The document from the URL contains the following instructions: -154618632.50 -154618337.52 m 154619012.66 -154618337.52 l 154619012.66 154619307.65 l -154618632.50 154619307.65 l -154618632.50 -154618337.52 l W* which will be capped to INT_MAX resp. INT_MIN when converted to integer. Passing INT_MIN to pathscan.c's fz_idiv will however result in an unchecked overflow, making fz_boundgel return an invalid rectangle. Fixing this bug will result in further issues and assertions...
Wow, big numbers! A more "correct" solution would involve clipping the line segments to the bounding box when we insert them into the edge list. We could put the page bounding box in the edge list struct without too much difficulty.
Fixed. I also needed to clamp the float values to a range representable by integers.