Bug 12582 – jpeg preview makes gimp's open layers dialog segfault

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 12582 - jpeg preview makes gimp's open layers dialog segfault


Summary:	jpeg preview makes gimp's open layers dialog segfault


Status:	RESOLVED FIXED

Product:	GIMP
Classification:	Other
Component:	libgimp
Version:	1.x
Hardware:	Other Linux

Importance:	High critical
Target Milestone:	1.2
Assigned To:	GIMP Bugs
QA Contact:	GIMP Bugs

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2000-05-30 02:15 UTC by gnome-bug-buddy-123
Modified:	2003-07-02 11:40 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description gnome-bug-buddy-123 2001-01-28 15:53:55 UTC

Package:  gimp
Severity: normal
Version:  1.1.22
Synopsis: Crash when 'progressive' selected in jpeg save
Class:    sw-bug

Distribution: Red Hat Linux release 6.1 (Cartman)
System: Linux 2.3.99-pre8 i686 unknown
C library: glibc-2.1.2-11
C compiler: egcs-2.91.66
glib: 1.2.7
GTK+: 1.2.7
ORBit: ORBit 0.5.0
gnome-libs: gnome-libs 1.0.60
gnome-print: gnome-print-0.19
gnome-core: gnome-core 1.1.9


Description:
Open a PPM "rawbits" file (pnm from xscanimage seems to trigger it
reliably);
crop, then save as jpeg.  JPEG options save dialog appears.  Enable
progressive-jpeg save via checkbox; segv, UI hang, general death.


Debugging information:
0x4017c3f3 in g_on_error_stack_trace () from /usr/lib/libglib-1.2.so.0

+ Trace 3246

#0 g_on_error_stack_trace
from /usr/lib/libglib-1.2.so.0
#1 g_on_error_query
from /usr/lib/libglib-1.2.so.0
#2 gimp_fatal_error
at errors.c line 87
#3 gimp_sigfatal_handler
at main.c line 435
#4 __restore
at ../sysdeps/unix/sysv/linux/i386/sigaction.c line 127
#5 layers_dialog_flush
at layers_dialog.c line 664
#6 lc_dialog_flush
at lc_dialog.c line 271
#7 gdisplays_flush_whenever
at gdisplay.c line 2239
#8 gdisplays_flush
at gdisplay.c line 2247
#9 displays_flush_invoker
at gdisplay_cmds.c line 144
#10 procedural_db_execute
at procedural_db.c line 176
#11 plug_in_handle_proc_run
at plug_in.c line 1668
#12 plug_in_handle_message
at plug_in.c line 1475
#13 plug_in_recv_message
at plug_in.c line 1423
#14 g_io_unix_dispatch
from /usr/lib/libglib-1.2.so.0
#15 g_main_dispatch
from /usr/lib/libglib-1.2.so.0
#16 g_main_iterate
from /usr/lib/libglib-1.2.so.0
#17 g_main_run
from /usr/lib/libglib-1.2.so.0
#18 gtk_main
from /usr/lib/libgtk-1.2.so.0
#19 plug_in_run
at plug_in.c line 1302
#20 procedural_db_execute
at procedural_db.c line 188
#21 file_save
at fileops.c line 1160
#22 file_save_ok_callback
at fileops.c line 1761
#23 gtk_marshal_NONE__NONE
from /usr/lib/libgtk-1.2.so.0
#24 gtk_handlers_run
from /usr/lib/libgtk-1.2.so.0
#25 gtk_signal_real_emit
from /usr/lib/libgtk-1.2.so.0
#26 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#27 gtk_button_clicked
from /usr/lib/libgtk-1.2.so.0
#28 gtk_marshal_NONE__NONE
from /usr/lib/libgtk-1.2.so.0
#29 gtk_handlers_run
from /usr/lib/libgtk-1.2.so.0
#30 gtk_signal_real_emit
from /usr/lib/libgtk-1.2.so.0
#31 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#32 gtk_widget_activate
from /usr/lib/libgtk-1.2.so.0
#33 gtk_entry_key_press
from /usr/lib/libgtk-1.2.so.0
#34 gtk_marshal_BOOL__POINTER
from /usr/lib/libgtk-1.2.so.0
#35 gtk_signal_real_emit
from /usr/lib/libgtk-1.2.so.0
#36 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#37 gtk_widget_event
from /usr/lib/libgtk-1.2.so.0
#38 gtk_window_key_press_event
from /usr/lib/libgtk-1.2.so.0
#39 gtk_marshal_BOOL__POINTER
from /usr/lib/libgtk-1.2.so.0
#40 gtk_signal_real_emit
from /usr/lib/libgtk-1.2.so.0
#41 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#42 gtk_widget_event
from /usr/lib/libgtk-1.2.so.0
#43 gtk_propagate_event
from /usr/lib/libgtk-1.2.so.0
#44 gtk_main_do_event
from /usr/lib/libgtk-1.2.so.0
#45 gdk_event_dispatch
from /usr/lib/libgdk-1.2.so.0
#46 g_main_dispatch
from /usr/lib/libglib-1.2.so.0
#47 g_main_iterate
from /usr/lib/libglib-1.2.so.0
#48 g_main_run
from /usr/lib/libglib-1.2.so.0
#49 gtk_main
from /usr/lib/libgtk-1.2.so.0
#50 main
at main.c line 371
#0 g_on_error_stack_trace
from /usr/lib/libglib-1.2.so.0
#1 g_on_error_query
from /usr/lib/libglib-1.2.so.0
#2 gimp_fatal_error
at errors.c line 87
#3 gimp_sigfatal_handler
at main.c line 435
#4 __restore
at ../sysdeps/unix/sysv/linux/i386/sigaction.c line 127
#5 layers_dialog_flush
at layers_dialog.c line 664
#6 lc_dialog_flush
at lc_dialog.c line 271
#7 gdisplays_flush_whenever
at gdisplay.c line 2239
#9 gimp_fatal_error
at errors.c line 96
#10 gimp_sigfatal_handler
at main.c line 463
#11 sigaction
from /lib/libc.so.6
#12 tile_manager_get
at tile_manager.c line 224
#13 tile_manager_get_tile
at tile_manager.c line 104
#14 pixel_region_get_row
at pixel_region.c line 130
#15 layer_preview_scale
at layer.c line 1594
#16 layer_preview_private
at layer.c line 1370
#17 layer_preview
at layer.c line 1404
#18 layer_widget_preview_redraw
at layers_dialog.c line 2963
#19 layer_widget_preview_events
at layers_dialog.c line 2760
#20 gtk_marshal_BOOL__POINTER
from /usr/lib/libgtk-1.2.so.0
#21 gtk_signal_remove_emission_hook
from /usr/lib/libgtk-1.2.so.0
#22 gtk_signal_set_funcs
from /usr/lib/libgtk-1.2.so.0
#23 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#24 gtk_widget_event
from /usr/lib/libgtk-1.2.so.0
#25 gtk_widget_get_default_visual
from /usr/lib/libgtk-1.2.so.0
#26 gtk_marshal_NONE__POINTER
from /usr/lib/libgtk-1.2.so.0
#27 gtk_signal_set_funcs
from /usr/lib/libgtk-1.2.so.0
#28 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#29 gtk_widget_draw
from /usr/lib/libgtk-1.2.so.0
#30 gtk_bin_get_type
from /usr/lib/libgtk-1.2.so.0
#31 gtk_marshal_NONE__POINTER
from /usr/lib/libgtk-1.2.so.0
#32 gtk_signal_set_funcs
from /usr/lib/libgtk-1.2.so.0
#33 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#34 gtk_widget_draw
from /usr/lib/libgtk-1.2.so.0
#35 gtk_box_set_child_packing
from /usr/lib/libgtk-1.2.so.0
#36 gtk_marshal_NONE__POINTER
from /usr/lib/libgtk-1.2.so.0
#37 gtk_signal_set_funcs
from /usr/lib/libgtk-1.2.so.0
#38 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#39 gtk_widget_draw
from /usr/lib/libgtk-1.2.so.0
#40 gtk_box_set_child_packing
from /usr/lib/libgtk-1.2.so.0
#41 gtk_marshal_NONE__POINTER
from /usr/lib/libgtk-1.2.so.0
#42 gtk_signal_set_funcs
from /usr/lib/libgtk-1.2.so.0
#43 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#44 gtk_widget_draw
from /usr/lib/libgtk-1.2.so.0
#45 gtk_list_item_deselect
from /usr/lib/libgtk-1.2.so.0
#46 gtk_marshal_NONE__POINTER
from /usr/lib/libgtk-1.2.so.0
#47 gtk_signal_set_funcs
from /usr/lib/libgtk-1.2.so.0
#48 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#49 gtk_widget_draw
from /usr/lib/libgtk-1.2.so.0
#50 gtk_list_new
from /usr/lib/libgtk-1.2.so.0
#51 gtk_marshal_NONE__POINTER
from /usr/lib/libgtk-1.2.so.0
#52 gtk_signal_set_funcs
from /usr/lib/libgtk-1.2.so.0
#53 gtk_signal_emit
from /usr/lib/libgtk-1.2.so.0
#54 gtk_widget_draw
from /usr/lib/libgtk-1.2.so.0
#55 gtk_widget_queue_clear
from /usr/lib/libgtk-1.2.so.0
#56 g_timeout_add
from /usr/lib/libglib-1.2.so.0
#57 g_get_current_time
from /usr/lib/libglib-1.2.so.0
#58 g_get_current_time
from /usr/lib/libglib-1.2.so.0
#59 g_main_run
from /usr/lib/libglib-1.2.so.0
#60 gtk_main
from /usr/lib/libgtk-1.2.so.0
#61 plug_in_run
at plug_in.c line 1325
#62 procedural_db_execute
at procedural_db.c line 189
#63 file_save
at fileops.c line 1163
#64 file_save_with_proc
at fileops.c line 1695
#65 file_save_ok_callback
at fileops.c line 1755
#66 gtk_marshal_NONE__NONE
from /usr/lib/libgtk-1.2.so.0


-- 
Kevin Turner <acapnotic@users.sourceforge.net> | OpenPGP encryption welcome here




------- Bug moved to this database by debbugs-export@bugzilla.gnome.org 2001-01-28 10:53 -------
This bug was previously known as bug 12582 at http://bugs.gnome.org/
http://bugs.gnome.org/show_bug.cgi?id=12582
Originally filed under the gimp product and general component.

The original reporter (gnome-bug-buddy-123@devin.com) of this bug does not have an account here.
Reassigning to the exporter, debbugs-export@bugzilla.gnome.org.
Reassigning to the default owner of the component, egger@suse.de.

Comment 1 Raphaël Quinet 2001-04-26 18:10:15 UTC

Re-assigning all Gimp bugs to default component owner (Gimp bugs list)

Comment 2 Daniel Egger 2001-10-03 14:10:02 UTC

This bug still exists in 1.2.2 and is easily reproducible
on Linux-PPC and Linux-i386. We spent some time investigating
this problem on #gimp shortly before IIRC 1.2.0 but came
to no exact conclusion what exactly the cause of this race might
be.

Comment 3 Henrik Brix Andersen 2003-01-12 08:08:29 UTC

I can _not_ reproduce this bug using either 1.2.3 or current CVS (Red Hat Linux 8.0 i386).

Comment 4 Sven Neumann 2003-05-10 23:59:08 UTC

It is uncertain if this problem even still exists. Postponing to 1.2.5.

Comment 5 Dave Neary 2003-05-21 16:26:06 UTC

Moving to 1.2.6 milestone, since it is looking like there will be a pretty quick
1.2.( release.

Comment 6 Sven Neumann 2003-07-02 11:40:18 UTC

I think I found the cause of the problem while adding some const
qualifiers to the plug-in code. In background_jpeg_save() the filename
is freed although the plug-in never allocated it.

Fixed in both branches.

2003-07-02  Sven Neumann  <sven@gimp.org>

  * plug-ins/common/jpeg.c (background_jpeg_save): do not free the
  filename since the plug-in never allocated this memory. Merged some
  const qualifiers from the HEAD branch. Hopefully fixes bug #12582.