Crash when using Tweak tool, push on a 3D box (0.46pre4-1.win32 on vista)

confirmed with 0.46 and latest svn, but only on windows xp - linux is fine

Thanks for reporting this. Is anyone able to provide a gdb backtrace of this? Unfortunately I don't have access to a windows build.

I can't reproduce with libpng12.dll from here (the only difference between 046pre4-1 and pre4-2);
http://inkscape.svn.sourceforge.net/viewvc/*checkout*/inkscape/inkscape/branches/RELEASE_0_46_BRANCH/packaging/win32/patches/libpng12.dll?revision=18068

Do you have that dll?

Has anyone seen this on any dev builds?

I have just posted the debug stuff for pre4 on SF now. Please try and do a backtrace if possible;
* Put the files in the inkscape directory
* From a command prompt in that directory, type;
..>gdb (enter)
(gdb) file inkscape.exe inkscape.dbg (enter)
(gdb) run

May give an error about and xml file sigsev - type
(gdb) continue (enter)

Now it should run, and if you can reproduce the crash, then go to the command window and type bt (enter)
Copy the info into the bug report.

Thanks

On Sat, Mar 29, 2008 at 5:14 PM, Rygle <email address hidden> wrote:
> I can't reproduce with libpng12.dll from here (the only difference between 046pre4-1 and pre4-2);

I put the dll you linked into pre4-1 and I still get it to crash on
this (win xp)

will try to look into it when svn finishes compiling

Thanks for the offer. But I just discovered that a pointer to an Inkscape::XML::Node is passed where a pointer to an SPItem is expected. This only issues a warning on Linux but maybe it causes a crash on windows. I'll fix this and then you can retry to see if the error goes away. Otherwise I'll be grateful for any helping hand.

WinXP, pre4-2, it freezes in gdb, heres bt:

Program received signal SIGSEGV, Segmentation fault.
0x77c478c0 in strlen () from C:\WINDOWS\system32\msvcrt.dll
(gdb) bt
#0 0x77c478c0 in strlen () from C:\WINDOWS\system32\msvcrt.dll
#1 0x6861cbc3 in _g_gnulib_vasnprintf ()
   from C:\Program Files\inkscape\libglib-2.0-0.dll
#2 0x6861d8a7 in _g_gnulib_vasprintf ()
   from C:\Program Files\inkscape\libglib-2.0-0.dll
#3 0x686151a4 in g_vasprintf ()
   from C:\Program Files\inkscape\libglib-2.0-0.dll
#4 0x686023d6 in g_strdup_vprintf ()
   from C:\Program Files\inkscape\libglib-2.0-0.dll
#5 0x685ee6a7 in g_logv () from C:\Program Files\inkscape\libglib-2.0-0.dll
#6 0x685ee8c6 in g_log () from C:\Program Files\inkscape\libglib-2.0-0.dll
#7 0x63a61297 in g_type_check_instance_cast ()
   from C:\Program Files\inkscape\libgobject-2.0-0.dll
#8 0x006fe889 in sp_tweak_dilate_recursive ()
#9 0x006fff8e in sp_tweak_dilate ()
#10 0x00700ee2 in sp_tweak_context_root_handler ()
#11 0x004ace11 in sp_event_context_root_handler ()
#12 0x004aa9b3 in sp_marshal_INT__POINTER_POINTER ()
#13 0x63a43945 in g_closure_invoke ()
   from C:\Program Files\inkscape\libgobject-2.0-0.dll
#14 0x63a57075 in signal_emit_unlocked_R ()
   from C:\Program Files\inkscape\libgobject-2.0-0.dll
#15 0x0022ec70 in ?? ()
#16 0x00000003 in ?? ()
#17 0x004aa950 in sp_marshal_DOUBLE__POINTER_UINT ()
Cannot access memory at address 0x40000006

The wrong pointer type is now fixed as of rev. 18086. Could you give it a try and report if this also fixes the crash? Thanks.

Thanks for the backtrace, prkos (though I only saw it after my last post). Telling from the g_type_check_instance_cast() I'd bet the wrong pointer was indeed the issue. Looking forward to any confirmation. :)

thanks for the backtrace - i propose we just forbid it to try working
on 3d boxes for the release, quick fix:

Index: tweak-context.cpp
===================================================================
--- tweak-context.cpp (revision 18085)
+++ tweak-context.cpp (working copy)
@@ -338,9 +338,7 @@
     bool did = false;

     if (SP_IS_BOX3D(item)) {
- // convert 3D boxes to ordinary groups before tweaking their shapes
- item = SP_ITEM(box3d_convert_to_group(SP_BOX3D(item)));
- selection->add(item);
+ return did;
     }

     if (SP_IS_GROUP(item)) {

I won't be able to test this for at least an hour, compiling is VERY slow here

Max: Thanks, your change fixed the crash!

Rygle or anyone: can you please commit this change to 0.46:

http://inkscape.svn.sourceforge.net/viewvc/inkscape?view=rev&sortby=date&revision=18086

before the final windows version is released.

--
bulia byak
Inkscape. Draw Freely.
http://www.inkscape.org

Great team work guys. I was worried this would delay things, but I really appreciate you all jumping in. Very impressed!

I will commit this later today. Need to clean up one other patch first, then will do this.

Haven't tested the build, but will do that too.

Bulia, do you know that on Win32 you can just delete the four files generated by btool (build.dep, config.h, inkscape_version.h and compile.lst) and the either delete or rename the inkscape directory, and then run btool again, and it will only recompile the changed modules and their deps. I don't think I would do that if I changed the devlibs in between, and I still do a clean build fairly often, but many fewer 1hr waits to test.

For convenience, a patch is attached. I hope this works, since it's cooked up from the SF web interface (I'm not at my own machine right now). Please get back to me if there are problems applying this.

Bryce: It may make sense to apply this for 0.46.1, too. While it doesn't crash on Linux (at least not for me), it issues a critical warning and I have no idea if some Glib implementations don't crash on certain Linux distributions as well. Also, due to the wrong pointer type being passed, the tweak tool doesn't work for 3D boxes immediately (they must be reselected first). In any case, in view of _potential_ crashes I'm nominating this for 0.46.x but leave it to you to decide whether it's applicable.

Hi,

I've just retried the the same actions with Inkscape-0.46pre4-2.win32.exe (running on Windows Vista)...

And I have the same problem (1. I make a 3D box with the 3D box tool. 2. I try to modify it with the tweak tool. 3. The application crash.)

I'm sorry cause i would like to help you with a backtrace, but i don't know where to find gdb installation file for windows :-/ (http://sourceforge.net/project/showfiles.php?group_id=2435)

Thanks for your work.

Regards,

Thomas.

Thanks Thomas. Hopefully the attached patch fixes this. I am testing this today, and hopefully this fix can be applied to the proper 0.46 release.

Bbyack wrote:
> Rygle or anyone: can you please commit this change to 0.46:
> http://inkscape.svn.sourceforge.net/viewvc/inkscape?view=rev&sortby=date&revision=18086

Sorry guys, but there are too many diffs between trunk and branch here. Several other bugfixes that add lots of stuff, like https://bugs.launchpad.net/inkscape/+bug/188991, which Bryce is saying should wait for 0.46.1.

I'm doing the disable thing for Win32 release, since this is not essential. We just want to stop the crash.

http://inkscape.svn.sourceforge.net/viewvc/*checkout*/inkscape/inkscape/branches/RELEASE_0_46_BRANCH/packaging/win32/patches/09_3D_box_Tweak_Tool_Disable.patch?revision=18128

Max: With the patch you put up, I get errors to do with this line in src/sp-item-group.cpp

- sp_lpe_item_remove_path_effect(SP_LPE_ITEM(group), false);
+ sp_lpe_item_remove_path_effect(SP_LPE_ITEM(group), false);

This line doesn't exist in the branch version. Then I get all sorts of stuff about undeclared variables.

Patch attached for branch with modifications suggested by Max.

Already committed to trunk

Committed to branch and in 0.46 win32.

Should clarify - committed to 0.46 Win32 patch 09 in branch, not branch proper, so this doesn't affect non-Win32 at present in branch, just trunk.

Changing to "Fix Released" so Launchpad counts as closed in stats