Bug 403061 - Segmentation fault in gx_image_end ()
Segmentation fault in gx_image_end ()
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ImageMagick (Show other bugs)
x86_64 Linux
low Severity urgent
: rc
: ---
Assigned To: Jan Horak
Depends On:
  Show dependency treegraph
Reported: 2007-11-28 11:02 EST by Robert Scheck
Modified: 2014-07-06 13:00 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-06-03 07:39:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Robert Scheck 2007-11-28 11:02:36 EST
Description of problem:
[root@rhel5 tux]# gdb convert
GNU gdb Red Hat Linux (6.5-16.el5rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...Using host libthread_db
library "/lib64/libthread_db.so.1".

(gdb) run -quality 100 -colorspace RGB -bordercolor black -border 1 -density 200
-geometry 275x382 tmp_ddcdt0ueckg78tgrqepgcnc167-1196262988_0.15437400.pdf
Starting program: /usr/bin/convert -quality 100 -colorspace RGB -bordercolor
black -border 1 -density 200 -geometry 275x382
[Thread debugging using libthread_db enabled]
[New Thread 46912502986192 (LWP 8979)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 46912502986192 (LWP 8979)]
gx_image_end (info=0x0, draw_last=0) at src/gximage.c:211
211         return info->procs->end_image(info, draw_last);
(gdb) bt
#0  gx_image_end (info=0x0, draw_last=0) at src/gximage.c:211
#1  0x00000038a635769d in bbox_image_end_image (info=0x1dc1b428, draw_last=0) at
#2  0x00000038a6357d1b in bbox_begin_typed_image (dev=0x1dc180a8,
pis=0x1d8a3b18, pmat=0x1d8a3b88, pic=0x7fff07ead078, prect=0x0,
pdcolor=0x1dc07a78, pcpath=0x1dc077b0, memory=0x1d81d0d8, pinfo=0x1dc08280)
    at src/gdevbbox.c:1019
#3  0x00000038a6351040 in make_mcdex_default (dev=0x1dbc79c8, pis=0x1d8a3b18,
pmat=0x1d8a3b88, pic=0x7fff07ead078, prect=0x0, pdcolor=0x1dc07a78,
pcpath=0x1dc077b0, mem=0x1d81d0d8, pinfo=0x1dc08280,
    pmcdev=0x7fff07ead1e8, midev=0x7fff07ead1d0, pminfo=0x7fff07ead1c0,
origin=0x7fff07ead1b0, pim=0x7fff07ead320) at src/gximag3x.c:546
#4  0x00000038a63523bb in gx_begin_image3x_generic (dev=0x1dbc79c8,
pis=0x1d8a3b18, pmat=0x1d8a3b88, pic=0x7fff07ead320, prect=0x0,
pdcolor=0x1dc07a78, pcpath=0x1dc077b0, mem=0x1d81d0d8,
    make_mid=0x38a6351090 <make_midx_default>, make_mcde=0x38a6350f90
<make_mcdex_default>, pinfo=0x7fff07ead2e0) at src/gximag3x.c:285
#5  0x00000038a6352a2e in gx_begin_image3x (dev=0x0, pis=0x0, pmat=0x0,
pic=0xfffffff1, prect=0x1dbc7e80, pdcolor=0x0, pcpath=0x1dc077b0,
mem=0x1d81d0d8, pinfo=0x7fff07ead2e0) at src/gximag3x.c:563
#6  0x00000038a64a3fe4 in gs_image_begin_typed (pic=0x7fff07ead320,
pgs=0x1d8a3b18, uses_color=0, ppie=0x7fff07ead2e0) at src/gsimage.c:168
#7  0x00000038a632eda4 in zimage_setup (i_ctx_p=0x1d8bfc00, pim=0x7fff07ead320,
sources=0x7fff07ead5f8, uses_color=0, npop=498892416) at src/zimage.c:137
#8  0x00000038a63505b5 in zimage3x (i_ctx_p=0x1d8bfc00) at src/ztrans.c:361
#9  0x00000038a630ca42 in gs_interpret (pi_ctx_p=0x38a69741d0, pref=<value
optimized out>, user_errors=1, pexit_code=0x7fff07eade6c,
perror_object=0x7fff07eade50) at src/interp.c:1122
#10 0x00000038a6303622 in gs_main_interpret (minst=0x38a6973f60, pref=0x0,
user_errors=1, pexit_code=0x7fff07eade6c, perror_object=0x7fff07eade50) at
#11 0x00000038a630384e in gs_main_run_string_end (minst=0x0, user_errors=0,
pexit_code=0xfffffff1, perror_object=0x1dbc7e80) at src/imain.c:600
#12 0x00000038a6304780 in run_string (minst=0x0, str=0x0, options=2) at
#13 0x00000038a6304e85 in runarg (minst=0x38a6973f60, pre=0x38a6510a95 "",
arg=0x1d8c4cc0 "/tmp/magick-XXrasOOk", post=0x38a64f4608 ".runfile",
options=<value optimized out>) at src/imainarg.c:768
#14 0x00000038a6305048 in argproc (minst=0x38a6973f60, arg=<value optimized
out>) at src/imainarg.c:703
#15 0x00000038a6305711 in swproc (minst=0x38a6973f60, arg=<value optimized out>,
pal=0x7fff07eae790) at src/imainarg.c:392
#16 0x00000038a630673e in gs_main_init_with_args (minst=0x38a6973f60, argc=16,
argv=<value optimized out>) at src/imainarg.c:209
#17 0x00002aaaae63fc21 in ReadPDFImage (image_info=<value optimized out>,
exception=0x7fff07eb9630) at coders/pdf.c:156
#18 0x00002aaaaab1328d in ReadImage (image_info=0x1d802740,
exception=0x7fff07eb9630) at magick/constitute.c:389
#19 0x00002aaaaaeae660 in ConvertImageCommand (image_info=dwarf2_read_address:
Corrupted DWARF expression.
) at wand/convert.c:492
#20 0x0000000000400c3e in main (argc=15, argv=0x7fff07eb9788) at
#21 0x0000003c86e1d8a4 in __libc_start_main () from /lib64/libc.so.6
#22 0x0000000000400a89 in _start ()

Version-Release number of selected component (if applicable):

How reproducible:
Everytime with the correct (wrong) input files.

Actual results:
Segmentation fault.

Expected results:
Working stuff... ;-)

Additional info:
I can't provide you the *.pdf file, because it's confidential. Let me know, if
it is really required to reproduce/fix etc.
Comment 1 Robert Scheck 2007-12-11 18:30:54 EST
This bug report can be only reproduced, if you've got the x86_64 version of the
following packages (including the dependencies of course) installed. Note, that
the exact version doesn't matter, because that annoying bug is currently on the
whole RHEL5 release.

[root@rhel5 tux]# rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n'
ImageMagick ghostscript
[root@rhel5 tux]# 
[root@rhel5 tux]# echo $?
[root@rhel5 tux]# 

You won't be able to reproduce this bug, if the i386 version is installed. IMHO
the ghostscript x86_64 version is just broken and should be fixed.
Comment 2 Robert Scheck 2007-12-11 18:42:04 EST
Oh, ImageMagick- was just an own build to try whether it also
happends there, but it happends on ImageMagick- as well:

[root@rhel5 tux]# /usr/bin/convert -quality 100 -colorspace RGB -bordercolor
black -border 1 -density 200 -geometry 275x38 foo.pdf foo.jpg
Segmentation fault
[root@rhel5 tux]# 
[root@rhel5 tux]# echo $?
[root@rhel5 tux]# 
[root@rhel5 tux]# rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n'
ImageMagick ghostscript
[root@rhel5 tux]# 

The only currently possible workaround is to replace ImageMagick and ghostscript
x86_64 completely by i386:

[root@rhel5 tux]# /usr/bin/convert -quality 100 -colorspace RGB -bordercolor
black -border 1 -density 200 -geometry 275x38 foo.pdf foo.jpg
[root@rhel5 tux]# 
[root@rhel5 tux]# echo $?
[root@rhel5 tux]# 
[root@rhel5 tux]# rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n'
ImageMagick ghostscript
[root@rhel5 tux]# 
Comment 3 Robert Scheck 2008-11-01 15:00:52 EDT
Comment 4 RHEL Product and Program Management 2014-03-07 07:36:51 EST
This bug/component is not included in scope for RHEL-5.11.0 which is the last RHEL5 minor release. This Bugzilla will soon be CLOSED as WONTFIX (at the end of RHEL5.11 development phase (Apr 22, 2014)). Please contact your account manager or support representative in case you need to escalate this bug.
Comment 5 RHEL Product and Program Management 2014-06-03 07:39:34 EDT
Thank you for submitting this request for inclusion in Red Hat Enterprise Linux 5. We've carefully evaluated the request, but are unable to include it in RHEL5 stream. If the issue is critical for your business, please provide additional business justification through the appropriate support channels (https://access.redhat.com/site/support).

Note You need to log in before you can comment on or make changes to this bug.