Le Fri, 01 May 2020 04:30:36 -0700,
Nam Nguyen <namn@berkeley.edu> a écrit :
> Stuart Henderson writes:
>
> > On 2020/04/29 15:13, Jacqueline Jolicoeur wrote:
> >> Hi,
> >>
> >> I have noticed gimp-2.10.18p1 crashes everytime I try to open a
> >> file. Removing all my GIMP cache and config files has not resolved
> >> it.
> >>
> >> I am aware this was posted earlier. I wanted to report that this
> >> bug still exists as of today with the recent snapshots.
> >
> > We don't have any ideas yet. I haven't been able to reproduce it
> > recently, the crash is in gtk+2 in possibly something theme-related
> > so maybe try a different theme or try a different window manager or
> > desktop environment and see if that makes it go away?
> >
> > The upstream bug is currently at
> > https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/148
>
> Here is a diff for x11/gtk+2 to fix GIMP crashing. Feedback and tests
> are welcome.
>
> "Image Data" and "Example 1. put_pixel() example" were useful.
>
> https://developer.gimp.org/api/2.0/gdk-pixbuf/gdk-pixbuf-gdk-pixbuf.html
>
> Example 1 was very similar to the code in pixbuf-render.c's
> compute_hint function.
>
> https://marc.info/?l=openbsd-ports&m=157538140605480&w=2
>
> I got the same stacktrace as brynet@ posted here. (x0=23, x1=24,
> y0=31, y1=32.) Some stuff was optimized out but I got it to print by
> going back to earlier stack frames or by slightly modifying the code
> with a fix that didn't work (that's how I got num_channels = 3).
>
> Given these values of x0, x1, y0, y1 and num_channels it seems like it
> goes beyond the end of the pixbuf buffer. It was going out of bounds
> on (n_channels != 4 && a != *(p++)) according to gdb. If anything,
> num_channels being 3 with my change prevents it from advancing the p
> pointer too far.
>
> RGBA each has a byte for red, green, blue and alpha. In this case,
> num_channels = 3 so there is no alpha channel.
>
> Each row looks like this with possible padding at the end:
> RGBARGBA...
> In this case there is no alpha either so it could look like:
> RGBRGB...
>
> rowstride = 72 in this case so there are 72 bytes in each row
>
> if (r != *(p++) ||
> g != *(p++) ||
> b != *(p++) ||
> (n_channels != 4 && a != *(p++)))
>
> p is positioned to where it wants to compute hints like
> THEME_CONSTANT_ROWS. I infer that THEME_CONSTANT_ROWS means r = g = b
> like the grey theme that crashes. The first 2 lines should be
> sufficient to check r = g = b, so I think that even the last two
> lines with b and n_channels can be removed. Although, I don't know
> the exact meaning of THEME_CONSTANT_ROWS and how alpha affects it so
> this could be something to ask upstream.
>
> The last line currently reads: if there is no alpha channel and alpha
> is not equal to X (where X is RGBAX) then the theme has a false bit
> for THEME_CONSTANT_ROWS.
>
> I think this is incorrect and should say if there _is_ an alpha
> channel.
>
> Testing
> =======
> As others have reported, this was hard to reproduce.
>
> To test keep spamming this loop until it crashes. It crashes randomly
> but within the first ~10 tries on the current version of gtk+2.
>
> Edit > Preferences > Themes > Grey
> Ctrl-O for open file prompt
> Escape to close
> Edit > Preferences > Themes > Dark
> Ctrl-O for open file prompt
> Escape to close
>
> With this patch it no longer crashes in my testing.
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/x11/gtk+2/Makefile,v
> retrieving revision 1.233
> diff -u -p -u -p -r1.233 Makefile
> --- Makefile 10 Nov 2019 21:44:07 -0000 1.233
> +++ Makefile 1 May 2020 10:30:50 -0000
> @@ -9,7 +9,7 @@ GNOME_PROJECT= gtk+
> PKGNAME-main= gtk+2-${GNOME_VERSION}
> PKGNAME-cups= gtk+2-cups-${GNOME_VERSION}
>
> -REVISION-main= 8
> +REVISION-main= 9
> REVISION-cups= 4
>
> CATEGORIES= x11 devel
> Index: patches/patch-modules_engines_pixbuf_pixbuf-render_c
> ===================================================================
> RCS file: patches/patch-modules_engines_pixbuf_pixbuf-render_c
> diff -N patches/patch-modules_engines_pixbuf_pixbuf-render_c
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ patches/patch-modules_engines_pixbuf_pixbuf-render_c 1 May
> 2020 10:30:50 -0000 @@ -0,0 +1,18 @@
> +$OpenBSD$
> +
> +fixes https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/148
> +
> +only check for alpha if there is an alpha channel
> +
> +Index: modules/engines/pixbuf/pixbuf-render.c
> +--- modules/engines/pixbuf/pixbuf-render.c.orig
> ++++ modules/engines/pixbuf/pixbuf-render.c
> +@@ -603,7 +603,7 @@ compute_hint (GdkPixbuf *pixbuf,
> + if (r != *(p++) ||
> + g != *(p++) ||
> + b != *(p++) ||
> +- (n_channels != 4 && a != *(p++)))
> ++ (n_channels == 4 && a != *(p++)))
> + {
> + hints &= ~THEME_CONSTANT_ROWS;
> + if (!(hints & THEME_MISSING))
>
thank you veryy much!
No comments:
Post a Comment