Bug 579548 - [abrt] openjpeg: crash in evince-2.28.2-1.fc12: Process /usr/bin/evince-thumbnailer was killed by signal 11 (SIGSEGV)
Summary: [abrt] openjpeg: crash in evince-2.28.2-1.fc12: Process /usr/bin/evince-thumb...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: openjpeg
Version: 14
Hardware: x86_64
OS: Linux
low
medium
Target Milestone: ---
Assignee: Callum Lerwick
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: abrt_hash:dba3e160ffbd0393d7833c3ac30...
: 560504 574832 639177 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-04-05 19:49 UTC by Alan Hamilton
Modified: 2010-12-02 19:15 UTC (History)
9 users (show)

Fixed In Version: openjpeg-1.3-10.fc13
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-11-26 01:09:35 UTC
Type: ---


Attachments (Terms of Use)
File: backtrace (21.29 KB, text/plain)
2010-04-05 19:49 UTC, Alan Hamilton
no flags Details
git diff patch (3.90 KB, patch)
2010-10-01 14:17 UTC, Tomas Hoger
no flags Details | Diff

Description Alan Hamilton 2010-04-05 19:49:10 UTC
abrt 1.0.8 detected a crash.

architecture: x86_64
Attached file: backtrace
cmdline: evince-thumbnailer -s 128 file:///tmp/20090929151707_Alternatives_Process_B-P.pdf /tmp/.gnome_desktop_thumbnail.KMPFAV
comment: Open PDF at http://www.cahighspeedrail.ca.gov/images/chsr/20090929151707_Alternatives_Process_B-P.pdf.  Evince crashes immediately.
component: evince
executable: /usr/bin/evince-thumbnailer
kernel: 2.6.32.10-90.fc12.x86_64
package: evince-2.28.2-1.fc12
rating: 4
reason: Process /usr/bin/evince-thumbnailer was killed by signal 11 (SIGSEGV)
release: Fedora release 12 (Constantine)

How to reproduce
-----
1. Load PDF at http://www.cahighspeedrail.ca.gov/images/chsr/20090929151707_Alternatives_Process_B-P.pdf

Comment 1 Alan Hamilton 2010-04-05 19:49:11 UTC
Created attachment 404553 [details]
File: backtrace

Comment 2 Marek Kašík 2010-04-13 14:54:42 UTC
Hi,

the PDF is broken and the viewer crashes inside of openjpeg-libs during decoding of an embedded jpeg.
I think that function opj_image_create0() doesn't allocate image correctly and when opj_image_destroy() is called then it crashes (in j2k_decode()).
Btw, it is also reproducible with pdftops.

Thank you for the PDF Alan

Marek

P.S.: I'm reassigning this to openjpeg

Comment 3 Marek Kašík 2010-04-14 08:59:25 UTC
*** Bug 574832 has been marked as a duplicate of this bug. ***

Comment 4 Marek Kašík 2010-04-14 09:06:11 UTC
*** Bug 560504 has been marked as a duplicate of this bug. ***

Comment 5 Tomas Hoger 2010-06-30 06:55:19 UTC
(In reply to comment #2)
> I think that function opj_image_create0() doesn't allocate image correctly and
> when opj_image_destroy() is called then it crashes (in j2k_decode()).

PDF file referenced in comment #0 is no longer available for download, but I tracked crash on some other PDF to the same problem.  opj_image_create0() is expected to calloc() memory, rather than malloc() (without memsetting to 0), which may later lead to attempt to use or free uninitialized pointer, leading to crash.

It seems this problem was introduced upstream shortly before 1.3 release:
  http://code.google.com/p/openjpeg/source/detail?r=467

This commit changes opj_malloc to not memset 0 all allocated memory, and opj_calloc is rather used where needed.  However, opj_image_create0() was not fixed, which was corrected shortly after 1.3, but there does not seem to be any release containing this fix:
  http://code.google.com/p/openjpeg/source/detail?r=501

Comment 6 Tomas Hoger 2010-09-30 14:15:25 UTC
Ping.

Comment 7 Adam Hough 2010-09-30 23:47:37 UTC
*** Bug 639177 has been marked as a duplicate of this bug. ***

Comment 8 Adam Hough 2010-09-30 23:48:56 UTC
The PDF I uploaded in 574832 still crashes evince for me.

Comment 9 Tomas Hoger 2010-10-01 10:27:43 UTC
Can you test if these packages fixes the crash for you?

http://koji.fedoraproject.org/koji/taskinfo?taskID=2505823

Comment 10 Adam Hough 2010-10-01 14:01:25 UTC
That openjpeg update made it work for me.

Comment 11 Tomas Hoger 2010-10-01 14:17:58 UTC
Created attachment 451025 [details]
git diff patch

As the scratch build above will be garbage collected after some time, attaching patch witch changes it has on top of current Rawhide version.  Adds patch for bug #609385 too.

Comment 12 Tom Lane 2010-10-01 14:32:08 UTC
We really need to restart the non-responsive maintainer process on this package --- see bug #492218.

Comment 13 Bug Zapper 2010-11-03 17:48:51 UTC
This message is a reminder that Fedora 12 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 12.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '12'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 12's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 12 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping

Comment 14 Adam Hough 2010-11-23 15:16:46 UTC
This bug should have been closed out as soon as openjpeg-1.3-9.1 or greater was pushed to Fedora 13.

Comment 15 Tomas Hoger 2010-11-23 15:26:26 UTC
(In reply to comment #14)
> This bug should have been closed out as soon as openjpeg-1.3-9.1 or greater was
> pushed to Fedora 13.

This is what Fedora currently has:

Fedora-12: http://koji.fedoraproject.org/packages/openjpeg/1.3/6.fc12
Fedora-13: http://koji.fedoraproject.org/packages/openjpeg/1.3/7.fc13
Fedora-14: http://koji.fedoraproject.org/packages/openjpeg/1.3/9.fc14
Fedora-Rawhide: http://koji.fedoraproject.org/packages/openjpeg/1.3/9.fc14

openjpeg-1.3-9.1 seems to refer to my testing patch NVR in comment #11.

Comment 16 Adam Hough 2010-11-23 15:35:53 UTC
Anyway to get 1.3-9.1 pushed to F13 and F14? Since I seem to be running a new version then what is in F14 as well?

Comment 17 Tom Lane 2010-11-23 15:40:49 UTC
The reason no push has occurred is that the package maintainer is AWOL.  I'd be happy to take ownership of this package in Fedora (it'd make sense since I maintain it in RHEL), but the non-responsive-maintainer process seems to be stalled.  See comments above.

Comment 18 Adam Hough 2010-11-23 15:55:13 UTC
Is Callium still the maintainer? or is it someone else now?

Comment 19 Tom Lane 2010-11-23 16:17:49 UTC
Callum is still the nominal maintainer.  He hasn't responded to my request for commit privs, nor indeed to anything else in about a year.  See bug #492218.

Comment 20 Fedora Update System 2010-11-23 16:40:44 UTC
openjpeg-1.3-10.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/openjpeg-1.3-10.fc14

Comment 21 Fedora Update System 2010-11-23 16:41:34 UTC
openjpeg-1.3-10.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/openjpeg-1.3-10.fc13

Comment 22 Fedora Update System 2010-11-23 17:14:24 UTC
openjpeg-1.3-10.fc12 has been submitted as an update for Fedora 12.
https://admin.fedoraproject.org/updates/openjpeg-1.3-10.fc12

Comment 23 Fedora Update System 2010-11-23 21:49:26 UTC
openjpeg-1.3-10.fc14 has been pushed to the Fedora 14 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update openjpeg'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/openjpeg-1.3-10.fc14

Comment 24 Fedora Update System 2010-11-26 01:09:25 UTC
openjpeg-1.3-10.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 25 Fedora Update System 2010-12-02 19:15:38 UTC
openjpeg-1.3-10.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.