delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2020/06/23/16:57:20

X-Recipient: archive-cygwin AT delorie DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 600EC39540E7
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
s=default; t=1592945790;
bh=tJNmbD9cJmyKhIvqJZw6L1RvxgEeUh3OaxsT/dADRVA=;
h=Subject:To:References:Date:In-Reply-To:List-Id:List-Unsubscribe:
List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
From;
b=Qyp8VJbmXlZ2m5Q3+XN0sDdfisBWCoXzN/+zfSQt19ybdiVPnjA9ffBtAi9e7pvLN
X70RMXKIlFRRYfRkmqWUjU7IvmlR8Vlx3tSru0/r8KM37QHXEyx8A0NMtwdUZpbP5Z
i1ypvwIXmGV9BGYRlb3R3v+va2NDBbcuP0xcYck8=
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org AFFEC38708D8
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=iG2a2AWveI6Z58X46UCNBJ2xa49G65S3tv7paI4uONxy5hcKAK23OxDbU1j7Np+C/n+quwhplTwizopAf/bfJzNm1+NKeBFPuKu0aOSRjRbT0o+PrE81gU/8lHbX6Vyqcj2Ui28KjjW+ZpKRLdnMl8wNNxLO2TjRyfaYMARsv4K9OK9V0zC3WMDEK2GEnZV5NhYAq2DVjTRNNu3+7aJiKuDupSZTw4hnQegwgA6HhszG7sht10+yv9c1xEBlMMWTqIMxaon99BH24Dv7LhYI86U6Z9ky1EpZUWQ85HIXBdPedL/uTG6g8gbepPTBW+QjBYJ9o2pxPUgzTbHdoMB9JA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=2cLBP5B+V08VlXSJ2xz0fyBXB4dcwggeqUJ5199n+kc=;
b=N1s+fvSqFPT9PpVqPb3Xot0LY32lc0klYtQRmpQnxQUm/aSXobVHoe3Kavb66GfngskJnaHSn6Oy22XAIyq5rLE1Ij17byjT0Etbe4/4uWTuiL2L7aBtas8EntcwxiUQVJJU7YVEtHvahW4Siji2nuajLH5GBcjLVgeEYtCvFLB0QywqJ0R5Xa8CPR6LU3FIBKn5WjEf6i/Lp8UPYUc9tOpQvh290/VC+/89EKbxr60+5q/IKKdJyK2VsXSUKZk3NMW7BO0EJxJOnb/52ttBpgiK33XcW9zhxfhbxE50bLHoMrr2ugfTijwT4JpFUBxwE8roKqjtNNX5RoWOEOVg/w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=cornell.edu; dmarc=pass action=none header.from=cornell.edu;
dkim=pass header.d=cornell.edu; arc=none
Subject: Re: ImageMagick maybe broken by libgs9 upgrade
To: cygwin AT cygwin DOT com
References: <241354771 DOT 1752406 DOT 1592876221936 DOT ref AT mail DOT yahoo DOT com>
<241354771 DOT 1752406 DOT 1592876221936 AT mail DOT yahoo DOT com>
<92b51d45-55b5-33e1-c1c7-883094b6b09b AT cornell DOT edu>
<134f371b-8989-4ed7-2209-acc486960d65 AT cornell DOT edu>
<0dd00cea6dd675142ca617d2caf5d818 AT mhoenicka DOT de>
<3d65999c-c82c-0b75-925b-d799a7e8f98c AT gmail DOT com>
<18a9c001-03cc-1538-99aa-7ea87630abe5 AT cornell DOT edu>
Message-ID: <df040576-8ce9-51ac-8c92-97e44ac9dedd@cornell.edu>
Date: Tue, 23 Jun 2020 16:56:23 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101
Thunderbird/68.9.0
In-Reply-To: <18a9c001-03cc-1538-99aa-7ea87630abe5@cornell.edu>
X-ClientProxiedBy: MN2PR19CA0023.namprd19.prod.outlook.com
(2603:10b6:208:178::36) To BN8PR04MB6163.namprd04.prod.outlook.com
(2603:10b6:408:5c::27)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-Originating-IP: [68.175.129.7]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 8280fae5-896d-416c-aeff-08d817b7e456
X-MS-TrafficTypeDiagnostic: BN8PR04MB5476:
X-Microsoft-Antispam-PRVS: <BN8PR04MB5476D8BD079361523E81F93CD8940 AT BN8PR04MB5476 DOT namprd04 DOT prod DOT outlook DOT com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7219;
X-Forefront-PRVS: 04433051BF
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: Lcmi6NIgEjGGHTfb4G5CIvQN/rELqtUAe/wuBrnwqFN4y6dUhlKccAmDmDKQfaqJsoYyw62hdLBAy3YKFQzDbwsSifo6cMGX8Kla54KPd2ytwC4lFr9nTZffAwit8pIAgQ01lm3fjtWztwkdTCBLE2Jls5SYTjbii5WRGeOIP5WPK53benljxdZPTp0ogqb1kiTp2XPNuQELBoyO29VpRS7IAmEd0fJfkevvPRc4rl6k+NNiw3VzRkoF/FAdE1mD3KtH1a9YeTvC9Z7tcv6c9tCnjz8sL6AS73Ea8fQv2P/HgTZyLyr9DGeGJ5m7rlzh9hOzsa06jO2fIImmDQa/4JN2NVhWbSAFAoAeL20F5oyE6F/y/7N+Hd49uKs5jphV
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM; H:BN8PR04MB6163.namprd04.prod.outlook.com; PTR:; CAT:NONE;
SFTY:;
SFS:(4636009)(39860400002)(366004)(376002)(396003)(136003)(346002)(53546011)(26005)(31686004)(83380400001)(75432002)(66556008)(478600001)(66476007)(52116002)(19627235002)(16576012)(66946007)(2616005)(316002)(956004)(786003)(4326008)(2906002)(16526019)(186003)(8936002)(8676002)(6486002)(86362001)(36756003)(31696002)(6916009)(5660300002)(43740500002);
DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: oyWTiH4hgrTBirnut0ss7vJP87zqmmaa3458Uw8X1qBAwFTBu3MkBsahI0+2ti4NFF9NlIt+82PQ7yqY1egjlEVZ6VvvJAnl5/en6941zFpo+UL4JePX/4UMeilVyHnJQK2SoeC3vP/5CaUZQop+s/8obDVMcuKcSad2lX/FOYCPwYmDrWQaSeyKDUKuI6VR8klQea5biqsG2E1ADddpG3moDyITocXBSdYt9x9pPAHOhVYNcEbaTJp8HQqvrqlWDzFfGm1ySe327KhggwQ9M2zVncUd+rOitobMG7S7INWr/LDyojqVKhFC8eI1DPk+YmkEv2ZGTbe+8EIBstKboz91wv+b9PFw/h7YIL+6GmCks/gtpkl7G1DPWb9QgADhRqr7ouj9px8sdmaKHaLdn0IwhjYs1NFjB+wacBCAOdliFXZ2jfmhTt43DHuhvTScmbkLBr4GFbzZah4dZeMvwsvEB0pU79uqVQCmqgAZwW0=
X-OriginatorOrg: cornell.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: 8280fae5-896d-416c-aeff-08d817b7e456
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jun 2020 20:56:25.3533 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5d7e4366-1b9b-45cf-8e79-b14b27df46e1
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: dbMNtLI6kxPcWrkiIU2UZG6N6kDt4ln1HveCHGwbRQqlU9wRob3XepS+YA36B5A7X7mzRE3KdCR6eBJiAp+ZkQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR04MB5476
X-Spam-Status: No, score=1.5 required=5.0 tests=BAYES_00, BODY_8BITS,
DKIM_INVALID, DKIM_SIGNED, JMQ_SPF_NEUTRAL, KAM_DMARC_STATUS,
MSGID_FROM_MTA_HEADER, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_PASS,
SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.2
X-Spam-Level: *
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
server2.sourceware.org
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.29
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <http://cygwin.com/mailman/options/cygwin>,
<mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <http://cygwin.com/mailman/listinfo/cygwin>,
<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From: Ken Brown via Cygwin <cygwin AT cygwin DOT com>
Reply-To: Ken Brown <kbrown AT cornell DOT edu>
Cc: Emily <emilyw AT yahoo DOT com>
Errors-To: cygwin-bounces AT cygwin DOT com
Sender: "Cygwin" <cygwin-bounces AT cygwin DOT com>
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id 05NKuusP000877 

On 6/23/2020 2:18 PM, Ken Brown via Cygwin wrote:
> On 6/23/2020 12:56 PM, Marco Atzeri via Cygwin wrote:
>> On 23.06.2020 15:03, Markus Hoenicka wrote:
>>> On 2020-06-23 14:15, Ken Brown via Cygwin was heard to say:
>>>> On 6/23/2020 7:27 AM, Ken Brown via Cygwin wrote:
>>>>> On 6/22/2020 9:37 PM, Emily via Cygwin wrote:
>>
>>>>>>
>>>>>> But in case other ImageMagick functionality is also broken, this isn't a 
>>>>>> permanent solution.  I tried to downgrade libgs9, but 9.27 is no longer an 
>>>>>> option in setup, even after I added another mirror.
>>>>>
>>>>> Please provide a sample label.pdf for which you're seeing this behavior.
>>>>
>>>> You could also try adding the '-verbose' option to your command line
>>>> to see if that gives a clue.
>>>>
>>>> Ken
>>>
>>> Hi,
>>>
>>> I don't know whether this helps to track down the problem, but here goes 
>>> anyway: I see the same crash with .ps and .eps files (unsurprisingly, as 
>>> these and .pdf are processed by libgs). The same conversions work with "gm 
>>> convert" from the GraphicsMagick package. gm is not linked against libgs, but 
>>> seems to invoke the gs executable instead. This does not crash, although it 
>>> is linked against the very same libgs.
>>>
>>> regards,
>>> Markus
>>>
>>
>>
>> without a sample case we don't know if we need to rebuild ImageMagick
>> or GS
> 
> I found a .eps file with which I could reproduce the crash (attached), using the 
> OP's command line with her .pdf file replaced by the attached .eps file.  Here's 
> the gdb backtrace after the crash:
> 
> Thread 1 "convert" received signal SIGSEGV, Segmentation fault.
> gs_lib_ctx_init (ctx=ctx AT entry=0xfffeed30, mem=mem AT entry=0x8000987b0)
>      at /usr/src/debug/ghostscript-9.52-2/base/gslibctx.c:269
> 269             gx_monitor_enter((gx_monitor_t *)(pio->core->monitor));
> (gdb) bt
> #0  gs_lib_ctx_init (ctx=ctx AT entry=0xfffeed30, mem=mem AT entry=0x8000987b0)
>      at /usr/src/debug/ghostscript-9.52-2/base/gslibctx.c:269
> #1  0x00000003ca37e0a3 in gs_malloc_init_with_context (ctx=0xfffeed30)
>      at /usr/src/debug/ghostscript-9.52-2/base/gsmalloc.c:595
> #2  0x00000003ca439da6 in psapi_new_instance (pinstance=0xfffee938,
>      caller_handle=0xfffee930)
>      at /usr/src/debug/ghostscript-9.52-2/psi/psapi.c:92
> #3  0x00000003ca49e995 in gsapi_new_instance (pinstance=<optimized out>,
>      caller_handle=<optimized out>)
>      at /usr/src/debug/ghostscript-9.52-2/psi/iapi.c:64
> #4  0x00000003fd2f53dc in InvokePostscriptDelegate (verbose=MagickFalse,
>      command=command AT entry=0xfffeed30 "'gs' -sstdout=%stderr -dQUIET -dSAFER -dBAT
> CH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 '-s
> DEVICE=pngalpha' -dTextAlphaBits=4 -dGraphicsAlphaBits=4 '-r300x300' -g196x2"...,
>   message=message AT entry=0xffff3d30 "", exception=exception AT entry=0x8000664a0)
>      at /usr/src/debug/ImageMagick-6.9.10.11-2/coders/ps.c:237
> #5  0x00000003fd2f6234 in ReadPSImage (image_info=0x800076170,
>      exception=0x8000664a0)
>      at /usr/src/debug/ImageMagick-6.9.10.11-2/coders/ps.c:846
> 
> The crash occurs because of an attempt to access ridiculously high memory:
> 
> (gdb) p pio->core
> $8 = (gs_lib_ctx_core_t *) 0x73253d74756f6474
> 
> I'm looking into it.

I think I've found the problem, although it will take patching and rebuilding 
ImageMagick (which I haven't done) to confirm that I'm right.

In the ImageMagick source file coders/ps.c:237, there's a call to 
ghost_info->new_instance, a.k.a. gsapi_new_instance (see line 214).  The 
documentation of the latter in the ghostscript sources (psi/iapi.c:57) says that 
the first argument pinstance should satisfy *pinstance == NULL in the first call 
to that function.

But *pinstance in this call is the variable 'interpreter', defined without 
initialization in ps.c:191.  As a result, **pinstance contains garbage, and the 
program eventually crashes when it tries to dereference a garbage pointer.

The fix, if I'm right, is to initialize interpreter to NULL in ps.c:191.

Ken
--
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019