[Bug 1094141] New: hpijs segfault
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 Bug ID: 1094141 Summary: hpijs segfault Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Printing Assignee: jsmeix@suse.com Reporter: tiwai@suse.com QA Contact: jsmeix@suse.com Found By: --- Blocker: --- When printing a PDF file from evince, I've got a segfault from hpijs, and the printing fails. May 22 08:22:26 valkyrie.site kernel: hpijs[23309]: segfault at 54 ip 000055f40e8ea983 sp 00007ffef264d3d0 error 6 in hpijs[55f40e8c2000+61000] gdb shows a NULL pointer in pMode[0]. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x000055a4dd0f0983 in apdk::DJGenericVIP::DJGenericVIP ( this=0x55a4dd772f50, pSS=<optimized out>, proto=<optimized out>) at prnt/hpijs/djgenericvip.cpp:90 90 pMode[i]->bFontCapable = FALSE; [Current thread is 1 (Thread 0x7f96dde6f080 (LWP 1954))] (gdb) print pMode $1 = {0x0, 0x0, 0x55a4dd774ff0, 0x55a4dd7360e0, 0x55a4dd778220, 0x55a4dd7744a0, 0x55a4dd7745a0, 0x55a4dd776170, 0x55a4dd776270, 0x55a4dd776370, 0x55a4dd7739f0, 0x55a4dd773af0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0} (gdb) I remember that I could print on this machine a few weeks ago with Leap 15.0, and I'm not sure what broke it. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 http://bugzilla.opensuse.org/show_bug.cgi?id=1094141#c1 --- Comment #1 from Takashi Iwai <tiwai@suse.com> --- Created attachment 770942 --> http://bugzilla.opensuse.org/attachment.cgi?id=770942&action=edit core dump -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 http://bugzilla.opensuse.org/show_bug.cgi?id=1094141#c2 Johannes Meixner <jsmeix@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.wilck@suse.com, | |tiwai@suse.com Found By|--- |Development Flags| |needinfo?(tiwai@suse.com) --- Comment #2 from Johannes Meixner <jsmeix@suse.com> --- I do not have a HP printer so that I cannot reproduce anything that could be related to a specific HP printer model. Because --------------------------------------------------------------------- $ osc rbl Printing hplip-testing openSUSE_Leap_15.0 x86_64 --------------------------------------------------------------------- does not show a general problem with hpijs PPDs you need to provide more specific information, cf. https://en.opensuse.org/SDB:How_to_Report_a_Printing_Issue so that others can understand what goes on in your environment (I will not reverse-engineer a core dump to get that basic info). In general regarding HPLIP: HPLIP is developed by HP. We (i.e. openSUSE) distribute HP's HPLIP software "as is" but we do not develop it, cf. https://en.opensuse.org/SDB:How_to_set-up_a_HP_printer Issues with HPLIP are usually upstream issues that should be reported directly to HP via https://developers.hp.com/hp-linux-imaging-and-printing/support Accordingly issues with HPLIP are usually closed as "upstream", cf. https://bugzilla.opensuse.org/page.cgi?id=status_resolution_matrix.html and "Background Information" in https://en.opensuse.org/SDB:How_to_Report_a_Printing_Issue If you report this issue directly to upstream HPLIP please post an URL to your upstream issue report as reference here. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 http://bugzilla.opensuse.org/show_bug.cgi?id=1094141#c3 --- Comment #3 from Martin Wilck <martin.wilck@suse.com> --- (In reply to Takashi Iwai from comment #0)
#0 0x000055a4dd0f0983 in apdk::DJGenericVIP::DJGenericVIP ( this=0x55a4dd772f50, pSS=<optimized out>, proto=<optimized out>) at prnt/hpijs/djgenericvip.cpp:90 90 pMode[i]->bFontCapable = FALSE; [Current thread is 1 (Thread 0x7f96dde6f080 (LWP 1954))] (gdb) print pMode $1 = {0x0, 0x0, 0x55a4dd774ff0, 0x55a4dd7360e0, 0x55a4dd778220, 0x55a4dd7744a0, 0x55a4dd7745a0, 0x55a4dd776170, 0x55a4dd776270, 0x55a4dd776370, 0x55a4dd7739f0, 0x55a4dd773af0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0} (gdb)
DJGenericVIP::DJGenericVIP() should have called the DJ9xxVIP::DJ9xxVIP() constructor, which sets ModeCount to 0 and initializes the first indices of pMode (I see at least 5 modes). DJGenericVIP() would then add more modes. If pMode[0] and pMode[1] are both 0 at this point, it would seem that for whatever reason DJ9xxVIP::DJ9xxVIP() hadn't been called. In this case, the constructor of the common parent class Printer() would have set ModeCount to 2 without initializing pMode[0] and pMode[1]. (Printer() seems to rely on subclasses to initialized these entries). Not being a C++ guru, I have no explanation how it may come to pass that the body DJGenericVIP::DJGenericVIP() may be run without DJ9xxVIP::DJ9xxVIP() having been called first. It looks like a compiler issue to me. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 http://bugzilla.opensuse.org/show_bug.cgi?id=1094141#c4 --- Comment #4 from Martin Wilck <martin.wilck@suse.com> --- (In reply to Takashi Iwai from comment #0)
I remember that I could print on this machine a few weeks ago with Leap 15.0, and I'm not sure what broke it.
Code-wise, the last change in the hplip package was the move to python3, which happened on Mar 22. It's been in SLE-15 since RC3 (at least). I consider it highly unlikely to have caused this problem. The job history for Leap 15.0 shows two build of this code (revision 4), on March 31st and April 30th. (https://build.opensuse.org/packages/hplip/job_history/openSUSE:Leap:15.0/sta...) I'd interpret your "a few weeks ago" such that you could print with the package from Mar 31st but not with the package from April 30th. Unfortunately I'm told on #buildops that there's no way to figure out the difference between the two builds. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 http://bugzilla.opensuse.org/show_bug.cgi?id=1094141#c5 --- Comment #5 from Martin Wilck <martin.wilck@suse.com> --- Well, there's a possibility that this happens.
DJ9xxVIP::DJ9xxVIP ( SystemServices* pSS, BOOL proto ) : Printer(pSS, NUM_DJ6XX_FONTS, proto), PCL3acceptsDriverware(TRUE) {
m_bVIPPrinter = TRUE;
if (!proto && IOMode.bDevID) { bCheckForCancelButton = TRUE; constructor_error = VerifyPenInfo(); CERRCHECK; } else ePen = BOTH_PENS; // matches default mode
PCL3acceptsDriverware = IsPCL3DriverwareAvailable();
ModeCount = 0; pMode[ModeCount++] = new GrayModeDJ990(ulMapDJ600_CCM_K,PCL3acceptsDriverware); // Grayscale K
If VerifyPenInfo() returns an error, CERRCHECK is called, which means that the constructor returns without setting ModeCount = 0 and intializing the base class modes. The subclass constructor doesn't regard the same condition as an error, and continues happily:
DJGenericVIP::DJGenericVIP (SystemServices* pSS, BOOL proto) : DJ9xxVIP (pSS, proto) {
if (!proto && IOMode.bDevID) { bCheckForCancelButton = TRUE; constructor_error = VerifyPenInfo (); if (constructor_error != NO_ERROR) { constructor_error = NO_ERROR; ePen = BOTH_PENS; } } else ePen = BOTH_PENS; [...] pMode[ModeCount++] = new VIPFastDraftMode (); // Fast Draft
In this case, ModeCount is 2 before the VIPFastDraftMode() call, and pMode[0] and pMode[1] are NULL, as we observe in the core. This looks like an obvious hplip bug to me. The reason why you haven't seen it before must be related to VerifyPenInfo(). This function fails if the printer is inaccessible, or if no pens (cartridges?) are available, or if it's a printer model that needs all pens (cartridges?) installed to function. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 http://bugzilla.opensuse.org/show_bug.cgi?id=1094141#c6 Martin Wilck <martin.wilck@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- URL| |https://bugs.launchpad.net/ | |hplip/+bug/1774660 --- Comment #6 from Martin Wilck <martin.wilck@suse.com> --- Created upstream bug report https://bugs.launchpad.net/hplip/+bug/1774660. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 http://bugzilla.opensuse.org/show_bug.cgi?id=1094141#c7 --- Comment #7 from Martin Wilck <martin.wilck@suse.com> --- Created attachment 772153 --> http://bugzilla.opensuse.org/attachment.cgi?id=772153&action=edit hpijs: avoid segfault in DJGenericVIP::DJGenericVIP() Simplistic patch to avoid the issue. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 http://bugzilla.opensuse.org/show_bug.cgi?id=1094141#c8 --- Comment #8 from Martin Wilck <martin.wilck@suse.com> --- Takashi, I'm building an updated version with comment 7 in my OBS home project home:mwilck:branches:Printing/hplip. Assuming that the problem is still reproducible, could you please try if that patch fixes it? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 Martin Wilck <martin.wilck@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|jsmeix@suse.com |martin.wilck@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 Martin Wilck <martin.wilck@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1094141 http://bugzilla.opensuse.org/show_bug.cgi?id=1094141#c20 --- Comment #20 from Martin Wilck <martin.wilck@suse.com> --- Created attachment 772816 --> http://bugzilla.opensuse.org/attachment.cgi?id=772816&action=edit v2: hpijs: avoid segfault in DJGenericVIP::DJGenericVIP() My previously attached patch contained a bug. I mustn't change the default for ignore_pen_error to TRUE in the prototype of DJ9xxVIP::DJ9xxVIP(). The default must be FALSE in order to keep standard behavior for DJ9xxVIP printers which are not DJGenericVIP instances. Takashi, I'm rebuilding with the modified patch in home:mwilck:branches:Printing. It should not affect your case, but I'd appreciate if your could verify it again. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com