https://bugzilla.novell.com/show_bug.cgi?id=475495
User mwelinder@gmail.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=475495#c3
Morten Welinder changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW
Info Provider|mwelinder@gmail.com |
--- Comment #3 from Morten Welinder 2009-03-27 16:50:18 MST ---
I still see it.
"evince --version" does not work. "evince --help" does not show version.
(That would be a minor bug itself.)
"rpm -qa | grep evince" says "evince-2.24.1-1.26".
gdb and valgrind logs below. Note that the valgrind run didn't actually
crash even though it spews a lot of scary warnings.
0xb71987c6 in memcpy () from /lib/libc.so.6
(gdb) where
#0 0xb71987c6 in memcpy () from /lib/libc.so.6
#1 0xb0617bf0 in ?? ()
#2 0xb7440eeb in ?? () from /usr/lib/libX11.so.6
#3 0xb74413e4 in XPutImage () from /usr/lib/libX11.so.6
#4 0xb76c5dc4 in _draw_image_surface (surface=0x82c2200,
image=<value optimized out>, src_x=0, src_y=878, width=951, height=33,
dst_x=0, dst_y=878) at cairo-xlib-surface.c:1037
#5 0xb76c99da in _cairo_xlib_surface_clone_similar (
abstract_surface=0x8563660, src=0x8299cb8, src_x=0, src_y=878, width=951,
height=33, clone_out=0xbfffe498) at cairo-xlib-surface.c:1171
#6 0xb76aea43 in _cairo_surface_clone_similar (surface=0x8563660,
src=0x8299cb8, src_x=0, src_y=878, width=951, height=33,
clone_out=0xbfffe498) at cairo-surface.c:1143
#7 0xb76a49a9 in _cairo_pattern_acquire_surface (pattern=0xbfffe29c,
dst=0x8563660, x=6, y=0, width=951, height=33, surface_out=0xbfffe498,
attributes=0xbfffe444) at cairo-pattern.c:1831
#8 0xb76a61dc in _cairo_pattern_acquire_surfaces (src=0x82b1618, mask=0x0,
dst=0x8563660, src_x=6, src_y=0, mask_x=6, mask_y=0, width=951, height=33,
src_out=0xbfffe498, mask_out=0xbfffe494, src_attributes=0xbfffe444,
mask_attributes=0xbfffe3fc) at cairo-pattern.c:2019
#9 0xb76c94c7 in _cairo_xlib_surface_composite (op=CAIRO_OPERATOR_OVER,
src_pattern=0x82b1618, mask_pattern=0x0, abstract_dst=0x8563660, src_x=6,
src_y=0, mask_x=6, mask_y=0, dst_x=6, dst_y=0, width=951, height=33)
at cairo-xlib-surface.c:1662
#10 0xb76ae799 in _cairo_surface_composite (op=CAIRO_OPERATOR_OVER,
src=0x82b1618, mask=0x0, dst=0x8563660, src_x=6, src_y=0, mask_x=6,
mask_y=0, dst_x=6, dst_y=0, width=951, height=33) at cairo-surface.c:1274
#11 0xb76b0d5f in _clip_and_composite_trapezoids (src=0x82b1618,
op=CAIRO_OPERATOR_OVER, dst=0x8563660, traps=0xbfffe6f4, clip=0x0,
antialias=CAIRO_ANTIALIAS_NONE) at cairo-surface-fallback.c:449
#12 0xb76b138a in _cairo_surface_fallback_paint (surface=0x8563660,
op=CAIRO_OPERATOR_OVER, source=0x82b1618) at cairo-surface-fallback.c:704
#13 0xb76adf06 in _cairo_surface_paint (surface=0x8563660,
op=CAIRO_OPERATOR_OVER, source=0xbfffe7e4) at cairo-surface.c:1479
#14 0xb769577e in _cairo_gstate_paint (gstate=0x82a7c98) at cairo-gstate.c:857
#15 0xb768f913 in *INT_cairo_paint (cr=0x8563220) at cairo.c:1936
#16 0x0807b180 in ?? ()
#17 0xb7ca6ec6 in ?? () from /usr/lib/libgtk-x11-2.0.so.0
#18 0xb736c4d9 in ?? () from /usr/lib/libgobject-2.0.so.0
#19 0xb736dd8b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#20 0xb7383dd5 in ?? () from /usr/lib/libgobject-2.0.so.0
#21 0xb73856bb in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#22 0xb7385cb6 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#23 0xb7dbc3fe in ?? () from /usr/lib/libgtk-x11-2.0.so.0
#24 0xb7ca0fcd in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0
#25 0xb7817af5 in ?? () from /usr/lib/libgdk-x11-2.0.so.0
#26 0xb781810f in gdk_window_process_all_updates ()
from /usr/lib/libgdk-x11-2.0.so.0
#27 0xb781813b in ?? () from /usr/lib/libgdk-x11-2.0.so.0
#28 0xb77fb56b in ?? () from /usr/lib/libgdk-x11-2.0.so.0
#29 0xb72d1a71 in ?? () from /usr/lib/libglib-2.0.so.0
#30 0xb72d39a8 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#31 0xb72d7063 in ?? () from /usr/lib/libglib-2.0.so.0
#32 0xb72d7582 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#33 0xb7ca1239 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#34 0x080917cb in ?? ()
#35 0xb7139705 in __libc_start_main () from /lib/libc.so.6
#36 0x0805e071 in ?? ()
G_SLICE=always-malloc valgrind evince ~/foo.ps
==24731== Memcheck, a memory error detector.
==24731== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==24731== Using LibVEX rev 1854, a library for dynamic binary translation.
==24731== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==24731== Using valgrind-3.3.1, a dynamic binary instrumentation framework.
==24731== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==24731== For more details, rerun with: -v
==24731==
==24731== Thread 2:
==24731== Conditional jump or move depends on uninitialised value(s)
==24731== at 0xB4E16E4: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4E1F8C: gs_gc_reclaim (in /usr/lib/libgs.so.8.62)
==24731== by 0xB563C61: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4BA981: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B59B4: interp_reclaim (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4B728D: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B8130: gs_interpret (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4AB8E0: gs_main_run_string_continue (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4ABC85: gs_main_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4B01C6: gsapi_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0x7961B61: spectre_gs_send_string (in
/usr/lib/libspectre.so.1.1.1)
==24731== by 0x79626FD: spectre_device_render (in
/usr/lib/libspectre.so.1.1.1)
==24731==
==24731== Conditional jump or move depends on uninitialised value(s)
==24731== at 0xB4E2062: gs_gc_reclaim (in /usr/lib/libgs.so.8.62)
==24731== by 0xB563C61: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4BA981: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B59B4: interp_reclaim (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4B728D: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B8130: gs_interpret (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4AB8E0: gs_main_run_string_continue (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4ABC85: gs_main_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4B01C6: gsapi_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0x7961B61: spectre_gs_send_string (in
/usr/lib/libspectre.so.1.1.1)
==24731== by 0x79626FD: spectre_device_render (in
/usr/lib/libspectre.so.1.1.1)
==24731== by 0x7962DB3: spectre_page_render (in
/usr/lib/libspectre.so.1.1.1)
==24731==
==24731== Conditional jump or move depends on uninitialised value(s)
==24731== at 0xB4E2067: gs_gc_reclaim (in /usr/lib/libgs.so.8.62)
==24731== by 0xB563C61: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4BA981: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B59B4: interp_reclaim (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4B728D: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B8130: gs_interpret (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4AB8E0: gs_main_run_string_continue (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4ABC85: gs_main_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4B01C6: gsapi_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0x7961B61: spectre_gs_send_string (in
/usr/lib/libspectre.so.1.1.1)
==24731== by 0x79626FD: spectre_device_render (in
/usr/lib/libspectre.so.1.1.1)
==24731== by 0x7962DB3: spectre_page_render (in
/usr/lib/libspectre.so.1.1.1)
==24731==
==24731== Conditional jump or move depends on uninitialised value(s)
==24731== at 0xB4E16E4: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4E20C4: gs_gc_reclaim (in /usr/lib/libgs.so.8.62)
==24731== by 0xB563C61: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4BA981: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B59B4: interp_reclaim (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4B728D: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B8130: gs_interpret (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4AB8E0: gs_main_run_string_continue (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4ABC85: gs_main_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4B01C6: gsapi_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0x7961B61: spectre_gs_send_string (in
/usr/lib/libspectre.so.1.1.1)
==24731== by 0x79626FD: spectre_device_render (in
/usr/lib/libspectre.so.1.1.1)
==24731==
==24731== Thread 1:
==24731== Invalid read of size 1
==24731== at 0x4028AA0: memcpy (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==24731== by 0x4AF820D: (within /usr/lib/libX11.so.6.2.0)
==24731== by 0x4AF8EEA: (within /usr/lib/libX11.so.6.2.0)
==24731== by 0x4AF93E3: XPutImage (in /usr/lib/libX11.so.6.2.0)
==24731== by 0x494FDC3: _draw_image_surface (cairo-xlib-surface.c:1037)
==24731== by 0x49539D9: _cairo_xlib_surface_clone_similar
(cairo-xlib-surface.c:1171)
==24731== by 0x4938A42: _cairo_surface_clone_similar (cairo-surface.c:1143)
==24731== by 0x492E9A8: _cairo_pattern_acquire_surface
(cairo-pattern.c:1831)
==24731== by 0x49301DB: _cairo_pattern_acquire_surfaces
(cairo-pattern.c:2019)
==24731== by 0x49534C6: _cairo_xlib_surface_composite
(cairo-xlib-surface.c:1662)
==24731== by 0x4938798: _cairo_surface_composite (cairo-surface.c:1274)
==24731== by 0x493AD5E: _clip_and_composite_trapezoids
(cairo-surface-fallback.c:449)
==24731== Address 0xdfe7c10 is 0 bytes after a block of size 4,291,560 alloc'd
==24731== at 0x4027DDE: malloc (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==24731== by 0x79628B1: (within /usr/lib/libspectre.so.1.1.1)
==24731== by 0xB5CFA0C: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB74731B: gs_putdeviceparams (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4DAF2F: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B72FC: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B8130: gs_interpret (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4AB8E0: gs_main_run_string_continue (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4ABC85: gs_main_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4B01C6: gsapi_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0x7961B61: spectre_gs_send_string (in
/usr/lib/libspectre.so.1.1.1)
==24731== by 0x79626FD: spectre_device_render (in
/usr/lib/libspectre.so.1.1.1)
==24731==
==24731== Invalid read of size 1
==24731== at 0x4028AAA: memcpy (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==24731== by 0x4AF820D: (within /usr/lib/libX11.so.6.2.0)
==24731== by 0x4AF8EEA: (within /usr/lib/libX11.so.6.2.0)
==24731== by 0x4AF93E3: XPutImage (in /usr/lib/libX11.so.6.2.0)
==24731== by 0x494FDC3: _draw_image_surface (cairo-xlib-surface.c:1037)
==24731== by 0x49539D9: _cairo_xlib_surface_clone_similar
(cairo-xlib-surface.c:1171)
==24731== by 0x4938A42: _cairo_surface_clone_similar (cairo-surface.c:1143)
==24731== by 0x492E9A8: _cairo_pattern_acquire_surface
(cairo-pattern.c:1831)
==24731== by 0x49301DB: _cairo_pattern_acquire_surfaces
(cairo-pattern.c:2019)
==24731== by 0x49534C6: _cairo_xlib_surface_composite
(cairo-xlib-surface.c:1662)
==24731== by 0x4938798: _cairo_surface_composite (cairo-surface.c:1274)
==24731== by 0x493AD5E: _clip_and_composite_trapezoids
(cairo-surface-fallback.c:449)
==24731== Address 0xdfe7c11 is 1 bytes after a block of size 4,291,560 alloc'd
==24731== at 0x4027DDE: malloc (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==24731== by 0x79628B1: (within /usr/lib/libspectre.so.1.1.1)
==24731== by 0xB5CFA0C: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB74731B: gs_putdeviceparams (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4DAF2F: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B72FC: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B8130: gs_interpret (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4AB8E0: gs_main_run_string_continue (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4ABC85: gs_main_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4B01C6: gsapi_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0x7961B61: spectre_gs_send_string (in
/usr/lib/libspectre.so.1.1.1)
==24731== by 0x79626FD: spectre_device_render (in
/usr/lib/libspectre.so.1.1.1)
==24731==
==24731== Invalid read of size 1
==24731== at 0x4028AB3: memcpy (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==24731== by 0x4AF820D: (within /usr/lib/libX11.so.6.2.0)
==24731== by 0x4AF8EEA: (within /usr/lib/libX11.so.6.2.0)
==24731== by 0x4AF93E3: XPutImage (in /usr/lib/libX11.so.6.2.0)
==24731== by 0x494FDC3: _draw_image_surface (cairo-xlib-surface.c:1037)
==24731== by 0x49539D9: _cairo_xlib_surface_clone_similar
(cairo-xlib-surface.c:1171)
==24731== by 0x4938A42: _cairo_surface_clone_similar (cairo-surface.c:1143)
==24731== by 0x492E9A8: _cairo_pattern_acquire_surface
(cairo-pattern.c:1831)
==24731== by 0x49301DB: _cairo_pattern_acquire_surfaces
(cairo-pattern.c:2019)
==24731== by 0x49534C6: _cairo_xlib_surface_composite
(cairo-xlib-surface.c:1662)
==24731== by 0x4938798: _cairo_surface_composite (cairo-surface.c:1274)
==24731== by 0x493AD5E: _clip_and_composite_trapezoids
(cairo-surface-fallback.c:449)
==24731== Address 0xdfe7c12 is 2 bytes after a block of size 4,291,560 alloc'd
==24731== at 0x4027DDE: malloc (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==24731== by 0x79628B1: (within /usr/lib/libspectre.so.1.1.1)
==24731== by 0xB5CFA0C: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB74731B: gs_putdeviceparams (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4DAF2F: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B72FC: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B8130: gs_interpret (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4AB8E0: gs_main_run_string_continue (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4ABC85: gs_main_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4B01C6: gsapi_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0x7961B61: spectre_gs_send_string (in
/usr/lib/libspectre.so.1.1.1)
==24731== by 0x79626FD: spectre_device_render (in
/usr/lib/libspectre.so.1.1.1)
==24731==
==24731== Invalid read of size 1
==24731== at 0x4028ABC: memcpy (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==24731== by 0x4AF820D: (within /usr/lib/libX11.so.6.2.0)
==24731== by 0x4AF8EEA: (within /usr/lib/libX11.so.6.2.0)
==24731== by 0x4AF93E3: XPutImage (in /usr/lib/libX11.so.6.2.0)
==24731== by 0x494FDC3: _draw_image_surface (cairo-xlib-surface.c:1037)
==24731== by 0x49539D9: _cairo_xlib_surface_clone_similar
(cairo-xlib-surface.c:1171)
==24731== by 0x4938A42: _cairo_surface_clone_similar (cairo-surface.c:1143)
==24731== by 0x492E9A8: _cairo_pattern_acquire_surface
(cairo-pattern.c:1831)
==24731== by 0x49301DB: _cairo_pattern_acquire_surfaces
(cairo-pattern.c:2019)
==24731== by 0x49534C6: _cairo_xlib_surface_composite
(cairo-xlib-surface.c:1662)
==24731== by 0x4938798: _cairo_surface_composite (cairo-surface.c:1274)
==24731== by 0x493AD5E: _clip_and_composite_trapezoids
(cairo-surface-fallback.c:449)
==24731== Address 0xdfe7c13 is 3 bytes after a block of size 4,291,560 alloc'd
==24731== at 0x4027DDE: malloc (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==24731== by 0x79628B1: (within /usr/lib/libspectre.so.1.1.1)
==24731== by 0xB5CFA0C: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB74731B: gs_putdeviceparams (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4DAF2F: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B72FC: (within /usr/lib/libgs.so.8.62)
==24731== by 0xB4B8130: gs_interpret (in /usr/lib/libgs.so.8.62)
==24731== by 0xB4AB8E0: gs_main_run_string_continue (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4ABC85: gs_main_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0xB4B01C6: gsapi_run_string_with_length (in
/usr/lib/libgs.so.8.62)
==24731== by 0x7961B61: spectre_gs_send_string (in
/usr/lib/libspectre.so.1.1.1)
==24731== by 0x79626FD: spectre_device_render (in
/usr/lib/libspectre.so.1.1.1)
^C==24731==
==24731== ERROR SUMMARY: 6296 errors from 8 contexts (suppressed: 197 from 7)
==24731== malloc/free: in use at exit: 12,145,330 bytes in 47,402 blocks.
==24731== malloc/free: 298,235 allocs, 250,833 frees, 116,072,985 bytes
allocated.
==24731== For counts of detected errors, rerun with: -v
==24731== searching for pointers to 47,402 not-freed blocks.
==24731== checked 20,429,252 bytes.
==24731==
==24731== LEAK SUMMARY:
==24731== definitely lost: 139,161 bytes in 4,884 blocks.
==24731== possibly lost: 4,345,393 bytes in 38 blocks.
==24731== still reachable: 7,660,776 bytes in 42,480 blocks.
==24731== suppressed: 0 bytes in 0 blocks.
==24731== Rerun with --leak-check=full to see details of leaked memory.
Killed
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.