Bug 301051

Summary: Digikam crashes when changing picture in image editor
Product: [Applications] digikam Reporter: mikael.salson
Component: DImg-ProcessingAssignee: Digikam Developers <digikam-bugs-null>
Status: RESOLVED FIXED    
Severity: crash CC: caulier.gilles, efelthauser, gary+kde, mathieu.langer, pscholz, torsten.crass
Priority: NOR    
Version: 2.7.0   
Target Milestone: ---   
Platform: Ubuntu   
OS: Linux   
Latest Commit: Version Fixed In: 2.7.0
Sentry Crash Report:
Attachments: Valgrind output when Digikam crashes
New crash information added by DrKonqi
New crash information added by DrKonqi
New crash information added by DrKonqi
New crash information added by DrKonqi
Valgrind Crash Info on PgUp/PgDown with DigiKam 2.6.0

Description mikael.salson 2012-06-02 13:10:00 UTC 
Application: digikam (2.5.0)
KDE Platform Version: 4.8.3 (4.8.3)
Qt Version: 4.8.1
Operating System: Linux 3.2.0-24-generic x86_64
Distribution: Ubuntu 12.04 LTS

-- Information about the crash:
- What I was doing when the application crashed:
When viewing pictures in the image editor, Digikam crashes on specific pictures (always the same ones). However when opening the editor directly on a “buggy” picture, Digikam does not crash, and the picture is displayed correctly.

The crash can be reproduced every time.

-- Backtrace:
Application: digiKam (digikam), signal: Aborted
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Current thread is 1 (Thread 0x7fc34845ca00 (LWP 20547))]

Thread 7 (Thread 0x7fc324bb5700 (LWP 20548)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
#1  0x00007fc3426d64db in wait (time=18446744073709551615, this=0xdd91a0) at thread/qwaitcondition_unix.cpp:86
#2  QWaitCondition::wait (this=<optimized out>, mutex=0xdd9098, time=18446744073709551615) at thread/qwaitcondition_unix.cpp:158
#3  0x00000000005ca1d0 in Digikam::ScanController::run (this=0xdd8e30) at /build/buildd/digikam-2.5.0/core/digikam/database/scancontroller.cpp:647
#4  0x00007fc3426d5fcb in QThreadPrivate::start (arg=0xdd8e30) at thread/qthread_unix.cpp:298
#5  0x00007fc33d21ae9a in start_thread (arg=0x7fc324bb5700) at pthread_create.c:308
#6  0x00007fc3419024bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()

Thread 6 (Thread 0x7fc31ffff700 (LWP 20550)):
#0  0x00007fc33d21e05d in __pthread_mutex_unlock_usercnt (mutex=<optimized out>, decr=<optimized out>) at pthread_mutex_unlock.c:52
#1  __pthread_mutex_unlock (mutex=0x7fc318000a60) at pthread_mutex_unlock.c:290
#2  0x00007fc33aea3591 in g_mutex_unlock () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fc33ae6812e in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007fc342804426 in QEventDispatcherGlib::processEvents (this=0x7fc3180008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:426
#5  0x00007fc3427d3c82 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#6  0x00007fc3427d3ed7 in QEventLoop::exec (this=0x7fc31fffeb50, flags=...) at kernel/qeventloop.cpp:204
#7  0x00007fc3426d2fa7 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:501
#8  0x00007fc3427b39ff in QInotifyFileSystemWatcherEngine::run (this=0xddc5a0) at io/qfilesystemwatcher_inotify.cpp:248
#9  0x00007fc3426d5fcb in QThreadPrivate::start (arg=0xddc5a0) at thread/qthread_unix.cpp:298
#10 0x00007fc33d21ae9a in start_thread (arg=0x7fc31ffff700) at pthread_create.c:308
#11 0x00007fc3419024bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#12 0x0000000000000000 in ?? ()

Thread 5 (Thread 0x7fc31f7fe700 (LWP 20552)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
#1  0x00007fc3426d64db in wait (time=18446744073709551615, this=0x13126b0) at thread/qwaitcondition_unix.cpp:86
#2  QWaitCondition::wait (this=<optimized out>, mutex=0x1312418, time=18446744073709551615) at thread/qwaitcondition_unix.cpp:158
#3  0x00007fc345ad4ff1 in Digikam::ParkingThread::run (this=0x1312400) at /build/buildd/digikam-2.5.0/core/libs/threads/threadmanager.cpp:119
#4  0x00007fc3426d5fcb in QThreadPrivate::start (arg=0x1312400) at thread/qthread_unix.cpp:298
#5  0x00007fc33d21ae9a in start_thread (arg=0x7fc31f7fe700) at pthread_create.c:308
#6  0x00007fc3419024bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()

Thread 4 (Thread 0x7fc31e0b4700 (LWP 20553)):
#0  0x00007fc3418f6b03 in __GI___poll (fds=<optimized out>, nfds=<optimized out>, timeout=<optimized out>) at ../sysdeps/unix/sysv/linux/poll.c:87
#1  0x00007fc33ae67ff6 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fc33ae68124 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fc342804426 in QEventDispatcherGlib::processEvents (this=0x7fc3140008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:426
#4  0x00007fc3427d3c82 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#5  0x00007fc3427d3ed7 in QEventLoop::exec (this=0x7fc31e0b3b50, flags=...) at kernel/qeventloop.cpp:204
#6  0x00007fc3426d2fa7 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:501
#7  0x00007fc3427b39ff in QInotifyFileSystemWatcherEngine::run (this=0xc39940) at io/qfilesystemwatcher_inotify.cpp:248
#8  0x00007fc3426d5fcb in QThreadPrivate::start (arg=0xc39940) at thread/qthread_unix.cpp:298
#9  0x00007fc33d21ae9a in start_thread (arg=0x7fc31e0b4700) at pthread_create.c:308
#10 0x00007fc3419024bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#11 0x0000000000000000 in ?? ()

Thread 3 (Thread 0x7fc30a8c4700 (LWP 20558)):
#0  0x00007fc342803b75 in postEventSourcePrepare (s=0x7fc2fc001700, timeout=0x0) at kernel/qeventdispatcher_glib.cpp:255
#1  0x00007fc33ae67a33 in g_main_context_check () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fc33ae67f96 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fc33ae68124 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007fc342804426 in QEventDispatcherGlib::processEvents (this=0x7fc2fc0008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:426
#5  0x00007fc3427d3c82 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#6  0x00007fc3427d3ed7 in QEventLoop::exec (this=0x7fc30a8c3b50, flags=...) at kernel/qeventloop.cpp:204
#7  0x00007fc3426d2fa7 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:501
#8  0x00007fc3427b39ff in QInotifyFileSystemWatcherEngine::run (this=0x2b971d0) at io/qfilesystemwatcher_inotify.cpp:248
#9  0x00007fc3426d5fcb in QThreadPrivate::start (arg=0x2b971d0) at thread/qthread_unix.cpp:298
#10 0x00007fc33d21ae9a in start_thread (arg=0x7fc30a8c4700) at pthread_create.c:308
#11 0x00007fc3419024bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#12 0x0000000000000000 in ?? ()

Thread 2 (Thread 0x7fc301257700 (LWP 20559)):
#0  __pthread_getspecific (key=4) at pthread_getspecific.c:58
#1  0x00007fc33ae89e80 in g_thread_self () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007fc33ae68115 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007fc342804426 in QEventDispatcherGlib::processEvents (this=0x7fc2f40008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:426
#4  0x00007fc3427d3c82 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#5  0x00007fc3427d3ed7 in QEventLoop::exec (this=0x7fc301256b50, flags=...) at kernel/qeventloop.cpp:204
#6  0x00007fc3426d2fa7 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:501
#7  0x00007fc3427b39ff in QInotifyFileSystemWatcherEngine::run (this=0x2bb1210) at io/qfilesystemwatcher_inotify.cpp:248
#8  0x00007fc3426d5fcb in QThreadPrivate::start (arg=0x2bb1210) at thread/qthread_unix.cpp:298
#9  0x00007fc33d21ae9a in start_thread (arg=0x7fc301257700) at pthread_create.c:308
#10 0x00007fc3419024bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#11 0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7fc34845ca00 (LWP 20547)):
[KCrash Handler]
#6  0x00007fc341846445 in __GI_raise (sig=<optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#7  0x00007fc341849bab in __GI_abort () at abort.c:91
#8  0x00007fc341883e2e in __libc_message (do_abort=2, fmt=0x7fc34198c0d0 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:201
#9  0x00007fc34188e626 in malloc_printerr (action=3, str=0x7fc34198c230 "double free or corruption (out)", ptr=<optimized out>) at malloc.c:5007
#10 0x00007fc3458d3d59 in Digikam::DImg::rotate (this=0x2f41500, angle=<optimized out>) at /build/buildd/digikam-2.5.0/core/libs/dimg/dimg.cpp:2436
#11 0x00007fc3458d4282 in Digikam::DImg::rotateAndFlip (this=0x2f41500, orientation=<optimized out>) at /build/buildd/digikam-2.5.0/core/libs/dimg/dimg.cpp:2647
#12 0x00007fc345ba32a6 in Digikam::DImgInterface::slotImageLoaded (this=0x2db2440, loadingDescription=..., img=...) at /build/buildd/digikam-2.5.0/core/utilities/imageeditor/canvas/dimginterface.cpp:433
#13 0x00007fc3427ee446 in QObject::event (this=0x2db2440, e=<optimized out>) at kernel/qobject.cpp:1195
#14 0x00007fc3431ca894 in notify_helper (e=0x7fc2c43f3520, receiver=0x2db2440, this=0xbe14a0) at kernel/qapplication.cpp:4559
#15 QApplicationPrivate::notify_helper (this=0xbe14a0, receiver=0x2db2440, e=0x7fc2c43f3520) at kernel/qapplication.cpp:4531
#16 0x00007fc3431cf713 in QApplication::notify (this=0x7fff5660b650, receiver=0x2db2440, e=0x7fc2c43f3520) at kernel/qapplication.cpp:4420
#17 0x00007fc343f03bb6 in KApplication::notify (this=0x7fff5660b650, receiver=0x2db2440, event=0x7fc2c43f3520) at ../../kdeui/kernel/kapplication.cpp:311
#18 0x00007fc3427d4e9c in QCoreApplication::notifyInternal (this=0x7fff5660b650, receiver=0x2db2440, event=0x7fc2c43f3520) at kernel/qcoreapplication.cpp:876
#19 0x00007fc3427d8c6a in sendEvent (event=0x7fc2c43f3520, receiver=0x2db2440) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#20 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0xb814c0) at kernel/qcoreapplication.cpp:1500
#21 0x00007fc342803f93 in sendPostedEvents () at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:236
#22 postEventSourceDispatch (s=<optimized out>) at kernel/qeventdispatcher_glib.cpp:279
#23 0x00007fc33ae67c9a in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#24 0x00007fc33ae68060 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#25 0x00007fc33ae68124 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#26 0x00007fc3428043bf in QEventDispatcherGlib::processEvents (this=0xb82da0, flags=...) at kernel/qeventdispatcher_glib.cpp:424
#27 0x00007fc343272d5e in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#28 0x00007fc3427d3c82 in QEventLoop::processEvents (this=<optimized out>, flags=...) at kernel/qeventloop.cpp:149
#29 0x00007fc3427d3ed7 in QEventLoop::exec (this=0x7fff5660b4d0, flags=...) at kernel/qeventloop.cpp:204
#30 0x00007fc3427d8f67 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1148
#31 0x000000000048bc5d in main (argc=1, argv=<optimized out>) at /build/buildd/digikam-2.5.0/core/digikam/main/main.cpp:232

This bug may be a duplicate of or related to bug 285319.

Possible duplicates by query: bug 300843, bug 299917, bug 299828, bug 299137, bug 297549.

Reported using DrKonqi
Comment 1 caulier.gilles 2012-06-02 16:17:15 UTC 
It crash in rotation code from DImg component when image is loaded in editor. It's autorotation stuff accordingly with Exif flag.

But it's really strange. At end, crash stop to libc to a corruption memory :

8  0x00007fc341883e2e in __libc_message (do_abort=2, fmt=0x7fc34198c0d0 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:201
#9  0x00007fc34188e626 in malloc_printerr (action=3, str=0x7fc34198c230 "double free or corruption (out)", ptr=<optimized out>) at malloc.c:5007

Can you run digiKam into valgrind from a console, and reproduce the crash, and report the console trace here ?

Look here for details about valgrind :

https://projects.kde.org/projects/extragear/graphics/digikam/repository/revisions/master/entry/HACKING#L281

Gilles Caulier
Comment 2 caulier.gilles 2012-06-02 16:18:34 UTC 
*** Bug 285319 has been marked as a duplicate of this bug. ***
Comment 3 caulier.gilles 2012-06-02 16:19:20 UTC 
*** Bug 300843 has been marked as a duplicate of this bug. ***
Comment 4 mikael.salson 2012-06-02 18:36:55 UTC 
Created attachment 71520 [details]
Valgrind output when Digikam crashes

Thanks a lot for your help… you're much quicker than kmail guys :)

I made further tests, which may be useless with Valgrind output. In a specific album I need to first double click on a thumbnail to open a preview of a portrait picture, then open the image editor on that picture, move forward and Digikam crashes on the third portrait picture. 

I didn't succeed to reproduce the bug in other albums.

Also, Digikam doesn't crash if I don't first preview the picture. If I open the image editor first, close it, preview the picture, and then re-open the image editor, it won't crash.

Valgrind output is in attachment. I launched the command given in the URL above. However, let me suggest to add file redirection to the command: when Digikam crashes, valgrind complains about lots of memory blocks that have been lost. There are so many lines that I lost the beginning of the output. So I had to relaunch valgrind, with redirections this time.

The digikam.supp file I used was the latest from the git repository. The output is compressed in attachment. Let me pinpoint the important part in the output. When I click on a thumbnail to get a preview, valgrind detects an “Invalid read of size 8” at 0x95DB52A. Opening the image editor does not produce any error. It is only when I load the third portrait picture that I get a seemingly fatal “Invalid read of size 4” at 0x7337108.
Comment 5 caulier.gilles 2012-06-02 19:51:36 UTC 
This is the trace relevant of crash from Valgrind :

==27428== Invalid read of size 4
==27428==    at 0x7337108: Digikam::DImg::rotate(Digikam::DImg::ANGLE) (dimg.cpp:2294)
==27428==    by 0x7337256: Digikam::DImg::rotateAndFlip(int) (dimg.cpp:2636)
==27428==    by 0x76062A5: Digikam::DImgInterface::slotImageLoaded(Digikam::LoadingDescription const&, Digikam::DImg const&) (dimginterface.cpp:433)
==27428==    by 0xA74D445: QObject::event(QEvent*) (qobject.cpp:1195)
==27428==    by 0x95E3893: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4559)
==27428==    by 0x95E8712: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4420)
==27428==    by 0x8FE5BB5: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:311)
==27428==    by 0xA733E9B: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:876)
==27428==    by 0xA737C69: QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (qcoreapplication.h:231)
==27428==    by 0xA762F92: postEventSourceDispatch(_GSource*, int (*)(void*), void*) (qcoreapplication.h:236)
==27428==    by 0x12017C99: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.1)
==27428==    by 0x1201805F: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.3200.1)
==27428==  Address 0x60940d84 is not stack'd, malloc'd or (recently) free'd
==27428== 
KCrash: Application 'digikam' crashing...
KCrash: Attempting to start /usr/lib/kde4/libexec/drkonqi from kdeinit
==27428== Invalid read of size 4
==27428==    at 0x9046F80: startFromKdeinit(int, char const**) (kcrash.cpp:781)
==27428==    by 0x9047470: startProcessInternal(int, char const**, bool, bool) (kcrash.cpp:537)
==27428==    by 0x9047BD9: KCrash::startProcess(int, char const**, bool) (kcrash.cpp:524)
==27428==    by 0x9047FA6: KCrash::defaultCrashHandler(int) (kcrash.cpp:435)
==27428==    by 0xB54E4BF: ??? (in /lib/x86_64-linux-gnu/libc-2.15.so)
==27428==    by 0x7337107: Digikam::DImg::rotate(Digikam::DImg::ANGLE) (dimg.cpp:2290)
==27428==    by 0x7337256: Digikam::DImg::rotateAndFlip(int) (dimg.cpp:2636)
==27428==    by 0x76062A5: Digikam::DImgInterface::slotImageLoaded(Digikam::LoadingDescription const&, Digikam::DImg const&) (dimginterface.cpp:433)
==27428==    by 0xA74D445: QObject::event(QEvent*) (qobject.cpp:1195)
==27428==    by 0x95E3893: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4559)
==27428==    by 0x95E8712: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4420)
==27428==    by 0x8FE5BB5: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:311)
==27428==  Address 0x31aa5e10 is 0 bytes inside a block of size 3 alloc'd
==27428==    at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==27428==    by 0x9046EE7: startFromKdeinit(int, char const**) (kcrash.cpp:660)
==27428==    by 0x9047470: startProcessInternal(int, char const**, bool, bool) (kcrash.cpp:537)
==27428==    by 0x9047BD9: KCrash::startProcess(int, char const**, bool) (kcrash.cpp:524)
==27428==    by 0x9047FA6: KCrash::defaultCrashHandler(int) (kcrash.cpp:435)
==27428==    by 0xB54E4BF: ??? (in /lib/x86_64-linux-gnu/libc-2.15.so)
==27428==    by 0x7337107: Digikam::DImg::rotate(Digikam::DImg::ANGLE) (dimg.cpp:2290)
==27428==    by 0x7337256: Digikam::DImg::rotateAndFlip(int) (dimg.cpp:2636)
==27428==    by 0x76062A5: Digikam::DImgInterface::slotImageLoaded(Digikam::LoadingDescription const&, Digikam::DImg const&) (dimginterface.cpp:433)
==27428==    by 0xA74D445: QObject::event(QEvent*) (qobject.cpp:1195)
==27428==    by 0x95E3893: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4559)
==27428==    by 0x95E8712: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4420)

Gilles Caulier
Comment 6 caulier.gilles 2012-06-02 19:52:36 UTC 
Do you identified with image crash digiKam. If yes, please share this file to try to reproduce it here...

Gilles Caulier
Comment 7 mikael.salson 2012-06-03 11:13:23 UTC 
Contrarily to what I said in my first message, Digikam does not crash on a specific image. If I first preview any portrait picture (a picture whose orientation is portrait), then open the image editor on that picture, Digikam will crash after loading the third portrait picture, whatever the picture is. However other conditions must be fulfilled to ensure the crash! The pictures must not have been modified either by Digikam's editor or an external editor. The crash never occurs neither on a modified picture nor a landscape picture.

I succeeded to reproduce the bug on another album. I selected sub-sample of the pictures so that the crash still occurs. So that you can better understand (if you succeed to reproduce the bug), I also included landscape pictures and modified pictures (with versioning).

A last important point. These pictures were recovered using testdisk because I had troubles with my memory card. I didn't succeed to reproduce the bug on albums that were not recovered using testdisk (the original buggy album is also made of pictures recovered with testdisk).

The album is available here: http://dl.free.fr/qAaWlptsn
Comment 8 Gus Gustafson 2012-06-03 14:10:25 UTC 
Created attachment 71539 [details]
New crash information added by DrKonqi

digikam (2.5.0) on KDE Platform 4.8.3 (4.8.3) using Qt 4.8.1

- What I was doing when the application crashed:

Hello,
I reported this as a separate bug a week ago (id # 300843), but as Gilles suggested, is is probably the same as this one, and has now happened a second time. It happened (perhaps the first time as well, I cannot recall for sure) while browsing to other photos in the image editor window. However, my photos were never recovered using testdisk, which Mikael suspected as a factor. As far as I know they never experienced any file corruption or disk issues. However, I can say that some of the ones I was browsing back and forth on had been edited by the digikam/kipi editing tools, and some had not been edited.

-- Backtrace (Reduced):
#6  Digikam::DImg::rotate (this=0x38dfe20, angle=<optimized out>) at /build/buildd/digikam-2.5.0/core/libs/dimg/dimg.cpp:2429
#7  0x00007f16c42ca282 in Digikam::DImg::rotateAndFlip (this=0x38dfe20, orientation=<optimized out>) at /build/buildd/digikam-2.5.0/core/libs/dimg/dimg.cpp:2647
#8  0x00007f16c45992a6 in Digikam::DImgInterface::slotImageLoaded (this=0x38cf690, loadingDescription=..., img=...) at /build/buildd/digikam-2.5.0/core/utilities/imageeditor/canvas/dimginterface.cpp:433
#9  0x00007f16c11e4446 in QObject::event (this=0x38cf690, e=<optimized out>) at kernel/qobject.cpp:1195
#10 0x00007f16c1bc0894 in notify_helper (e=0x7f163c09de00, receiver=0x38cf690, this=0x205d980) at kernel/qapplication.cpp:4559
Comment 9 Marcel Wiesweg 2012-06-03 15:32:41 UTC 
As current git's dimg.cpp line numbers are different to 2.5.0, here the translation of relevant lines:
2436: delete [] m_priv->data;
2294: *to = *from++;
2429: *to = *from++;

From valgrind we learn that the read is invalid (in the line when reading from source and writing to destination), and we have one crash when deleting source, which in conclusion means that source data is invalid.
(side note to myself: move image rotation to a thread)
Comment 10 Marcel Wiesweg 2012-06-03 15:39:41 UTC 
Unfortunately, I cannot reproduce with your sample pictures (I took the three original images and showed opened them in a row in the editor)
Comment 11 Gary Peck 2012-06-13 16:12:58 UTC 
Created attachment 71797 [details]
New crash information added by DrKonqi

digikam (2.5.0) on KDE Platform 4.8.3 (4.8.3) using Qt 4.8.1

- What I was doing when the application crashed:

I had opened a preview of the first image in one of my albums. Then I opened that image in the editor, zoomed and panned around a bit, opened and closed the thumbnail bar, and then hit PgDn to go to the next image in the album. That's when Digikam crashed. Both images were portrait.

-- Backtrace (Reduced):
#7  Digikam::DImg::rotate (this=0xaa36a24, angle=Digikam::DImg::ROT90) at /build/buildd/digikam-2.5.0/core/libs/dimg/dimg.cpp:2294
#8  0x015ecac8 in Digikam::DImg::rotateAndFlip (this=0xaa36a24, orientation=6) at /build/buildd/digikam-2.5.0/core/libs/dimg/dimg.cpp:2636
#9  0x018fd4ac in Digikam::DImgInterface::slotImageLoaded (this=0xa927fe0, loadingDescription=..., img=...) at /build/buildd/digikam-2.5.0/core/utilities/imageeditor/canvas/dimginterface.cpp:433
#10 0x01906bbe in qt_static_metacall (_a=0x9726dfa8, _id=9, _o=0xa927fe0, _c=<optimized out>) at /build/buildd/digikam-2.5.0/obj-i686-linux-gnu/core/digikam/dimginterface.moc:90
#11 Digikam::DImgInterface::qt_static_metacall (_o=0xa927fe0, _c=QMetaObject::InvokeMetaMethod, _id=9, _a=0x9726dfa8) at /build/buildd/digikam-2.5.0/obj-i686-linux-gnu/core/digikam/dimginterface.moc:75
Comment 12 Gary Peck 2012-06-13 16:23:21 UTC 
Note that I'm not able to reproduce this crash based on my description above (using the same photos), so there must've been some other contributing factor that I am forgetting.
Comment 13 Gary Peck 2012-06-13 16:34:54 UTC 
Created attachment 71798 [details]
New crash information added by DrKonqi

digikam (2.5.0) on KDE Platform 4.8.3 (4.8.3) using Qt 4.8.1

- What I was doing when the application crashed:

Just hit this crash again. The only common factor with before was that I was in the image editor and hit PgDn to go to the next image. Otherwise I can't think of any commonalities (different photos, different orientations, in the middle of the album, etc.).

-- Backtrace (Reduced):
#7  Digikam::DImg::rotate (this=0xaa01244, angle=Digikam::DImg::ROT90) at /build/buildd/digikam-2.5.0/core/libs/dimg/dimg.cpp:2294
#8  0x025afac8 in Digikam::DImg::rotateAndFlip (this=0xaa01244, orientation=6) at /build/buildd/digikam-2.5.0/core/libs/dimg/dimg.cpp:2636
#9  0x02792271 in Digikam::LoadSaveThread::exifRotate (image=..., filePath=...) at /build/buildd/digikam-2.5.0/core/libs/threadimageio/loadsavethread.cpp:276
#10 0x027a992e in Digikam::PreviewLoadingTask::execute (this=0xaa010c8) at /build/buildd/digikam-2.5.0/core/libs/threadimageio/previewtask.cpp:185
#11 0x02791938 in Digikam::LoadSaveThread::run (this=0x9377378) at /build/buildd/digikam-2.5.0/core/libs/threadimageio/loadsavethread.cpp:118
Comment 14 caulier.gilles 2012-06-13 17:06:43 UTC 
Try 2.6.0 just release. It's probably fixed...

Gilles Caulier
Comment 15 caulier.gilles 2012-06-22 08:53:01 UTC 
Official digiKam 2.6.0 release is out since few days now :

http://www.digikam.org/drupal/node/656

Please, check if this entry still valid, or update report accordingly.

Thanks in advance.

Gilles Caulier
Comment 16 Gary Peck 2012-06-22 18:16:23 UTC 
I don't have time at the moment to compile a new version from source, but I'll try out 2.6.0 once it lands in Ubuntu. Looks like it just made it to Debian's testing repo, so hopefully it'll show up in the Ubuntu 12.10 repo in the near future.
Comment 17 Gus Gustafson 2012-06-22 18:40:10 UTC 
i am using digikam 2.6 pulled from philip's ppa. i have not encountered a crash yet. it seems to be fixed.
thank you!
Comment 18 caulier.gilles 2012-06-22 18:45:21 UTC 
Thanks Gus,

Gary, if you e,coured this problem again, please reopen this file...

Gilles Caulier
Comment 19 pscholz 2012-07-01 08:12:46 UTC 
Created attachment 72251 [details]
New crash information added by DrKonqi

digikam (2.7.0) on KDE Platform 4.8.3 (4.8.3) using Qt 4.8.1

- What I was doing when the application crashed:
when switching through pictures in the editor, digikam always crashes at the same files

- Custom settings of the application:
well it's a git version (2.7.0). I'm using the git version because of a bug which caused
digikam to crash when saving an edited file.

Maybe both bugs are relating to each other...

PS: I know that this report is still closed, but... I'm using 2.7.0 ...

-- Backtrace (Reduced):
#7  __GI___libc_free (mem=0x7c89a008) at malloc.c:2968
[...]
#10 0xb68b3ffa in Digikam::DImg::rotate (this=0xb7c2b2c, angle=Digikam::DImg::ROT90) at /build/buildd/digikam-git-2.5.99/libs/dimg/dimg.cpp:2307
#11 0xb68b44d8 in Digikam::DImg::rotateAndFlip (this=0xb7c2b2c, orientation=6) at /build/buildd/digikam-git-2.5.99/libs/dimg/dimg.cpp:2642
#12 0xb6bd25e3 in Digikam::DImgInterface::slotImageLoaded (this=0xaf04728, loadingDescription=..., img=...) at /build/buildd/digikam-git-2.5.99/utilities/imageeditor/canvas/dimginterface.cpp:454
#13 0xb6bdbc0e in qt_static_metacall (_a=0x99199490, _id=9, _o=0xaf04728, _c=<optimized out>) at /build/buildd/digikam-git-2.5.99/obj-i686-linux-gnu/digikam/dimginterface.moc:90
Comment 20 Marcel Wiesweg 2012-07-01 11:40:21 UTC 
"digikam always crashes at the same files" sounds promising: You know a file with which you can always reproduce this crash when opening it? Which sort of file is this?
Comment 21 Gus Gustafson 2012-07-02 14:59:04 UTC 
Hello,
I found that the crash while browsing through images in the editor window, has occurred again in version 2.6. 
I can say, however, that it seems like you have to browse through more images than in order for it to crash than in version 2.5.
It seems like it crashed on files that have been edited, but I am not sure about that.
Comment 22 Torsten Crass 2012-09-27 19:05:00 UTC 
Hi there,

same problem here with vers. 2.6.0 (from Debian Sid) -- On some photos, DigiKam crashes when hitting PgUp oder PgDown. ValGrind output attached.
Comment 23 Torsten Crass 2012-09-27 19:06:32 UTC 
Created attachment 74197 [details]
Valgrind Crash Info on PgUp/PgDown with DigiKam 2.6.0
Comment 24 Marcel Wiesweg 2012-09-28 19:49:38 UTC 
==10758== Thread 8:
==10758== Invalid read of size 1
==10758==    at 0x4D0182B: Digikam::ImageHistogram::calculate() (in /usr/lib/libdigikamcore.so.2.0.0)
==10758==    by 0x4D014DC: Digikam::ImageHistogram::run() (in /usr/lib/libdigikamcore.so.2.0.0)
==10758==    by 0x4E0E6E9: Digikam::DynamicThread::DynamicThreadPriv::run() (in /usr/lib/libdigikamcore.so.2.0.0)
==10758==    by 0x6BCB913: QThreadPoolThread::run() (in /usr/lib/i386-linux-gnu/libQtCore.so.4.8.2)
==10758==    by 0x6BD8EFF: QThreadPrivate::start(void*) (in /usr/lib/i386-linux-gnu/libQtCore.so.4.8.2)
==10758==    by 0x8FF2C38: start_thread (pthread_create.c:304)
==10758==    by 0x70D123D: clone (clone.S:130)


If this is the crash location, sounds like one of those ever-reoccurring crashes with the histogram code.
Comment 25 Torsten Crass 2012-09-28 20:14:34 UTC 
Marcel,

I can confirm that those crashes only occur if the "Colors" tab is selected on the right-hand image information panel. When selecting other tabs (e.g. "Properties", "Metadata", or "Caption/Tags"), selecting the next/previous image from within the image editor works just fine.
Comment 26 caulier.gilles 2012-09-28 21:20:09 UTC 

*** This bug has been marked as a duplicate of bug 274555 ***