search

jwilk-archive / pdf2djvu

PDF to DjVu converter
GNU General Public License v2.0
94 stars 17 forks source link

Crash in MutedRenderer::draw_link #131

Closed jwilk closed 6 years ago

jwilk commented 6 years ago

(Originally reported at https://groups.io/g/pdf2djvu/message/108)

pdf2djvu seems to crash sometimes when adding hyperlinks in parallel. Here's a test case in TeX format:

\pdfmapline{ptmr8r Times-Roman <8r.enc}
\font\times=ptmr8r at 8pt
\times
\leavevmode
\newcount\n
\n=0
\loop
\pdfstartlink
user{/Subtype/Link/A<</S/URI/URI(http://www.example.org/)>>}
\the\n
\pdfendlink
\advance \n by 1
\unless\ifnum\n>10000
\repeat
\end

This is reproducible on Ubuntu 14.04 LTS “Trusty Tahr”:

$ pdftex ann-overload.tex  
…
Output written on ann-overload.pdf (8 pages, 229432 bytes). 
…

$ pdf2djvu -j 9 ann-overload.pdf -o /dev/null
ann-overload.pdf:
- page #1 -> #1
ann-overload.pdf:
- page #2 -> #2
ann-overload.pdf:
- page #3 -> #3
ann-overload.pdf:
- page #4 -> #4
ann-overload.pdf:
- page #5 -> #5
ann-overload.pdf:
- page #6 -> #6
ann-overload.pdf:
- page #7 -> #7
ann-overload.pdf:
- page #8 -> #8
Segmentation fault (core dumped)

Backtrace:

#0  0x00007f4b740b1760 in gc_mark(miniexp_s**) () from /usr/lib/x86_64-linux-gnu/libdjvulibre.so.21
#1  0x00007f4b740b1f15 in minivar_t::mark(void (*)(miniexp_s**)) () from /usr/lib/x86_64-linux-gnu/libdjvulibre.so.21
#2  0x00007f4b740b1fdd in gc_run() [clone .part.9] () from /usr/lib/x86_64-linux-gnu/libdjvulibre.so.21
#3  0x00007f4b740b23fa in minilisp_release_gc_lock () from /usr/lib/x86_64-linux-gnu/libdjvulibre.so.21
#4  0x0000000000430165 in ~GCLock (this=<synthetic pointer>, __in_chrg=<optimized out>) at sexpr.hh:58
#5  MutedRenderer::draw_link (this=0x7f4b480046e0, link=<optimized out>, border_color=...) at pdf2djvu.cc:551
#6  0x000000000041d35c in pdf::Renderer::drawLink (this=0x7f4b480046e0, link=0x7f4b4823f4d0, catalog=<optimized out>) at pdf-backend.cc:468
#7  0x00007f4b73c66fd5 in Page::processLinks (this=<optimized out>, out=0x7f4b480046e0) at Page.cc:803
#8  0x00007f4b73c6ab91 in PDFDoc::processLinks (this=<optimized out>, out=<optimized out>, page=<optimized out>) at PDFDoc.cc:511
#9  0x000000000041d726 in pdf::Document::display_page (this=this@entry=0x7f4b48000900, renderer=renderer@entry=0x7f4b480046e0, npage=npage@entry=7, hdpi=hdpi@entry=300, vdpi=vdpi@entry=300, crop=<optimized out>, do_links=do_links@entry=true) at pdf-backend.cc:199
#10 0x0000000000425362 in xmain () at pdf2djvu.cc:1433
#11 0x00007f4b7253134a in gomp_thread_start (xdata=<optimized out>) at ../../../src/libgomp/team.c:115
#12 0x00007f4b720fd184 in start_thread (arg=0x7f4b6d87c700) at pthread_create.c:312
#13 0x00007f4b71e2a03d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
jwilk commented 6 years ago

For completeness:

$ pdf2djvu --version
pdf2djvu 0.9.9
+ DjVuLibre 3.5.25
+ Poppler 0.24.5
+ GraphicsMagick++ 1.3.18 (Q8)
+ Exiv2 0.23

I bisected this down to this DjVuLibre commit:

2475fcef383b thread safe miniexp (with stop-the-world gc for now.)

Apparently miniexp function weren't thread-safe beforehand. This would explain the crashes.

jwilk commented 6 years ago

Fixed in 0.9.10 (1359ec9def9173d33a5eaca19ab08ce11d2a1306).