After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 378764 - gimp crashed to gtkfilechooser code
gimp crashed to gtkfilechooser code
Status: RESOLVED DUPLICATE of bug 363472
Product: gtk+
Classification: Platform
Component: Widget: GtkFileChooser
2.10.x
Other Linux
: Normal critical
: ---
Assigned To: gtk-bugs
Federico Mena Quintero
: 432192 (view as bug list)
Depends on:
Blocks:
 
 
Reported: 2006-11-24 08:54 UTC by Sebastien Bacher
Modified: 2007-07-01 22:42 UTC
See Also:
GNOME target: ---
GNOME version: 2.15/2.16


Description Sebastien Bacher 2006-11-24 08:54:50 UTC 
That bug has been described on https://launchpad.net/distros/ubuntu/+source/gimp/+bug/73069

"To be honest, i dont know what happened, but it was reproducible. I am working with gimp and took a snapshot from another tool. After i finished with the picture and saved it to an .eps and .png I switched screens to import the stuff into my latex document. A few seconds later I got a message that gimp had crashed. This happened twice in a row. That is why I am posting this message.

Attached to this bug report you will find the file created by the bug report tool of ubuntu/gnome.

I called it "unexpected" because it didn't occur during interaction with gimp itself.

cheers, josh

http://librarian.launchpad.net/5153490/_usr_bin_gimp-2.2.1000.crash
Attachment from /var/crash, generated by gnome/ubuntu crash tool
...
 libgtk2.0-0 2.10.6-0ubuntu1
..."

Debug backtrace:

+ Trace 88981

  • #0 strcmp
    from /lib/tls/i686/cmov/libc.so.6
  • #1 name_sort_func
    at gtkfilechooserdefault.c line 5600
  • #2 gtk_tree_model_sort_level_find_insert
    at gtktreemodelsort.c line 1739
  • #3 gtk_tree_model_sort_row_inserted
    at gtktreemodelsort.c line 1787
  • #4 _gtk_marshal_VOID__BOXED_BOXED
    at gtkmarshalers.c line 1305
  • #5 IA__g_closure_invoke
    at gclosure.c line 490
  • #6 signal_emit_unlocked_R
    at gsignal.c line 2440
  • #7 IA__g_signal_emit_valist
    at gsignal.c line 2199
  • #8 IA__g_signal_emit
    at gsignal.c line 2243
  • #9 IA__gtk_tree_model_row_inserted
    at gtktreemodel.c line 1494
  • #10 do_files_added
    at gtkfilesystemmodel.c line 1755
  • #11 IA__g_cclosure_marshal_VOID__POINTER
    at gmarshal.c line 601
  • #12 IA__g_closure_invoke
    at gclosure.c line 490
  • #13 signal_emit_unlocked_R
    at gsignal.c line 2440
  • #14 IA__g_signal_emit_valist
    at gsignal.c line 2199
  • #15 IA__g_signal_emit_by_name
    at gsignal.c line 2267
  • #16 monitor_callback
    at gtkfilesystemgnomevfs.c line 3464
  • #17 actually_dispatch_callback
    at gnome-vfs-monitor.c line 271 

That might be similar to bug #363472
Comment 1 Sebastien Bacher 2007-01-31 10:49:49 UTC 
That Ubuntu bug describe an easy way to trigger the problem: https://launchpad.net/ubuntu/+source/gimp/+bug/82358

"I had a 'Save a copy' dialog open in GIMP.
In nautilus, I renamed a file in this folder so I could reuse the name.
When I returned to gimp, it crashed."

Backtrace with GTK 2.10.9:

Program received signal SIGSEGV, Segmentation fault.

+ Trace 106791

Thread NaN (LWP 17200)

  • #0 IA__gtk_file_info_get_is_folder
    at gtkfilesystem.c line 177
  • #1 name_sort_func
    at gtkfilechooserdefault.c line 5605
  • #2 gtk_tree_model_sort_level_find_insert
    at gtktreemodelsort.c line 1739
  • #3 gtk_tree_model_sort_row_inserted
    at gtktreemodelsort.c line 1787
  • #4 _gtk_marshal_VOID__BOXED_BOXED
    at gtkmarshalers.c line 1346
  • #5 IA__g_closure_invoke
    at gclosure.c line 490
  • #6 signal_emit_unlocked_R
    at gsignal.c line 2440
  • #7 IA__g_signal_emit_valist
    at gsignal.c line 2199
  • #8 IA__g_signal_emit
    at gsignal.c line 2243
  • #9 IA__gtk_tree_model_row_inserted
    at gtktreemodel.c line 1496
  • #10 do_files_added
    at gtkfilesystemmodel.c line 1755
  • #11 IA__g_cclosure_marshal_VOID__POINTER
    at gmarshal.c line 601
  • #12 IA__g_closure_invoke
    at gclosure.c line 490
  • #13 signal_emit_unlocked_R
    at gsignal.c line 2440
  • #14 IA__g_signal_emit_valist
    at gsignal.c line 2199
  • #15 IA__g_signal_emit_by_name
    at gsignal.c line 2267
  • #16 monitor_callback
    at gtkfilesystemgnomevfs.c line 3489
  • #0 IA__gtk_file_info_get_is_folder
    at gtkfilesystem.c line 177
  • #1 name_sort_func
    at gtkfilechooserdefault.c line 5605
  • #2 gtk_tree_model_sort_level_find_insert
    at gtktreemodelsort.c line 1739
  • #3 gtk_tree_model_sort_row_inserted
    at gtktreemodelsort.c line 1787
  • #4 _gtk_marshal_VOID__BOXED_BOXED
    at gtkmarshalers.c line 1346
  • #5 IA__g_closure_invoke
    at gclosure.c line 490
  • #6 signal_emit_unlocked_R
    at gsignal.c line 2440
  • #7 IA__g_signal_emit_valist
    at gsignal.c line 2199
  • #8 IA__g_signal_emit
    at gsignal.c line 2243
  • #9 IA__gtk_tree_model_row_inserted
    at gtktreemodel.c line 1496
  • #10 do_files_added
    at gtkfilesystemmodel.c line 1755 






Comment 2


Sebastien Bacher





          2007-01-31 10:53:02 UTC
        



From valgrind:

==17534==  Address 0x7D57B49 is 1 bytes inside a block of size 128 free'd
==17534==    at 0x4020F9A: free (vg_replace_malloc.c:233)
==17534==    by 0x47DEF90: g_free (gmem.c:187)
==17534==    by 0x4235016: gtk_file_info_free (gtkfilesystem.c:111)
==17534==    by 0x423740F: file_model_node_free (gtkfilesystemmodel.c:1325)
==17534==    by 0x42378AD: do_files_removed (gtkfilesystemmodel.c:1951)
==17534==    by 0x477EF88: g_cclosure_marshal_VOID__POINTER (gmarshal.c:601)
==17534==    by 0x477262A: g_closure_invoke (gclosure.c:490)
==17534==    by 0x47830F2: signal_emit_unlocked_R (gsignal.c:2440)
==17534==    by 0x4784616: g_signal_emit_valist (gsignal.c:2199)
==17534==    by 0x4786D6D: g_signal_emit_by_name (gsignal.c:2267)
==17534==    by 0x688AAEC: monitor_callback (gtkfilesystemgnomevfs.c:3500)







Comment 3


Sebastien Bacher





          2007-01-31 10:53:32 UTC
        



That one is the revelant one for the crasher rather:

==17534== Invalid read of size 1
==17534==    at 0x40222DE: strcmp (mc_replace_strmem.c:341)
==17534==    by 0x421D008: name_sort_func (gtkfilechooserdefault.c:5607)
==17534==    by 0x436402C: gtk_tree_model_sort_level_find_insert (gtktreemodelsort.c:1739)
==17534==    by 0x43661E0: gtk_tree_model_sort_row_inserted (gtktreemodelsort.c:1787)
==17534==    by 0x4283CAC: _gtk_marshal_VOID__BOXED_BOXED (gtkmarshalers.c:1346)
==17534==    by 0x477262A: g_closure_invoke (gclosure.c:490)
==17534==    by 0x47830F2: signal_emit_unlocked_R (gsignal.c:2440)
==17534==    by 0x4784616: g_signal_emit_valist (gsignal.c:2199)
==17534==    by 0x47847D8: g_signal_emit (gsignal.c:2243)
==17534==    by 0x435CB98: gtk_tree_model_row_inserted (gtktreemodel.c:1496)
==17534==    by 0x4238261: do_files_added (gtkfilesystemmodel.c:1755)
==17534==    by 0x477EF88: g_cclosure_marshal_VOID__POINTER (gmarshal.c:601)







Comment 4


Sebastien Bacher





          2007-01-31 11:09:04 UTC
        



From gdb:

(gdb) p *info_a
Cannot access memory at address 0x2f6e6f69







Comment 5


Kjartan Maraas





          2007-02-09 16:07:53 UTC
        



More context from the valgrind backtrace would help find the cause of this.






Comment 6


Sebastien Bacher





          2007-02-09 17:27:51 UTC
        



what valgrind options do you recommend to use?






Comment 7


Bruno Boaventura





          2007-04-22 13:40:21 UTC
        



*** Bug 432192 has been marked as a duplicate of this bug. ***






Comment 8


Karsten Bräckelmann





          2007-07-01 22:42:19 UTC
        



Stacktrace in comment 1 exactly matches the stacktrace in bug 378126, which actually is a duplicate of bug 363472 according to bug 378126 comment 4.


*** This bug has been marked as a duplicate of 363472 ***