Bug 22450 - xscanimage segfaults on 48bit color scan mode
Summary: xscanimage segfaults on 48bit color scan mode
Status: RESOLVED OLD
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: 7
Hardware: All Linux
Priority: Normal critical
Target Milestone: ---
Assignee: All Packagers
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-01-25 06:39 CET by Herbert Poetzl
Modified: 2021-09-07 14:11 CEST (History)
3 users (show)

See Also:
Source RPM: sane-frontends-1.0.14-20.mga6.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Herbert Poetzl 2018-01-25 06:39:40 CET 
Description of problem:
When selecting '48 bits color' as 'Scan mode' xscanimage segfaults 

Version-Release number of selected component (if applicable):
xscanimage (sane-frontends) 1.0.14


How reproducible:
Always

Steps to Reproduce:
1. Start xscanimage
2. Select '48 bits color' from 'Scan mode'


Starting program: /usr/bin/xscanimage 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7fffeb1dd700 (LWP 6215)]
[New Thread 0x7fffdfb13700 (LWP 6283)]
[New Thread 0x7fffdf312700 (LWP 6284)]
[New Thread 0x7fffdeb11700 (LWP 6285)]

Thread 1 "xscanimage" received signal SIGSEGV, Segmentation fault.
__strcmp_sse2_unaligned () at ../sysdeps/x86_64/multiarch/strcmp-sse2-unaligned.S:29
29		movdqu	(%rdi), %xmm1
(gdb) where
#0  0x00007ffff63c7cda in __strcmp_sse2_unaligned () at ../sysdeps/x86_64/multiarch/strcmp-sse2-unaligned.S:29
#1  0x000000000040e1f3 in option_menu_new ()
#2  0x000000000040f57c in panel_build ()
#3  0x0000000000410330 in set_option ()
#4  0x00000000004107d3 in option_menu_callback ()
#8  0x00007ffff6e6e822 in <emit signal ??? on instance 0x739dc0 [GtkMenuItem]> (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>) at gsignal.c:3447
    #5  0x00007ffff6e53f05 in g_closure_invoke (closure=0x7a7e80, return_value=return_value@entry=0x0, n_param_values=1, param_values=param_values@entry=0x7fffffffd200, invocation_hint=invocation_hint@entry=0x7fffffffd1a0) at gclosure.c:804
    #6  0x00007ffff6e657f1 in signal_emit_unlocked_R (node=node@entry=0x6c3fb0, detail=detail@entry=0, instance=instance@entry=0x739dc0, emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fffffffd200) at gsignal.c:3635
    #7  0x00007ffff6e6e44a in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffffffd398) at gsignal.c:3391
#9  0x00007ffff75848ee in gtk_widget_activate () at /lib64/libgtk-x11-2.0.so.0
#10 0x00007ffff748658d in gtk_menu_shell_activate_item () at /lib64/libgtk-x11-2.0.so.0
#11 0x00007ffff74868d6 in gtk_menu_shell_button_release () at /lib64/libgtk-x11-2.0.so.0
#12 0x00007ffff7474d7c in _gtk_marshal_BOOLEAN__BOXED () at /lib64/libgtk-x11-2.0.so.0
#16 0x00007ffff6e6e822 in <emit signal ??? on instance 0x6a9c50 [GtkMenu]> (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>) at gsignal.c:3447
    #13 0x00007ffff6e53f05 in g_closure_invoke (closure=closure@entry=0x6b12f0, return_value=return_value@entry=0x7fffffffd670, n_param_values=2, param_values=param_values@entry=0x7fffffffd720, invocation_hint=invocation_hint@entry=0x7fffffffd6c0)
    at gclosure.c:804
    #14 0x00007ffff6e65d9e in signal_emit_unlocked_R (node=<optimized out>, detail=detail@entry=0, instance=instance@entry=0x6a9c50, emission_return=emission_return@entry=0x7fffffffd800, instance_and_params=instance_and_params@entry=0x7fffffffd720)
    at gsignal.c:3673
    #15 0x00007ffff6e6df93 in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffffffd8c8) at gsignal.c:3401
#17 0x00007ffff7585aac in gtk_widget_event_internal () at /lib64/libgtk-x11-2.0.so.0
#18 0x00007ffff7473544 in gtk_propagate_event () at /lib64/libgtk-x11-2.0.so.0
#19 0x00007ffff74738eb in gtk_main_do_event () at /lib64/libgtk-x11-2.0.so.0
#20 0x00007ffff70efe7c in gdk_event_dispatch () at /lib64/libgdk-x11-2.0.so.0
#21 0x00007ffff6b7aac7 in g_main_dispatch (context=0x67a4b0) at gmain.c:3230
#22 0x00007ffff6b7aac7 in g_main_context_dispatch (context=context@entry=0x67a4b0) at gmain.c:3895
#23 0x00007ffff6b7acf8 in g_main_context_iterate (context=0x67a4b0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3968
#24 0x00007ffff6b7b012 in g_main_loop_run (loop=0x8197b0) at gmain.c:4164
#25 0x00007ffff74729b7 in gtk_main () at /lib64/libgtk-x11-2.0.so.0
#26 0x0000000000408a1f in interface ()
#27 0x00000000004063f1 in main ()
Comment 1 Marja Van Waes 2018-01-25 09:32:30 CET 
Assigning to the registered maintainer.

Assignee: bugsquad => lists.jjorge
CC: (none) => marja11

Comment 2 Herbert Poetzl 2020-02-27 04:04:42 CET 
Seems not much has changed since ... here the issue on Mageia 7:

Starting program: /usr/bin/xscanimage 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
[New Thread 0x7ffff53ee700 (LWP 31004)]
[New Thread 0x7ffff3b6a700 (LWP 31052)]
[New Thread 0x7ffff3369700 (LWP 31053)]
[New Thread 0x7ffff2b61700 (LWP 31054)]

Thread 1 "xscanimage" received signal SIGSEGV, Segmentation fault.
__strcmp_avx2 () at ../sysdeps/x86_64/multiarch/strcmp-avx2.S:101
101		vmovdqu	(%rdi), %ymm1
(gdb) where
#0  0x00007ffff781ea7a in __strcmp_avx2 () at ../sysdeps/x86_64/multiarch/strcmp-avx2.S:101
#1  0x000000000040ec9b in option_menu_new ()
#2  0x000000000040fffb in panel_build ()
#3  0x0000000000410e50 in set_option ()
#4  0x00000000004112d5 in option_menu_callback ()
#8  0x00007ffff78e31b2 in <emit signal ??? on instance 0x6935a0 [GtkMenuItem]> (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>)
    at ../gobject/gsignal.c:3447
    #5  0x00007ffff78c6d8d in g_closure_invoke
    (closure=0x6fea40, return_value=0x0, n_param_values=1, param_values=0x7fffffffcfe0, invocation_hint=0x7fffffffcf80) at ../gobject/gclosure.c:810
    #6  0x00007ffff78d9d35 in signal_emit_unlocked_R
    (node=node@entry=0x4f0400, detail=detail@entry=0, instance=instance@entry=0x6935a0, emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fffffffcfe0) at ../gobject/gsignal.c:3635
    #7  0x00007ffff78e2bce in g_signal_emit_valist
    (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffffffd188) at ../gobject/gsignal.c:3391
#9  0x00007ffff7c00fca in gtk_widget_activate () at /lib64/libgtk-x11-2.0.so.0
#10 0x00007ffff7b0353d in gtk_menu_shell_activate_item () at /lib64/libgtk-x11-2.0.so.0
#11 0x00007ffff7b037c6 in gtk_menu_shell_button_release () at /lib64/libgtk-x11-2.0.so.0
#12 0x00007ffff7af170b in _gtk_marshal_BOOLEAN__BOXED () at /lib64/libgtk-x11-2.0.so.0
#16 0x00007ffff78e31b2 in <emit signal ??? on instance 0x4d0c70 [GtkMenu]> (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>)
    at ../gobject/gsignal.c:3447
    #13 0x00007ffff78c6d8d in g_closure_invoke
    (closure=0x4dc270, return_value=0x7fffffffd460, n_param_values=2, param_values=0x7fffffffd510, invocation_hint=0x7fffffffd4b0) at ../gobject/gclosure.c:810
    #14 0x00007ffff78d958d in signal_emit_unlocked_R
    (node=<optimized out>, detail=detail@entry=0, instance=instance@entry=0x4d0c70, emission_return=emission_return@entry=0x7fffffffd610, instance_and_params=in--Type <RET> for more, q to quit, c to continue without paging--
stance_and_params@entry=0x7fffffffd510) at ../gobject/gsignal.c:3673
    #15 0x00007ffff78e2276 in g_signal_emit_valist
    (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffffffd6d8) at ../gobject/gsignal.c:3401
#17 0x00007ffff7c0219c in gtk_widget_event_internal () at /lib64/libgtk-x11-2.0.so.0
#18 0x00007ffff7aef9cc in gtk_propagate_event () at /lib64/libgtk-x11-2.0.so.0
#19 0x00007ffff7aefd8b in gtk_main_do_event () at /lib64/libgtk-x11-2.0.so.0
#20 0x00007ffff796872c in gdk_event_dispatch () at /lib64/libgdk-x11-2.0.so.0
#21 0x00007ffff7ec8665 in g_main_dispatch (context=0x49c5c0) at ../glib/gmain.c:3189
#22 0x00007ffff7ec8665 in g_main_context_dispatch (context=context@entry=0x49c5c0) at ../glib/gmain.c:3854
#23 0x00007ffff7ec89e8 in g_main_context_iterate (context=0x49c5c0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>)
    at ../glib/gmain.c:3927
#24 0x00007ffff7ec8cd2 in g_main_loop_run (loop=0x776080) at ../glib/gmain.c:4123
#25 0x00007ffff7aeee47 in gtk_main () at /lib64/libgtk-x11-2.0.so.0
#26 0x000000000040958c in interface ()
#27 0x0000000000406fd1 in main ()

CC: (none) => herbert
Version: 6 => 7

Morgan Leijström 2021-02-17 14:37:25 CET

Assignee: lists.jjorge => pkg-bugs
CC: (none) => fri

Comment 3 Aurelien Oudelet 2021-07-06 13:14:23 CEST 
Mageia 7 is EOL since July 1st 2021.
There will not have any further bugfix for this release.

You are encouraged to upgrade to Mageia 8 as soon as possible.

@reporter, if this bug still apply with Mageia 8, please let us know it.

@packager, if you work on the Mageia 7 version of your package, please check the Mageia 8 package if issue is also present. In this case, please fix the Mageia 8 version instead.

This bug report will be closed OLD if there is no further notice within 1st September 2021.
Comment 4 Marja Van Waes 2021-09-07 14:11:02 CEST 
Hi bug reporter and hi assignee and others involved,

Please reopen this bug report if it is still valid for Mageia 8 or 9(cauldron), and change "Version:" in the upper left of this report accordingly.

This report is being closed as OLD because it was filed against Mageia 7, for which  support ended on June 30th 2021.

Thanks,
Marja

Resolution: (none) => OLD
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.