Red Hat Bugzilla – Bug 189456
SIGABRT from glibc when closing Layers dialog
Last modified: 2016-09-19 22:37:08 EDT
Description of problem: This issue may lie deeper than gimp, but it is trivial to trigger this bug on 2 of my systems. After opening gimp, I close the "Layers, Channels, etc" dialog. The program stays alive until I move my mouse over to the main gimp window, which will then fire off the SIGABRT from glibc. The error and backtrace are below: *** glibc detected *** /usr/bin/gimp: corrupted double-linked list: 0x00609158 *** ======= Backtrace: ========= /lib/i686/nosegneg/libc.so.6[0x538dcd] /lib/i686/nosegneg/libc.so.6[0x53ae8a] /lib/i686/nosegneg/libc.so.6(malloc+0x7b)[0x53c7fc] /usr/lib/libcairo.so.2[0x2d99b6e] /usr/lib/libcairo.so.2[0x2d99c58] /usr/lib/libcairo.so.2[0x2d99e49] /usr/lib/libcairo.so.2(cairo_move_to+0x75)[0x2d900b5] /usr/lib/libcairo.so.2(cairo_rectangle+0x38)[0x2d90248] /usr/lib/libgdk-x11-2.0.so.0[0x27abfaf] /usr/lib/libgdk-x11-2.0.so.0(gdk_window_begin_paint_region+0x184)[0x27ad1d4] /usr/lib/libgtk-x11-2.0.so.0(gtk_main_do_event+0x525)[0x292c365] /usr/lib/libgdk-x11-2.0.so.0[0x27ad53f] /usr/lib/libgdk-x11-2.0.so.0(gdk_window_process_all_updates+0x97)[0x27ad6f7] /usr/lib/libgdk-x11-2.0.so.0[0x27ad775] /usr/lib/libglib-2.0.so.0[0x3587a1] /usr/lib/libglib-2.0.so.0(g_main_context_dispatch+0x16d)[0x35a15d] /usr/lib/libglib-2.0.so.0[0x35d3ef] /usr/lib/libglib-2.0.so.0(g_main_loop_run+0x1a9)[0x35d799] /usr/bin/gimp[0x8063431] ======= Memory map: ======== 00111000-00115000 r-xp 00000000 fd:00 12192211 /usr/lib/gtk-2.0/2.4.0/loaders/libpixbufloader-png.so 00115000-00116000 rwxp 00003000 fd:00 12192211 /usr/lib/gtk-2.0/2.4.0/loaders/libpixbufloader-png.so 0022a000-00232000 r-xp 00000000 fd:00 11976441 /usr/lib/libpangocairo-1.0.so.0.1200.1 00232000-00233000 rwxp 00007000 fd:00 11976441 /usr/lib/libpangocairo-1.0.so.0.1200.1 00236000-0032f000 r-xp 00000000 fd:00 11985481 /usr/lib/libX11.so.6.2.0 0032f000-00333000 rwxp 000f9000 fd:00 11985481 /usr/lib/libX11.so.6.2.0 00335000-003c6000 r-xp 00000000 fd:00 11968131 /usr/lib/libglib-2.0.so.0.1000.2 003c6000-003c7000 rwxp 00091000 fd:00 11968131 /usr/lib/libglib-2.0.so.0.1000.2 003c9000-003ce000 r-xp 00000000 fd:00 11985420 /usr/lib/libXdmcp.so.6.0.0 003ce000-003cf000 rwxp 00004000 fd:00 11985420 /usr/lib/libXdmcp.so.6.0.0 003f5000-00414000 r-xp 00000000 fd:00 20613683 /lib/libexpat.so.0.5.0 00414000-00416000 rwxp 0001e000 fd:00 20613683 /lib/libexpat.so.0.5.0 00418000-00456000 r-xp 00000000 fd:00 11969924 /usr/lib/libgobject-2.0.so.0.1000.2 00456000-00457000 rwxp 0003e000 fd:00 11969924 /usr/lib/libgobject-2.0.so.0.1000.2 00459000-00480000 r-xp 00000000 fd:00 11976440 /usr/lib/libpangoft2-1.0.so.0.1200.1 00480000-00481000 rwxp 00027000 fd:00 11976440 /usr/lib/libpangoft2-1.0.so.0.1200.1 0049c000-004a0000 r-xp 00000000 fd:00 11985515 /usr/lib/libXfixes.so.3.0.0 004a0000-004a1000 rwxp 00003000 fd:00 11985515 /usr/lib/libXfixes.so.3.0.0 004a3000-004ac000 r-xp 00000000 fd:00 11985516 /usr/lib/libXcursor.so.1.0.2 004ac000-004ad000 rwxp 00008000 fd:00 11985516 /usr/lib/libXcursor.so.1.0.2 004af000-004b6000 r-xp 00000000 fd:00 11964601 /usr/lib/libXi.so.6.0.0 004b6000-004b7000 rwxp 00007000 fd:00 11964601 /usr/lib/libXi.so.6.0.0 004b8000-004b9000 r-xp 004b8000 00:00 0 [vdso] 004b9000-004d2000 r-xp 00000000 fd:00 20612113 /lib/ld-2.4.so 004d2000-004d3000 r-xp 00018000 fd:00 20612113 /lib/ld-2.4.so 004d3000-004d4000 rwxp 00019000 fd:00 20612113 /lib/ld-2.4.so 004d6000-00605000 r-xp 00000000 fd:00 20613667 /lib/i686/nosegneg/libc-2.4.so 00605000-00608000 r-xp 0012e000 fd:00 20613667 /lib/i686/nosegneg/libc-2.4.so 00608000-00609000 rwxp 00131000 fd:00 20613667 /lib/i686/nosegneg/libc-2.4.so 00609000-0060c000 rwxp 00609000 00:00 0 0060e000-00631000 r-xp 00000000 fd:00 20613669 /lib/i686/nosegneg/libm-2.4.so 00631000-00632000 r-xp 00022000 fd:00 20613669 /lib/i686/nosegneg/libm-2.4.so 00632000-00633000 rwxp 00023000 fd:00 20613669 /lib/i686/nosegneg/libm-2.4.so 00635000-00645000 r-xp 00000000 fd:00 20613671 /lib/i686/nosegneg/libpthread-2.4.so 00645000-00646000 r-xp 0000f000 fd:00 20613671 /lib/i686/nosegneg/libpthread-2.4.so 00646000-00647000 rwxp 00010000 fd:00 20613671 /lib/i686/nosegneg/libpthread-2.4.so 00647000-00649000 rwxp 00647000 00:00 0 0064b000-00652000 r-xp 00000000 fd:00 11975707 /usr/lib/libgimpthumb-2.0.so.0.200.10 00652000-00653000 rwxp 00007000 fd:00 11975707 /usr/lib/libgimpthumb-2.0.so.0.200.10 00661000-0066a000 r-xp 00000000 fd:00 11965 Program received signal SIGABRT, Aborted. [Switching to Thread -1208494416 (LWP 14844)] 0x004b8402 in __kernel_vsyscall () (gdb) bt #0 0x004b8402 in __kernel_vsyscall () #1 0x004fe379 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #2 0x004ff9b3 in *__GI_abort () at abort.c:88 #3 0x0053349b in __libc_message (do_abort=2, fmt=0x5f2e94 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:170 #4 0x00538dcd in malloc_consolidate (av=0x609120) at malloc.c:5616 #5 0x0053ae8a in _int_malloc (av=0x609120, bytes=524) at malloc.c:3964 #6 0x0053c7fc in *__GI___libc_malloc (bytes=524) at malloc.c:3382 #7 0x02d99b6e in _cairo_path_arg_buf_create () at cairo-path.c:417 #8 0x02d99c58 in _cairo_path_fixed_add (path=0x983f768, op=Variable "op" is not available. ) at cairo-path.c:339 #9 0x02d99e49 in _cairo_path_fixed_move_to (path=0x983f768, x=0, y=0) at cairo-path.c:169 #10 0x02d900b5 in *INT_cairo_move_to (cr=0x983f760, x=0, y=0) at cairo.c:994 #11 0x02d90248 in cairo_rectangle (cr=0x983f760, x=0, y=25, width=34, height=34) at cairo.c:1350 #12 0x027abfaf in gdk_window_set_user_data () from /usr/lib/libgdk-x11-2.0.so.0 #13 0x027ad1d4 in gdk_window_begin_paint_region () from /usr/lib/libgdk-x11-2.0.so.0 #14 0x0292c365 in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0 #15 0x027ad53f in gdk_window_is_viewable () from /usr/lib/libgdk-x11-2.0.so.0 #16 0x027ad6f7 in gdk_window_process_all_updates () from /usr/lib/libgdk-x11-2.0.so.0 #17 0x027ad775 in gdk_window_process_all_updates () from /usr/lib/libgdk-x11-2.0.so.0 #18 0x003587a1 in g_list_remove_link () from /usr/lib/libglib-2.0.so.0 #19 0x0035a15d in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #20 0x0035d3ef in g_main_context_check () from /usr/lib/libglib-2.0.so.0 #21 0x0035d799 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 #22 0x08063431 in app_run (full_prog_name=0xbfc96a19 "/usr/bin/gimp", gimp_argc=0, gimp_argv=0xbfc94a08, alternate_system_gimprc=0x0, alternate_gimprc=0x0, session_name=0x0, batch_interpreter=0x0, batch_commands=0x8f49500, no_interface=0, no_data=0, no_fonts=0, no_splash=0, be_verbose=0, use_shm=1, use_cpu_accel=1, console_messages=0, stack_trace_mode=GIMP_STACK_TRACE_NEVER, pdb_compat_mode=GIMP_PDB_COMPAT_ON) at app_procs.c:376 #23 0x080641d6 in main (argc=Cannot access memory at address 0x0 ) at main.c:473 #24 0x004eb7e4 in __libc_start_main (main=0x8063ad0 <main>, argc=1, ubp_av=0xbfc94a04, init=0x826ddd0 <__libc_csu_init>, fini=0x826ddc8 <__libc_csu_fini>, rtld_fini=0x4c6e40 <_dl_fini>, stack_end=0xbfc949fc) at libc-start.c:231 #25 0x08062f91 in _start () Version-Release number of selected component (if applicable): gimp-2.2.10-4 How reproducible: Always Steps to Reproduce: 1. Open GIMP 2. Close the Layers window 3. Move mouse back over main window Actual results: SIGABRT signal raised by glibc Expected results: Program should not crash.
Hmm, everything is fine and dandy here (gimp-2.2.11-0.fc5.3). I can open and close Layer/Channel/Path dialogs and move over the main window to my heart's delight without crashes until it gets boring. I guess it must be something else, perhaps one of the libs down the stack is different: nils@gibraltar:~> rpm -qf /lib/i686/nosegneg/libc.so.6 /usr/lib/libcairo.so.2 /usr/lib/libgdk-x11-2.0.so.0 /usr/lib/libglib-2.0.so.0 glibc-2.4-4 cairo-1.0.4-1 gtk2-2.8.17-1.fc5.1 glib2-2.10.2-1.fc5.1
I have the same versions on both of the machines I'm testing this one. When I try to close the dialog, it prompts me saying "Close all tabs? This window has 7 tabs open. Closing the window will also close all its tabs". After clicking "Close all tabs", the program stays open until I move my mouse over the main gimp window... then boom. I'm all out of ideas :(
Hmm, 7 tabs? I only have layers, channels and paths. What else do you have in the window? Perhaps make a screenshot -- maybe it depends on what exactly is in the window.
Created attachment 128108 [details] screenshot Here is a screenshot of the dialog that pops up after trying to close the layers window. I wiped out ~/.gimp* before running it as well.
I made the dialog window to look like yours, but still no crashing. Can you try this as another (fresh) test user? Do you have accessibility enabled (IIRC some toolkit related crashes are related to that)?
This issue seems to be resolved with the latest gimp-2.2.11-0.fc5.3 update (tested on 2 machines). Thanks :)
Hmm, I now have an idea why you saw the error while I didn't. I was always testing 2.2.11, not 2.2.10 because I thought you referred to the new version which was out in updates-testing right at that time (let's talk about bad timing) and didn't notice the version you stated (d'oh)...