Assertion failed: (json_object_get_type(jso) == json_type_object), function json_object_object_add_ex, file json_object.c, line 476.
GIMP version: gimp-2.10.14
Operating System: FreeBSD
Package: FreeBSD package gimp-2.10.14_1,2
as provided from FreeBSD as well as built from source (with debug symbols)
Description of the bug
GIMP 2.10 crashes on startup (I have upgraded it from 2.8-something to 2.10).
The crash points at the https://github.com/json-c/json-c used by the https://github.com/mypaint/libmypaint library.
I have deleted ${HOME}/.config/GIMP
files completely.
FreeBSD bug 243267: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=243267
Filed issue with json-c: https://github.com/json-c/json-c/issues/534 (but I guess not much can be done here)
Preliminary analysis follows at the bottom.
Reproduction
Is the bug reproducible? Always
Reproduction steps:
- Start gimp
Expected result:
gimp starts
Actual result:
Assertion failed: (json_object_get_type(jso) == json_type_object), function json_object_object_add_ex, file json_object.c, line 476.
gimp: fatal error: Abort trap
Additional information
GNU Image Manipulation Program version 2.10.14
git-describe: GIMP_2_10_12-511-ga4f55d6c7e
C compiler:
FreeBSD clang version 8.0.0 (tags/RELEASE_800/final 356365) (based on LLVM 8.0.0)
Target: x86_64-unknown-freebsd11.3
Thread model: posix
InstalledDir: /usr/bin
using babl version 0.1.72 (compiled against version 0.1.72)
using GEGL version 0.4.18 (compiled against version 0.4.18)
using GLib version 2.56.3 (compiled against version 2.56.3)
using GdkPixbuf version 2.40.0 (compiled against version 2.40.0)
using GTK+ version 2.24.32 (compiled against version 2.24.32)
using Pango version 1.42.3 (compiled against version 1.42.3)
using Fontconfig version 2.12.6 (compiled against version 2.12.6)
using Cairo version 1.16.0 (compiled against version 1.16.0)
fatal error: Abort trap
Stack trace:
# Stack traces obtained from PID 89141 - Thread 100674 #
(lldb) process attach --pid 89141
Process 89141 stopped
Executable module set to "/usr/local/bin/gimp-2.10".
Architecture set to: x86_64--freebsd11.3.
(lldb) thread list
Process 89141 stopped
* thread #1: tid = 100674, 0x00000008071ca688 libc.so.7`_read + 8, name = 'gimp-2.10'
thread #2: tid = 100788, 0x00000008043b516c libthr.so.3`_umtx_op_err + 12, name = 'gimp-2.10'
thread #3: tid = 100809, 0x000000080716bbaa libc.so.7`__sys_poll + 10, name = 'gimp-2.10'
thread #4: tid = 100831, 0x000000080716bbaa libc.so.7`__sys_poll + 10, name = 'gimp-2.10'
thread #5: tid = 100868, 0x00000008043b516c libthr.so.3`_umtx_op_err + 12, name = 'gimp-2.10'
thread #6: tid = 100872, 0x00000008043b516c libthr.so.3`_umtx_op_err + 12, name = 'gimp-2.10'
(lldb) thread backtrace all
* thread #1, name = 'gimp-2.10'
* frame #0: 0x00000008071ca688 libc.so.7`_read + 8
frame #1: 0x00000008043a9ca6 libthr.so.3`__thr_read(fd=<unavailable>, buf=<unavailable>, nbytes=<unavailable>) at thr_syscalls.c:418:8
frame #2: 0x0000000802dd05ea libgimpbase-2.0.so.0`gimp_stack_trace_print(prog_name="gimp", stream=0x0000000807429bc0, trace=0x0000000000000000) at gimputils.c:1300:24
frame #3: 0x000000000050909e gimp-2.10`gimp_eek(reason="fatal error", message="Abort trap", use_handler=1) at errors.c:377:27
frame #4: 0x0000000000508ef4 gimp-2.10`gimp_fatal_error(message="Abort trap") at errors.c:234:3
frame #5: 0x000000000050a45f gimp-2.10`gimp_sigfatal_handler(sig_num=6) at signals.c:179:7
frame #6: 0x00000008043acd70 libthr.so.3`handle_signal(actp=0x00007fffffffd670, sig=6, info=0x00007fffffffda60, ucp=0x00007fffffffd6f0) at thr_sig.c:246:3
frame #7: 0x00000008043ac33f libthr.so.3`thr_sighandler(sig=6, info=0x00007fffffffda60, _ucp=0x00007fffffffd6f0) at thr_sig.c:189:2
frame #8: 0x00007ffffffff003
frame #9: 0x0000000807139a29 libc.so.7`abort at abort.c:65:8
frame #10: 0x00000008071b5101 libc.so.7`__assert(func=<unavailable>, file=<unavailable>, line=<unavailable>, failedexpr=<unavailable>) at assert.c:51:2
frame #11: 0x0000000805e0fef5 libjson-c.so.4`json_object_object_add_ex(jso=0x000000081f1e9540, key="comment", val=0x000000081f1e95a0, opts=0) at json_object.c:476:2
frame #12: 0x0000000805e10077 libjson-c.so.4`json_object_object_add(jso=0x000000081f1e9540, key="comment", val=0x000000081f1e95a0) at json_object.c:508:9
frame #13: 0x0000000805e17b64 libjson-c.so.4`json_tokener_parse_ex(tok=0x000000081f1dd680, str=", \n \"group\": \"\", \n \"parent_brush_name\": \"\", \n \"settings\": {\n \"anti_aliasing\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsl_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsv_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_l\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"colorize\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n "..., len=-1) at json_tokener.c:930:7
frame #14: 0x0000000805e14013 libjson-c.so.4`json_tokener_parse_verbose(str="{\n \"comment\": \"MyPaint brush file\", \n \"group\": \"\", \n \"parent_brush_name\": \"\", \n \"settings\": {\n \"anti_aliasing\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsl_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsv_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_l\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"colorize\": {\n \"base_value\": 0.0, \n "..., error=0x00007fffffffdea4) at json_tokener.c:179:11
frame #15: 0x0000000805e13f97 libjson-c.so.4`json_tokener_parse(str="{\n \"comment\": \"MyPaint brush file\", \n \"group\": \"\", \n \"parent_brush_name\": \"\", \n \"settings\": {\n \"anti_aliasing\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsl_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsv_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_l\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"colorize\": {\n \"base_value\": 0.0, \n "...) at json_tokener.c:166:11
frame #16: 0x0000000805bfe160 libmypaint-1.3.so.0`mypaint_brush_from_string(self=0x000000081d849600, string="{\n \"comment\": \"MyPaint brush file\", \n \"group\": \"\", \n \"parent_brush_name\": \"\", \n \"settings\": {\n \"anti_aliasing\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsl_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsv_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_l\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"colorize\": {\n \"base_value\": 0.0, \n "...) at mypaint-brush.c:1218:22
frame #17: 0x0000000000a899df gimp`selection_render_mask(selection=0x0000000000000000) at gimpdisplayshell-selection.c:303:3
frame #18: 0x00000000009d5373 gimp`gimp_guide_tool_draw(draw_tool=0xb8063e1349b5f8e7) at gimpguidetool.c:338:31
frame #19: 0x00000000009d513b gimp`gimp_guide_tool_motion(tool=0x0000000000000000, coords=0x00000000ffffe1d0, time=8, state=483044192, display=0x000000081eee3360) at gimpguidetool.c:293:48
frame #20: 0x00000000009d5108 gimp`gimp_guide_tool_motion(tool=0x0000000000000000, coords=0x000000000098d170, time=8, state=518927200, display=0x000000081eee3360) at gimpguidetool.c:288:55
frame #21: 0x00000000009d4fc3 gimp`gimp_guide_tool_button_release(tool=0x00000008146119f0, coords=0x0000000814677250, time=0, state=0, release_type=8, display=0x000000081eee3260) at gimpguidetool.c:265:9
frame #22: 0x00000000009d4e51 gimp`gimp_guide_tool_button_release(tool=0x00000008146119f0, coords=0x0000000814677250, time=0, state=10309201, release_type=32767, display=0x00000008146119f0) at gimpguidetool.c:243:11
frame #23: 0x00000000009d1244 gimp`gimp_gradient_tool_editor_init_midpoint_gui(gradient_tool=0x000000000000013e) at gimpgradienttool-editor.c:1498:3
frame #24: 0x0000000000972f2a gimp`image_scale_confirm_response(widget=0x000000080ffc0070, response_id=0, private=0x000000080ffc0070) at image-scale-dialog.c:276:7
frame #25: 0x000000000096c87c gimp`file_open_location_response(dialog=0x000000080ffc0070, response_id=8, gimp=0x0000000100000001) at file-open-location-dialog.c:173:26
frame #26: 0x0000000000508301 gimp-2.10`app_run(full_prog_name="gimp", filenames=0x0000000000000000, alternate_system_gimprc=0x0000000000000000, alternate_gimprc=0x0000000000000000, session_name=0x0000000000000000, batch_interpreter=0x0000000000000000, batch_commands=0x0000000000000000, as_new=0, no_interface=0, no_data=0, no_fonts=0, no_splash=0, be_verbose=0, use_shm=1, use_cpu_accel=1, console_messages=0, use_debug_handler=0, show_playground=0, show_debug_menu=0, stack_trace_mode=GIMP_STACK_TRACE_NEVER, pdb_compat_mode=GIMP_PDB_COMPAT_ON, backtrace_file="/home/saper/.config/GIMP/2.10/CrashLog/GIMP-crash-1578868202.txt") at app.c:330:3
frame #27: 0x000000000050c1ee gimp-2.10`main(argc=1, argv=0x000000080fe395d0) at main.c:531:3
frame #28: 0x0000000000507b5d gimp-2.10`_start + 141
thread #2, name = 'gimp-2.10'
frame #0: 0x00000008043b516c libthr.so.3`_umtx_op_err + 12
frame #1: 0x00000008043a9040 libthr.so.3`_thr_umtx_timedwait_uint(mtx=<unavailable>, id=<unavailable>, clockid=<unavailable>, abstime=<unavailable>, shared=<unavailable>) at thr_umtx.c:234:10
frame #2: 0x00000008043b2e72 libthr.so.3`cond_wait_common [inlined] cond_wait_user(cvp=<unavailable>, mp=<unavailable>, abstime=0x0000000000000000, cancel=1) at thr_cond.c:305:11
frame #3: 0x00000008043b2d7a libthr.so.3`cond_wait_common(cond=<unavailable>, mutex=<unavailable>, abstime=0x0000000000000000, cancel=1) at thr_cond.c:365
frame #4: 0x00000008063070db libglib-2.0.so.0`g_cond_wait + 43
frame #5: 0x00000008045eb6d4 libgegl-0.4.so.0`___lldb_unnamed_symbol21$$libgegl-0.4.so.0 + 148
frame #6: 0x00000008062e796a libglib-2.0.so.0`___lldb_unnamed_symbol220$$libglib-2.0.so.0 + 90
frame #7: 0x00000008043a70b6 libthr.so.3`thread_start(curthread=0x000000080fe16500) at thr_create.c:290:16
thread #3, name = 'gimp-2.10'
frame #0: 0x000000080716bbaa libc.so.7`__sys_poll + 10
frame #1: 0x00000008043a9bc6 libthr.so.3`__thr_poll(fds=<unavailable>, nfds=<unavailable>, timeout=<unavailable>) at thr_syscalls.c:336:8
frame #2: 0x00000008062bf747 libglib-2.0.so.0`___lldb_unnamed_symbol117$$libglib-2.0.so.0 + 423
frame #3: 0x00000008062bf854 libglib-2.0.so.0`g_main_context_iteration + 100
frame #4: 0x00000008062c1416 libglib-2.0.so.0`___lldb_unnamed_symbol122$$libglib-2.0.so.0 + 54
frame #5: 0x00000008062e796a libglib-2.0.so.0`___lldb_unnamed_symbol220$$libglib-2.0.so.0 + 90
frame #6: 0x00000008043a70b6 libthr.so.3`thread_start(curthread=0x000000080fe18300) at thr_create.c:290:16
thread #4, name = 'gimp-2.10'
frame #0: 0x000000080716bbaa libc.so.7`__sys_poll + 10
frame #1: 0x00000008043a9bc6 libthr.so.3`__thr_poll(fds=<unavailable>, nfds=<unavailable>, timeout=<unavailable>) at thr_syscalls.c:336:8
frame #2: 0x00000008062bf747 libglib-2.0.so.0`___lldb_unnamed_symbol117$$libglib-2.0.so.0 + 423
frame #3: 0x00000008062bfaef libglib-2.0.so.0`g_main_loop_run + 223
frame #4: 0x0000000805721aeb libgio-2.0.so.0`___lldb_unnamed_symbol1705$$libgio-2.0.so.0 + 27
frame #5: 0x00000008062e796a libglib-2.0.so.0`___lldb_unnamed_symbol220$$libglib-2.0.so.0 + 90
frame #6: 0x00000008043a70b6 libthr.so.3`thread_start(curthread=0x000000080fe18800) at thr_create.c:290:16
thread #5, name = 'gimp-2.10'
frame #0: 0x00000008043b516c libthr.so.3`_umtx_op_err + 12
frame #1: 0x00000008043a9040 libthr.so.3`_thr_umtx_timedwait_uint(mtx=<unavailable>, id=<unavailable>, clockid=<unavailable>, abstime=<unavailable>, shared=<unavailable>) at thr_umtx.c:234:10
frame #2: 0x00000008043b2e72 libthr.so.3`cond_wait_common [inlined] cond_wait_user(cvp=<unavailable>, mp=<unavailable>, abstime=0x0000000000000000, cancel=1) at thr_cond.c:305:11
frame #3: 0x00000008043b2d7a libthr.so.3`cond_wait_common(cond=<unavailable>, mutex=<unavailable>, abstime=0x0000000000000000, cancel=1) at thr_cond.c:365
frame #4: 0x00000008063070db libglib-2.0.so.0`g_cond_wait + 43
frame #5: 0x000000000097fa50 gimp`prefs_dialog_new(gimp=0x00000008063070b0, config=0x00007fffffffefd7) at preferences-dialog.c:1121:3
frame #6: 0x00000008062e796a libglib-2.0.so.0`___lldb_unnamed_symbol220$$libglib-2.0.so.0 + 90
frame #7: 0x00000008043a70b6 libthr.so.3`thread_start(curthread=0x00000008146df000) at thr_create.c:290:16
thread #6, name = 'gimp-2.10'
frame #0: 0x00000008043b516c libthr.so.3`_umtx_op_err + 12
frame #1: 0x00000008043a9040 libthr.so.3`_thr_umtx_timedwait_uint(mtx=<unavailable>, id=<unavailable>, clockid=<unavailable>, abstime=<unavailable>, shared=<unavailable>) at thr_umtx.c:234:10
frame #2: 0x00000008043b2e72 libthr.so.3`cond_wait_common [inlined] cond_wait_user(cvp=<unavailable>, mp=<unavailable>, abstime=0x00007fffdf7f9ec8, cancel=1) at thr_cond.c:305:11
frame #3: 0x00000008043b2d7a libthr.so.3`cond_wait_common(cond=<unavailable>, mutex=<unavailable>, abstime=0x00007fffdf7f9ec8, cancel=1) at thr_cond.c:365
frame #4: 0x000000080630727c libglib-2.0.so.0`g_cond_wait_until + 108
frame #5: 0x000000080628dd64 libglib-2.0.so.0`___lldb_unnamed_symbol14$$libglib-2.0.so.0 + 100
frame #6: 0x000000080628defe libglib-2.0.so.0`g_async_queue_timeout_pop + 46
frame #7: 0x00000008062e89c9 libglib-2.0.so.0`___lldb_unnamed_symbol225$$libglib-2.0.so.0 + 409
frame #8: 0x00000008062e796a libglib-2.0.so.0`___lldb_unnamed_symbol220$$libglib-2.0.so.0 + 90
frame #9: 0x00000008043a70b6 libthr.so.3`thread_start(curthread=0x00000008146df500) at thr_create.c:290:16
(lldb) bt all
* thread #1, name = 'gimp-2.10'
* frame #0: 0x00000008071ca688 libc.so.7`_read + 8
frame #1: 0x00000008043a9ca6 libthr.so.3`__thr_read(fd=<unavailable>, buf=<unavailable>, nbytes=<unavailable>) at thr_syscalls.c:418:8
frame #2: 0x0000000802dd05ea libgimpbase-2.0.so.0`gimp_stack_trace_print(prog_name="gimp", stream=0x0000000807429bc0, trace=0x0000000000000000) at gimputils.c:1300:24
frame #3: 0x000000000050909e gimp-2.10`gimp_eek(reason="fatal error", message="Abort trap", use_handler=1) at errors.c:377:27
frame #4: 0x0000000000508ef4 gimp-2.10`gimp_fatal_error(message="Abort trap") at errors.c:234:3
frame #5: 0x000000000050a45f gimp-2.10`gimp_sigfatal_handler(sig_num=6) at signals.c:179:7
frame #6: 0x00000008043acd70 libthr.so.3`handle_signal(actp=0x00007fffffffd670, sig=6, info=0x00007fffffffda60, ucp=0x00007fffffffd6f0) at thr_sig.c:246:3
frame #7: 0x00000008043ac33f libthr.so.3`thr_sighandler(sig=6, info=0x00007fffffffda60, _ucp=0x00007fffffffd6f0) at thr_sig.c:189:2
frame #8: 0x00007ffffffff003
frame #9: 0x0000000807139a29 libc.so.7`abort at abort.c:65:8
frame #10: 0x00000008071b5101 libc.so.7`__assert(func=<unavailable>, file=<unavailable>, line=<unavailable>, failedexpr=<unavailable>) at assert.c:51:2
frame #11: 0x0000000805e0fef5 libjson-c.so.4`json_object_object_add_ex(jso=0x000000081f1e9540, key="comment", val=0x000000081f1e95a0, opts=0) at json_object.c:476:2
frame #12: 0x0000000805e10077 libjson-c.so.4`json_object_object_add(jso=0x000000081f1e9540, key="comment", val=0x000000081f1e95a0) at json_object.c:508:9
frame #13: 0x0000000805e17b64 libjson-c.so.4`json_tokener_parse_ex(tok=0x000000081f1dd680, str=", \n \"group\": \"\", \n \"parent_brush_name\": \"\", \n \"settings\": {\n \"anti_aliasing\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsl_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsv_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_l\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"colorize\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n "..., len=-1) at json_tokener.c:930:7
frame #14: 0x0000000805e14013 libjson-c.so.4`json_tokener_parse_verbose(str="{\n \"comment\": \"MyPaint brush file\", \n \"group\": \"\", \n \"parent_brush_name\": \"\", \n \"settings\": {\n \"anti_aliasing\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsl_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsv_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_l\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"colorize\": {\n \"base_value\": 0.0, \n "..., error=0x00007fffffffdea4) at json_tokener.c:179:11
frame #15: 0x0000000805e13f97 libjson-c.so.4`json_tokener_parse(str="{\n \"comment\": \"MyPaint brush file\", \n \"group\": \"\", \n \"parent_brush_name\": \"\", \n \"settings\": {\n \"anti_aliasing\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsl_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsv_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_l\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"colorize\": {\n \"base_value\": 0.0, \n "...) at json_tokener.c:166:11
frame #16: 0x0000000805bfe160 libmypaint-1.3.so.0`mypaint_brush_from_string(self=0x000000081d849600, string="{\n \"comment\": \"MyPaint brush file\", \n \"group\": \"\", \n \"parent_brush_name\": \"\", \n \"settings\": {\n \"anti_aliasing\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsl_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_hsv_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_l\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"change_color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_h\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_s\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"color_v\": {\n \"base_value\": 0.0, \n \"inputs\": {}\n }, \n \"colorize\": {\n \"base_value\": 0.0, \n "...) at mypaint-brush.c:1218:22
frame #17: 0x0000000000a899df gimp`selection_render_mask(selection=0x0000000000000000) at gimpdisplayshell-selection.c:303:3
frame #18: 0x00000000009d5373 gimp`gimp_guide_tool_draw(draw_tool=0xb8063e1349b5f8e7) at gimpguidetool.c:338:31
frame #19: 0x00000000009d513b gimp`gimp_guide_tool_motion(tool=0x0000000000000000, coords=0x00000000ffffe1d0, time=8, state=483044192, display=0x000000081eee3360) at gimpguidetool.c:293:48
frame #20: 0x00000000009d5108 gimp`gimp_guide_tool_motion(tool=0x0000000000000000, coords=0x000000000098d170, time=8, state=518927200, display=0x000000081eee3360) at gimpguidetool.c:288:55
frame #21: 0x00000000009d4fc3 gimp`gimp_guide_tool_button_release(tool=0x00000008146119f0, coords=0x0000000814677250, time=0, state=0, release_type=8, display=0x000000081eee3260) at gimpguidetool.c:265:9
frame #22: 0x00000000009d4e51 gimp`gimp_guide_tool_button_release(tool=0x00000008146119f0, coords=0x0000000814677250, time=0, state=10309201, release_type=32767, display=0x00000008146119f0) at gimpguidetool.c:243:11
frame #23: 0x00000000009d1244 gimp`gimp_gradient_tool_editor_init_midpoint_gui(gradient_tool=0x000000000000013e) at gimpgradienttool-editor.c:1498:3
frame #24: 0x0000000000972f2a gimp`image_scale_confirm_response(widget=0x000000080ffc0070, response_id=0, private=0x000000080ffc0070) at image-scale-dialog.c:276:7
frame #25: 0x000000000096c87c gimp`file_open_location_response(dialog=0x000000080ffc0070, response_id=8, gimp=0x0000000100000001) at file-open-location-dialog.c:173:26
frame #26: 0x0000000000508301 gimp-2.10`app_run(full_prog_name="gimp", filenames=0x0000000000000000, alternate_system_gimprc=0x0000000000000000, alternate_gimprc=0x0000000000000000, session_name=0x0000000000000000, batch_interpreter=0x0000000000000000, batch_commands=0x0000000000000000, as_new=0, no_interface=0, no_data=0, no_fonts=0, no_splash=0, be_verbose=0, use_shm=1, use_cpu_accel=1, console_messages=0, use_debug_handler=0, show_playground=0, show_debug_menu=0, stack_trace_mode=GIMP_STACK_TRACE_NEVER, pdb_compat_mode=GIMP_PDB_COMPAT_ON, backtrace_file="/home/saper/.config/GIMP/2.10/CrashLog/GIMP-crash-1578868202.txt") at app.c:330:3
frame #27: 0x000000000050c1ee gimp-2.10`main(argc=1, argv=0x000000080fe395d0) at main.c:531:3
frame #28: 0x0000000000507b5d gimp-2.10`_start + 141
thread #2, name = 'gimp-2.10'
frame #0: 0x00000008043b516c libthr.so.3`_umtx_op_err + 12
frame #1: 0x00000008043a9040 libthr.so.3`_thr_umtx_timedwait_uint(mtx=<unavailable>, id=<unavailable>, clockid=<unavailable>, abstime=<unavailable>, shared=<unavailable>) at thr_umtx.c:234:10
frame #2: 0x00000008043b2e72 libthr.so.3`cond_wait_common [inlined] cond_wait_user(cvp=<unavailable>, mp=<unavailable>, abstime=0x0000000000000000, cancel=1) at thr_cond.c:305:11
frame #3: 0x00000008043b2d7a libthr.so.3`cond_wait_common(cond=<unavailable>, mutex=<unavailable>, abstime=0x0000000000000000, cancel=1) at thr_cond.c:365
frame #4: 0x00000008063070db libglib-2.0.so.0`g_cond_wait + 43
frame #5: 0x00000008045eb6d4 libgegl-0.4.so.0`___lldb_unnamed_symbol21$$libgegl-0.4.so.0 + 148
frame #6: 0x00000008062e796a libglib-2.0.so.0`___lldb_unnamed_symbol220$$libglib-2.0.so.0 + 90
frame #7: 0x00000008043a70b6 libthr.so.3`thread_start(curthread=0x000000080fe16500) at thr_create.c:290:16
thread #3, name = 'gimp-2.10'
frame #0: 0x000000080716bbaa libc.so.7`__sys_poll + 10
frame #1: 0x00000008043a9bc6 libthr.so.3`__thr_poll(fds=<unavailable>, nfds=<unavailable>, timeout=<unavailable>) at thr_syscalls.c:336:8
frame #2: 0x00000008062bf747 libglib-2.0.so.0`___lldb_unnamed_symbol117$$libglib-2.0.so.0 + 423
frame #3: 0x00000008062bf854 libglib-2.0.so.0`g_main_context_iteration + 100
frame #4: 0x00000008062c1416 libglib-2.0.so.0`___lldb_unnamed_symbol122$$libglib-2.0.so.0 + 54
frame #5: 0x00000008062e796a libglib-2.0.so.0`___lldb_unnamed_symbol220$$libglib-2.0.so.0 + 90
frame #6: 0x00000008043a70b6 libthr.so.3`thread_start(curthread=0x000000080fe18300) at thr_create.c:290:16
thread #4, name = 'gimp-2.10'
frame #0: 0x000000080716bbaa libc.so.7`__sys_poll + 10
frame #1: 0x00000008043a9bc6 libthr.so.3`__thr_poll(fds=<unavailable>, nfds=<unavailable>, timeout=<unavailable>) at thr_syscalls.c:336:8
frame #2: 0x00000008062bf747 libglib-2.0.so.0`___lldb_unnamed_symbol117$$libglib-2.0.so.0 + 423
frame #3: 0x00000008062bfaef libglib-2.0.so.0`g_main_loop_run + 223
frame #4: 0x0000000805721aeb libgio-2.0.so.0`___lldb_unnamed_symbol1705$$libgio-2.0.so.0 + 27
frame #5: 0x00000008062e796a libglib-2.0.so.0`___lldb_unnamed_symbol220$$libglib-2.0.so.0 + 90
frame #6: 0x00000008043a70b6 libthr.so.3`thread_start(curthread=0x000000080fe18800) at thr_create.c:290:16
thread #5, name = 'gimp-2.10'
frame #0: 0x00000008043b516c libthr.so.3`_umtx_op_err + 12
frame #1: 0x00000008043a9040 libthr.so.3`_thr_umtx_timedwait_uint(mtx=<unavailable>, id=<unavailable>, clockid=<unavailable>, abstime=<unavailable>, shared=<unavailable>) at thr_umtx.c:234:10
frame #2: 0x00000008043b2e72 libthr.so.3`cond_wait_common [inlined] cond_wait_user(cvp=<unavailable>, mp=<unavailable>, abstime=0x0000000000000000, cancel=1) at thr_cond.c:305:11
frame #3: 0x00000008043b2d7a libthr.so.3`cond_wait_common(cond=<unavailable>, mutex=<unavailable>, abstime=0x0000000000000000, cancel=1) at thr_cond.c:365
frame #4: 0x00000008063070db libglib-2.0.so.0`g_cond_wait + 43
frame #5: 0x000000000097fa50 gimp`prefs_dialog_new(gimp=0x00000008063070b0, config=0x00007fffffffefd7) at preferences-dialog.c:1121:3
frame #6: 0x00000008062e796a libglib-2.0.so.0`___lldb_unnamed_symbol220$$libglib-2.0.so.0 + 90
frame #7: 0x00000008043a70b6 libthr.so.3`thread_start(curthread=0x00000008146df000) at thr_create.c:290:16
thread #6, name = 'gimp-2.10'
frame #0: 0x00000008043b516c libthr.so.3`_umtx_op_err + 12
frame #1: 0x00000008043a9040 libthr.so.3`_thr_umtx_timedwait_uint(mtx=<unavailable>, id=<unavailable>, clockid=<unavailable>, abstime=<unavailable>, shared=<unavailable>) at thr_umtx.c:234:10
frame #2: 0x00000008043b2e72 libthr.so.3`cond_wait_common [inlined] cond_wait_user(cvp=<unavailable>, mp=<unavailable>, abstime=0x00007fffdf7f9ec8, cancel=1) at thr_cond.c:305:11
frame #3: 0x00000008043b2d7a libthr.so.3`cond_wait_common(cond=<unavailable>, mutex=<unavailable>, abstime=0x00007fffdf7f9ec8, cancel=1) at thr_cond.c:365
frame #4: 0x000000080630727c libglib-2.0.so.0`g_cond_wait_until + 108
frame #5: 0x000000080628dd64 libglib-2.0.so.0`___lldb_unnamed_symbol14$$libglib-2.0.so.0 + 100
frame #6: 0x000000080628defe libglib-2.0.so.0`g_async_queue_timeout_pop + 46
frame #7: 0x00000008062e89c9 libglib-2.0.so.0`___lldb_unnamed_symbol225$$libglib-2.0.so.0 + 409
frame #8: 0x00000008062e796a libglib-2.0.so.0`___lldb_unnamed_symbol220$$libglib-2.0.so.0 + 90
frame #9: 0x00000008043a70b6 libthr.so.3`thread_start(curthread=0x00000008146df500) at thr_create.c:290:16
Preliminary analysis
Gimp executable as built from FreeBSD ports links both libjson-glib-1.0.so
(direct dependency) and this library libjson-c.so.4
and both have json_object_get_type()
function:
radziecki> objdump -T /usr/local/lib/libjson-c.so.4 | grep json_object_get_type
0000000000005240 g DF .text 000000000000002d Base json_object_get_type
radziecki> objdump -T /usr/local/lib/libjson-glib-1.0.so | grep json_object_get_type
0000000000014d70 g DF .text 000000000000005b Base json_object_get_type
Indeed, both libraries are linked as shared ones:
radziecki> ldd /usr/local/bin/gimp-2.10 | grep json
libjson-glib-1.0.so.0 => /usr/local/lib/libjson-glib-1.0.so.0 (0x804c93000)
libjson-c.so.4 => /usr/local/lib/libjson-c.so.4 (0x805e0a000)
libjson-glib comes as a direct dependency of GIMP and libjson-c is pulled in via GIMP's dependency on libmypaint, which requires this library.
So I seem to getting a crash in the assertion:
Loading 'mypaint brush factory' data
Loading /usr/local/share/mypaint-data/1.0/brushes/classic/blend+paint.myb
Assertion failed: (json_object_get_type(jso) == json_type_object), function json_object_object_add_ex, file json_object.c, line 476.
Thread 1 received signal SIGABRT, Aborted.
0x0000000807139aea in thr_kill () from /lib/libc.so.7
(gdb) bt
#0 0x0000000807139aea in thr_kill () at /lib/libc.so.7
#1 0x0000000807139ab4 in __raise (s=6) at /usr/src/lib/libc/gen/raise.c:52
#2 0x0000000807139a29 in abort () at /usr/src/lib/libc/stdlib/abort.c:65
#3 0x00000008071b5101 in __assert (func=<optimized out>, file=<optimized out>, line=<optimized out>, failedexpr=<optimized out>) at /usr/src/lib/libc/gen/assert.c:51
#4 0x0000000805e0fef5 in json_object_object_add_ex (jso=0x81c6fcc00, key=0x81d9ff228 "comment", val=0x81c6fcc60, opts=0) at json_object.c:476
Side-stepping through the debugger confirms that json_object_get_type()
may get pulled from the other library:
(gdb) bt
#0 0x000000080119d755 in _rtld_bind_start () at /usr/src/libexec/rtld-elf/amd64/rtld_start.S:155
#1 0x0000000804ca7d70 in json_object_get_type () at /usr/local/lib/libjson-glib-1.0.so.0
#2 0x0000000805e0fec8 in json_object_object_add_ex (jso=0x81c688680, key=0x81eb1f020 "comment", val=0x81c6886e0, opts=0) at json_object.c:476
Setting a breakpoint on json_object_get_type
future symbol seems to indicated that libjson-glib
is loaded earlier during gimp startup and therefore that symbol gets used for future invocations.
I was pretty surprised when single stepping the assertion that runtime loader kicked in unexpectedly...!
We were extremely lucky if the return values from those functions from two libraries would match.