[gs-bugs] [Bug 691478] Seg. fault in gs_vmreclaim

bugzilla-daemon at ghostscript.com bugzilla-daemon at ghostscript.com
Mon Jul 19 16:06:39 UTC 2010


http://bugs.ghostscript.com/show_bug.cgi?id=691478

Ray Johnston <ray.johnston at artifex.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         AssignedTo|ray.johnston at artifex.com    |michael.vrhel at artifex.com

--- Comment #5 from Ray Johnston <ray.johnston at artifex.com> 2010-07-19 16:06:35 UTC ---
I ran with -Z@$?  Note, on linux you need to use escapes: -Z@\$\? when
running a debug build.

I was able to duplicate it on Win 7 with a 32-bit DEBUG build.

Setting a breakpoint in ilocate.c:535 (in ialloc_validate_object) I get a
breakpoint before it later gets a segfault that is probably related. This
scan of objects is performed as part of a 'restore' (zrestore).

The contents of the object being searched for has funky contents, in that
the o_type is 0xfeeefeee as is the size.

Going up one level from the breakpoint, into ialloc_validate_chunk, I see
the value of pre has some useful information. The value of: pre->d.f.o.t.type
points to the st_gsicc_manager struct descriptor and the value if 'index' is
8 (I think it has already been incremented past the pointer that was to
the bogus area of memory that ialloc_validate_object can't find).

If the bogus index was 7, then that is the pointer to the 'lab_profile'
filename (consulting the list of pointers in st_gsicc_manager in
gsicc_manage.c:83-87).

This may or may not be related to the other issue found with the psdcmyk
device that I worked with Michael on recently, but it smells the same.

Assigning to Michael. Please let me know if the changes we discussed w.r.t.
the filename strings set via userparams don't fix this as well.

-- 
Configure bugmail: http://bugs.ghostscript.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.


More information about the gs-bugs mailing list