FS#21850 - [xpdf] crashes on startup

Attached to Project: Arch Linux
Opened by Rémy Oudompheng (remyoudompheng) - Saturday, 27 November 2010, 12:34 GMT
Last edited by Gaetan Bisson (vesath) - Saturday, 12 February 2011, 12:21 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Gaetan Bisson (vesath)
Architecture x86_64
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
xpdf crashes on startup with any number of arguments.

Additional info:
* xpdf 3.02_pl5-1
* lesstif 0.95.2-2
* libxt 1.0.9-1

* gdb backtrace:
#0 0x00007ffff6485595 in raise () from /lib/libc.so.6
#1 0x00007ffff6486a16 in abort () from /lib/libc.so.6
#2 0x00007ffff64bf2cb in ?? () from /lib/libc.so.6
#3 0x00007ffff64c4676 in ?? () from /lib/libc.so.6
#4 0x00007ffff6f7ea82 in ?? () from /usr/lib/libX11.so.6
#5 0x00007ffff75662de in XpmCreatePixmapFromData (display=0x7a1320, d=75497634, data=0x7778e0, pixmap_return=0x7fffffffe1f8,
shapemask_return=0x0, attributes=0x0) at XpmCrPFrDat.c:122
#6 0x00000000004c97cf in XPDFViewer::mapWindow (this=0x7ebde0) at XPDFViewer.cc:2046
#7 0x00000000004c1bb5 in XPDFViewer::XPDFViewer (this=0x7ebde0, appA=0x79ccb0, fileName=0x0, pageA=1, destName=0x0, fullScreen=0,
ownerPassword=0x0, userPassword=0x0) at XPDFViewer.cc:289
#8 0x00000000004b815a in XPDFApp::open (this=0x79ccb0, fileName=0x0, page=1, ownerPassword=0x0, userPassword=0x0) at XPDFApp.cc:228
#9 0x00000000004d3c8f in main (argc=1, argv=0x7fffffffe468) at xpdf.cc:311

* valgrind report:
==17151== Invalid write of size 8
==17151== at 0x5396332: PutPixel32 (Xpmcreate.c:1896)
==17151== by 0x5397407: ParseAndPutPixels (Xpmcreate.c:2423)
==17151== by 0x5396E5E: xpmParseDataAndCreate (Xpmcreate.c:2248)
==17151== by 0x5397EB6: XpmCreateImageFromData (XpmCrIFrDat.c:117)
==17151== by 0x5398285: XpmCreatePixmapFromData (XpmCrPFrDat.c:107)
==17151== by 0x4C97CE: XPDFViewer::mapWindow() (XPDFViewer.cc:2046)
==17151== by 0x4C1BB4: XPDFViewer::XPDFViewer(XPDFApp*, GString*, int, GString*, int, GString*, GString*) (XPDFViewer.cc:289)
==17151== by 0x4B8159: XPDFApp::open(GString*, int, GString*, GString*) (XPDFApp.cc:228)
==17151== by 0x4D3C8E: main (xpdf.cc:311)
==17151== Address 0x7e944cc is 9,212 bytes inside a block of size 9,216 alloc'd
==17151== at 0x4C2519D: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17151== by 0x5394F2F: CreateXImage (Xpmcreate.c:1057)
==17151== by 0x5396C23: xpmParseDataAndCreate (Xpmcreate.c:2187)
==17151== by 0x5397EB6: XpmCreateImageFromData (XpmCrIFrDat.c:117)
==17151== by 0x5398285: XpmCreatePixmapFromData (XpmCrPFrDat.c:107)
==17151== by 0x4C97CE: XPDFViewer::mapWindow() (XPDFViewer.cc:2046)
==17151== by 0x4C1BB4: XPDFViewer::XPDFViewer(XPDFApp*, GString*, int, GString*, int, GString*, GString*) (XPDFViewer.cc:289)
==17151== by 0x4B8159: XPDFApp::open(GString*, int, GString*, GString*) (XPDFApp.cc:228)
==17151== by 0x4D3C8E: main (xpdf.cc:311)

Steps to reproduce:
* run xpdf
This task depends upon

Closed by  Gaetan Bisson (vesath)
Saturday, 12 February 2011, 12:21 GMT
Reason for closing:  Works for me
Additional comments about closing:  please reopen if/when you have new insight on this
Comment by Gaetan Bisson (vesath) - Saturday, 27 November 2010, 14:34 GMT
I can't reproduce that. Does it only happen on one specific computer? Is it fixed if you rebuild the package?
Comment by Rémy Oudompheng (remyoudompheng) - Saturday, 27 November 2010, 14:51 GMT
I seem to be the only one affected, rebuilding xpdf/libxt/lesstif (with "-O0 -ggdb3") did not fix the issue. The crash is deterministic and does not happen on another (i686) box.
Comment by Gaetan Bisson (vesath) - Saturday, 27 November 2010, 15:25 GMT
Apparently, some people have had similar bugs which went away in mysterious circumstances, e.g. https://bugs.launchpad.net/ubuntu/+source/xpdf/+bug/249444

Anyway, I don't think I can give you debugging advice that you won't think of by yourself... So good luck. :)

Loading...