[gthumb-list] Import segfault
- From: Nicolas <progweb free fr>
- To: gthumb-list gnome org
- Subject: [gthumb-list] Import segfault
- Date: Mon, 23 Aug 2010 16:26:27 +0200
Hi,
I'm testing the new release and the GIT code.
And I have a new issue when I import photo in enabling the rotation
feature.
Follow the backtrace.
Maybe a jpegtran library bug ? or gthumb buffer overflow.
I seek.
Regards,
Nicolas
gthumb: tiffcomposite.cpp :1299 : virtual uint32_t
Exiv2::Internal::TiffDirectory::doWrite(Exiv2::Internal::IoWrapper&,
Exiv2::ByteOrder, int32_t, uint32_t, uint32_t, uint32_t&): L'assertion
« sv == d » a échoué.
Program received signal SIGABRT, Aborted.
0x00007ffff31bd175 in raise () from /lib/libc.so.6
(gdb) backtrace full
#0 0x00007ffff31bd175 in raise () from /lib/libc.so.6
No symbol table info available.
#1 0x00007ffff31bff80 in abort () from /lib/libc.so.6
No symbol table info available.
#2 0x00007ffff31b62b1 in __assert_fail () from /lib/libc.so.6
No symbol table info available.
#3 0x00007ffff5dc1a9e in ?? () from /usr/lib/libexiv2.so.9
No symbol table info available.
#4 0x00007ffff5dbc8ae in ?? () from /usr/lib/libexiv2.so.9
No symbol table info available.
#5 0x00007ffff5dc17dd in ?? () from /usr/lib/libexiv2.so.9
No symbol table info available.
#6 0x00007ffff5dbc035 in ?? () from /usr/lib/libexiv2.so.9
No symbol table info available.
#7 0x00007ffff5dbbfb0 in ?? () from /usr/lib/libexiv2.so.9
No symbol table info available.
#8 0x00007ffff5dc184b in ?? () from /usr/lib/libexiv2.so.9
No symbol table info available.
#9 0x00007ffff5dc6170 in ?? () from /usr/lib/libexiv2.so.9
No symbol table info available.
#10 0x00007ffff5d5590b in Exiv2::ExifParser::encode(std::vector<unsigned
char, std::allocator<unsigned char> >&, unsigned char const*, unsigned
int, Exiv2::ByteOrder, Exiv2::ExifData const&) ()
from /usr/lib/libexiv2.so.9
No symbol table info available.
#11 0x00007ffff5d681c3 in ?? () from /usr/lib/libexiv2.so.9
No symbol table info available.
#12 0x00007ffff5d694a3 in Exiv2::JpegBase::writeMetadata() ()
from /usr/lib/libexiv2.so.9
No symbol table info available.
#13 0x00007fffeab26872 in exiv2_write_metadata_private (image=<value
optimized out>,
info=<value optimized out>, pixbuf=<value optimized out>) at
exiv2-utils.cpp:1023
xd = {xmpMetadata_ = {<std::_Vector_base<Exiv2::Xmpdatum,
std::allocator<Exiv2::Xmpdatum> >> = {
_M_impl = {<std::allocator<Exiv2::Xmpdatum>> =
{<__gnu_cxx::new_allocator<Exiv2::Xmpdatum>> = {<No data fields>}, <No
data fields>}, _M_start = 0x0, _M_finish = 0x0,
_M_end_of_storage = 0x0}}, <No data fields>}}
io = <value optimized out>
attributes = 0xe52300
ed = {exifMetadata_ = {<std::_List_base<Exiv2::Exifdatum,
std::allocator<Exiv2::Exifdatum> >> = {
_M_impl =
{<std::allocator<std::_List_node<Exiv2::Exifdatum> >> =
{<__gnu_cxx::new_allocator---Type <return> to continue, or q <return> to
quit---
<std::_List_node<Exiv2::Exifdatum> >> = {<No data fields>}, <No data
fields>}, _M_node = {
_M_next = 0xe883c0, _M_prev = 0xe4ea10}}}, <No data
fields>}}
width = 0
height = 0
thumb = {<Exiv2::ExifThumbC> = {exifData_ = @0x7fffffffd310},
exifData_ = @0x7fffffffd310}
id = {
iptcMetadata_ = {<std::_Vector_base<Exiv2::Iptcdatum,
std::allocator<Exiv2::Iptcdatum> >> = {
_M_impl = {<std::allocator<Exiv2::Iptcdatum>> =
{<__gnu_cxx::new_allocator<Exiv2::Iptcdatum>> = {<No data fields>}, <No
data fields>}, _M_start = 0x0, _M_finish = 0x0,
_M_end_of_storage = 0x0}}, <No data fields>}}
#14 0x00007fffeab2733b in exiv2_write_metadata_to_buffer
(buffer=0x7fffffffe010,
buffer_size=0x7fffffffe008, info=0x9efb60, pixbuf=0x0, error=<value
optimized out>)
at exiv2-utils.cpp:1087
image = {_M_ptr = 0x0}
buf = {pData_ = 0xd249e0 "", size_ = 11064176}
__PRETTY_FUNCTION__ = "gboolean
exiv2_write_metadata_to_buffer(void**, gsize*, GFileInfo*, GdkPixbuf*,
GError**)"
#15 0x00007fffeab28d17 in exiv2_jpeg_tran_cb (tran_info=0x7fffffffd7f0)
at main.c:211
metadata = 0xe53e80
info = 0x9efb60
#16 0x00000000004793ab in invoke_marshaller_1 (hook=0x7a78a0,
data=0xe646c0) at gth-hook.c:187
marshal_data = 0xe646c0
#17 0x00007ffff373980f in IA__g_hook_list_marshal (hook_list=0x793560,
may_recurse=1,
marshaller=0x479372 <invoke_marshaller_1>, data=0xe646c0)
at /tmp/buildd/glib2.0-2.24.1/glib/ghook.c:386
hook = <value optimized out>
__PRETTY_FUNCTION__ = "IA__g_hook_list_marshal"
#18 0x000000000047971c in gth_hook_invoke (name=0x7fffea917560
"jpegtran-after",
first_data=0x7fffffffd7f0) at gth-hook.c:265
hook = 0x78fb90
marshal_data = 0xe646c0
i = 1
args = {{gp_offset = 16, fp_offset = 48, overflow_arg_area =
0x7fffffffd7c0,
reg_save_area = 0x7fffffffd700}}
invoke_marshaller = 0x479372 <invoke_marshaller_1>
#19 0x00007fffea915009 in jpegtran (in_buffer=0xd30000,
in_buffer_size=520829,
out_buffer=0x7fffffffe010, out_buffer_size=0x7fffffffe008,
transformation=GTH_TRANSFORM_ROTATE_90,
mcu_action=JPEG_MCU_ACTION_ABORT, error=0x7fffffffdfe8) at
jpegtran.c:337
---Type <return> to continue, or q <return> to quit---
info = {in_buffer = 0xd30000, in_buffer_size = 520829,
out_buffer = 0x7fffffffe010,
out_buffer_size = 0x7fffffffe008, transformation =
GTH_TRANSFORM_ROTATE_90}
srcinfo = {err = 0x7fffffffd9a0, mem = 0x0, progress = 0x0,
client_data = 0x0,
is_decompressor = 1, global_state = 0, src = 0xe88b10,
image_width = 1600,
image_height = 1200, num_components = 3, jpeg_color_space =
JCS_YCbCr,
out_color_space = JCS_RGB, scale_num = 1, scale_denom = 1,
output_gamma = 1,
buffered_image = 1, raw_data_out = 0, dct_method = JDCT_ISLOW,
do_fancy_upsampling = 1,
do_block_smoothing = 1, quantize_colors = 0, dither_mode =
JDITHER_FS, two_pass_quantize = 1,
desired_number_of_colors = 256, enable_1pass_quant = 0,
enable_external_quant = 0,
enable_2pass_quant = 0, output_width = 0, output_height = 0,
out_color_components = 0,
output_components = 0, rec_outbuf_height = 0,
actual_number_of_colors = 0, colormap = 0x0,
output_scanline = 0, input_scan_number = 1, input_iMCU_row =
150, output_scan_number = 0,
output_iMCU_row = 0, coef_bits = 0x0, quant_tbl_ptrs =
{0xe88b48, 0xe88bd0, 0x0, 0x0},
dc_huff_tbl_ptrs = {0xe88c58, 0xe88e88, 0x0, 0x0},
ac_huff_tbl_ptrs = {0xe88d70, 0xe88fa0,
0x0, 0x0}, data_precision = 8, comp_info = 0xd270e8,
progressive_mode = 0, arith_code = 0,
arith_dc_L = '\000' <repeats 15 times>, arith_dc_U = '\001'
<repeats 16 times>,
arith_ac_K = '\005' <repeats 16 times>, restart_interval = 0,
saw_JFIF_marker = 0,
JFIF_major_version = 1 '\001', JFIF_minor_version = 1 '\001',
density_unit = 0 '\000',
X_density = 1, Y_density = 1, saw_Adobe_marker = 0,
Adobe_transform = 0 '\000',
CCIR601_sampling = 0, marker_list = 0x0, max_h_samp_factor =
2, max_v_samp_factor = 1,
min_DCT_scaled_size = 8, total_iMCU_rows = 150,
sample_range_limit = 0x0, comps_in_scan = 3,
cur_comp_info = {0xd270e8, 0xd27148, 0xd271a8, 0x0},
MCUs_per_row = 100,
MCU_rows_in_scan = 150, blocks_in_MCU = 4, MCU_membership =
{0, 0, 1, 2, 0, 0, 0, 0, 0, 0},
Ss = 0, Se = 63, Ah = 0, Al = 0, unread_marker = 0, master =
0x0, main = 0x0, coef = 0xd27558,
post = 0x0, inputctl = 0xe88ae0, marker = 0xe889d8, entropy =
0xd273e8, idct = 0x0,
upsample = 0x0, cconvert = 0x0, cquantize = 0x0}
dstinfo = {err = 0x7fffffffd820, mem = 0x0, progress = 0x0,
client_data = 0x7ffff376f1a9,
is_decompressor = 0, global_state = 0, dest = 0xd2b858,
image_width = 1200,
image_height = 1600, input_components = 1, in_color_space =
JCS_YCbCr, input_gamma = 1,
data_precision = 8, num_components = 3, jpeg_color_space =
JCS_YCbCr, comp_info = 0xd2b8a0,
quant_tbl_ptrs = {0xd2bc60, 0xd2bce8, 0x0, 0x0},
dc_huff_tbl_ptrs = {0xd2bd70, 0xdb0318, 0x0,
0x0}, ac_huff_tbl_ptrs = {0x9f0e18, 0xe89148, 0x0, 0x0},
arith_dc_L = '\000' <repeats 15 times>, arith_dc_U = '\001'
<repeats 16 times>,
arith_ac_K = '\005' <repeats 16 times>, num_scans = 1,
scan_info = 0x0, raw_data_in = 0,
arith_code = 0, optimize_coding = 0, CCIR601_sampling = 0,
smoothing_factor = 0,
dct_method = JDCT_ISLOW, restart_interval = 0, restart_in_rows
= 0, write_JFIF_header = 1,
JFIF_major_version = 1 '\001', JFIF_minor_version = 1 '\001',
density_unit = 0 '\000',
X_density = 1, Y_density = 1, write_Adobe_marker = 0,
next_scanline = 0, progressive_mode = 0,
---Type <return> to continue, or q <return> to quit---
max_h_samp_factor = 1, max_v_samp_factor = 2, total_iMCU_rows
= 100, comps_in_scan = 3,
cur_comp_info = {0xd2b8a0, 0xd2b900, 0xd2b960, 0x0},
MCUs_per_row = 150,
MCU_rows_in_scan = 100, blocks_in_MCU = 4, MCU_membership =
{0, 0, 1, 2, 0, 0, 0, 0, 0, 0},
Ss = 0, Se = 63, Ah = 0, Al = 0, master = 0xdb14e8, main =
0x0, prep = 0x0, coef = 0xdb15d8,
marker = 0xdb1650, cconvert = 0x0, downsample = 0x0, fdct =
0x0, entropy = 0xdb1518,
script_space = 0x0, script_space_size = 0}
jsrcerr = {pub = {error_exit = 0x7fffea914994
<fatal_error_handler>,
emit_message = 0x7ffff5abc800, output_message =
0x7fffea914a4a <output_message_handler>,
format_message = 0x7ffff5abc900, reset_error_mgr =
0x7ffff5abc850, msg_code = 85,
msg_parm = {i = {0, 63, 0, 0, 0, 1, 2, 119},
s = "\000\000\000\000?", '\000' <repeats 15 times>, "\001
\000\000\000\002\000\000\000w\000\000\000.\000\000\000\000<\247", '\000'
<repeats 13 times>, "p\332\377\377\001\000\000\000 D\237\000\000\000\000
\000\060\036\246\000\000\000\000\000\060\036\246"}, trace_level = 0,
num_warnings = 0,
jpeg_message_table = 0x7ffff5cc75a0, last_jpeg_message =
123, addon_message_table = 0x0,
first_addon_message = 0, last_addon_message = 0},
setjmp_buffer = {{__jmpbuf = {520829,
6168453905819014113, 2, 7542864, 140737280618320,
7501024, 6168453905550578657,
6168500991037969377}, __mask_was_saved = 1, __saved_mask
= {__val = {0, 140737343529776,
140737280619740, 140737278046201, 96, 140737278001697,
10987520, 9648928, 0,
140737289360640, 96, 140737278001697, 140737280619740,
140737278046201, 10987520,
140737280619740}}}}, error = 0x7fffffffdfe8}
jdsterr = {pub = {error_exit = 0x7fffea914994
<fatal_error_handler>,
emit_message = 0x7ffff5abc800, output_message =
0x7fffea914a4a <output_message_handler>,
format_message = 0x7ffff5abc900, reset_error_mgr =
0x7ffff5abc850, msg_code = 0, msg_parm = {
i = {32767, 0, 0, -201146064, 32767, 10278216, 0,
7520032},
s = "\377\177\000\000\000\000\000\000\000\000\000\000\060
\301\002\364\377\177\000\000H՜\000\000\000\000\000 \277r\000\000\000\000
\000\220\334\377\377\001\000\000\000\060՜\000\000\000\000\000\300\036
\246\000\001\000\000\000\060\000\000\000\000\000\000\000H՜\000\000\000
\000\000\024\000\000"},
trace_level = 0, num_warnings = 0, jpeg_message_table =
0x7ffff5cc75a0,
last_jpeg_message = 123, addon_message_table = 0x0,
first_addon_message = 0,
last_addon_message = 0}, setjmp_buffer = {{__jmpbuf =
{520829, 6168453905819014113, 2,
7542864, 140737280618320, 7501024, 6168453905550578657,
6168500991046620129},
__mask_was_saved = 1, __saved_mask = {__val = {0, 0, 0, 0,
0, 0, 0, 64, 140737275395648,
10437664, 10886704, 140737488345724, 10494336,
10959184, 140737488346256,
140737287126979}}}}, error = 0x7fffffffdfe8}
success = 1
#20 0x00007fffead33b23 in file_buffer_ready_cb (buffer=0xd00cf8,
count=520829, error=0x0,
user_data=0xe80800) at rotation-utils.c:289
metadata = 0xe81c50
---Type <return> to continue, or q <return> to quit---
current_orientation = GTH_TRANSFORM_ROTATE_90
out_buffer = 0xdcb000
out_buffer_size = 519909
tdata = 0xe80800
#21 0x000000000044631e in load_file__stream_read_cb
(source_object=0x9ef360, result=0xa52860,
user_data=0xcffcd0) at gio-utils.c:2006
load_data = 0xcffcd0
error = 0x0
count = 0
#22 0x00007ffff427f679 in async_ready_callback_wrapper
(source_object=0x9ef360, res=0xa52860,
user_data=0xcffcd0)
at /tmp/buildd/glib2.0-2.24.1/gio/ginputstream.c:471
No locals.
#23 0x00007ffff428dac8 in complete_in_idle_cb_for_thread (_data=<value
optimized out>)
at /tmp/buildd/glib2.0-2.24.1/gio/gsimpleasyncresult.c:653
data = 0xd2eca0
simple = 0xa52860
#24 0x00007ffff37466c2 in g_main_dispatch (context=0x7274e0)
at /tmp/buildd/glib2.0-2.24.1/glib/gmain.c:1960
dispatch = 0x7ffff3744750 <g_idle_dispatch>
user_data = 0xd2eca0
callback = 0x7ffff428daa0 <complete_in_idle_cb_for_thread>
cb_funcs = 0x7ffff39e2f50
cb_data = 0xd26ae0
current_source_link = {data = 0xd20590, next = 0x0}
source = 0xd20590
current = 0x731850
i = 0
#25 IA__g_main_context_dispatch (context=0x7274e0)
at /tmp/buildd/glib2.0-2.24.1/glib/gmain.c:2513
No locals.
#26 0x00007ffff374a538 in g_main_context_iterate (context=0x7274e0,
block=<value optimized out>,
dispatch=<value optimized out>, self=<value optimized out>)
at /tmp/buildd/glib2.0-2.24.1/glib/gmain.c:2591
max_priority = 0
timeout = 0
some_ready = 1
nfds = 9
allocated_nfds = -210406656
fds = <value optimized out>
---Type <return> to continue, or q <return> to quit---
__PRETTY_FUNCTION__ = "g_main_context_iterate"
#27 0x00007ffff374aa45 in IA__g_main_loop_run (loop=0x6e9c40)
at /tmp/buildd/glib2.0-2.24.1/glib/gmain.c:2799
self = 0x6e7460
__PRETTY_FUNCTION__ = "IA__g_main_loop_run"
#28 0x00007ffff74af647 in IA__gtk_main () at /tmp/buildd/gtk
+2.0-2.20.1/gtk/gtkmain.c:1219
tmp_list = 0x7fffffffe30c
functions = 0x0
init = 0x7fffffffe330
loop = <value optimized out>
#29 0x00000000004b2bdf in main (argc=1, argv=0x7fffffffe418) at
main.c:447
context = 0x6e9d50
error = 0x0
(gdb)
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
