gs crashed with SIGSEGV in gx_num_components_ICC()

Bug #856766 reported by Till Kamppeter on 2011-09-22
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Fix Released
ghostscript (Ubuntu)

Bug Description

I have run the following command line in a terminal window:

cat ~/ghostscript/testfiles/CityMap-evince-pdftopdf.pdf | /usr/bin/gs -dQUIET -dPARANOIDSAFER -dNOPAUSE -dBATCH -dNOINTERPOLATE -sDEVICE=cups -sstdout=%stderr -sOutputFile=%stdout -sMediaType=Plain -sOutputType=0 -r300x600 -dMediaPosition=7 -dDEVICEWIDTHPOINTS=612 -dDEVICEHEIGHTPOINTS=792 -dcupsBitsPerColor=8 -dcupsColorOrder=0 -dcupsColorSpace=17 -dcupsInteger0=2 -scupsPageSizeName=Letter -I/usr/share/cups/fonts -c -f -_ > out.raster

Output is as follows:

INFO: Start rendering...
INFO: Processing page 1...
sfopen: gs_parse_file_name failed.
sfopen: gs_parse_file_name failed.
  ./base/gsicc_manage.c:866: gsicc_open_search(): Could not find ps_gray.icc
| ./base/gsicc_manage.c:198: gsicc_initialize_iccsmask(): failed to load gray smask profile
Segmentation fault (core dumped)

Input file CityMap-evince-pdftopdf.pdf attached.

ProblemType: Crash
DistroRelease: Ubuntu 11.10
Package: ghostscript 9.04~dfsg-0ubuntu8
ProcVersionSignature: Ubuntu 3.0.0-11.18-generic 3.0.4
Uname: Linux 3.0.0-11-generic x86_64
ApportVersion: 1.23-0ubuntu1
Architecture: amd64
Date: Thu Sep 22 22:03:31 2011
EcryptfsInUse: Yes
ExecutablePath: /usr/bin/gs
MachineType: LENOVO 7417CTO
Papersize: a4
 Socket 0:
   product info: "MoGo Mouse BT", " ", "", ""
 Socket 0:
   5.0V 16-bit PC Card
   Subdevice 0 (function 0) [unbound]
ProcCmdline: /usr/bin/gs -dQUIET -dPARANOIDSAFER -dNOPAUSE -dBATCH -dNOINTERPOLATE -sDEVICE=cups -sstdout=%stderr -sOutputFile=%stdout -sMediaType=Plain -sOutputType=0 -r300x600 -dMediaPosition=7 -dDEVICEWIDTHPOINTS=612 -dDEVICEHEIGHTPOINTS=792 -dcupsBitsPerColor=8 -dcupsColorOrder=0 -dcupsColorSpace=17 -dcupsInteger0=2 -scupsPageSizeName=Letter -I/usr/share/cups/fonts -c -f -_
 PATH=(custom, user)
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.0.0-11-generic root=/dev/mapper/hostname-root ro quiet splash vt.handoff=7
 Segfault happened at: 0x7f5a31ad9dc4 <gx_num_components_ICC+4>: movzbl (%rax),%eax
 PC (0x7f5a31ad9dc4) ok
 source "(%rax)" (0x00000000) not located in a known VMA region (needed readable region)!
 destination "%eax" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: ghostscript
 gx_num_components_ICC (pcs=0xaaa1c8) at ./base/gsicc.c:235
 zcurrentcolor (i_ctx_p=<optimized out>) at ./psi/zcolor.c:98
 interp (pi_ctx_p=0x8733e8, pref=<optimized out>, perror_object=0x7fffe3436680) at ./psi/interp.c:1539
 gs_call_interp (perror_object=0x7fffe3436680, pexit_code=0x7fffe343669c, user_errors=1, pref=<optimized out>, pi_ctx_p=0x8733e8) at ./psi/interp.c:490
 gs_interpret (pi_ctx_p=0x8733e8, pref=<optimized out>, user_errors=1, pexit_code=0x7fffe343669c, perror_object=0x7fffe3436680) at ./psi/interp.c:448
Title: gs crashed with SIGSEGV in gx_num_components_ICC()
UpgradeStatus: Upgraded to oneiric on 2009-12-18 (643 days ago)
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare 10/13/2009
dmi.bios.vendor: LENOVO
dmi.bios.version: 7UET79WW (3.09 ) 7417CTO
dmi.board.vendor: LENOVO
dmi.board.version: Not Available
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: Not Available
dmi.modalias: dmi:bvnLENOVO:bvr7UET79WW(3.09):bd10/13/2009:svnLENOVO:pn7417CTO:pvrThinkPadT400:rvnLENOVO:rn7417CTO:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: 7417CTO
dmi.product.version: ThinkPad T400
dmi.sys.vendor: LENOVO

Till Kamppeter (till-kamppeter) wrote :
visibility: private → public
Changed in ghostscript (Ubuntu):
importance: Undecided → Medium
status: New → Confirmed
description: updated
Till Kamppeter (till-kamppeter) wrote :
Till Kamppeter (till-kamppeter) wrote :

The input command line comes from bug 842411, bug 842435, and bug 853918, whose stack traces look very similar.

Thank you for taking the time to report this crash and helping to make Ubuntu better. This particular crash has already been reported and is a duplicate of bug #842435, so is being marked as such. Please look at the other bug report to see if there is any missing information that you can provide, or to see if there is a workaround for the bug. Additionally, any further discussion regarding the bug should occur in the other report. Please continue to report any other bugs you may find.

tags: removed: need-amd64-retrace
Till Kamppeter (till-kamppeter) wrote :

Reverted the duplicate relationship with bug 842435 as this bug contains the information to reproduce the bug now.

Garry, please attch your input file, error_log, and captured job file to this bug report. Thanks.

Till Kamppeter (till-kamppeter) wrote :

Marked also bug 842411 and bug 853918 as duplicate. The input command lines and the crashes are very similar.

Garry, malus, can you also attach the input file, error_log, and captured job file for these bugs to this bug? Thanks.

Changed in gs-gpl:
importance: Unknown → Medium
status: Unknown → Confirmed
Changed in ghostscript (Ubuntu):
milestone: none → ubuntu-11.10
importance: Medium → High
status: Confirmed → In Progress
Changed in ghostscript (Ubuntu):
status: In Progress → Fix Committed
Till Kamppeter (till-kamppeter) wrote :

Complete fix for this bug (fix of the crash + finding the color profiles) is uploaded as ghostscript 9.04~dfsg-0ubuntu10, waiting for approval.

Till Kamppeter (till-kamppeter) wrote :

The patches are applied upstream now and the upstream bug is marked as fixed.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ghostscript - 9.04~dfsg-0ubuntu10

ghostscript (9.04~dfsg-0ubuntu10) oneiric; urgency=low

  * debian/patches/1001_dont-crash-when-not-finding-icc-profile.patch:
    Upodated patch to not only prevent the crash but also actually finding
    the color profiles (Complete fix for LP: #856766, Upstream bug 692532).
 -- Till Kamppeter <email address hidden> Fri, 23 Sep 2011 17:08:31 +0200

Changed in ghostscript (Ubuntu):
status: Fix Committed → Fix Released
Changed in gs-gpl:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.