id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc 3614,gdaladdo crashes (SIGFPE) on LZW compressed TIFFs,dstahlke,warmerdam,"This appears to be different than bug #1205. {{{ $ pgmmake 0 11108 11624 > test.pgm $ gdal_translate test.pgm test.tif -co 'COMPRESS=LZW' $ gdaladdo test.tif 3 0Floating point exception (core dumped) }}} It only happens for certain image and overview sizes. The backtrace: {{{ #0 0x00007ffff79fdefa in GDALRasterBand::RasterIO (this=0x616bb0, eRWFlag=, nXOff=3703, nYOff=, nXSize=, nYSize=, pData=0x616290, nBufXSize=0, nBufYSize=1, eBufType=GDT_Float32, nPixelSpace=4, nLineSpace=0) at gdalrasterband.cpp:202 #1 0x00007ffff7a03240 in GDALDownsampleChunk32R (nSrcWidth=, nSrcHeight=, pafChunk=, pabyChunkNodataMask=, nChunkXOff=, nChunkXSize=, nChunkYOff=0, nChunkYSize=383, poOverview=0x616bb0, pszResampling=0x4017da ""nearest"", bHasNoData=0, fNoDataValue=, poColorTable=0x0, eSrcDataType=GDT_Byte) at overview.cpp:631 #2 0x00007ffff7a04790 in GDALRegenerateOverviewsMultiBand (nBands=, papoSrcBands=, nOverviews=, papapoOverviewBands=, pszResampling=, pfnProgress=, pProgressData=0x0) at overview.cpp:1421 #3 0x00007ffff788eb3e in GTiffDataset::IBuildOverviews (this=, pszResampling=, nOverviews=, panOverviewList=, nBands=, panBandList=, pfnProgress=0x7ffff79de400 , pProgressData=0x0) at geotiff.cpp:3444 #4 0x00007ffff79e7dca in GDALDataset::BuildOverviews (this=0x615a10, pszResampling=, nOverviews=, panOverviewList=, nListBands=, panBandList=, pfnProgress=0x7ffff79de400 , pProgressData=0x0) at gdaldataset.cpp:1381 #5 0x000000000040109e in main (nArgc=3, papszArgv=0x613380) at gdaladdo.cpp:163 }}} The relevant source code line: {{{ /* -------------------------------------------------------------------- */ /* If pixel and line spaceing are defaulted assign reasonable */ /* value assuming a packed buffer. */ /* -------------------------------------------------------------------- */ if( nPixelSpace == 0 ) nPixelSpace = GDALGetDataTypeSize( eBufType ) / 8; if( nLineSpace == 0 ) { if (nPixelSpace > INT_MAX / nBufXSize) // <=== crashes here { CPLError( CE_Failure, CPLE_AppDefined, ""Int overflow : %d x %d"", nPixelSpace, nBufXSize ); return CE_Failure; } nLineSpace = nPixelSpace * nBufXSize; } }}} ",defect,closed,normal,,default,unspecified,normal,duplicate,,