GNOME Bugzilla – Bug 766181
Moving floating canvas when copy-pasting makes GIMP 2.8.16 crash
Last modified: 2018-05-24 16:22:05 UTC
This bug was filed against the Fedora 22 package of GIMP 2.8.16, I'm filing it because the tile code is largely mysterious to me ;): --- 8< --- https://bugzilla.redhat.com/show_bug.cgi?id=1332207 --- Description of problem: I was using gimp doing a big copy-paste between 2 files (BMP 3480x1680 pixels RVB) and moving the floating canvas to align pictures lead to this SEGV Version-Release number of selected component: gimp-2.8.16-1.fc22 Additional info: reporter: libreport-2.6.4 backtrace_rating: 4 cmdline: gimp-2.8 /home/teddy/brscan/brscan_2016-05-02-15-12-02.pnm crash_function: tile_idle_preswap_run executable: /usr/bin/gimp-2.8 global_pid: 5966 kernel: 4.4.6-201.fc22.x86_64 runlevel: N 5 type: CCpp uid: 1000 Truncated backtrace: Thread no. 1 (2 frames) #0 tile_idle_preswap_run at tile-cache.c:379 #6 app_run at app.c:263 --- >8 ----------------------------------------------------------- There are backtraces and various other automatically collected data on the original bug report which I won't copy here wholesale, unless you request it ;). Here's the affected code: --- 8< --- app/base/tile-cache.c: 379 --- while (tile) { if (PENDING_WRITE (tile)) <-- SIGSEGV { idle_scan_last = tile->next; --- >8 ---------------------------------- "tile" is not NULL, and PENDING_WRITE() accesses its dirty and swap_offset members, so it seems like a previously freed tile object is used.
-- GitLab Migration Automatic Message -- This bug has been migrated to GNOME's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/gimp/issues/895.