search

BestImageViewer / geeqie

claiming to be the best image viewer / photo collection browser
http://www.geeqie.org/
GNU General Public License v2.0
482 stars 79 forks source link

double free or corruption when viewing raw files from multiple makes and models #1201

Closed xiota closed 11 months ago

xiota commented 1 year ago

ISSUE TYPE

GEEQIE VERSION

Geeqie 2.1+git20231007-aedccfcb GTK3

Run-time dependency gtk+-3.0 found: YES 3.24.38
Run-time dependency glib-2.0 found: YES 2.78.0

OS / DISTRIBUTION

Arch Linux

SUMMARY

Possibly related to #1123

When opening or viewing a folder containing raw files (cr2, nef, raf), geeqie crashes/exits with the following message:

double free or corruption (out)
Geeqie fatal error
Signal: Abort
Code: Invalid permissions
Address: 0x000003e8000016c4
gdb backtrace ``` double free or corruption (out) Thread 1 "geeqie" received signal SIGABRT, Aborted. __pthread_kill_implementation (threadid=, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 44 return INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0; (gdb) bt #0 __pthread_kill_implementation (threadid=, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 #1 0x00007ffff5ab88a3 in __pthread_kill_internal (signo=6, threadid=) at pthread_kill.c:78 #2 0x00007ffff5a68668 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0x00007ffff5a504b8 in __GI_abort () at abort.c:79 #4 0x00007ffff5a51390 in __libc_message (fmt=fmt@entry=0x7ffff5bc855d "%s\n") at ../sysdeps/posix/libc_fatal.c:150 #5 0x00007ffff5ac27b7 in malloc_printerr (str=str@entry=0x7ffff5bcb3c8 "double free or corruption (out)") at malloc.c:5765 #6 0x00007ffff5ac4830 in _int_free_merge_chunk (av=av@entry=0x7ffff5c02ac0 , p=0x5555561d3b80, size=980096) at malloc.c:4669 #7 0x00007ffff5ac4b29 in _int_free (av=0x7ffff5c02ac0 , p=, have_lock=, have_lock@entry=0) at malloc.c:4639 #8 0x00007ffff5ac7353 in __GI___libc_free (mem=) at malloc.c:3391 #9 0x00007ffff5eaeaba in operator delete(void*) (ptr=) at /usr/src/debug/gcc/gcc/libstdc++-v3/libsupc++/del_op.cc:49 #10 0x00007ffff5eaeaea in operator delete[](void*) (ptr=) at /usr/src/debug/gcc/gcc/libstdc++-v3/libsupc++/del_opv.cc:35 #11 0x00005555556005a6 in exif_free_preview(unsigned char*) (buf=) at ../geeqie/src/exiv2.cc:1246 #12 image_loader_stop_source(ImageLoader*) (il=il@entry=0x5555560c1af0 [ImageLoaderType]) at ../geeqie/src/image-load.cc:1111 #13 0x0000555555600676 in image_loader_stop (il=0x5555560c1af0 [ImageLoaderType]) at ../geeqie/src/image-load.cc:1145 #14 image_loader_finalize(GObject*) (object=0x5555560c1af0 [ImageLoaderType]) at ../geeqie/src/image-load.cc:220 #15 0x00007ffff72688b4 in g_object_unref (_object=0x5555560c1af0) at ../glib/gobject/gobject.c:3941 #16 g_object_unref (_object=0x5555560c1af0) at ../glib/gobject/gobject.c:3805 #17 0x000055555565cb13 in image_loader_free(ImageLoader*) (il=) at ../geeqie/src/image-load.cc:266 #18 thumb_loader_std_reset(ThumbLoaderStd*) (tl=tl@entry=0x5555560b76b0) at ../geeqie/src/thumb-standard.cc:112 #19 0x0000555555663bb5 in thumb_loader_std_free(ThumbLoaderStd*) (tl=0x5555560b76b0) at ../geeqie/src/thumb-standard.cc:853 #20 thumb_loader_std_free(ThumbLoaderStd*) (tl=0x5555560b76b0) at ../geeqie/src/thumb-standard.cc:849 #21 thumb_loader_free(ThumbLoader*) (tl=0x5555560b76b0) at ../geeqie/src/thumb.cc:489 #22 0x0000555555687dd9 in vf_thumb_cleanup(ViewFile*) (vf=0x555555f46f40) at ../geeqie/src/view-file/view-file.cc:1385 #23 vf_thumb_stop(ViewFile*) (vf=0x555555f46f40) at ../geeqie/src/view-file/view-file.cc:1393 #24 vf_thumb_update(ViewFile*) (vf=0x555555f46f40) at ../geeqie/src/view-file/view-file.cc:1481 #25 0x000055555569cd8e in vficon_populate(ViewFile*, int, int) [clone .constprop.0] (vf=vf@entry=0x555555f46f40, keep_position=keep_position@entry=1, resize=) at ../geeqie/src/view-file/view-file-icon.cc:1629 #26 0x000055555569d343 in vficon_refresh_real(ViewFile*, int) [clone .isra.0] (vf=0x555555f46f40, keep_position=1) at ../geeqie/src/view-file/view-file-icon.cc:2020 #27 0x00005555556169f0 in layout_set_fd(LayoutWindow*, FileData*) (lw=, lw@entry=0x555555bbbf80, fd=fd@entry=0x5555560b0430) at ../geeqie/src/layout.cc:1222 #28 0x0000555555617863 in layout_set_path(LayoutWindow*, char const*) (path=0x555555bbbe80 "/home/gs/xdg/Pictures (Selling)/(Samyang) Rokinon 35mm F1.2 ED AS UMC CS (FX)/120_FUJI/t", lw=0x555555bbbf80) at ../geeqie/src/layout.cc:1147 #29 layout_set_path(LayoutWindow*, char const*) (path=0x555555bbbe80 "/home/gs/xdg/Pictures (Selling)/(Samyang) Rokinon 35mm F1.2 ED AS UMC CS (FX)/120_FUJI/t", lw=0x555555bbbf80) at ../geeqie/src/layout.cc:1139 #30 layout_new_from_config(char const**, char const**, int) (attribute_names=, attribute_values=0x7fffffffcfc0, use_commandline=) at ../geeqie/src/layout.cc:3053 --Type for more, q to quit, c to continue without paging--c #31 0x000055555564c5af in options_parse_toplevel (attribute_values=0x7fffffffcfc0, attribute_names=0x7fffffffd1f0, element_name=, parser_data=0x555555a1c070) at ../geeqie/src/rcfile.cc:1662 #32 options_parse_toplevel(GQParserData*, GMarkupParseContext*, gchar const*, gchar const**, gchar const**, gpointer, GError**) (parser_data=0x555555a1c070, element_name=, attribute_names=0x7fffffffd1f0, attribute_values=0x7fffffffcfc0) at ../geeqie/src/rcfile.cc:1637 #33 0x0000555555647e27 in start_element(GMarkupParseContext*, gchar const*, gchar const**, gchar const**, gpointer, GError**) (context=, element_name=, attribute_names=0x7fffffffd1f0, attribute_values=, user_data=, error=) at ../geeqie/src/rcfile.cc:1726 #34 0x00007ffff715744d in emit_start_element (context=context@entry=0x555555a21f00, error=error@entry=0x0) at ../glib/glib/gmarkup.c:1064 #35 0x00007ffff71589ef in g_markup_parse_context_parse (context=0x555555a21f00, text=, text_len=, error=) at ../glib/glib/gmarkup.c:1423 #36 0x0000555555650d03 in load_config_from_buf(char const*, unsigned long, int) (buf=0x555555b91dd0 "