GNOME Bugzilla – Bug 476467
Crash when pressing OK in the page setup dialog
Last modified: 2008-02-07 00:04:49 UTC
Version: r15884 OS: Ubuntu Gutsy I'm using an alpha version of Ubuntu, so this may not be a Gnumeric bug. Steps to reproduce: - Run Gnumeric - File > Page Setup - Press OK Backtrace; Program received signal SIGSEGV, Segmentation fault.
+ Trace 162556
Thread NaN (LWP 27244)
Partial Valgrind output: ==6415== Invalid read of size 4 ==6415== at 0x41CB23C: do_fetch_page (dialog-printer-setup.c:1869) ==6415== by 0x41CB84E: fetch_settings (dialog-printer-setup.c:1997) ==6415== by 0x41CA94D: cb_do_print_ok (dialog-printer-setup.c:1698) ==6415== by 0x4CB0C08: g_cclosure_marshal_VOID__VOID (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CA3771: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CB42FC: (within /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CB5806: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CB59C8: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x47FEEF6: gtk_button_clicked (in /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x480105D: (within /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x4CB0C08: g_cclosure_marshal_VOID__VOID (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CA1F88: (within /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== Address 0x626E614 is 12 bytes inside a block of size 452 free'd ==6415== at 0x402237F: free (vg_replace_malloc.c:233) ==6415== by 0x4D0B8C0: g_free (in /usr/lib/libglib-2.0.so.0.1400.0) ==6415== by 0x41CAAAE: cb_do_print_destroy (dialog-printer-setup.c:1738) ==6415== by 0x4CF0487: g_datalist_clear (in /usr/lib/libglib-2.0.so.0.1400.0) ==6415== by 0x4CA7D3F: (within /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x491ABAE: (within /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x4A386BB: (within /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x4A4ABA2: (within /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x4CA5AEB: g_object_unref (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CA5E37: g_object_run_dispose (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x491A4F1: gtk_object_destroy (in /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x4A37F14: gtk_widget_destroy (in /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== ==6415== Invalid read of size 4 ==6415== at 0x41CB249: do_fetch_page (dialog-printer-setup.c:1869) ==6415== by 0x41CB84E: fetch_settings (dialog-printer-setup.c:1997) ==6415== by 0x41CA94D: cb_do_print_ok (dialog-printer-setup.c:1698) ==6415== by 0x4CB0C08: g_cclosure_marshal_VOID__VOID (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CA3771: g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CB42FC: (within /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CB5806: g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CB59C8: g_signal_emit (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x47FEEF6: gtk_button_clicked (in /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x480105D: (within /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x4CB0C08: g_cclosure_marshal_VOID__VOID (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CA1F88: (within /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== Address 0x626E7B4 is 428 bytes inside a block of size 452 free'd ==6415== at 0x402237F: free (vg_replace_malloc.c:233) ==6415== by 0x4D0B8C0: g_free (in /usr/lib/libglib-2.0.so.0.1400.0) ==6415== by 0x41CAAAE: cb_do_print_destroy (dialog-printer-setup.c:1738) ==6415== by 0x4CF0487: g_datalist_clear (in /usr/lib/libglib-2.0.so.0.1400.0) ==6415== by 0x4CA7D3F: (within /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x491ABAE: (within /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x4A386BB: (within /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x4A4ABA2: (within /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x4CA5AEB: g_object_unref (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x4CA5E37: g_object_run_dispose (in /usr/lib/libgobject-2.0.so.0.1400.0) ==6415== by 0x491A4F1: gtk_object_destroy (in /usr/lib/libgtk-x11-2.0.so.0.1106.0) ==6415== by 0x4A37F14: gtk_widget_destroy (in /usr/lib/libgtk-x11-2.0.so.0.1106.0) (gnumeric:6415): GLib-GObject-WARNING **: invalid uninstantiatable type `(null)' in cast to `GtkToggleButton' (gnumeric:6415): Gtk-CRITICAL **: gtk_toggle_button_get_active: assertion `GTK_IS_TOGGLE_BUTTON (toggle_button)' failed
Confirmed with very recent build.
The problem is in dialog-printer-setup.c, function cb_do_print_ok. The wbc_gtk_detach_guru that was commented out really is needed. This problem has been fixed in the development version. The fix will be available in the next major software release. Thank you for your bug report.
*** Bug 514886 has been marked as a duplicate of this bug. ***