GNOME Bugzilla – Bug 356339
"Text to Columns" feature (stf-parse) crashes Gnumeric
Last modified: 2006-09-18 13:55:11 UTC
To reproduce, start Gnumeric and choose Data->Text to Columns.... Gnumeric crashes with a bus error. The crash occurs both with an empty document and with a non-empty document. System info: Mac G5 (PowerPC), OS X 10.4.7 Gnumeric 1.7.0 GOffice 0.3.0 libgsf 1.14.1 Other packages (Glib 2.0, ...) from Fink Built with SHEET_MAX_ROWS = 1048576 and SHEET_MAX_COLS = 1024. $ uname -a Darwin macjr.ccri.com 8.7.0 Darwin Kernel Version 8.7.0: Fri May 26 15:20:53 PDT 2006; root:xnu-792.6.76.obj~1/RELEASE_PPC Power Macintosh powerpc GDB transcripts: Here is a GDB transcript showing a stack dump. Below that is a GDB transcript that seems to show strange mangling of the 'data' argument to stf_parse_options_guess() -- but I haven't used GDB much on this Mac and don't trust or know how to interpret this. (gdb) run Starting program: /Users/cdc6d/local/bin/gnumeric Reading symbols for shared libraries ......+++.+++++...........................................+++++++++++++ + done Reading symbols for shared libraries . done Reading symbols for shared libraries .. done Reading symbols for shared libraries . done Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0x00000000 0x90003164 in strchr () (gdb) where
+ Trace 72537
------------------------------------------------ GDB session showing 'data' mangling follows... ------------------------------------------------ (gdb) break stf_parse_options_guess Breakpoint 1 at 0x9ff1c: file stf-parse.c, line 1375. (gdb) run Starting program: /Users/cdc6d/local/bin/gnumeric Reading symbols for shared libraries ......+++.+++++...........................................++++++++++++++ done Breakpoint 1 at 0x10a7f1c: file stf-parse.c, line 1375. Reading symbols for shared libraries . done Reading symbols for shared libraries .. done Reading symbols for shared libraries . done Breakpoint 1, stf_parse_options_guess (data=0x264dc80 "\n") at stf-parse.c:1375 1375 gunichar sepchar = format_get_arg_sep (); (gdb) l 1370 StfParseOptions_t *res; 1371 GStringChunk *lines_chunk; 1372 GPtrArray *lines; 1373 int tabcount; 1374 int sepcount; 1375 gunichar sepchar = format_get_arg_sep (); 1376 1377 g_return_val_if_fail (data != NULL, NULL); 1378 1379 res = stf_parse_options_new (); (gdb) print data $1 = 0x264dc80 "\n" (gdb) unt 1383 stf_parse_options_guess (data=0x264dc80 "\n") at stf-parse.c:1383 1383 tabcount = count_character (lines, '\t', 0.2); (gdb) print data $2 = 0x264dc80 "\n" (gdb) unt 1384 stf_parse_options_guess (data=0x264dc80 "\n") at stf-parse.c:1384 1384 sepcount = count_character (lines, sepchar, 0.2); (gdb) print data $3 = 0x264dc80 "\n" (gdb) l 1379 res = stf_parse_options_new (); 1380 lines_chunk = g_string_chunk_new (100 * 1024); 1381 lines = stf_parse_lines (res, lines_chunk, data, SHEET_MAX_ROWS, FALSE); 1382 1383 tabcount = count_character (lines, '\t', 0.2); 1384 sepcount = count_character (lines, sepchar, 0.2); 1385 1386 /* At least one tab per line and enough to separate every 1387 would-be sepchars. */ 1388 if (tabcount >= 1 && tabcount >= sepcount - 1) (gdb) unt 1388 stf_parse_options_guess (data=0x0) at stf-parse.c:1388 1388 if (tabcount >= 1 && tabcount >= sepcount - 1) (gdb) print data $4 = 0x0 (gdb) unt 1421 stf_parse_options_guess (data=0x2c <Address 0x2c out of bounds>) at stf-parse.c:1421 1421 stf_parse_options_csv_set_duplicates (gdb) print data $5 = 0x2c <Address 0x2c out of bounds> (gdb) l 1416 /* Separated */ 1417 1418 stf_parse_options_set_type (res, PARSE_TYPE_CSV); 1419 stf_parse_options_set_trim_spaces (res, TRIM_TYPE_LEFT | TRIM_TYPE_RIGHT); 1420 stf_parse_options_csv_set_indicator_2x_is_single (res, TRUE); 1421 stf_parse_options_csv_set_duplicates 1422 (res, strchr (res->sep.chr, ' ') != NULL); 1423 stf_parse_options_csv_set_trim_seps 1424 (res, strchr (res->sep.chr, ' ') != NULL); 1425 (gdb) unt 1423 Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0x00000000 0x90003164 in strchr () (gdb)
*** This bug has been marked as a duplicate of 345477 ***