Inkscape

Inkscape crashes adding image effect in filter editor

Bug #397075 reported by dopelover
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Inkscape
Fix Released
High
theAdib
Inkscape 0.47 "0.47"

Bug Description

These are the steps to reproduce:

1. Draw an rectangle
2. Open filter effects (Object->Filter Effects)
3. Create a new filter
4. Add image effect
5. Specify path to PDF or DXF file on effects parameter tab.

Inkscape should crash.

Inkscape: 21757
Operating system: Ubuntu 9.04 32-bit

GDB output:
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
(gdb) run
Starting program: /usr/local/bin/inkscape
[Thread debugging using libthread_db enabled]
[New Thread 0xb6071770 (LWP 4141)]
[New Thread 0xb5650b90 (LWP 4145)]
[New Thread 0xb4cffb90 (LWP 4146)]
[Thread 0xb4cffb90 (LWP 4146) exited]
[New Thread 0xb4cffb90 (LWP 4147)]
[Thread 0xb5650b90 (LWP 4145) exited]
[New Thread 0xb5650b90 (LWP 4148)]
[Thread 0xb4cffb90 (LWP 4147) exited]
[New Thread 0xb4cffb90 (LWP 4149)]
[Thread 0xb5650b90 (LWP 4148) exited]

glibmm-ERROR **:
unhandled exception (type std::exception) in signal handler:
what: Malformed URI

aborting...

Program received signal SIGABRT, Aborted.
[Switching to Thread 0xb6071770 (LWP 4141)]
0xb8067430 in __kernel_vsyscall ()
(gdb) bt
#0 0xb8067430 in __kernel_vsyscall ()
#1 0xb676d6d0 in raise () from /lib/tls/i686/cmov/libc.so.6
#2 0xb676f098 in abort () from /lib/tls/i686/cmov/libc.so.6
#3 0xb72b9eac in g_logv () from /usr/lib/libglib-2.0.so.0
#4 0xb72b9ee6 in g_log () from /usr/lib/libglib-2.0.so.0
#5 0xb7baec83 in Glib::exception_handlers_invoke ()
   from /usr/lib/libglibmm-2.4.so.1
#6 0xb7bb57ff in Glib::SignalProxyNormal::slot0_void_callback ()
   from /usr/lib/libglibmm-2.4.so.1
#7 0xb735b3a4 in g_cclosure_marshal_VOID__VOID ()
   from /usr/lib/libgobject-2.0.so.0
#8 0xb734dc7b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#9 0xb73643d2 in ?? () from /usr/lib/libgobject-2.0.so.0
#10 0xb73654b9 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#11 0xb73657e3 in g_signal_emit_by_name () from /usr/lib/libgobject-2.0.so.0
#12 0xb76fed7a in ?? () from /usr/lib/libgtk-x11-2.0.so.0
#13 0xb76fef4a in gtk_entry_set_text () from /usr/lib/libgtk-x11-2.0.so.0
#14 0xb7eb8e6a in Gtk::Entry::set_text () from /usr/lib/libgtkmm-2.4.so.1
warning: (Internal error: pc 0x83aa79a in read in psymtab, but not in symtab.)

#15 0x083aa79b in Inkscape::UI::Dialog::FileOrElementChooser::select_file (
    this=warning: (Internal error: pc 0x83aa79a in read in psymtab, but not in symtab.)

warning: (Internal error: pc 0x83aa590 in read in psymtab, but not in symtab.)

warning: (Internal error: pc 0x83aa79a in read in psymtab, but not in symtab.)

0xbaf2600) at ui/dialog/filter-effects-dialog.cpp:672
#16 0xb7bb57e2 in Glib::SignalProxyNormal::slot0_void_callback ()
   from /usr/lib/libglibmm-2.4.so.1
#17 0xb735b3a4 in g_cclosure_marshal_VOID__VOID ()
---Type <return> to continue, or q <return> to quit---
   from /usr/lib/libgobject-2.0.so.0
#18 0xb734dc7b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#19 0xb73643d2 in ?? () from /usr/lib/libgobject-2.0.so.0
#20 0xb73654b9 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#21 0xb7365936 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#22 0xb76c4bda in gtk_button_clicked () from /usr/lib/libgtk-x11-2.0.so.0
#23 0xb76c61f8 in ?? () from /usr/lib/libgtk-x11-2.0.so.0
#24 0xb7e95acd in Gtk::Button_Class::released_callback ()
   from /usr/lib/libgtkmm-2.4.so.1
#25 0xb735b3a4 in g_cclosure_marshal_VOID__VOID ()
   from /usr/lib/libgobject-2.0.so.0
#26 0xb734c3d9 in ?? () from /usr/lib/libgobject-2.0.so.0
#27 0xb734dc7b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#28 0xb73636c0 in ?? () from /usr/lib/libgobject-2.0.so.0
#29 0xb73654b9 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#30 0xb7365936 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#31 0xb76c4c7a in gtk_button_released () from /usr/lib/libgtk-x11-2.0.so.0
#32 0xb76c4cb3 in ?? () from /usr/lib/libgtk-x11-2.0.so.0
#33 0xb7f6a03c in Gtk::Widget_Class::button_release_event_callback ()
   from /usr/lib/libgtkmm-2.4.so.1
#34 0xb777f526 in ?? () from /usr/lib/libgtk-x11-2.0.so.0
#35 0xb734c3d9 in ?? () from /usr/lib/libgobject-2.0.so.0
#36 0xb734dc7b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
---Type <return> to continue, or q <return> to quit---
#37 0xb7363aff in ?? () from /usr/lib/libgobject-2.0.so.0
#38 0xb736534f in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#39 0xb7365936 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#40 0xb789a2ae in ?? () from /usr/lib/libgtk-x11-2.0.so.0
#41 0xb7777f7c in gtk_propagate_event () from /usr/lib/libgtk-x11-2.0.so.0
#42 0xb7779327 in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0
#43 0xb760534a in ?? () from /usr/lib/libgdk-x11-2.0.so.0
#44 0xb72afb88 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#45 0xb72b30eb in ?? () from /usr/lib/libglib-2.0.so.0
#46 0xb72b35ba in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#47 0xb77797d9 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#48 0xb7edf3d7 in Gtk::Main::run_impl () from /usr/lib/libgtkmm-2.4.so.1
#49 0xb7edf1d2 in Gtk::Main::run () from /usr/lib/libgtkmm-2.4.so.1
#50 0x080888e7 in sp_main_gui (argc=1, argv=0xbfe82c34) at main.cpp:948
#51 0x081670ba in Inkscape::NSApplication::Application::run (this=0xbfe82b70)
    at application/application.cpp:114
#52 0x08087f3d in main (argc=1, argv=0xbfe82c34) at main.cpp:684
(gdb) Quit

Revision history for this message
jazzynico (jazzynico) wrote :

Confirmed on Windows XP, Inkscape rev. 21627. Works well with 0.46.
Also crash with bitmap files (tested with PNG and JPG).

Changed in inkscape:
importance: Undecided → High
milestone: none → 0.47
status: New → Confirmed
tags: added: crash filters regression
Revision history for this message
Alvin Penner (apenner) wrote :

on Windows XP, if I browse for a filter file as above, I get the same crash message.

I also get a somewhat related crash if I avoid using the "Image File" button to browse for the file, and instead type in the letter 'a' into the textbox that says "Source of Image". Then I get the crash message :

C:\Program Files\Inkscape>inkscapec

** (inkscape.exe:3472): WARNING **: FilterImage::render: Can not find: a
terminate called after throwing an instance of 'Glib::FileError'

Emergency save activated!

Pablo Trabajos (pajarico)
tags: added: filters-svg
removed: filters
Revision history for this message
theAdib (theadib) wrote :

Appended patch resolves the crash situation.
The patch catches now all BadURIExceptions.

Pls test and confirm.

Adib.

Changed in inkscape:
assignee: nobody → theAdib (theadib)
status: Confirmed → In Progress
Revision history for this message
dopelover (dopelover) wrote :

For me Inkscape doesn't crash anymore.

Revision history for this message
jazzynico (jazzynico) wrote :

Tested on Ubuntu 9.04. Doesn't crash.
Thanks Adib!

Revision history for this message
su_v (suv-lp) wrote :

Could not reproduce the crash on OS X 10.5.8 with
- Inkscape 0.47pre1-2 (r21720)
- Inkscape 0.47pre2-2 (r22153)

Patch tested with Inkscape r22221 on OS X 10.5.8 - image filter with 'Image File' works without crash as before.

Revision history for this message
theAdib (theadib) wrote :

the crash is an untrapped exception when you change the filename from something to something else. Try "a" and then change the filename to "b". When you only type "A" it will not happen. HTH, Adib.

Revision history for this message
su_v (suv-lp) wrote :

On OS X 10.5.8, following your instructions 'Try "a" and then change the filename to "b".' (I type "a" and <return>, then <backspace> to delete "a", type "b" and <return>), none of the 0.47pre versions (precompiled packages from sf.net) crashes or produces any error messages in the console.

I have to type "a" and activate the filter for the selected rectangle, to get these warnings in the console:

** (inkscape-bin:29045): WARNING **: FilterImage::render: Can not find: a
** (inkscape-bin:29045): WARNING **: caught Glib::FileError in FilterImage::render 4

The same happens with the patched version r22221.

I don't know what caught these exceptions in earlier versions on OS X, but not on XP or Ubuntu?

Revision history for this message
dopelover (dopelover) wrote :
Download full text (6.8 KiB)

I checked your patch with recent SVN version and it works well. Changing paths doesn't lead to crash but applying selected SVG element insted of specified image file unfortunately does.

Here is a GDB output:

(gdb) run
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /usr/local/bin/inkscape
[Thread debugging using libthread_db enabled]
[New Thread 0xb5ff3770 (LWP 17765)]

(inkscape:17765): Gtk-WARNING **: Attempting to read the recently used resources file at `/home/tomek/.recently-used.xbel', but the parser failed: Error reading file '/home/tomek/.recently-used.xbel': Invalid argument.
[New Thread 0xb5704b90 (LWP 17774)]
[New Thread 0xb4f03b90 (LWP 17775)]
[New Thread 0xb4702b90 (LWP 17776)]
[Thread 0xb4f03b90 (LWP 17775) exited]
[Thread 0xb5704b90 (LWP 17774) exited]
[New Thread 0xb5704b90 (LWP 17777)]
[Thread 0xb4702b90 (LWP 17776) exited]
[New Thread 0xb4702b90 (LWP 17778)]
[Thread 0xb5704b90 (LWP 17777) exited]
[Thread 0xb4702b90 (LWP 17778) exited]

** (inkscape:17765): WARNING **: More than 32 iteration while updating document '(null)'

** (inkscape:17765): WARNING **: More than 32 iteration while updating document '(null)'

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb5ff3770 (LWP 17765)]
0x080f5f44 in sp_item_invoke_show (item=0x6e282720, arena=0xaa1d770, key=29, flags=1) at sp-item.cpp:1099
1099 g_assert(SP_IS_ITEM(item));
(gdb) bt
#0 0x080f5f44 in sp_item_invoke_show (item=0x6e282720, arena=0xaa1d770, key=29, flags=1) at sp-item.cpp:1099
#1 0x081e5cec in Inkscape::Filters::FilterImage::render (this=0xdd52928, slot=@0xbfb02e4c, units=@0xbfb02f00) at display/nr-filter-image.cpp:55
#2 0x081c716c in Inkscape::Filters::Filter::render (this=0xc3f3e80, item=0xc3eeb68, pb=0xbfb0310c) at display/nr-filter.cpp:212
#3 0x0819b3c8 in nr_arena_item_invoke_render (ct=0xdd76fd8, item=0xc3eeb68, area=0xbfb032e4, pb=0xbfb03640, flags=0) at display/nr-arena-item.cpp:456
#4 0x0819bf9d in nr_arena_group_render (ct=0xdd76fd8, item=0xaa0cbd0, area=0xbfb032e4, pb=0xbfb03640, flags=0) at display/nr-arena-group.cpp:228
#5 0x0819b305 in nr_arena_item_invoke_render (ct=0xdd76fd8, item=0xaa0cbd0, area=0xbfb03464, pb=0xbfb03640, flags=<value optimized out>) at display/nr-arena-item.cpp:576
#6 0x0819bf9d in nr_arena_group_render (ct=0xdd76fd8, item=0xaa0cd20, area=0xbfb03464, pb=0xbfb03640, flags=0) at display/nr-arena-group.cpp:228
#7 0x0819b305 in nr_arena_item_invoke_render (ct=0xdd76fd8, item=0xaa0cd20, area=0xbfb035e4, pb=0xbfb03640, flags=<value optimized out>) at display/nr-arena-item.cpp:576
#8 0x0819bf9d in nr_arena_group_render (ct=0xdd76fd8, item=0xaa0ce70, area=0xbfb035e4, pb=0xbfb03640, flags=0) at display/nr-arena-group.cpp:228
#9 0x0819b305 in nr_arena_item_invoke_render (ct=0xdd76fd8, item=0xaa0ce70, area=0xbfb0366c, pb=0xbfb03640, flags=<value optimized out>) at display/nr-arena-item.cpp:576
#10 0x08576391 in sp_canvas_arena_render (item=0xadc6150, buf=0xbfb03744) at display/canvas-arena.cpp:219
#11 0x081c1262 in sp_canvas_group_render (item=0xb406090, buf=0xbfb03744) at display/sp-canvas.cpp:867
#12 0x081c1262 in sp_canvas_group_render ...

Read more...

Revision history for this message
su_v (suv-lp) wrote :

@dopelover I think that's a different bug already filed under Bug #195320 “feimage freezes inkscape if filtered object is the same as referenced object”

@theAdib - found an older comment from me <https://bugs.launchpad.net/inkscape/+bug/382313/comments/2> (a bug about a similar but different issue with feimage) where an exception (caught Glib::FileError in FilterImage::render 4) is caught with Inkscape r21420 on OS X 10.5.7 ...

Revision history for this message
theAdib (theadib) wrote :

suv, I see those
** (inkscape:16689): WARNING **: FilterImage::render: Can not find: b
** (inkscape:16689): WARNING **: caught Glib::FileError in FilterImage::render 4
These are caught exceptions and do not lead in aborting or crashing Inkscape.

The issue itself is solved: No more crash.

What we can do here is to "hide" the messages.

the Adib
PS: I tried to summarize some effects for invalid data/references here: https://blueprints.launchpad.net/inkscape/+spec/handle-corrupted-files .

Revision history for this message
su_v (suv-lp) wrote :

> These are caught exceptions and do not lead in aborting or crashing Inkscape.
I understood that - but my question is, why on OS X the exception was caught even before I applied your patch, whereas on XP and Ubuntu, Inkscape crashed upon changing the filename. Then again - if there are no more crashes in the image effect filter on all platforms - the question is pointless, I guess.

Revision history for this message
ScislaC (scislac) wrote :

Thanks Adib!!! Committed in rev 22236

Changed in inkscape:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.