Inkscape

Inkscape crashes when browsing a folder with a large PNG-file

Bug #1483058 reported by vigri
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Inkscape
Confirmed
High
Unassigned

Bug Description

Dear Maintainers,

I would like to report a bug where browsing a folder with a large PNG file can crash Inkscape.

Affected Inkscape versions: 0.45 and 0.91
OS: Debian 8.1 x64
Memory: 24 GiB

Steps to reproduce the crash:
1. save the attached PNG image to a folder
2. start inkscape
3. click on 'file' -> 'open'
4. browse to the folder you choosed earlier (make sure that "preview" is checked)
5. inkscape crashes

I've been able to get additional information with GDB:

==========================================================
Program received signal SIGSEGV, Segmentation fault.
__memcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S:35
35 ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S: No such file or directory.
(gdb) bt
#0 __memcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S:35
#1 0x00007ffff32cdef3 in png_read_row () from /lib/x86_64-linux-gnu/libpng12.so.0
#2 0x00007ffff32ce343 in png_read_image () from /lib/x86_64-linux-gnu/libpng12.so.0
#3 0x00007fffe9a21440 in gdk_pixbuf__png_image_load (f=0x7a27670, error=0x7fffffffb560) at io-png.c:327
#4 0x00007ffff617b68a in gdk_pixbuf_new_from_file (filename=0x7a11188 "/mnt/projects/#MA/#git/Code/python/test_crash/27000_27000_1437947845.png", error=0x7fffffffb560)
    at gdk-pixbuf-io.c:1096
#5 0x00007ffff732982f in Gdk::Pixbuf::create_from_file(std::string const&) () from /usr/lib/x86_64-linux-gnu/libgdkmm-2.4.so.1
#6 0x0000000000a6327d in Inkscape::UI::Dialog::SVGPreview::showImage (this=0x338e618, theFileName=...) at ui/dialog/filedialogimpl-gtkmm.cpp:209
#7 0x0000000000a63a5e in Inkscape::UI::Dialog::SVGPreview::set (this=0x338e618, fileName=..., dialogType=0) at ui/dialog/filedialogimpl-gtkmm.cpp:529
#8 0x0000000000a644be in Inkscape::UI::Dialog::FileDialogBaseGtk::_updatePreviewCallback (this=0x338e5e0) at ui/dialog/filedialogimpl-gtkmm.cpp:621
#9 0x0000000000a6cfb4 in sigc::bound_mem_functor0<void, Inkscape::UI::Dialog::FileDialogBaseGtk>::operator() (this=0x797b398)
    at /usr/include/sigc++-2.0/sigc++/functors/mem_fun.h:1787
#10 0x0000000000a6c754 in sigc::adaptor_functor<sigc::bound_mem_functor0<void, Inkscape::UI::Dialog::FileDialogBaseGtk> >::operator() (this=0x797b390)
    at /usr/include/sigc++-2.0/sigc++/adaptors/adaptor_trait.h:256
#11 0x0000000000a6ba37 in sigc::internal::slot_call0<sigc::bound_mem_functor0<void, Inkscape::UI::Dialog::FileDialogBaseGtk>, void>::call_it (rep=0x797b360)
    at /usr/include/sigc++-2.0/sigc++/functors/slot.h:103
#12 0x00007ffff571f948 in operator() (this=0x797b338) at /usr/include/sigc++-2.0/sigc++/functors/slot.h:440
#13 Glib::SignalProxyNormal::slot0_void_callback (self=<optimized out>, data=0x797b330) at signalproxy.cc:95
#14 0x00007ffff11bc245 in g_closure_invoke (closure=0x797b440, return_value=0x0, n_param_values=1, param_values=0x7fffffffba50, invocation_hint=0x7fffffffb9f0)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gclosure.c:768
#15 0x00007ffff11ce272 in signal_emit_unlocked_R (node=node@entry=0x3674560, detail=detail@entry=0, instance=instance@entry=0x3b51eb0,
    emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fffffffba50) at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3623
#16 0x00007ffff11d6778 in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=<optimized out>)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3309
#17 0x00007ffff11d6f2a in g_signal_emit_by_name (instance=0x7ffec1a60ef8, detailed_signal=0x7a2c581 "") at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3405
#18 0x00007ffff11bc245 in g_closure_invoke (closure=0x796f7d0, return_value=0x0, n_param_values=1, param_values=0x7fffffffbf30, invocation_hint=0x7fffffffbed0)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gclosure.c:768
#19 0x00007ffff11cdf6c in signal_emit_unlocked_R (node=node@entry=0x3674560, detail=detail@entry=0, instance=instance@entry=0x45a6d00,
    emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fffffffbf30) at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3553
#20 0x00007ffff11d6778 in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=<optimized out>)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3309
#21 0x00007ffff11d6f2a in g_signal_emit_by_name (instance=0x7ffec1a60ef8, detailed_signal=0x7a2c581 "") at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3405
#22 0x00007ffff11bc245 in g_closure_invoke (closure=0x79786d0, return_value=0x0, n_param_values=1, param_values=0x7fffffffc410, invocation_hint=0x7fffffffc3b0)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gclosure.c:768
#23 0x00007ffff11cdf6c in signal_emit_unlocked_R (node=node@entry=0x3674560, detail=detail@entry=0, instance=instance@entry=0x7944040,
    emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fffffffc410) at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3553
#24 0x00007ffff11d6778 in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=<optimized out>)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3309
#25 0x00007ffff11d6f2a in g_signal_emit_by_name (instance=0x7ffec1a60ef8, detailed_signal=0x7a2c581 "") at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3405
#26 0x00007ffff6b54b43 in check_preview_change (impl=0x7944040) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkfilechooserdefault.c:9587
#27 0x00007ffff6b581c8 in list_selection_changed (selection=<optimized out>, impl=0x7944040) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkfilechooserdefault.c:9949
#28 0x00007ffff11bc474 in _g_closure_invoke_va (closure=0x7ffec1a60ef8, closure@entry=0x7974da0, return_value=0x7a2c581, return_value@entry=0x0, instance=0x13c68,
    instance@entry=0x7934b00, args=0x278d0, args@entry=0x7fffffffc9e0, n_params=2, param_types=0x6978) at /tmp/buildd/glib2.0-2.42.1/./gobject/gclosure.c:831
#29 0x00007ffff11d6087 in g_signal_emit_valist (instance=0x7934b00, signal_id=<optimized out>, detail=0, var_args=var_args@entry=0x7fffffffc9e0)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3218
#30 0x00007ffff11d69df in g_signal_emit (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3365
#31 0x00007ffff6ca8ce6 in gtk_tree_view_real_set_cursor (tree_view=tree_view@entry=0x3b34fa0, path=path@entry=0x7fffc4001d80, clear_and_select=clear_and_select@entry=1,
    clamp_node=clamp_node@entry=1) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtktreeview.c:12604
#32 0x00007ffff6cac7cd in IA__gtk_tree_view_set_cursor_on_cell (tree_view=0x3b34fa0, path=path@entry=0x7fffc4001d80, focus_column=focus_column@entry=0x0,
    focus_cell=focus_cell@entry=0x0, start_editing=start_editing@entry=0) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtktreeview.c:12741
#33 0x00007ffff6cac8ca in IA__gtk_tree_view_set_cursor (tree_view=<optimized out>, path=path@entry=0x7fffc4001d80, focus_column=focus_column@entry=0x0,
    start_editing=start_editing@entry=0) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtktreeview.c:12687
#34 0x00007ffff6b59bd6 in browse_files_select_first_row (impl=0x7944040) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkfilechooserdefault.c:6284
#35 pending_select_files_process (impl=0x7944040) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkfilechooserdefault.c:6437
#36 browse_files_model_finished_loading_cb (model=<optimized out>, error=<optimized out>, impl=0x7944040)
    at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkfilechooserdefault.c:6499
#37 0x00007ffff11bf3cc in g_cclosure_marshal_VOID__POINTERv (closure=<optimized out>, return_value=<optimized out>, instance=<optimized out>, args=<optimized out>,
    marshal_data=<optimized out>, n_params=<optimized out>, param_types=0x795fb70) at /tmp/buildd/glib2.0-2.42.1/./gobject/gmarshal.c:1236
#38 0x00007ffff11bc474 in _g_closure_invoke_va (closure=0x7ffec1a60ef8, closure@entry=0x36384b0, return_value=0x7a2c581, return_value@entry=0x0, instance=0x13c68,
    instance@entry=0x79f6010, args=0x278d0, args@entry=0x7fffffffcdf0, n_params=2, param_types=0x6978) at /tmp/buildd/glib2.0-2.42.1/./gobject/gclosure.c:831
#39 0x00007ffff11d6087 in g_signal_emit_valist (instance=0x79f6010, signal_id=<optimized out>, detail=0, var_args=var_args@entry=0x7fffffffcdf0)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3218
#40 0x00007ffff11d69df in g_signal_emit (instance=instance@entry=0x79f6010, signal_id=<optimized out>, detail=detail@entry=0)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3365
#41 0x00007ffff6b6bbf2 in gtk_file_system_model_got_files (object=0x7fffd800aae0, res=0x7a23430, data=0x79f6010)
    at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkfilesystemmodel.c:1130
#42 0x00007ffff144c4c7 in next_async_callback_wrapper (source_object=0x7fffd800aae0, res=<optimized out>, user_data=<optimized out>)
    at /tmp/buildd/glib2.0-2.42.1/./gio/gfileenumerator.c:305
#43 0x00007ffff14804bb in g_task_return_now (task=0x7a23430) at /tmp/buildd/glib2.0-2.42.1/./gio/gtask.c:1077
#44 0x00007ffff14804d9 in complete_in_idle_cb (task=0x7a23430) at /tmp/buildd/glib2.0-2.42.1/./gio/gtask.c:1086
#45 0x00007ffff0ee6b6d in g_main_dispatch (context=0x18fd5c0) at /tmp/buildd/glib2.0-2.42.1/./glib/gmain.c:3111
#46 g_main_context_dispatch (context=context@entry=0x18fd5c0) at /tmp/buildd/glib2.0-2.42.1/./glib/gmain.c:3710
#47 0x00007ffff0ee6f48 in g_main_context_iterate (context=0x18fd5c0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>)
    at /tmp/buildd/glib2.0-2.42.1/./glib/gmain.c:3781
#48 0x00007ffff0ee7272 in g_main_loop_run (loop=0x79b66e0) at /tmp/buildd/glib2.0-2.42.1/./glib/gmain.c:3975
#49 0x00007ffff6b35ca3 in IA__gtk_dialog_run (dialog=0x3b51eb0) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkdialog.c:1094
#50 0x0000000000a65f89 in Inkscape::UI::Dialog::FileOpenDialogImplGtk::show (this=0x338e5d0) at ui/dialog/filedialogimpl-gtkmm.cpp:871
#51 0x00000000004d65a5 in sp_file_open_dialog (parentWindow=...) at file.cpp:546
#52 0x00000000006ba53c in Inkscape::FileVerb::perform (action=0x35f8840, data=0x3) at verbs.cpp:846
#53 0x00000000006c7a07 in sigc::pointer_functor2<SPAction*, void*, void>::operator() (this=0x373a258, _A_a1=@0x373a268: 0x35f8840, _A_a2=@0x373a260: 0x3)
    at /usr/include/sigc++-2.0/sigc++/functors/ptr_fun.h:147
#54 0x00000000006c78c1 in sigc::adaptor_functor<sigc::pointer_functor2<SPAction*, void*, void> >::operator()<SPAction*&, void*&> (this=0x373a250,
    _A_arg1=@0x373a268: 0x35f8840, _A_arg2=@0x373a260: 0x3) at /usr/include/sigc++-2.0/sigc++/adaptors/adaptor_trait.h:108
#55 0x00000000006c76b2 in sigc::bind_functor<-1, sigc::pointer_functor2<SPAction*, void*, void>, void*, sigc::nil, sigc::nil, sigc::nil, sigc::nil, sigc::nil, sigc::nil>::operator()<SPAction*&> (this=0x373a248, _A_arg1=@0x373a268: 0x35f8840) at /usr/include/sigc++-2.0/sigc++/adaptors/bind.h:1135
#56 0x00000000006c736a in sigc::bind_functor<-1, sigc::bind_functor<-1, sigc::pointer_functor2<SPAction*, void*, void>, void*, sigc::nil, sigc::nil, sigc::nil, sigc::nil, sigc::nil, sigc::nil>, SPAction*, sigc::nil, sigc::nil, sigc::nil, sigc::nil, sigc::nil, sigc::nil>::operator() (this=0x373a240)
    at /usr/include/sigc++-2.0/sigc++/adaptors/bind.h:1123
#57 0x00000000006c6dcf in sigc::internal::slot_call0<sigc::bind_functor<-1, sigc::bind_functor<-1, sigc::pointer_functor2<SPAction*, void*, void>, void*, sigc::nil, sigc::nil, sigc::nil, sigc::nil, sigc::nil, sigc::nil>, SPAction*, sigc::nil, sigc::nil, sigc::nil, sigc::nil, sigc::nil, sigc::nil>, void>::call_it (rep=0x373a210)
    at /usr/include/sigc++-2.0/sigc++/functors/slot.h:103
#58 0x000000000048d6c5 in sigc::internal::signal_emit0<void, sigc::nil>::emit (impl=0x3739f80) at /usr/include/sigc++-2.0/sigc++/signal.h:776
#59 0x000000000048f0e0 in sigc::signal0<void, sigc::nil>::emit (this=0x35f8898) at /usr/include/sigc++-2.0/sigc++/signal.h:2683
#60 0x000000000082e4ae in sp_action_perform (action=0x35f8840) at helper/action.cpp:136
#61 0x000000000051e5c8 in sp_ui_menu_activate (action=0x35f8840) at interface.cpp:371
#62 0x00007ffff11bc245 in g_closure_invoke (closure=0x373a870, return_value=0x0, n_param_values=1, param_values=0x7fffffffd670, invocation_hint=0x7fffffffd610)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gclosure.c:768
#63 0x00007ffff11cdf6c in signal_emit_unlocked_R (node=node@entry=0x2df46f0, detail=detail@entry=0, instance=instance@entry=0x36646d0,
    emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fffffffd670) at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3553
#64 0x00007ffff11d6778 in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffffffd7f0)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3309
#65 0x00007ffff11d69df in g_signal_emit (instance=instance@entry=0x36646d0, signal_id=<optimized out>, detail=detail@entry=0)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3365
#66 0x00007ffff6cc4af6 in IA__gtk_widget_activate (widget=widget@entry=0x36646d0) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkwidget.c:5041
#67 0x00007ffff6bc094d in IA__gtk_menu_shell_activate_item (menu_shell=0x363f440, menu_item=0x36646d0, force_deactivate=<optimized out>)
    at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkmenushell.c:1276
#68 0x00007ffff6bc0ceb in gtk_menu_shell_button_release (widget=0x363f440, event=<optimized out>) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkmenushell.c:703
#69 0x00007ffff6baea3f in _gtk_marshal_BOOLEAN__BOXED (closure=0x1935070, return_value=0x7fffffffdae0, n_param_values=<optimized out>, param_values=0x7fffffffdb90,
    invocation_hint=<optimized out>, marshal_data=0x7ffff6bb60d0 <gtk_menu_button_release>) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkmarshalers.c:86
#70 0x00007ffff11bc245 in g_closure_invoke (closure=0x1935070, return_value=0x7fffffffdae0, n_param_values=2, param_values=0x7fffffffdb90, invocation_hint=0x7fffffffdb30)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gclosure.c:768
#71 0x00007ffff11cde62 in signal_emit_unlocked_R (node=node@entry=0x190ab60, detail=detail@entry=0, instance=instance@entry=0x363f440,
    emission_return=emission_return@entry=0x7fffffffdc40, instance_and_params=instance_and_params@entry=0x7fffffffdb90)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3591
#72 0x00007ffff11d6285 in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffffffdd20)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3319
#73 0x00007ffff11d69df in g_signal_emit (instance=instance@entry=0x363f440, signal_id=<optimized out>, detail=detail@entry=0)
    at /tmp/buildd/glib2.0-2.42.1/./gobject/gsignal.c:3365
#74 0x00007ffff6cc5d6c in gtk_widget_event_internal (widget=widget@entry=0x363f440, event=event@entry=0x4550010)
    at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkwidget.c:5010
#75 0x00007ffff6cc6061 in IA__gtk_widget_event (widget=widget@entry=0x363f440, event=event@entry=0x4550010) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkwidget.c:4807
#76 0x00007ffff6bad184 in IA__gtk_propagate_event (widget=0x363f440, event=0x4550010) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkmain.c:2490
#77 0x00007ffff6bad61b in IA__gtk_main_do_event (event=0x4550010) at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkmain.c:1685
#78 0x000000000044fafa in snooper (event=0x4550010) at main.cpp:1009
#79 0x00007ffff6820b5c in gdk_event_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>)
    at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gdk/x11/gdkevents-x11.c:2425
#80 0x00007ffff0ee6c5d in g_main_dispatch (context=0x18fd5c0) at /tmp/buildd/glib2.0-2.42.1/./glib/gmain.c:3111
#81 g_main_context_dispatch (context=context@entry=0x18fd5c0) at /tmp/buildd/glib2.0-2.42.1/./glib/gmain.c:3710
#82 0x00007ffff0ee6f48 in g_main_context_iterate (context=0x18fd5c0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>)
    at /tmp/buildd/glib2.0-2.42.1/./glib/gmain.c:3781
#83 0x00007ffff0ee7272 in g_main_loop_run (loop=0x371dcd0) at /tmp/buildd/glib2.0-2.42.1/./glib/gmain.c:3975
#84 0x00007ffff6bac597 in IA__gtk_main () at /build/gtk+2.0-czQfyJ/gtk+2.0-2.24.25/gtk/gtkmain.c:1257
#85 0x000000000044ffc3 in sp_main_gui (argc=1, argv=0x7fffffffe318) at main.cpp:1075
#86 0x000000000044f580 in main (argc=1, argv=0x7fffffffe318) at main.cpp:789
==========================================================

Best regards
vigri

Revision history for this message
vigri (vigri-bugreport) wrote :
jazzynico (jazzynico)
tags: added: bitmap importing
Revision history for this message
jazzynico (jazzynico) wrote :

Reproduced on Windows XP (32bit) with Inkscape 0.48.5, 0.91 and trunk rev. 14285, with the native Windows open/import dialog. Also crashes with the GTK dialog, but less consistently (sometimes the crash is replaced with an error dialog).

When selecting the image in the dialog, Inkscape shows the following console messages:
----
(inkscape.exe:1164): glibmm-CRITICAL **: unhandled exception (type Glib::Error) in signal handler:
domain: gdk-pixbuf-error-quark
code : 1
what : Failed to load image 'D:\SVG\27000_27000_1437947845.png': Insufficient memory to load PNG file

Changed in inkscape:
importance: Undecided → High
status: New → Confirmed
Revision history for this message
jazzynico (jazzynico) wrote :

ImageMagick's identify result attached (took quite long to process).

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.