SIGSEGV in NewXMLTree ()

Post any defects you find in the released or beta versions of the ImageMagick software here. Include the ImageMagick version, OS, and any command-line required to reproduce the problem. Got a patch for a bug? Post it here.
Post Reply
xfyre

SIGSEGV in NewXMLTree ()

Post by xfyre »

We're using ImageMagick-6.2.4. After we upgraded to this version, we start receiving occasional segmentation faults in our background perl scripts. Turning on perl debugging reveals the following stacktrace:

Core was generated by `perl5.8.8-dbg'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/CORE/libperl.so...done.
Reading symbols from /usr/lib/libm.so.2...done.
Reading symbols from /usr/lib/libcrypt.so.2...done.
Reading symbols from /usr/lib/libutil.so.3...done.
Reading symbols from /usr/lib/libc.so.4...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/List/Util/Util.so...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/Time/HiRes/HiRes.so...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/Sys/Hostname/Hostname.so...done.
Reading symbols from /usr/local/lib/perl5/site_perl/5.8.8/mach/auto/DBI/DBI.so...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/IO/IO.so...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/Fcntl/Fcntl.so...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/Socket/Socket.so...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/MIME/Base64/Base64.so...done.
Reading symbols from /usr/local/lib/perl5/site_perl/5.8.8/mach/auto/DBD/mysql/mysql.so...done.
Reading symbols from /opt/mysql/lib/mysql/libmysqlclient.so.14...done.
Reading symbols from /usr/lib/libz.so.2...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/Storable/Storable.so...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/POSIX/POSIX.so...done.
Reading symbols from /usr/local/lib/perl5/site_perl/5.8.8/mach/auto/Image/Magick/Magick.so...done.
Reading symbols from /usr/local/lib/libMagick.so.10...done.
Reading symbols from /usr/local/lib/libWand.so.10...done.
Reading symbols from /usr/local/lib/libtiff.so.4...done.
Reading symbols from /usr/local/lib/libjpeg.so.9...done.
Reading symbols from /usr/local/lib/libpng.so.5...done.
Reading symbols from /usr/local/lib/perl5/site_perl/5.8.8/mach/auto/Lingua/Stem/Snowball/Snowball.so...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/Encode/Encode.so...done.
Reading symbols from /usr/local/lib/perl5/5.8.8/mach/auto/Digest/MD5/MD5.so...done.
Reading symbols from /usr/libexec/ld-elf.so.1...done.
#0 0x48503ac2 in NewXMLTree () from /usr/local/lib/libMagick.so.10
(gdb) bt
#0 0x48503ac2 in NewXMLTree () from /usr/local/lib/libMagick.so.10
#1 0x484b1b77 in FormatImageProperty () from /usr/local/lib/libMagick.so.10
#2 0x484b3238 in GetImageProperty () from /usr/local/lib/libMagick.so.10
#3 0x484b5ce4 in SetImageProfile () from /usr/local/lib/libMagick.so.10
#4 0x4858e891 in UnregisterYUVImage () from /usr/local/lib/libMagick.so.10
#5 0x4877f88a in read_markers () from /usr/local/lib/libjpeg.so.9
#6 0x4877d79b in consume_markers () from /usr/local/lib/libjpeg.so.9
#7 0x4877be37 in jpeg_consume_input () from /usr/local/lib/libjpeg.so.9
#8 0x4877bd53 in jpeg_read_header () from /usr/local/lib/libjpeg.so.9
#9 0x4858ed0e in UnregisterYUVImage () from /usr/local/lib/libMagick.so.10
#10 0x48441ec7 in ReadImage () from /usr/local/lib/libMagick.so.10
#11 0x483df561 in XS_Image__Magick_Read () from /usr/local/lib/perl5/site_perl/5.8.8/mach/auto/Image/Magick/Magick.so
#12 0x480e2176 in Perl_pp_entersub () from /usr/local/lib/perl5/5.8.8/mach/CORE/libperl.so
#13 0x480db259 in Perl_runops_standard () from /usr/local/lib/perl5/5.8.8/mach/CORE/libperl.so
#14 0x48089062 in S_run_body () from /usr/local/lib/perl5/5.8.8/mach/CORE/libperl.so
#15 0x48088d27 in perl_run () from /usr/local/lib/perl5/5.8.8/mach/CORE/libperl.so
#16 0x8049094 in main (argc=3, argv=0xbfbff6c0, env=0xbfbff6d0) at perlmain.c:99
(gdb)

This situation is not reproducible with particular images, it just occurs from time to time (frequency is unpredictable).
User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: SIGSEGV in NewXMLTree ()

Post by magick »

Try the latest release of ImageMagick. It has a memory corruption patch to the XML tree. If the problem persists with the lastest release, let us know.
xfyre

Re: SIGSEGV in NewXMLTree ()

Post by xfyre »

magick wrote:Try the latest release of ImageMagick. It has a memory corruption patch to the XML tree. If the problem persists with the lastest release, let us know.
We've just tried version 6.3.6 Q8, seems like it still has the same issue:

(gdb) bt
#0 0x4850603a in NewXMLTree () from /usr/local/lib/libMagick.so.10
#1 0x484b32ff in FormatImageProperty () from /usr/local/lib/libMagick.so.10
#2 0x484b49c0 in GetImageProperty () from /usr/local/lib/libMagick.so.10
#3 0x484b7468 in SetImageProfile () from /usr/local/lib/libMagick.so.10
#4 0x48592a3d in UnregisterYUVImage () from /usr/local/lib/libMagick.so.10
#5 0x4878a88a in read_markers () from /usr/local/lib/libjpeg.so.9
#6 0x4878879b in consume_markers () from /usr/local/lib/libjpeg.so.9
#7 0x48786e37 in jpeg_consume_input () from /usr/local/lib/libjpeg.so.9
#8 0x48786d53 in jpeg_read_header () from /usr/local/lib/libjpeg.so.9
#9 0x48592eba in UnregisterYUVImage () from /usr/local/lib/libMagick.so.10
#10 0x48442d6f in ReadImage () from /usr/local/lib/libMagick.so.10
#11 0x483dfaa9 in XS_Image__Magick_Read () from /usr/local/lib/perl5/site_perl/5.8.8/mach/auto/Image/Magick/Magick.so
User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: SIGSEGV in NewXMLTree ()

Post by magick »

The next time you encounter this fault, post a URL to the image it failed on. The trace looks like it was processing a corrupt JPEG image profile or a profile ImageMagick could not process. We need to inspect the profile to determine where the problem is. Ideally you would identify 2 or 3 of these images so we can inspect them.
xfyre

Re: SIGSEGV in NewXMLTree ()

Post by xfyre »

magick wrote:The next time you encounter this fault, post a URL to the image it failed on. The trace looks like it was processing a corrupt JPEG image profile or a profile ImageMagick could not process. We need to inspect the profile to determine where the problem is. Ideally you would identify 2 or 3 of these images so we can inspect them.
This is not repeatable on a particular image, we've already tried to reproduce the issue. One time the same image can cause failure and text time it doesn't.
User avatar
mi
Posts: 123
Joined: 2005-01-25T14:14:43-07:00
Contact:

Re: SIGSEGV in NewXMLTree ()

Post by mi »

xfyre wrote:This is not repeatable on a particular image, we've already tried to reproduce the issue. One time the same image can cause failure and text time it doesn't.
Please, offer ImageMagick the image(s), with which you've observed the crash even if it is not reliably reproducible.

Armed with tools like valgrind or Purify they may be able to figure out, what's wrong, anyway.
Post Reply