Bug #1106

Crash in exiv2 due to assertion when setting rating on jpg with a Casio makernote

Added by Luca Carlon almost 2 years ago. Updated 10 months ago.

Status:ClosedStart date:19 Aug 2015
Priority:NormalDue date:
Assignee:Andreas Huggel% Done:

100%

Category:metadataEstimated time:10.00 hours
Target version:0.26

Description

When setting the rating for a specific jpg file I get a crash of digikam because of an assertion with this backtrace:

(gdb) bt
#0 0x00007ffff106c267 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:55
#1 0x00007ffff106deca in __GI_abort () at abort.c:89
#2 0x00007ffff106503d in __assert_fail_base (fmt=0x7ffff11c7028 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n",
assertion=assertion@entry=0x7fffef2b449f "mn_", file=file@entry=0x7fffef2b4248 "/home/luca/project/digikam/exiv2-0.25/src/tiffcomposite.cpp",
line=line@entry=749,
function=function@entry=0x7fffef2b4cc0 <Exiv2::Internal::TiffMnEntry::doAddPath(unsigned short, std::stack<Exiv2::Internal::TiffPathItem, std::deque<Exiv2::Internal::TiffPathItem, std::allocator<Exiv2::Internal::TiffPathItem> > >&, Exiv2::Internal::TiffComponent*, std::auto_ptr<Exiv2::Internal::TiffComponent>)::__PRETTY_FUNCTION__> "virtual Exiv2::Internal::TiffComponent* Exiv2::Internal::TiffMnEntry::doAddPath(uint16_t, Exiv2::Internal::TiffPath&, Exiv2::Internal::TiffComponent*, Exiv2::Internal::TiffComponent::AutoPtr)") at assert.c:92
#3 0x00007ffff10650f2 in __GI___assert_fail (assertion=0x7fffef2b449f "mn_",
file=0x7fffef2b4248 "/home/luca/project/digikam/exiv2-0.25/src/tiffcomposite.cpp", line=749,
function=0x7fffef2b4cc0 <Exiv2::Internal::TiffMnEntry::doAddPath(unsigned short, std::stack<Exiv2::Internal::TiffPathItem, std::deque<Exiv2::Internal::TiffPathItem, std::allocator<Exiv2::Internal::TiffPathItem> > >&, Exiv2::Internal::TiffComponent*, std::auto_ptr<Exiv2::Internal::TiffComponent>)::__PRETTY_FUNCTION__> "virtual Exiv2::Internal::TiffComponent* Exiv2::Internal::TiffMnEntry::doAddPath(uint16_t, Exiv2::Internal::TiffPath&, Exiv2::Internal::TiffComponent*, Exiv2::Internal::TiffComponent::AutoPtr)") at assert.c:101
#4 0x00007fffef1c4253 in Exiv2::Internal::TiffMnEntry::doAddPath(unsigned short, std::stack<Exiv2::Internal::TiffPathItem, std::deque<Exiv2::Internal::TiffPathItem, std::allocator<Exiv2::Internal::TiffPathItem> > >&, Exiv2::Internal::TiffComponent*, std::auto_ptr<Exiv2::Internal::TiffComponent>)
() from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#5 0x00007fffef1c3871 in Exiv2::Internal::TiffComponent::addPath(unsigned short, std::stack<Exiv2::Internal::TiffPathItem, std::deque<Exiv2::Internal::TiffPathItem, std::allocator<Exiv2::Internal::TiffPathItem> > >&, Exiv2::Internal::TiffComponent*, std::auto_ptr<Exiv2::Internal::TiffComponent>)
() from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#6 0x00007fffef1c3cf4 in Exiv2::Internal::TiffDirectory::doAddPath(unsigned short, std::stack<Exiv2::Internal::TiffPathItem, std::deque<Exiv2::Internal::TiffPathItem, std::allocator<Exiv2::Internal::TiffPathItem> > >&, Exiv2::Internal::TiffComponent*, std::auto_ptr<Exiv2::Internal::TiffComponent>) () from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#7 0x00007fffef1c3871 in Exiv2::Internal::TiffComponent::addPath(unsigned short, std::stack<Exiv2::Internal::TiffPathItem, std::deque<Exiv2::Internal::TiffPathItem, std::allocator<Exiv2::Internal::TiffPathItem> > >&, Exiv2::Internal::TiffComponent*, std::auto_ptr<Exiv2::Internal::TiffComponent>)
() from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#8 0x00007fffef1c4060 in Exiv2::Internal::TiffSubIfd::doAddPath(unsigned short, std::stack<Exiv2::Internal::TiffPathItem, std::deque<Exiv2::Internal::TiffPathItem, std::allocator<Exiv2::Internal::TiffPathItem> > >&, Exiv2::Internal::TiffComponent*, std::auto_ptr<Exiv2::Internal::TiffComponent>)
() from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#9 0x00007fffef1c3871 in Exiv2::Internal::TiffComponent::addPath(unsigned short, std::stack<Exiv2::Internal::TiffPathItem, std::deque<Exiv2::Internal::TiffPathItem, std::allocator<Exiv2::Internal::TiffPathItem> > >&, Exiv2::Internal::TiffComponent*, std::auto_ptr<Exiv2::Internal::TiffComponent>)
() from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#10 0x00007fffef1c3cf4 in Exiv2::Internal::TiffDirectory::doAddPath(unsigned short, std::stack<Exiv2::Internal::TiffPathItem, std::deque<Exiv2::Internal::TiffPathItem, std::allocator<Exiv2::Internal::TiffPathItem> > >&, Exiv2::Internal::TiffComponent*, std::auto_ptr<Exiv2::Internal::TiffComponent>) () from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#11 0x00007fffef1c3871 in Exiv2::Internal::TiffComponent::addPath(unsigned short, std::stack<Exiv2::Internal::TiffPathItem, std::deque<Exiv2::Internal::TiffPathItem, std::allocator<Exiv2::Internal::TiffPathItem> > >&, Exiv2::Internal::TiffComponent*, std::auto_ptr<Exiv2::Internal::TiffComponent>)
() from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#12 0x00007fffef1e6d0c in Exiv2::Internal::TiffEncoder::add(Exiv2::Internal::TiffComponent*, Exiv2::Internal::TiffComponent*, unsigned int) ()
from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#13 0x00007fffef1d3310 in Exiv2::Internal::TiffParserWorker::encode(Exiv2::BasicIo&, unsigned char const*, unsigned int, Exiv2::ExifData const&, Exiv2::IptcData const&, Exiv2::XmpData const&, unsigned int, void (Exiv2::Internal::TiffEncoder::*(*)(std::string const&, unsigned int, Exiv2::Internal::IfdId))(Exiv2::Internal::TiffEntryBase*, Exiv2::Exifdatum const*), Exiv2::Internal::TiffHeaderBase*, Exiv2::Internal::OffsetWriter*) ()
from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#14 0x00007fffef142657 in Exiv2::ExifParser::encode(std::vector<unsigned char, std::allocator<unsigned char> >&, unsigned char const*, unsigned int, Exiv2::ByteOrder, Exiv2::ExifData const&) () from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#15 0x00007fffef165a0b in Exiv2::JpegBase::doWriteMetadata(Exiv2::BasicIo&) () from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#16 0x00007fffef164824 in Exiv2::JpegBase::writeMetadata() () from /home/luca/project/digikam/staging/lib/libexiv2.so.14
#17 0x00007ffff62e6c7e in KExiv2Iface::KExiv2::Private::saveOperations (this=this@entry=0x7fff6c07a8d0, finfo=..., image=...)
at /home/luca/project/digikam/libkexiv2-15.04.3/libkexiv2/kexiv2_p.cpp:312
#18 0x00007ffff62e9d85 in KExiv2Iface::KExiv2::Private::saveToFile (this=0x7fff6c07a8d0, finfo=...)
at /home/luca/project/digikam/libkexiv2-15.04.3/libkexiv2/kexiv2_p.cpp:155
#19 0x00007ffff62e2ec8 in KExiv2Iface::KExiv2::save (this=0x7fff617f93b0, imageFilePath=...)
at /home/luca/project/digikam/libkexiv2-15.04.3/libkexiv2/kexiv2.cpp:448
#20 0x00007ffff62e46a9 in KExiv2Iface::KExiv2::applyChanges (this=this@entry=0x7fff617f93b0)
at /home/luca/project/digikam/libkexiv2-15.04.3/libkexiv2/kexiv2.cpp:476
#21 0x00007ffff5bc8780 in Digikam::DMetadata::applyChanges (this=this@entry=0x7fff617f93b0)
at /home/luca/project/digikam/digikam-software-compilation/core/libs/dmetadata/dmetadata.cpp:130
#22 0x000000000062ce7f in Digikam::MetadataHub::write (this=this@entry=0x7fff617f9420, filePath=...,
writeMode=writeMode@entry=Digikam::MetadataHub::FullWrite, settings=...)
at /home/luca/project/digikam/digikam-software-compilation/core/app/fileaction/metadatahub.cpp:764
#23 0x00000000006362c4 in Digikam::FileActionMngrFileWorker::writeMetadataToFiles (this=0x143e7f0, infos=...)
at /home/luca/project/digikam/digikam-software-compilation/core/app/fileaction/fileworkeriface.cpp:103
#24 0x0000000000635b1f in Digikam::FileWorkerInterface::qt_static_metacall (_o=0x143e7f0, _c=<optimized out>, _id=<optimized out>,
_a=<optimized out>) at /home/luca/project/digikam/digikam-software-compilation/build/core/app/fileworkeriface.moc:66
#25 0x00007ffff1d438e1 in QObject::event(QEvent*) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#26 0x00007ffff27379bc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#27 0x00007ffff273e4d8 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQtGui.so.4
#28 0x00007ffff36e0c2a in KApplication::notify(QObject*, QEvent*) () from /usr/lib/libkdeui.so.5
#29 0x00007ffff1d2a1cd in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#30 0x00007ffff1d2da71 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#31 0x00007ffff1d596ee in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#32 0x00007fffea835c3d in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#33 0x00007fffea835f20 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#34 0x00007fffea835fcc in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#35 0x00007ffff1d5985e in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#36 0x00007ffff1d28d21 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#37 0x00007ffff1d29085 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#38 0x00007ffff5c484f3 in Digikam::WorkerObjectRunnable::run (this=0x7fff8c046180)
at /home/luca/project/digikam/digikam-software-compilation/core/libs/threads/threadmanager.cpp:196
#39 0x00007ffff1c12b70 in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#40 0x00007ffff1c1f6ff in ?? () from /usr/lib/x86_64-linux-gnu/libQtCore.so.4
#41 0x00007fffee12f6aa in start_thread (arg=0x7fff617fa700) at pthread_create.c:333
#42 0x00007ffff113deed in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109

CIMG2288.JPG - Rating was set once. Will crash setting once again. (1.81 MB) Luca Carlon, 21 Aug 2015 01:29

CIMG2289.JPG - Never set rating but it is supposed to crash as coming from the same camera. (1.75 MB) Luca Carlon, 21 Aug 2015 01:29


Related issues

Related to Exiv2 - Feature #933: Casio Makernotes Closed 29 Oct 2013 07 Dec 2013
Related to Exiv2 - Bug #1146: Crash when saving a rotated JPG image Closed 27 Dec 2015
Related to Exiv2 - Bug #1181: Casio.jpg exports crash darktable - suse leap 42.1 Closed 27 Apr 2016
Related to Exiv2 - Bug #1184: digikam crash when importing Casio jpeg Closed 16 May 2016
Duplicated by Exiv2 - Bug #1094: Crash in Exiv2 shared lib Closed 19 Jul 2015

Associated revisions

Revision 3889
Added by Andreas Huggel almost 2 years ago

#1106 (#933): Fixed oversight that prevented writing Casio2 makernotes.

Revision 3890
Added by Andreas Huggel almost 2 years ago

#1106 (#933): Fixed oversight that prevented writing to images with a Casio makernote.

History

#1 Updated by Robin Mills almost 2 years ago

There really isn't enough information here to make progress on this issue. Can you provide a test file, please?

Additionally, I'm not familiar with DigiKam and don't know how it maps "Rating" to metadata in an image. To help me, can you reproduce the fault with the exiv2 command-line application? I've performed this little test on one of my images:

710 rmills@rmillsmbp:~/Downloads $ curl http://dev.exiv2.org/attachments/download/805/DSC_7154.jpg > Stonehenge.jpg
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 6597k    0 6597k    0     0  1323k      0 --:--:--  0:00:04 --:--:-- 1531k
711 rmills@rmillsmbp:~/Downloads $ exiv2 -g Rating Stonehenge.jpg
Exif.Photo.ISOSpeedRatings                   Short       1  200
Xmp.xmp.Rating                               XmpText     1  0
712 rmills@rmillsmbp:~/Downloads $ exiv2 -M"set Xmp.xmp.Rating Great" Stonehenge.jpg
713 rmills@rmillsmbp:~/Downloads $ exiv2 -g Rating Stonehenge.jpg
Exif.Photo.ISOSpeedRatings                   Short       1  200
Xmp.xmp.Rating                               XmpText     5  Great
714 rmills@rmillsmbp:~/Downloads $ 
Looking at the traceback, we appear to be a few levels of recursion into addPath/doAddPath and attempting to update a makernote. So, I don't believe DigiKam is attempting to work on Xmp.xmp.Rating as this XMP and not part of a MakerNote.

A test image in necessary to progress this issue. Perhaps you also have an image for which DigiKam has successfully updated 'Rating'. It could be very useful to see the exiv2 output before/after changing the 'Rating' to give me more insight about which metadata field DigiKam is trying to set.

#2 Updated by Luca Carlon almost 2 years ago

Fortunately it is simple to reproduce. Just changing the rating for any photo produced with a specific camera model (Casio) makes it crash. Pay attention to the fact that after crashing it seems the rating is actually applied and can be read. But will then crash again when trying to change it.

I attach two images. I already assigned the rating once for CIMG2288.JPG. Never for CIMG2289.JPG. Both are supposed to crash as they all come from the same camera. Please let me know if there is anything else I can do.

#3 Updated by Luca Carlon almost 2 years ago

Unless digikam saves the rating also in some internal db. In that case I was wrong. The rating is not successful.

#4 Updated by Alan Pater almost 2 years ago

Reproduced on my Ubuntu system with digikam 4.12.0 and exiv 0.25. Here are a few notes.

Digikam shows the Rating as stars under the image thumbnails. Clicking the stars to change the Rating crashes Digikam for the attached images. Doing the same for other images on my system does not result in a crash. As Luca said, for the affected images, the Rating does not actually get successfully written to the image, it does however remain in the Digikam DB so it appears that the rating has been saved.

From the command line, exiv2 does not crash when writing the Rating to the file:

~$ exiv2 -M"set Xmp.xmp.Rating 3" CIMG2288.JPG
~$ exiv2 -g Rating CIMG2288.JPG 
Xmp.xmp.Rating                               XmpText     1  3

The setImageRating function in Digikam can be seen here:

https://projects.kde.org/projects/extragear/graphics/digikam/repository/revisions/master/entry/libs/dmetadata/dmetadata.cpp#L861

#5 Updated by Alan Pater almost 2 years ago

Here is the result for a test image which does not crash Digikam

~$ exiv2 -g ating rating.jpg 
Exif.Image.Rating                            SLong       1  4
Exif.Image.RatingPercent                     SLong       1  75
Xmp.xmp.Rating                               XmpText     1  4
Xmp.acdsee.rating                            XmpText     1  4
Xmp.MicrosoftPhoto.Rating                    XmpText     2  75

#6 Updated by Robin Mills almost 2 years ago

  • Category set to metadata
  • Status changed from New to Assigned
  • Assignee set to Robin Mills
  • Target version set to 0.26
  • % Done changed from 0 to 10
  • Estimated time set to 10.00

Thanks for digging up the DigiKam code, Alan. It looks as though DigiKam is only attempting to set a few tags (3 XMP and 2 Exif). So why is the traceback indicating a recursive dive in an attempt to modify makernotes? How odd. I will have to get DigiKam to step a debug libexiv2 in the debugger. Groan: it's gonna take a while to feel motivated to tackle this. Maybe Gilles can be persuaded/cajoled into this as he's tooled up for this and in his comfort zone.

#7 Updated by Alan Pater almost 2 years ago

Another note:

It is not just setting the Rating that crashes Digikam. I tried setting the Title on the Casio test images and that caused a crash as well.

#8 Updated by Andreas Huggel almost 2 years ago

  • Assignee changed from Robin Mills to Andreas Huggel

Alan was close, just write an Exif tag instead of an XMP property to reproduce this. Exiv2 will then have to re-write the entire Exif structure, including the Makernote, which triggers the assertion. (If you write an XMP property, only the XMP structure is re-written.) Something in the Exif structure of this image violates an assumption that the Tiff parser makes. That is a bug, and likely a rather hairy one. I'll steal this from Robin and will take a look.

$ exiv2 -M"set Exif.Image.Rating 3" CIMG2289.JPG 
exiv2: tiffcomposite.cpp:749: 
virtual Exiv2::Internal::TiffComponent* Exiv2::Internal::TiffMnEntry::doAddPath(uint16_t, Exiv2::Internal::TiffPath&, 
Exiv2::Internal::TiffComponent*, 
Exiv2::Internal::TiffComponent::AutoPtr): Assertion `mn_' failed.
Aborted (core dumped)

#9 Updated by Andreas Huggel almost 2 years ago

  • Status changed from Assigned to Resolved
  • % Done changed from 10 to 100

No, nothing wrong with the Tiff parser. Just two missing lines in the original Casio makernote implementation (#933).
Luca, can you try with Exiv2 from the trunk and let us know if it works for you too?

#10 Updated by Luca Carlon almost 2 years ago

Rebuilt exiv2, kexiv2 and digikam with current HEAD. Rating seems fixed:

luca@luca-virtual-machine:...$ exiv2 -g ating CIMG2233.JPG
Exif.Photo.ISOSpeedRatings Short 1 64
luca@luca-virtual-machine:...$ exiv2 -g ating CIMG2233.JPG
Exif.Image.Rating SLong 1 4
Exif.Image.RatingPercent SLong 1 75
Exif.Photo.ISOSpeedRatings Short 1 64
Xmp.xmp.Rating XmpText 1 4
Xmp.acdsee.rating XmpText 1 4
Xmp.MicrosoftPhoto.Rating XmpText 2 75

Tried a few times. No crash. Great work! Thanks!

#11 Updated by Robin Mills almost 2 years ago

Well done, team. This team-work stuff works wonders.

I'll leave this as "Resolved" for a while. If nothing else surfaces about this matter, I'll mark it "closed" before we ship v0.26.

#12 Updated by Andreas Huggel over 1 year ago

  • Subject changed from Crash in exiv2 due to assertion when setting rating on jpg to Crash in exiv2 due to assertion when setting rating on jpg with a Casio makernote

#13 Updated by Robin Mills over 1 year ago

  • Status changed from Resolved to Closed

I'm going to set the status of this to closed. It has been 100% resolved for some time without further incident.

#14 Updated by Robin Mills about 1 year ago

r3889 and r3890 are included in exiv2: 0.25-2.1pmjdebruijn1~xenial https://launchpad.net/~pmjdebruijn/+archive/ubuntu/darktable-unstable/+packages thanks to splendid work by Pascal.

#15 Updated by D T 10 months ago

Robin Mills wrote:

I'm going to set the status of this to closed. It has been 100% resolved for some time without further incident.

I apologize if I should open a new incident instead of reporting here, but I am wondering if my error represents a continuation of this same issue. I am on Arch Linux 64 bit (fully updated).

I installed this package which includes exiv2:

Arch Linux - gimp-ufraw 0.22-7 (x86_64)
https://www.archlinux.org/packages/comm … imp-ufraw/

install:

$ sudo pacman -S gimp-ufraw

run:

ufraw /path/to/file.dng

Error message:

ufraw: tiffcomposite.cpp:749: virtual Exiv2::Internal::TiffComponent* Exiv2::Internal::TiffMnEntry::doAddPath(uint16_t, Exiv2::Internal::TiffPath&, Exiv2::Internal::TiffComponent*, Exiv2::Internal::TiffComponent::AutoPtr): Assertion `mn_' failed.
Aborted (core dumped)

More info:

$ uname -a
Linux myserver 4.6.4-1-ARCH #1 SMP PREEMPT Mon Jul 11 19:12:32 CEST 2016 x86_64 GNU/Linux


$ exiv2 --version
exiv2 0.25 001900 (64 bit build)

$ ufraw --version
ufraw 0.22
EXIV2 enabled.
JPEG enabled.
JPEG2000 (libjasper) enabled.
TIFF enabled.
PNG enabled.
FITS enabled.
ZIP enabled.
BZIP2 enabled.
LENSFUN enabled.

I got here via these links:

Bug #1584853 “Shotwell crashes on startup / Crash in exiv2 due t...” : Bugs : exiv2 package : Ubuntu
https://bugs.launchpad.net/ubuntu/+sour … ug/1584853

Bug 765963 – assert in exiv2 when writing metadata
https://bugzilla.gnome.org/show_bug.cgi?id=765963

Bug #1106: Crash in exiv2 due to assertion when setting rating on jpg with a Casio makernote - Exiv2
http://dev.exiv2.org/issues/1106

Here's my original post on the issue:

ufraw error / core dumped in component exiv2 / Applications & Desktop Environments / Arch Linux Forums
https://bbs.archlinux.org/viewtopic.php?pid=1644551#p1644551

#16 Updated by Robin Mills 10 months ago

I think this matter is OK on our trunk. You are installing v0.25 which has this issue. We are almost complete on Exiv2 v0.26 and I believe when that ships and is in use by ufraw this issue will disappear.

Also available in: Atom PDF

Redmine Appliance - Powered by TurnKey Linux