Package: libgraphicsmagick3 Version: 1.3.12-1 Severity: important See bug #609535 for the background (and it would be a shame to lose psiconv to this bug).
psiconv recently fell foul of needing to call InitializeMagick, so I supplied a patch for that. It cures simple use cases, but on trying to convert a multiple-image file, it gives the following crash: lt-psiconv: magick/semaphore.c:526: LockSemaphoreInfo: Assertion `semaphore_info->signature == 0xabacadabUL' failed. Program received signal SIGABRT, Aborted. 0x0012e416 in __kernel_vsyscall () (gdb) where #0 0x0012e416 in __kernel_vsyscall () #1 0x00948941 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #2 0x0094be42 in abort () at abort.c:92 #3 0x009418e8 in __assert_fail (assertion=0x3be6d0 "semaphore_info->signature == 0xabacadabUL", file=0x3be68c "magick/semaphore.c", line=526, function=0x3be771 "LockSemaphoreInfo") at assert.c:81 #4 0x0026ae02 in LockSemaphoreInfo () from /usr/lib/libGraphicsMagick.so.3 #5 0x001a3812 in ReferenceBlob () from /usr/lib/libGraphicsMagick.so.3 #6 0x00233bc3 in SyncNextImageInList () from /usr/lib/libGraphicsMagick.so.3 #7 0x0039efeb in ?? () from /usr/lib/libGraphicsMagick.so.3 #8 0x001eaf56 in WriteImage () from /usr/lib/libGraphicsMagick.so.3 #9 0x001a68b1 in ImageToBlob () from /usr/lib/libGraphicsMagick.so.3 #10 0x0804a893 in image_to_list (list=0x8059fd0, image=0x80bb120, dest=<value optimized out>) at gen_image.c:98 #11 0x0804aa54 in gen_image_list (config=<value optimized out>, list=<value optimized out>, sections=<value optimized out>, dest=0x804ea8a "TIFF") at gen_image.c:163 #12 0x0804aba0 in gen_clipart (config=0x8059d98, list=0x8059fd0, file=0x8059fc0, dest=0x804ea8a "TIFF", encoding_type=ENCODING_UTF8) at gen_image.c:193 #13 gen_image (config=0x8059d98, list=0x8059fd0, file=0x8059fc0, dest=0x804ea8a "TIFF", encoding_type=ENCODING_UTF8) at gen_image.c:222 #14 0x08049b96 in main (argc=2, argv=0xbffff0f4) at psiconv.c:298 Unfortunately there’s no libmagick3-dbg, so there’s no more information about what’s going on inside the library. However, when I run with valgrind: ==31530== Memcheck, a memory error detector ==31530== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al. ==31530== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info ==31530== Command: /home/rrt/download/psiconv-0.9.8/.libs/lt-psiconv examples/Clipart ==31530== ==31530== Conditional jump or move depends on uninitialised value(s) ==31530== at 0x403100C: psiconv_config_read (configuration.c:295) ==31530== by 0x8049A01: main (psiconv.c:227) ==31530== ==31530== Invalid read of size 4 ==31530== at 0x4184D82: LockSemaphoreInfo (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x40BD811: ReferenceBlob (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x414DBC2: SyncNextImageInList (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x42B8FEA: ??? (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x4104F55: WriteImage (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x40C08B0: ImageToBlob (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x804A892: image_to_list (gen_image.c:98) ==31530== by 0x804AA53: gen_image_list (gen_image.c:163) ==31530== by 0x804AB9F: gen_image (gen_image.c:193) ==31530== by 0x8049B95: main (psiconv.c:298) ==31530== Address 0x54c4e88 is 24 bytes inside a block of size 28 free'd ==31530== at 0x40257ED: free (vg_replace_malloc.c:366) ==31530== by 0x4152E63: MagickFree (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x4184EC9: DestroySemaphoreInfo (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x40C1606: DestroyBlob (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x414DBAE: SyncNextImageInList (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x42B8FEA: ??? (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x4104F55: WriteImage (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x40C08B0: ImageToBlob (in /usr/lib/libGraphicsMagick.so.3.6.0) ==31530== by 0x804A892: image_to_list (gen_image.c:98) ==31530== by 0x804AA53: gen_image_list (gen_image.c:163) ==31530== by 0x804AB9F: gen_image (gen_image.c:193) ==31530== by 0x8049B95: main (psiconv.c:298) ==31530== lt-psiconv: magick/semaphore.c:526: LockSemaphoreInfo: Assertion `semaphore_info->signature == 0xabacadabUL' failed. ==31530== ==31530== HEAP SUMMARY: ==31530== in use at exit: 5,516,490 bytes in 2,930 blocks ==31530== total heap usage: 8,125 allocs, 5,195 frees, 16,177,481 bytes allocated ==31530== ==31530== LEAK SUMMARY: ==31530== definitely lost: 2,996 bytes in 72 blocks ==31530== indirectly lost: 48 bytes in 3 blocks ==31530== possibly lost: 55,234 bytes in 271 blocks ==31530== still reachable: 5,458,212 bytes in 2,584 blocks ==31530== suppressed: 0 bytes in 0 blocks ==31530== Rerun with --leak-check=full to see details of leaked memory ==31530== What seems to be happening is that libgraphicsmagick is accessing memory that it has already freed (note that the report of the block freed is inside the same call into graphicsmagick as the eventual crash). I checked that the innermost call frame of actual psiconv code, gen_image.c:98, is only run once, so the free and the incorrect access are definitely on the same call into graphicsmagick, hence it looks like a graphicsmagick bug. -- System Information: Debian Release: squeeze/sid APT prefers maverick-updates APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500, 'maverick-backports'), (500, 'maverick') Architecture: i386 (i686) Kernel: Linux 2.6.35-24-generic (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libgraphicsmagick3 depends on: ii libbz2-1.0 1.0.5-4ubuntu1 high-quality block-sorting file co ii libc6 2.12.1-0ubuntu10.1 Embedded GNU C Library: Shared lib ii libfreetype6 2.4.2-2ubuntu0.1 FreeType 2 font engine, shared lib ii libgomp1 4.5.1-7ubuntu2 GCC OpenMP (GOMP) support library ii libice6 2:1.0.6-1 X11 Inter-Client Exchange library ii libjasper1 1.900.1-7 The JasPer JPEG-2000 runtime libra ii libjpeg62 6b-16.1 The Independent JPEG Group's JPEG ii liblcms1 1.18.dfsg-1ubuntu2.10.10.1 Color management library ii libltdl7 2.2.6b-2ubuntu1 A system independent dlopen wrappe ii libpng12-0 1.2.44-1 PNG library - runtime ii libsm6 2:1.1.1-1 X11 Session Management library ii libtiff4 3.9.4-2 Tag Image File Format (TIFF) libra ii libwmf0.2-7 0.2.8.4-7ubuntu2 Windows metafile conversion librar ii libx11-6 2:1.3.3-3ubuntu1 X11 client-side library ii libxext6 2:1.1.2-1 X11 miscellaneous extension librar ii libxml2 2.7.7.dfsg-4ubuntu0.1 GNOME XML library ii zlib1g 1:1.2.3.4.dfsg-3ubuntu1 compression library - runtime Versions of packages libgraphicsmagick3 recommends: ii ghos 8.71.dfsg.2-0ubuntu7 The GPL Ghostscript PostScript/PDF ii gsfo 1:8.11+urwcyr1.0.7~pre44-4.2ubuntu1 Fonts for the Ghostscript interpre Versions of packages libgraphicsmagick3 suggests: pn graphicsmagick-dbg <none> (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org