Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 96827 - gimp-2.2.6-r1 segfaults after trying to save a file opened with the 'open location' menu item
Summary: gimp-2.2.6-r1 segfaults after trying to save a file opened with the 'open loc...
Status: RESOLVED UPSTREAM
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: Gentoo Linux Gnome Desktop Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-06-23 00:31 UTC by Toon Verstraelen
Modified: 2005-07-29 17:00 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Toon Verstraelen 2005-06-23 00:31:33 UTC 
When opening an image with 'Open location' in the file menu and then choosing
save as in the menu, gimp crashes a fraction of a second after showing the save
as dialog.

Reproducible: Always
Steps to Reproduce:
1. open an image from the web with gimp: Open location and enter for example:
http://www.informatik.uni-oldenburg.de/~akw/images/key.png
2. then select the 'save as' menu item
3. wait a fraction of a second

Actual Results:  
gimp segfaults


emerge info:

Portage 2.0.51.19 (default-linux/x86/2005.0, gcc-3.3.5-20050130,
glibc-2.3.4.20041102-r1, 2.6.11-gentoo-r9 i686)
=================================================================
System uname: 2.6.11-gentoo-r9 i686 Intel(R) Pentium(R) M processor 1400MHz
Gentoo Base System version 1.6.12
Python:              dev-lang/python-2.3.5 [2.3.5 (#1, May 16 2005, 19:07:35)]
dev-lang/python:     2.3.5
sys-apps/sandbox:    [Not Present]
sys-devel/autoconf:  2.59-r6, 2.13
sys-devel/automake:  1.7.9-r1, 1.8.5-r3, 1.5, 1.4_p6, 1.6.3, 1.9.5
sys-devel/binutils:  2.15.92.0.2-r10
sys-devel/libtool:   1.5.16
virtual/os-headers:  2.6.8.1-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-march=pentium4 -O3 -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config
/usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config
/usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/
/usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/
/usr/share/texmf/xdvi/ /var/qmail/control"CONFIG_PROTECT_MASK="/etc/gconf
/etc/terminfo /etc/env.d"
CXXFLAGS="-march=pentium4 -O3 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs autoconfig ccache distlocks sandbox sfperms strict userpriv"
GENTOO_MIRRORS="http://ftp.belnet.be/linux/gentoo http://gentoo.oregonstate.edu
http://www.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="x86 X a52 aac alsa ao aotuv artworkextra atlas avi bash-completion berkdb
cdf cdr cpdflib cpudetection crypt cups curl dga dio directfb divx4linux djbfft
dnd dpms droproot dts dv dvb dvd dvdread edl eds encode erandom ethereal evms2
expat fam fb ffmpeg fftw foomaticdb fortran fs gd gdbm gif ginac gnome gnomedb
gphoto2 gpm gstreamer gtk gtk2 imap imlib ipv6 java jpeg justify lapack ldap
libcaca libg++ libgda libvisual libwww live lm_sensors lzo mad matroska mbpx
md5sum mikmod mmx mng mozdevelop mozilla mozp3p mozsvg mp3 mpeg mpeg4 mplayer
msql mysql mysqli mythtv ncurses network nls no-old-linux nomac nomotif noplugin
nptl nptlonly nvidia ogg oggvorbis openal opengl oss pam pango pdflib perl
physfs png python quicktime readline real rrdtool rtc sapdb sdl sharedmem
shorten slang sockets speex spell sse sse2 ssl subp svg sysfs sysvipc tcpd tetex
theora threads tiff toolbar transcode truetype truetype-fonts type1-fonts
unicode usb utf8 v4l v4l2 vcd vidix vim-with-x vorbis wifi win32codecs xanim
xine xml2 xmms xscreensaver xv xvid xvmc yv12 zlib userland_GNU kernel_linux
elibc_glibc"
Unset:  ASFLAGS, CBUILD, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY

-----------


This is the output that of gimp-2.2 on the terminal, without and with valgrind:

toon@molmod08 ~ $ gimp-2.2
Segmentation fault

(script-fu:9453): LibGimpBase-WARNING **: script-fu: wire_read(): error
toon@molmod08 ~ $ valgrind gimp-2.2
==9468== Memcheck, a memory error detector for x86-linux.
==9468== Copyright (C) 2002-2005, and GNU GPL'd, by Julian Seward et al.
==9468== Using valgrind-2.4.0, a program supervision framework for x86-linux.
==9468== Copyright (C) 2000-2005, and GNU GPL'd, by Julian Seward et al.
==9468== For more details, rerun with: -v
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECCF6: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E5CE0: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8F273D: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E4B46: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E47D6: (within /lib/ld-2.3.4.so)
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECD39: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E5CE0: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8F273D: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E4B46: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E47D6: (within /lib/ld-2.3.4.so)
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECBC0: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E5CE0: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8F273D: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E4B46: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E47D6: (within /lib/ld-2.3.4.so)
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECBC8: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E5CE0: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8F273D: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E4B46: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E47D6: (within /lib/ld-2.3.4.so)
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECBC0: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E5D5E: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8F273D: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E4B46: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E47D6: (within /lib/ld-2.3.4.so)
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECBC8: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E5D5E: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8F273D: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E4B46: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E47D6: (within /lib/ld-2.3.4.so)
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECD39: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E5D5E: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8F273D: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E4B46: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8E47D6: (within /lib/ld-2.3.4.so)
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECCF6: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C0A7A16: (within /lib/libc-2.3.4.so)
==9468==    by 0x1B8EF4E5: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C0A7DF7: _dl_open (in /lib/libc-2.3.4.so)
==9468==    by 0x1BE88D26: (within /lib/libdl-2.3.4.so)
==9468==    by 0x1B8EF4E5: (within /lib/ld-2.3.4.so)
==9468==    by 0x1BE89265: (within /lib/libdl-2.3.4.so)
==9468==    by 0x1BE88D7A: dlopen (in /lib/libdl-2.3.4.so)
==9468==    by 0x1C15A2D6: _XlcDynamicLoad (in /usr/lib/libX11.so.6.2)
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECD39: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C0A7A16: (within /lib/libc-2.3.4.so)
==9468==    by 0x1B8EF4E5: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C0A7DF7: _dl_open (in /lib/libc-2.3.4.so)
==9468==    by 0x1BE88D26: (within /lib/libdl-2.3.4.so)
==9468==    by 0x1B8EF4E5: (within /lib/ld-2.3.4.so)
==9468==    by 0x1BE89265: (within /lib/libdl-2.3.4.so)
==9468==    by 0x1BE88D7A: dlopen (in /lib/libdl-2.3.4.so)
==9468==    by 0x1C15A2D6: _XlcDynamicLoad (in /usr/lib/libX11.so.6.2)
==9468==
==9468== Syscall param write(buf) points to uninitialised byte(s)
==9468==    at 0x1B8E47B2: (within /lib/ld-2.3.4.so)
==9468==  Address 0x1C263D98 is 128 bytes inside a block of size 16384 alloc'd
==9468==    at 0x1B904D5D: calloc (vg_replace_malloc.c:176)
==9468==    by 0x1C0FE311: XOpenDisplay (in /usr/lib/libX11.so.6.2)
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECBC0: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C0A7A16: (within /lib/libc-2.3.4.so)
==9468==    by 0x1B8EF4E5: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C0A7DF7: _dl_open (in /lib/libc-2.3.4.so)
==9468==    by 0x1BE88D26: (within /lib/libdl-2.3.4.so)
==9468==    by 0x1B8EF4E5: (within /lib/ld-2.3.4.so)
==9468==    by 0x1BE89265: (within /lib/libdl-2.3.4.so)
==9468==    by 0x1BE88D7A: dlopen (in /lib/libdl-2.3.4.so)
==9468==    by 0x1BE83FD3: g_module_open (in /usr/lib/libgmodule-2.0.so.0.600.3)
==9468==
==9468== Conditional jump or move depends on uninitialised value(s)
==9468==    at 0x1B8ECBC8: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C0A7A16: (within /lib/libc-2.3.4.so)
==9468==    by 0x1B8EF4E5: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C0A7DF7: _dl_open (in /lib/libc-2.3.4.so)
==9468==    by 0x1BE88D26: (within /lib/libdl-2.3.4.so)
==9468==    by 0x1B8EF4E5: (within /lib/ld-2.3.4.so)
==9468==    by 0x1BE89265: (within /lib/libdl-2.3.4.so)
==9468==    by 0x1BE88D7A: dlopen (in /lib/libdl-2.3.4.so)
==9468==    by 0x1BE83FD3: g_module_open (in /usr/lib/libgmodule-2.0.so.0.600.3)
==9468==
==9468== Syscall param writev(vector[...]) points to uninitialised byte(s)
==9468==    at 0x1B8E47B2: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C12C6F2: _X11TransSocketWritev (in /usr/lib/libX11.so.6.2)
==9468==  Address 0x1C263D2D is 21 bytes inside a block of size 16384 alloc'd
==9468==    at 0x1B904D5D: calloc (vg_replace_malloc.c:176)
==9468==    by 0x1C0FE311: XOpenDisplay (in /usr/lib/libX11.so.6.2)
==9468==
==9468== Use of uninitialised value of size 8
==9468==    at 0x8191ECC: gimp_unit_store_set_pixel_values (in /usr/bin/gimp-2.2)
==9468==
==9468== Use of uninitialised value of size 4
==9468==    at 0x8204C43: (within /usr/bin/gimp-2.2)
==9468==
==9468== More than 30000 total errors detected.  I'm not reporting any more.
==9468== Final error counts will be inaccurate.  Go fix your program!
==9468== Rerun with --error-limit=no to disable this cutoff.  Note
==9468== that errors may occur in your program without prior warning from
==9468== Valgrind, because errors are no longer being displayed.
==9468==

(gimp-2.2:9468): Gtk-WARNING **: libasound.so.2: cannot enable executable stack
as shared object requires: Invalid argument
==9468==
==9468== Process terminating with default action of signal 11 (SIGSEGV)
==9468==  Access not within mapped region at address 0x1A8
==9468==    at 0x1DFDD503: __pthread_initialize_minimal (in
/lib/libpthread-2.3.4.so)
==9468==    by 0x1DFDD2E7: ??? (crti.S:13)
==9468==    by 0x1DFDCEAF: ??? (crti.S:24)
==9468==    by 0x1B8EF685: (within /lib/ld-2.3.4.so)
==9468==    by 0x1B8EF80A: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C0A7690: (within /lib/libc-2.3.4.so)
==9468==    by 0x1B8EF4E5: (within /lib/ld-2.3.4.so)
==9468==    by 0x1C0A7DF7: _dl_open (in /lib/libc-2.3.4.so)
==9468==    by 0x1BE88D26: (within /lib/libdl-2.3.4.so)
==9468==    by 0x1B8EF4E5: (within /lib/ld-2.3.4.so)
==9468==    by 0x1BE89265: (within /lib/libdl-2.3.4.so)
==9468==    by 0x1BE88D7A: dlopen (in /lib/libdl-2.3.4.so)
==9468==
==9468== ERROR SUMMARY: 30000 errors from 15 contexts (suppressed: 0 from 0)
==9468== malloc/free: in use at exit: 13266041 bytes in 189767 blocks.
==9468== malloc/free: 682681 allocs, 492914 frees, 59085773 bytes allocated.
==9468== For counts of detected errors, rerun with: -v
==9468== searching for pointers to 189767 not-freed blocks.
==9468== checked 14265728 bytes.
==9468==
==9468== LEAK SUMMARY:
==9468==    definitely lost: 11446 bytes in 92 blocks.
==9468==      possibly lost: 800 bytes in 20 blocks.
==9468==    still reachable: 13253795 bytes in 189655 blocks.
==9468==         suppressed: 0 bytes in 0 blocks.
==9468== Use --leak-check=full to see details of leaked memory.

(script-fu:9469): LibGimpBase-WARNING **: script-fu: wire_read(): error
Segmentation fault

----------

I don't have much right now to look further for the cause of the segfault.
Comment 1 foser (RETIRED) gentoo-dev 2005-06-23 03:34:44 UTC 
can't reproduce, please provide a backtrace with debugging info.
Comment 2 John N. Laliberte (RETIRED) gentoo-dev 2005-06-23 09:47:31 UTC 
i could reproduce this and i went digging in gnome bugzilla, and, its been reported:

http://bugzilla.gnome.org/show_bug.cgi?id=303312
dupe here: http://bugzilla.gnome.org/show_bug.cgi?id=304272

from what i gather, updating gnome-vfs to 2.10.1 and 2.2.7 will make this not
happen anymore ( i'll first try just updating gnome-vfs ) .  

later today i will test this.
Comment 3 Toon Verstraelen 2005-06-23 22:08:36 UTC 
It's indeed a gnome-vfs problem. When I change
/desktop/gnome/interface/file_chooser_backend in gconf-editor from "gnome-vfs"
to "gtk+" as sugested in one of the related bugs on the gnome bugzilla, gimp
doesn't crash any more when doing the same procedure.

I'll recompile both gnome-vfs and gimp with debug-info to be sure.
Comment 4 Toon Verstraelen 2005-06-24 01:37:19 UTC 
Hi I compiled both gimp and gnome-vfs with debugging info (using debug useflag,
nostrip option, no compiler optimizations) and I get this when creating the
backtrace. It doesn't look really usefull. Does someone know what the
"hook_stop" problem might be?

GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu"...Using host libthread_db library
"/lib/libthread_db.so.1".

gdb> run
[Thread debugging using libthread_db enabled]
[New Thread -1217448272 (LWP 901)]
[New Thread -1228809296 (LWP 1080)]
[New Thread -1237894224 (LWP 1081)]

Program received signal SIG33, Real-time event 33.
[Switching to Thread -1228809296 (LWP 1080)]
Error while running hook_stop:
Invalid type combination in ordering comparison.
0xffffe410 in __kernel_vsyscall ()
gdb> thread apply all bt
  3 Thread -1237894224 (LWP 1081)  0xffffe410 in __kernel_vsyscall ()
* 2 Thread -1228809296 (LWP 1080)  0xffffe410 in __kernel_vsyscall ()
  1 Thread -1217448272 (LWP 901)  0xffffe410 in __kernel_vsyscall ()
gdb> thread apply all info stack
  3 Thread -1237894224 (LWP 1081)  0xffffe410 in __kernel_vsyscall ()
* 2 Thread -1228809296 (LWP 1080)  0xffffe410 in __kernel_vsyscall ()
  1 Thread -1217448272 (LWP 901)  0xffffe410 in __kernel_vsyscall ()
gdb> bt
#0  0xffffe410 in __kernel_vsyscall ()
#1  0xb78d5e55 in poll () from /lib/libc.so.6
#2  0xb7a12706 in g_main_context_poll () from /usr/lib/libglib-2.0.so.0
#3  0x08e66150 in ?? ()
#4  0x00000007 in ?? ()
#5  0xffffffff in ?? ()
#6  0xb7a1159e in g_main_context_query () from /usr/lib/libglib-2.0.so.0
#7  0x00000007 in ?? ()
#8  0xffffffff in ?? ()
#9  0x08e66150 in ?? ()
#10 0xb7a159b8 in g_main_context_iterate () from /usr/lib/libglib-2.0.so.0
#11 0x00000007 in ?? ()
#12 0xb7a70640 in ?? () from /usr/lib/libglib-2.0.so.0
#13 0x00000001 in ?? ()
#14 0xb6c1d3d4 in ?? ()
#15 0xb7a70d40 in string_mem_chunk () from /usr/lib/libglib-2.0.so.0
#16 0xb7a709c0 in g_thread_use_default_impl () from /usr/lib/libglib-2.0.so.0
#17 0xb7a709a8 in g_scanner_config_template () from /usr/lib/libglib-2.0.so.0
#18 0xb7a70d40 in string_mem_chunk () from /usr/lib/libglib-2.0.so.0
#19 0x00000000 in ?? ()
#20 0xffffffff in ?? ()
#21 0x7fffffff in ?? ()
#22 0xb7a70640 in ?? () from /usr/lib/libglib-2.0.so.0
#23 0x08e54160 in ?? ()
#24 0x08e54160 in ?? ()
#25 0x08e53ec8 in ?? ()
#26 0xb7a11b5e in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#27 0xb7372b30 in pthread_mutex_lock () from /lib/libpthread.so.0
Previous frame inner to this frame (corrupt stack?)
Comment 5 John N. Laliberte (RETIRED) gentoo-dev 2005-06-24 06:21:16 UTC 
testing with gnome-vfs-2.10.1 as the backend did not change anything.  i'll take
a look at the patchset that debian is using for their 2.10.1-5 that the poster
in the gnome bug mentioned.
Comment 6 John N. Laliberte (RETIRED) gentoo-dev 2005-06-28 18:29:25 UTC 
i did some more research on this issue, but gnome bugzilla is down for a day or
so , but here is the link from ubuntu where someone arleady reported this issue
and filed an upstream bug w/gnome-vfs:

https://bugzilla.ubuntu.com/show_bug.cgi?id=11018

However, since the guy on the ubuntu post asked the reporter to try with 2.11, I
went ahead and bumped gnome-vfs locally to 2.11.2 and tested it.
( still crashed doing saveas )

So we'll just have to wait until gnome bugzilla comes back up.
Comment 7 John N. Laliberte (RETIRED) gentoo-dev 2005-07-29 17:00:57 UTC 
we'll follow upstream on this.

http://bugzilla.gnome.org/show_bug.cgi?id=170367