139466 – Gnumeric double free of memory - hang

Bug 139466 - Gnumeric double free of memory - hang

Summary: Gnumeric double free of memory - hang

Status:	RESOLVED WONTFIX

Alias:	None

Product:	SUSE LINUX 10.0
Classification:	openSUSE
Component:	X11 Applications (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P5 - None Severity: Critical
Target Milestone:	---
Assignee:	Jody Goldberg
QA Contact:	Stefan Dirsch

URL:	http://www.obviously.com/language/
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2005-12-15 21:23 UTC by Bryce Nesbitt
Modified:	2006-12-21 14:31 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Other
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
hwinfo --printer --log /tmp/hwinfo.txt (151.63 KB, text/plain) 2005-12-22 18:27 UTC, Bryce Nesbitt	Details
update to what will become 1.4.4 with kludge to handle gsf-1.12.1 (349.42 KB, patch) 2006-03-14 20:46 UTC, Jody Goldberg	Details \| Diff
A 64bit bug that came in this morning (772 bytes, patch) 2006-03-27 16:30 UTC, Jody Goldberg	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Bryce Nesbitt 2005-12-15 21:23:09 UTC

When messing with printer settings, and particularly when checking the "save as defaults" button, I frequently get:


** (gnumeric:14257): WARNING **: GnomePrint: Requested MS Sans Serif but using Sans (Sans Regular 14.000000)
*** glibc detected *** double free or corruption (!prev): 0x08e45268 ***


Under gdb:
[Thread 1141136304 (LWP 14359) exited]
[Thread 1145600944 (LWP 14358) exited]
*** glibc detected *** free(): invalid pointer: 0x08803c40 ***

Program received signal SIGABRT, Aborted.
[Switching to Thread 1090866560 (LWP 14326)]
0xffffe410 in __kernel_vsyscall ()
(gdb)

(gdb)
(gdb) bt
#0  0xffffe410 in __kernel_vsyscall ()
#1  0x40caa541 in raise () from /lib/tls/libc.so.6
#2  0x40cabdbb in abort () from /lib/tls/libc.so.6
#3  0x40ce08b5 in __libc_message () from /lib/tls/libc.so.6
#4  0x40ce6842 in malloc_printerr () from /lib/tls/libc.so.6
#5  0x40ce71f4 in free () from /lib/tls/libc.so.6
#6  0x40be95d2 in g_free () from /opt/gnome/lib/libglib-2.0.so.0
#7  0x08161477 in gnm_gconf_set_printer_config ()
#8  0x0810038d in print_info_save ()
#9  0x08187520 in dialog_plugin_manager ()
#10 0x40a575eb in g_cclosure_marshal_VOID__VOID ()
   from /opt/gnome/lib/libgobject-2.0.so.0
#11 0x40a4ad19 in g_closure_invoke () from /opt/gnome/lib/libgobject-2.0.so.0
#12 0x40a5a816 in g_signal_stop_emission ()
   from /opt/gnome/lib/libgobject-2.0.so.0
#13 0x40a5be80 in g_signal_emit_valist ()
   from /opt/gnome/lib/libgobject-2.0.so.0
#14 0x40a5c1f5 in g_signal_emit () from /opt/gnome/lib/libgobject-2.0.so.0
#15 0x402d28e1 in gtk_button_clicked () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#16 0x402d4378 in gtk_button_get_alignment ()
   from /opt/gnome/lib/libgtk-x11-2.0.so.0
#17 0x40a575eb in g_cclosure_marshal_VOID__VOID ()
   from /opt/gnome/lib/libgobject-2.0.so.0
---Type <return> to continue, or q <return> to quit---
#18 0x40a4a637 in g_cclosure_new_swap ()
   from /opt/gnome/lib/libgobject-2.0.so.0
#19 0x40a4ad19 in g_closure_invoke () from /opt/gnome/lib/libgobject-2.0.so.0
#20 0x40a5a447 in g_signal_stop_emission ()
   from /opt/gnome/lib/libgobject-2.0.so.0
#21 0x40a5be80 in g_signal_emit_valist ()
   from /opt/gnome/lib/libgobject-2.0.so.0
#22 0x40a5c1f5 in g_signal_emit () from /opt/gnome/lib/libgobject-2.0.so.0
#23 0x402d2851 in gtk_button_released ()
   from /opt/gnome/lib/libgtk-x11-2.0.so.0
#24 0x402d389f in gtk_button_set_relief ()
   from /opt/gnome/lib/libgtk-x11-2.0.so.0
#25 0x403a1e60 in gtk_marshal_VOID__UINT_STRING ()
   from /opt/gnome/lib/libgtk-x11-2.0.so.0
#26 0x40a4a637 in g_cclosure_new_swap ()
   from /opt/gnome/lib/libgobject-2.0.so.0
#27 0x40a4ad19 in g_closure_invoke () from /opt/gnome/lib/libgobject-2.0.so.0
#28 0x40a5a9a7 in g_signal_stop_emission ()
   from /opt/gnome/lib/libgobject-2.0.so.0
#29 0x40a5bbee in g_signal_emit_valist ()
   from /opt/gnome/lib/libgobject-2.0.so.0
#30 0x40a5c1f5 in g_signal_emit () from /opt/gnome/lib/libgobject-2.0.so.0
#31 0x404943b4 in gtk_widget_activate ()
---Type <return> to continue, or q <return> to quit---
   from /opt/gnome/lib/libgtk-x11-2.0.so.0
#32 0x403a0265 in gtk_propagate_event ()
   from /opt/gnome/lib/libgtk-x11-2.0.so.0
#33 0x403a06ff in gtk_main_do_event () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#34 0x405a7f8a in gdk_screen_get_setting ()
   from /opt/gnome/lib/libgdk-x11-2.0.so.0
#35 0x40be235c in g_main_context_dispatch ()
   from /opt/gnome/lib/libglib-2.0.so.0
#36 0x40be57cb in g_main_context_check () from /opt/gnome/lib/libglib-2.0.so.0
#37 0x40be5ae7 in g_main_loop_run () from /opt/gnome/lib/libglib-2.0.so.0
#38 0x40932c83 in bonobo_main () from /opt/gnome/lib/libbonobo-2.so.0
#39 0x08162ef5 in main ()
(gdb)

Comment 1 Michael Gross 2005-12-19 17:21:41 UTC

What exactly did you do to provoke this problem? Please give us more information about your hardware, too (`hwinfo --printer').

Comment 2 Bryce Nesbitt 2005-12-22 18:26:02 UTC

Just mess with the dialog, checking things.  It happens ever time for me.

Comment 3 Bryce Nesbitt 2005-12-22 18:27:21 UTC

Created attachment 61714 [details]
hwinfo --printer --log /tmp/hwinfo.txt

Comment 4 Bryce Nesbitt 2005-12-22 18:35:26 UTC

Note:

hwinfo --printer >& /tmp/1
hwinfo --printer > /tmp/1
produces no output

The output shows up on the console, with each line overwriting the prior line:

linux:/home/bryce # hwinfo --printer
> misc.1.2: open parallel
linux:/home/bryce #

Comment 5 Jody Goldberg 2006-01-02 18:14:33 UTC

This is a known bug in the 1.4.3 series that has been fixed in 1.6.x
We're going to need to move to the new stable series to get the fix back porting the this and other patches is too much work.

Comment 6 Bryce Nesbitt 2006-01-02 19:17:43 UTC

How about all the various messages on the console?  Is there a way to supress them by default?
** (gnumeric:14257): WARNING **: GnomePrint: Requested MS Sans Serif but using
Sans (Sans Regular 14.000000)

Comment 8 JP Rosevear 2006-03-06 19:01:14 UTC

Jody?

Comment 9 Jody Goldberg 2006-03-07 16:21:40 UTC

The patch against 1.4.3 is ~5000 lines.  I'll test it this evening.

Comment 10 Jody Goldberg 2006-03-14 20:46:42 UTC

Created attachment 72854 [details]
update to what will become 1.4.4 with kludge to handle gsf-1.12.1

Patching the double free was done as part of a non-trivial patch.  The simplest solution was to do a diff of 1.4.4 vs 1.4.3 and remove the portions that forced libgsf != 1.12.1.

This obsoletes 2 of the current patches.
 - fix-build.diff
 - gnumeric-1.4.3-adapt-to-gsf-1.12.patch

Comment 11 Gary Ekker 2006-03-27 16:15:44 UTC

AJ, can we get a swampid for this and release an update for 10.0?

Comment 12 Jody Goldberg 2006-03-27 16:30:59 UTC

Created attachment 75173 [details]
A 64bit bug that came in this morning

This patch was just added this morning for a 64bit crasher.  As long as we're doing a build please add it.

Comment 13 Andreas Jaeger 2006-03-27 19:06:57 UTC

I will not accept such a large patch for a released product.

Comment 17 Andreas Jaeger 2006-06-01 14:31:28 UTC

Ok, understood.   Here's the swamp ID: MaintenanceTracker-4510

PLease test the final binary before you submit.

Comment 18 Andreas Jaeger 2006-07-31 13:47:01 UTC

Jody, please release this!

Comment 19 Anja Stock 2006-09-11 11:47:43 UTC

Jody, what is the status here?

Comment 20 Anja Stock 2006-12-21 14:31:44 UTC

as nothing happens here since month: WONTFIX