-
-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SIGSEGV in DefaultFatalErrorHandler #5360
Comments
Thanks for the problem report. We can reproduce it and will have a patch to fix it in the GIT main branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ https://imagemagick.org/archive/beta/ by sometime tomorrow. |
Great, thank you very much for the quick fix. Looks reasonable. I have one doubt regarding use of InitializeMagickMutex() in MagickCoreTerminus(). Doesn't this, in case of defined(MAGICKCORE_OPENMP_SUPPORT), initialize a semaphore that another thread possibly currently owns? |
Thanks for the problem report. We can reproduce it and will have a patch to fix it in the GIT main branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ https://imagemagick.org/archive/beta/ by sometime tomorrow. |
ImageMagick version
7.1.0-29
Operating system
Other (enter below)
Operating system, version and so on
Illumos
Description
We had a core dump when processing a probably damaged image. The stack traces show many threads executing DefaultFatalErrorHandler() -> MagickCoreTerminus() due to a simultaneous exception in GetImagePixelCache(). The function MagickCoreTerminus() and all the called *Terminus() functions are obviously (and I guess intentionally) not thread safe.
The observed SIGSEGV was in AnnotateComponentTerminus() where global var annotate_semaphore was NULL.
I have no solution to suggest, since I don't know how important the call to MagickCoreTerminus() is. If it is not important, it could just be removed in DefaultFatalErrorHandler() because it is directly followed by exit().
Steps to Reproduce
Sorry, can't reproduce, the image causing the core dump is gone (overwritten by a working version before it could be saved). It was a psd file. I hope the stack trace is helpful enough:
Images
No response
The text was updated successfully, but these errors were encountered: