.cpp:458 #5 0x0000000000d3b6df in CPDF_DataAvail::CheckHintTables (this=0x1d3ac50, pHints=0x7fffffffd138) at core/fpdfapi/fpdf_parser/cpdf_data_avail.cpp:779 #6 0x0000000000d3a450 in CPDF_DataAvail::CheckDocStatus (this=0x1d3ac50, pHints=0x7fffffffd138) at core/fpdfapi/fpdf_parser/cpdf_data_avail.cpp:276 #7 0x0000000000d3a397 in CPDF_DataAvail::IsDocAvail (this=0x1d3ac50, pHints=0x7fffffffd138) at core/fpdfapi/fpdf_parser/cpdf_data_avail.cpp:213 #8 0x0000000000cab02c in FPDFAvail_IsDocAvail (avail=0x1d38400, hints=0x7fffffffd2b0) at fpdfsdk/fpdf_dataavail.cpp:129
,
Aug 12 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e5d65196d13bbea473bd8c8b0cc481e12155543f commit e5d65196d13bbea473bd8c8b0cc481e12155543f Author: thestig <thestig@chromium.org> Date: Fri Aug 12 04:09:23 2016 Roll PDFium 85af2a3..d0b6ed1 https://pdfium.googlesource.com/pdfium.git/+log/85af2a3..d0b6ed1 BUG= 603489 , 635565 , 635663 TBR=ochang@chromium.org Review-Url: https://codereview.chromium.org/2237223003 Cr-Commit-Position: refs/heads/master@{#411548} [modify] https://crrev.com/e5d65196d13bbea473bd8c8b0cc481e12155543f/DEPS
,
Aug 12 2016
Will be fixed in 54.0.2828.0 and newer.
,
Oct 11 2016
Issue 654708 has been merged into this issue. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ligim...@chromium.org
, Aug 9 2016