GNOME Bugzilla – Bug 477410
Crash when quitting Gnumeric after adding a scenario
Last modified: 2007-09-17 00:23:34 UTC
Version: r1874 (goffice), r15893 (Gnumeric) OS: Ubuntu Gutsy Steps to reproduce: - Run Gnumeric - Tools > Scenarios > Add - Name the scenario "a" and press OK - File > Quit - Press Discard to crash Gnumeric Backtrace: Program received signal SIGSEGV, Segmentation fault.
+ Trace 163263
Thread NaN (LWP 6115)
Valgrind output: ==6062== Conditional jump or move depends on uninitialised value(s) ==6062== at 0x45D9943: go_list_free_custom (go-glib-extras.c:185) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x45D9935: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x45D9935: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x4103E5C: gnm_sheet_finalize (sheet.c:3542) ==6062== by 0x4CA5AEB: g_object_unref (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6062== by 0x4147D36: workbook_sheet_delete (workbook.c:927) ==6062== by 0x4145944: workbook_dispose (workbook.c:127) ==6062== by 0x4CA5A4A: g_object_unref (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6062== by 0x41AF8AA: dialog_quit (dialog-quit.c:386) ==6062== ==6062== Use of uninitialised value of size 4 ==6062== at 0x45D992C: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x45D9935: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x45D9935: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x4103E5C: gnm_sheet_finalize (sheet.c:3542) ==6062== by 0x4CA5AEB: g_object_unref (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6062== by 0x4147D36: workbook_sheet_delete (workbook.c:927) ==6062== by 0x4145944: workbook_dispose (workbook.c:127) ==6062== by 0x4CA5A4A: g_object_unref (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6062== by 0x41AF8AA: dialog_quit (dialog-quit.c:386) ==6062== ==6062== Invalid read of size 4 ==6062== at 0x45D992C: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x45D9935: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x45D9935: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x4103E5C: gnm_sheet_finalize (sheet.c:3542) ==6062== by 0x4CA5AEB: g_object_unref (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6062== by 0x4147D36: workbook_sheet_delete (workbook.c:927) ==6062== by 0x4145944: workbook_dispose (workbook.c:127) ==6062== by 0x4CA5A4A: g_object_unref (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6062== by 0x41AF8AA: dialog_quit (dialog-quit.c:386) ==6062== Address 0xFFC60298 is not stack'd, malloc'd or (recently) free'd ==6062== ==6062== Process terminating with default action of signal 11 (SIGSEGV) ==6062== Access not within mapped region at address 0xFFC60298 ==6062== at 0x45D992C: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x45D9935: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x45D9935: go_list_free_custom (go-glib-extras.c:186) ==6062== by 0x41E4A07: scenarios_free (scenarios.c:299) ==6062== by 0x4103E5C: gnm_sheet_finalize (sheet.c:3542) ==6062== by 0x4CA5AEB: g_object_unref (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6062== by 0x4147D36: workbook_sheet_delete (workbook.c:927) ==6062== by 0x4145944: workbook_dispose (workbook.c:127) ==6062== by 0x4CA5A4A: g_object_unref (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6062== by 0x41AF8AA: dialog_quit (dialog-quit.c:386)
This bug exists in 1.7.12, but not in 1.7.11. It's all my fault. This problem has been fixed in the development version. The fix will be available in the next major software release. Thank you for your bug report.