Bug 67899 – CRASH -- gcharmap crashes after critical error at pango-layout.c: line 1702 -- (pango_layout_get_cursor_pos): assertion `index >= 0 && index <= layout->length' failed. gtk_entry_real_insert_text implicated?

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 67899 - CRASH -- gcharmap crashes after critical error at pango-layout.c: line 1702 -- (pango_layout_get_cursor_pos): assertion `index >= 0 && index <= layout->length' failed. gtk_entry_real_insert_text implicated?


Summary:	CRASH -- gcharmap crashes after critical error at pango-layout.c: line 1702 -...


Status:	VERIFIED FIXED

Product:	gnome-utils
Classification:	Deprecated
Component:	gcharmap
Version:	unspecified
Hardware:	Other Linux

Importance:	High critical
Target Milestone:	---
Assigned To:	gnome-applets Maintainers
QA Contact:	gnome-applets Maintainers

URL:
Whiteboard:

Depends on:	73119
Blocks:

Reported:	2002-01-03 06:25 UTC by Miles Lane
Modified:	2009-08-15 18:40 UTC

See Also:
GNOME target:	---
GNOME version:	2.0

Description Miles Lane 2002-01-03 06:25:20 UTC

I am testing the Gnome 2.0 platform.  Everything is current CVS HEAD.

The repro case is simple:

Basically, copy a large string into the copy buffer and then
paste it repeatedly into the "Text to copy" input box.
Eventually, you'll hit the error in pango_layout_get_cursor_pos()
and then later you will hit the crash.

gcharmap (pid:11356): ** CRITICAL **: file pango-layout.c: line 1702
(pango_layout_get_cursor_pos): assertion `index >= 0 && index <=
layout->length' failed
gcharmap (pid:11356): ** WARNING **: Invalid UTF8 string passed to
pango_layout_set_text()

Here's the backtrace:

+ Trace 15705

#0 memmove
at ../sysdeps/generic/memmove.c line 105
#1 gtk_entry_real_insert_text
at gtkentry.c line 1911
#2 _gtk_marshal_VOID__STRING_INT_POINTER
at gtkmarshalers.c line 572
#3 g_type_iface_meta_marshal
at gclosure.c line 537
#4 g_closure_invoke
at gclosure.c line 437
#5 signal_emit_unlocked_R
at gsignal.c line 2378
#6 g_signal_emit_valist
at gsignal.c line 2099
#7 g_signal_emit_by_name
at gsignal.c line 2167
#8 gtk_entry_insert_text
at gtkentry.c line 1693
#9 gtk_editable_insert_text
at gtkeditable.c line 107
#10 paste_received
at gtkentry.c line 3191
#11 request_text_received_func
at gtkclipboard.c line 665
#12 selection_received
at gtkclipboard.c line 578
#13 _gtk_marshal_VOID__BOXED_UINT
at gtkmarshalers.c line 844
#14 g_closure_invoke
at gclosure.c line 437
#15 signal_emit_unlocked_R
at gsignal.c line 2340
#16 g_signal_emit_valist
at gsignal.c line 2099
#17 gtk_signal_emit_by_name
at gtksignal.c line 374
#18 gtk_selection_retrieval_report
at gtkselection.c line 1674
#19 gtk_selection_convert
at gtkselection.c line 685
#20 gtk_clipboard_request_contents
at gtkclipboard.c line 629
#21 gtk_clipboard_request_text
at gtkclipboard.c line 701
#22 gtk_entry_paste
at gtkentry.c line 3203
#23 gtk_entry_paste_clipboard
at gtkentry.c line 2201
#24 g_cclosure_marshal_VOID__VOID
at gmarshal.c line 32
#25 g_type_class_meta_marshal
at gclosure.c line 514
#26 g_closure_invoke
at gclosure.c line 437
#27 signal_emit_unlocked_R
at gsignal.c line 2378
#28 g_signal_emit_valist
at gsignal.c line 2099
#29 gtk_signal_emit_by_name
at gtksignal.c line 374
#30 gtk_editable_paste_clipboard
at gtkeditable.c line 209
#31 cb_paste_click
at callbacks.c line 216
#32 g_cclosure_marshal_VOID__VOID
at gmarshal.c line 32
#33 g_closure_invoke
at gclosure.c line 437
#34 signal_emit_unlocked_R
at gsignal.c line 2340
#35 g_signal_emit_valist
at gsignal.c line 2099
#36 gtk_signal_emit
at gtksignal.c line 355
#37 gtk_button_clicked
at gtkbutton.c line 548
#38 gtk_real_button_released
at gtkbutton.c line 1056
#39 g_cclosure_marshal_VOID__VOID
at gmarshal.c line 32
#40 g_type_class_meta_marshal
at gclosure.c line 514
#41 g_closure_invoke
at gclosure.c line 437
#42 signal_emit_unlocked_R
at gsignal.c line 2270
#43 g_signal_emit_valist
at gsignal.c line 2099
#44 gtk_signal_emit
at gtksignal.c line 355
#45 gtk_button_released
at gtkbutton.c line 540
#46 gtk_button_button_release
at gtkbutton.c line 964
#47 _gtk_marshal_BOOLEAN__BOXED
at gtkmarshalers.c line 37
#48 g_type_class_meta_marshal
at gclosure.c line 514
#49 g_closure_invoke
at gclosure.c line 437
#50 signal_emit_unlocked_R
at gsignal.c line 2378
#51 g_signal_emit_valist
at gsignal.c line 2109
#52 gtk_signal_emit
at gtksignal.c line 355
#53 gtk_widget_event_internal
at gtkwidget.c line 3061
#54 gtk_propagate_event
at gtkmain.c line 1826
#55 gtk_main_do_event
at gtkmain.c line 1086
#56 gdk_event_dispatch
at gdkevents-x11.c line 1751
#57 g_main_dispatch
at gmain.c line 1616
#58 g_main_context_dispatch
at gmain.c line 2148
#59 g_main_context_iterate
at gmain.c line 2229
#60 g_main_loop_run
at gmain.c line 2449
#61 gtk_main
at gtkmain.c line 811
#62 main
at main.c line 39
#63 __libc_start_main
at ../sysdeps/generic/libc-start.c line 129

Comment 1 Owen Taylor 2002-01-03 15:48:07 UTC

What's up with this bug? How was it "fixed" and why did 
you change the severity to "blocker" at the same time?

(blocker would mean a bug that blocks GTK+ development, BTW,
which is certainly not the case here.)

Other comments:

 - The backtrace isn't useful unless you do it with --g-fatal-warnings,
   after the first Gtk-Critical, any segfaults aren't meaningful

 - I really think this belongs in gnome-applets/gcharmap until someone 
   tracks it down a bit more.

Comment 2 Miles Lane 2002-01-03 22:43:27 UTC

Owen,

Whoops!  I didn't mean to mark it fixed.
WRT the Blocker severity, with my Ximian Evolution bugs, I was 
instructed that all crashing bugs were considered "blocking"
for release, not development.  So perhaps "critical" is appropriate
instead, for your usage?

I will move it to gcharmap and reproduce the problem with 
--g-fatal-warnings.

Thanks,
         Miles

Comment 3 Miles Lane 2002-01-09 18:03:21 UTC

Owen, I reran the test using --g-fatal-warnings.  Here is the
resulting backtrace from the core dump:

+ Trace 15980

#0 g_logv
#1 g_log
#2 pango_layout_set_text
at pango-layout.c line 732
#3 gtk_entry_create_layout
at gtkentry.c line 2521
#4 gtk_entry_ensure_layout
at gtkentry.c line 2561
#5 gtk_entry_draw_text
at gtkentry.c line 2622
#6 gtk_entry_expose
at gtkentry.c line 1312
#7 _gtk_marshal_BOOLEAN__BOXED
at gtkmarshalers.c line 37
#8 g_type_class_meta_marshal
at gclosure.c line 514
#9 g_closure_invoke
at gclosure.c line 437
#10 signal_emit_unlocked_R
at gsignal.c line 2378
#11 g_signal_emit_valist
at gsignal.c line 2109
#12 gtk_signal_emit
at gtksignal.c line 355
#13 gtk_widget_event_internal
at gtkwidget.c line 3067
#14 gtk_main_do_event
at gtkmain.c line 1045
#15 gdk_window_process_updates_internal
at gdkwindow.c line 2099
#16 gdk_window_process_all_updates
at gdkwindow.c line 2132
#17 gtk_container_idle_sizer
at gtkcontainer.c line 1027
#18 g_idle_dispatch
at gmain.c line 3116
#19 g_main_dispatch
at gmain.c line 1616
#20 g_main_context_dispatch
at gmain.c line 2148
#21 g_main_context_iterate
at gmain.c line 2229
#22 g_main_loop_run
at gmain.c line 2449
#23 gtk_main
at gtkmain.c line 811
#24 main
at main.c line 39
#25 __libc_start_main
at ../sysdeps/generic/libc-start.c line 129

Comment 4 Luis Villa 2002-02-13 02:55:18 UTC

Reassigning this to pango since there is more crash data now.

Comment 5 Owen Taylor 2002-02-13 15:47:43 UTC

Looks very much to me like the app is inserting invalid UTF-8
into an entry.

Comment 6 Kevin Vandersloot 2002-02-15 21:40:27 UTC

This bug is for gcharmap (now gnome-character-map) for gnome-utils not
the applet

Comment 7 Kevin Vandersloot 2002-02-20 00:21:21 UTC

Moving to gnome-utils

Comment 8 ganesan_s 2002-03-02 11:45:32 UTC

I think this is due to problem in GTK2 for which a separate bug
has been filed (73119), fixing the bug 73119 will solve this bug also.

Comment 9 Luis Villa 2002-03-03 05:19:25 UTC

Ganesan: not a big deal at all (it is rarely used) but for your
information, you can add bug 73119 as a dependency of this bug by
putting 73119 in the 'bug X depends on' field, as I've just done.

Comment 10 Luis Villa 2002-03-13 21:30:50 UTC

I'm going to close this, as the crash has apparently been fixed.