[Bug: 21.4.21] Segfault on reading png

[Aidan Kehoe]

Hi Adam, 

I’ve put the CC to xemacs-beta@ back in place. 

 Ar an séú lá is fiche de mí Meitheamh, scríobh Adam Sjøgren: 

 > On Thu, 26 Jun 2008 14:20:07 +0200, Aidan wrote:
 > 
 > > Your crash and that commit should be independent; the problem fixed
 > > triggered an assertion failure on debug builds (normally the beta
 > > ones), and your build isn’t a debug build, I guess. (The
 > > report-xemacs-bug mail seems to have been lost to the aether :-/ ) .
 > 
 > I reported the bug with the stock Ubuntu 8.04 XEmacs packages at
 > first. From the feedback I got, I built libpng and XEmacs with debug
 > nostrip noopt and reproduced the crash and reported that.
 > 
 > > If you have compiled XEmacs yourself--which is necessary to avoid the
 > > other bug you reported--use the debug flags, and provoke the problem
 > > with GDB. The exact line number of where things are going wrong would
 > > be real help.
 > 
 > Is this following good, or do I need to do something more?
 > 
 > $ file /usr/bin/xemacs /etc/alternatives/xemacs /usr/bin/xemacs21 /etc/alternatives/xemacs21 /usr/bin/xemacs21-mule  /usr/bin/xemacs-21.4.21-mule 
 > /usr/bin/xemacs:              symbolic link to `/etc/alternatives/xemacs'
 > /etc/alternatives/xemacs:     symbolic link to `/usr/bin/xemacs21'
 > /usr/bin/xemacs21:            symbolic link to `/etc/alternatives/xemacs21'
 > /etc/alternatives/xemacs21:   symbolic link to `/usr/bin/xemacs21-mule'
 > /usr/bin/xemacs21-mule:       symbolic link to `xemacs-21.4.21-mule'
 > /usr/bin/xemacs-21.4.21-mule: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), for GNU/Linux 2.6.8, dynamically linked (uses shared libs), not stripped
 > $ ldd /usr/bin/xemacs | grep libpng
 >         libpng12.so.0 => /usr/lib/libpng12.so.0 (0x00002b7d5cf4f000)
 > $ file /usr/lib/libpng12.so.0 /usr/lib/libpng12.so.0.27.0 
 > /usr/lib/libpng12.so.0:      symbolic link to `libpng12.so.0.27.0'
 > /usr/lib/libpng12.so.0.27.0: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), not stripped
 > $ ulimit -c unlimited
 > $ xemacs --vanilla /usr/lib/xemacs-21.4.21/etc/custom/reset-up.png

 [...]

 > Program terminated with signal 11, Segmentation fault.
 > [New process 23617]
 > #0  0x00002b14d59fd527 in kill () from /lib/libc.so.6
 > (gdb) where
 > #0  0x00002b14d59fd527 in kill () from /lib/libc.so.6
 > #1  0x000000000048db5e in fatal_error_signal (sig=11) at emacs.c:642
 > #2  <signal handler called>
 > #3  0x00002b14d5a42bcb in free () from /lib/libc.so.6
 > #4  0x00002b14d448d1c2 in ?? () from /usr/lib/libX11.so.6
 > #5  0x00000000005d434c in x_init_image_instance_from_eimage (ii=0xddd980, width=63, height=19, slices=1, 
 >     eimage=0xdc8a60 "%G���������������������������������������������������������������������������������������������%@}}{%G������%@..., dest_mask=-1, instantiator=13665648, domain=13542112) at glyphs-x.c:988
 > #6  0x0000000000531f5a in png_instantiate (image_instance=<value optimized out>, instantiator=13665648, pointer_fg=<value optimized out>, 
 >     pointer_bg=<value optimized out>, dest_mask=-1, domain=13542112) at glyphs-eimage.c:1045
 > #7  0x0000000000527983 in instantiate_image_instantiator (governing_domain=10795328, domain=13542112, instantiator=13665648, pointer_fg=47368518132976, 
 >     pointer_bg=47368518132976, dest_mask=-1, glyph=47368518132976) at glyphs.c:776
 > #8  0x000000000052c1ab in make_image_instance_1 (data=13665648, domain=13542112, dest_types=47368518132976) at glyphs.c:1476

[...]

I would be super-interested in the values of ximage, of ximage->f, and of
ximage->f.destroy_image in that stack frame. You’ll need to do something
like the following within GDB to have that shown:

(gdb) up 6
(gdb) p ximage
(gdb) p ximage->f
(gdb) p ximage->f.destroy_image

Thanks for investigating this, 

Aidan

-- 
¿Dónde estará ahora mi sobrino Yoghurtu Nghé, que tuvo que huir
precipitadamente de la aldea por culpa de la escasez de rinocerontes?