Package: gthumb
Version: 3:3.0.1-2
Severity: normal
Dear Maintainer,
If one opens a folder with sufficiently large photos
(which take some time to render), open one of them,
then roll the mouse button and quickly press close
on gthumb window, gthumb crashes.
I guess this is because the gth_main_finalize() function
in gth-main.c is not thread-safe. The crash occurs when executing
_g_object_unref (gth_main->priv->extension_manager);
while another thread is still rendering the image
in _cairo_image_surface_create_from_jpeg().
Attached is sample gdb log.
-- System Information:
Debian Release: 7.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages gthumb depends on:
ii gsettings-desktop-schemas 3.4.2-3
ii gthumb-data 3:3.0.1-2
ii libatk1.0-0 2.4.0-2
ii libc6 2.13-38+deb7u4
ii libcairo-gobject2 1.12.2-3
ii libcairo2 1.12.2-3
ii libexiv2-12 0.23-1
ii libgcc1 1:4.7.2-5
ii libgdk-pixbuf2.0-0 2.26.1-1
ii libglib2.0-0 2.33.12+really2.32.4-5
ii libgnome-keyring0 3.4.1-1
ii libgstreamer-plugins-base0.10-0 0.10.36-1.1
ii libgstreamer0.10-0 0.10.36-1.2
ii libgtk-3-0 3.4.2-7
ii libjpeg8 8d-1+deb7u1
ii libpango1.0-0 1.30.0-1
ii libpng12-0 1.2.49-1
ii librsvg2-2 2.36.1-2
ii libsoup-gnome2.4-1 2.38.1-3
ii libsoup2.4-1 2.38.1-3
ii libstdc++6 4.7.2-5
ii libtiff4 3.9.6-11
ii libxml2 2.8.0+dfsg1-7+wheezy1
ii zlib1g 1:1.2.7.dfsg-13
Versions of packages gthumb recommends:
ii bison 1:2.5.dfsg-2.1
ii flex 2.5.35-10.1
pn gstreamer0.10-gnomevfs <none>
pn gvfs-bin <none>
gthumb suggests no packages.
-- no debconf information
Breakpoint 2, gth_main_finalize (object=0x5555558f6400) at gth-main.c:148
148 _g_object_unref (gth_main->priv->extension_manager);
(gdb) info threads
Id Target Id Frame
6 Thread 0x7fffd8a49700 (LWP 4361) "pool"
pthread_cond_timedwait@@GLIBC_2.3.2 () at
../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:216
5 Thread 0x7fffe553c700 (LWP 4360) "pool" 0x00007fffeed5846a in
jpeg_idct_16x8 () from /usr/lib/x86_64-linux-gnu/libjpeg.so.8
3 Thread 0x7fffefb89700 (LWP 4358) "dconf worker" 0x00007ffff4e1d223 in
*__GI___poll (fds=<optimized out>, nfds=<optimized out>, timeout=-1)
at ../sysdeps/unix/sysv/linux/poll.c:87
2 Thread 0x7ffff0593700 (LWP 4357) "gdbus" 0x00007ffff4e1d223 in
*__GI___poll (fds=<optimized out>, nfds=<optimized out>, timeout=-1)
at ../sysdeps/unix/sysv/linux/poll.c:87
* 1 Thread 0x7ffff7fce920 (LWP 4353) "gthumb" gth_main_finalize
(object=0x5555558f6400) at gth-main.c:148
(gdb) thread 5
[Switching to thread 5 (Thread 0x7fffe553c700 (LWP 4360))]
#0 0x00007fffeed5846a in jpeg_idct_16x8 () from
/usr/lib/x86_64-linux-gnu/libjpeg.so.8
(gdb) bt
#0 0x00007fffeed5846a in jpeg_idct_16x8 () from
/usr/lib/x86_64-linux-gnu/libjpeg.so.8
#1 0x00007fffeed42165 in ?? () from /usr/lib/x86_64-linux-gnu/libjpeg.so.8
#2 0x00007fffeed47252 in ?? () from /usr/lib/x86_64-linux-gnu/libjpeg.so.8
#3 0x00007fffeed3f990 in jpeg_read_scanlines () from
/usr/lib/x86_64-linux-gnu/libjpeg.so.8
#4 0x00007fffeef80e93 in _cairo_image_surface_create_from_jpeg
(file_data=0x555555916d60, requested_size=-1, original_width=0x7fffe553bbd8,
original_height=0x7fffe553bbdc,
user_data=0x0, cancellable=0x55555595eca0, error=0x7fffe553bbe0) at
cairo-io-jpeg.c:389
#5 0x00005555555ef6ee in load_pixbuf_thread (result=0x555555cb62e0,
object=0x55555591c080, cancellable=0x55555595eca0) at gth-image-loader.c:196
#6 0x00007ffff604641e in ?? () from /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#7 0x00007ffff60357ae in ?? () from /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#8 0x00007ffff55e2742 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#9 0x00007ffff55e1f45 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#10 0x00007ffff50ddb50 in start_thread (arg=<optimized out>) at
pthread_create.c:304
#11 0x00007ffff4e27e6d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#12 0x0000000000000000 in ?? ()
(gdb) thread 1
[Switching to thread 1 (Thread 0x7ffff7fce920 (LWP 4353))]
#0 gth_main_finalize (object=0x5555558f6400) at gth-main.c:148
148 _g_object_unref (gth_main->priv->extension_manager);
(gdb) bt
#0 gth_main_finalize (object=0x5555558f6400) at gth-main.c:148
#1 0x00007ffff5883638 in g_object_unref () from
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#2 0x00005555556011b9 in gth_main_release () at gth-main.c:200
#3 0x000055555562cc33 in main (argc=1, argv=0x7fffffffe6e8) at main.c:594
(gdb) next
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe553c700 (LWP 4360)]
0x00007fffeef80f98 in _cairo_image_surface_create_from_jpeg
(file_data=0x555555916d60, requested_size=-1, original_width=0x7fffe553bbd8,
original_height=0x7fffe553bbdc,
user_data=0x0, cancellable=0x55555595eca0, error=0x7fffe553bbe0) at
cairo-io-jpeg.c:402
