Inkscape

Grouping section with connectors attached crashes

Bug #167898 reported by Dath1974
2
Affects Status Importance Assigned to Milestone
Inkscape
Fix Released
Critical
Michael Wybrow
Inkscape 0.46

Bug Description

No to be too vague, but I have been experiencing a
lot of crashes related to grouping and ungrouping
objects over the last few days (just started using
inkscape). . . I decided since I could reproduce
problems fairly easily that I should look a little
further and submit a report. My latest rendition is
in relation to grouping objects (all others I saw
were in ungrouping, and I can try to reproduce them
again if needed). I'm going to go ahead and attach
the SVG that causes the problem. If you select all
boxes around the ones labeled "UML" that have the
connectors attached and then group them, it should
blow up. Here is a stack trace from that (I can
submit a core if necessary):

(gdb) bt
#0 0x000000332122f4f5 in raise ()
from /lib64/libc.so.6
#1 0x0000003321230e40 in abort ()
from /lib64/libc.so.6
#2 0x0000000000442fc9 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#3 <signal handler called>
#4 0x0000000000000000 in ?? ()
#5 0x0000000000442def in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#6 <signal handler called>
#7 0x000000332122f4f5 in raise ()
from /lib64/libc.so.6
#8 0x0000003321230e40 in abort ()
from /lib64/libc.so.6
#9 0x000000332422f0e0 in g_logv ()
from /usr/lib64/libglib-2.0.so.0
#10 0x000000332422f163 in g_log ()
from /usr/lib64/libglib-2.0.so.0
#11 0x000000332422f1e6 in g_assert_warning ()
from /usr/lib64/libglib-2.0.so.0
#12 0x0000000000455ba6 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#13 0x000000000045602e in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#14 0x0000000000454d3b in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#15 0x000000000065feec in std::vector<int,
std::allocator<int> >::_M_insert_aux ()
#16 0x0000000000660d79 in std::vector<int,
std::allocator<int> >::_M_insert_aux ()
#17 0x00000000004b7ce0 in std::vector<Glib::ustring,
std::allocator<Glib::ustring> >::_M_insert_aux ()
#18 0x000000000046aaf3 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#19 0x000000000048118c in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#20 0x0000000000470a41 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#21 0x0000000000465fa9 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#22 0x0000000000470a41 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#23 0x0000000000465fa9 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#24 0x0000000000470a41 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#25 0x0000000000465fa9 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#26 0x000000000047e8bd in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#27 0x0000000000470a41 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#28 0x000000000043bd03 in std::basic_string<char,
std::char_traits<char>, std::allocator<char>
>::basic_string<char*> ()
#29 0x00000000004c8f93 in std::vector<Glib::ustring,
std::allocator<Glib::ustring> >::_M_insert_aux ()
#30 0x000000000044e7ec in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#31 0x00000000006178d2 in std::vector<int,
std::allocator<int> >::_M_insert_aux ()
#32 0x000000332440b22a in g_closure_invoke ()
from /usr/lib64/libgobject-2.0.so.0
#33 0x000000332441b61c in
g_signal_override_class_closure ()
from /usr/lib64/libgobject-2.0.so.0
#34 0x000000332441c7d5 in g_signal_emit_valist ()
from /usr/lib64/libgobject-2.0.so.0
#35 0x000000332441c9b3 in g_signal_emit ()
from /usr/lib64/libgobject-2.0.so.0
#36 0x00000033261b7c75 in gtk_toggle_action_new ()
from /usr/lib64/libgtk-x11-2.0.so.0
#37 0x000000332440b22a in g_closure_invoke ()
from /usr/lib64/libgobject-2.0.so.0
#38 0x000000332441b7bc in
g_signal_override_class_closure ()
from /usr/lib64/libgobject-2.0.so.0
#39 0x000000332441c7d5 in g_signal_emit_valist ()
from /usr/lib64/libgobject-2.0.so.0
#40 0x000000332441c9b3 in g_signal_emit ()
from /usr/lib64/libgobject-2.0.so.0
#41 0x0000003326069469 in gtk_button_released ()
from /usr/lib64/libgtk-x11-2.0.so.0
#42 0x0000003326123e2d in gtk_marshal_BOOLEAN__VOID
() from /usr/lib64/libgtk-x11-2.0.so.0
#43 0x000000332440b22a in g_closure_invoke ()
from /usr/lib64/libgobject-2.0.so.0
#44 0x000000332441b98d in
g_signal_override_class_closure ()
from /usr/lib64/libgobject-2.0.so.0
---Type <return> to continue, or q <return> to
quit---
#45 0x000000332441c59f in g_signal_emit_valist ()
from /usr/lib64/libgobject-2.0.so.0
#46 0x000000332441c9b3 in g_signal_emit ()
from /usr/lib64/libgobject-2.0.so.0
#47 0x00000033261fde1e in
gtk_widget_get_default_style ()
from /usr/lib64/libgtk-x11-2.0.so.0
#48 0x000000332611daad in gtk_propagate_event ()
from /usr/lib64/libgtk-x11-2.0.so.0
#49 0x000000332611eb01 in gtk_main_do_event ()
from /usr/lib64/libgtk-x11-2.0.so.0
#50 0x0000003325a466ac in
gdk_add_client_message_filter ()
from /usr/lib64/libgdk-x11-2.0.so.0
#51 0x0000003324226cca in g_main_context_dispatch ()
from /usr/lib64/libglib-2.0.so.0
#52 0x0000003324229e45 in g_main_context_check ()
from /usr/lib64/libglib-2.0.so.0
#53 0x000000332422a16d in g_main_loop_run ()
from /usr/lib64/libglib-2.0.so.0
#54 0x000000332611ee93 in gtk_main ()
from /usr/lib64/libgtk-x11-2.0.so.0
#55 0x00000000004372e2 in ?? ()
#56 0x0000000000437747 in ?? ()
#57 0x000000332121ce54 in __libc_start_main ()
from /lib64/libc.so.6
#58 0x0000000000436e29 in ?? ()
#59 0x00007fff73fc26b8 in ?? ()
#60 0x0000000000000000 in ?? ()

Also, if you select everything in the entire image
and group and then ungroup, you should get this
crash:
(gdb) bt
#0 0x000000332122f4f5 in raise ()
from /lib64/libc.so.6
#1 0x0000003321230e40 in abort ()
from /lib64/libc.so.6
#2 0x0000000000442fc9 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#3 <signal handler called>
#4 0x0000000000000000 in ?? ()
#5 0x0000000000442def in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#6 <signal handler called>
#7 0x000000000046a9bc in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#8 0x00000000004655d0 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#9 0x0000000000470a41 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#10 0x0000000000465fa9 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#11 0x0000000000470a41 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#12 0x0000000000465fa9 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#13 0x000000000047e8bd in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#14 0x0000000000470a41 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#15 0x000000000043bd03 in std::basic_string<char,
std::char_traits<char>, std::allocator<char>
>::basic_string<char*> ()
#16 0x0000000000455db0 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#17 0x0000000000454d3b in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#18 0x000000000065feec in std::vector<int,
std::allocator<int> >::_M_insert_aux ()
#19 0x00000000004b7e85 in std::vector<Glib::ustring,
std::allocator<Glib::ustring> >::_M_insert_aux ()
#20 0x000000000046a7cd in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#21 0x000000332440b2e8 in g_closure_invoke ()
from /usr/lib64/libgobject-2.0.so.0
#22 0x000000332441bb0e in
g_signal_override_class_closure ()
from /usr/lib64/libgobject-2.0.so.0
#23 0x000000332441c7d5 in g_signal_emit_valist ()
from /usr/lib64/libgobject-2.0.so.0
#24 0x000000332441c9b3 in g_signal_emit ()
from /usr/lib64/libgobject-2.0.so.0
#25 0x000000000047178d in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#26 0x0000000000472df9 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#27 0x0000000000472ed8 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#28 0x000000000046a7f9 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#29 0x000000332440b22a in g_closure_invoke ()
from /usr/lib64/libgobject-2.0.so.0
#30 0x000000332441bb0e in
g_signal_override_class_closure ()
from /usr/lib64/libgobject-2.0.so.0
#31 0x000000332441c7d5 in g_signal_emit_valist ()
from /usr/lib64/libgobject-2.0.so.0
#32 0x000000332441c9b3 in g_signal_emit ()
from /usr/lib64/libgobject-2.0.so.0
#33 0x000000000047178d in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#34 0x0000000000472df9 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#35 0x00000000004656b1 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#36 0x0000000000746afa in std::vector<char const*,
std::allocator<char const*> >::_M_insert_aux ()
#37 0x00000000004b8eb6 in std::vector<Glib::ustring,
std::allocator<Glib::ustring> >::_M_insert_aux ()
#38 0x0000000000472f89 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#39 0x00000000004663e7 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#40 0x000000000044bd05 in std::list<sigc::slot_base,
std::allocator<sigc::slot_base> >::erase ()
#41 0x00000000006178d2 in std::vector<int,
std::allocator<int> >::_M_insert_aux ()
#42 0x000000332440b22a in g_closure_invoke ()
from /usr/lib64/libgobject-2.0.so.0
#43 0x000000332441b61c in
g_signal_override_class_closure ()
from /usr/lib64/libgobject-2.0.so.0
#44 0x000000332441c7d5 in g_signal_emit_valist ()
from /usr/lib64/libgobject-2.0.so.0
---Type <return> to continue, or q <return> to
quit---
#45 0x000000332441c9b3 in g_signal_emit ()
from /usr/lib64/libgobject-2.0.so.0
#46 0x00000033261b7c75 in gtk_toggle_action_new ()
from /usr/lib64/libgtk-x11-2.0.so.0
#47 0x000000332440b22a in g_closure_invoke ()
from /usr/lib64/libgobject-2.0.so.0
#48 0x000000332441b7bc in
g_signal_override_class_closure ()
from /usr/lib64/libgobject-2.0.so.0
#49 0x000000332441c7d5 in g_signal_emit_valist ()
from /usr/lib64/libgobject-2.0.so.0
#50 0x000000332441c9b3 in g_signal_emit ()
from /usr/lib64/libgobject-2.0.so.0
#51 0x0000003326069469 in gtk_button_released ()
from /usr/lib64/libgtk-x11-2.0.so.0
#52 0x0000003326123e2d in gtk_marshal_BOOLEAN__VOID
() from /usr/lib64/libgtk-x11-2.0.so.0
#53 0x000000332440b22a in g_closure_invoke ()
from /usr/lib64/libgobject-2.0.so.0
#54 0x000000332441b98d in
g_signal_override_class_closure ()
from /usr/lib64/libgobject-2.0.so.0
#55 0x000000332441c59f in g_signal_emit_valist ()
from /usr/lib64/libgobject-2.0.so.0
#56 0x000000332441c9b3 in g_signal_emit ()
from /usr/lib64/libgobject-2.0.so.0
#57 0x00000033261fde1e in
gtk_widget_get_default_style ()
from /usr/lib64/libgtk-x11-2.0.so.0
#58 0x000000332611daad in gtk_propagate_event ()
from /usr/lib64/libgtk-x11-2.0.so.0
#59 0x000000332611eb01 in gtk_main_do_event ()
from /usr/lib64/libgtk-x11-2.0.so.0
#60 0x0000003325a466ac in
gdk_add_client_message_filter ()
from /usr/lib64/libgdk-x11-2.0.so.0
#61 0x0000003324226cca in g_main_context_dispatch ()
from /usr/lib64/libglib-2.0.so.0
#62 0x0000003324229e45 in g_main_context_check ()
from /usr/lib64/libglib-2.0.so.0
#63 0x000000332422a16d in g_main_loop_run ()
from /usr/lib64/libglib-2.0.so.0
#64 0x000000332611ee93 in gtk_main ()
from /usr/lib64/libgtk-x11-2.0.so.0
#65 0x00000000004372e2 in ?? ()
#66 0x0000000000437747 in ?? ()
#67 0x000000332121ce54 in __libc_start_main ()
from /lib64/libc.so.6
#68 0x0000000000436e29 in ?? ()
#69 0x00007fff582f09e8 in ?? ()
#70 0x0000000000000000 in ?? ()

I am running Fedora Core 5 x86_64 with
inkscape-0.44-2.fc5 (x86_64).

Revision history for this message
Dath1974 (dath1974) wrote :
Revision history for this message
Buliabyak-users (buliabyak-users) wrote :

confirmed, connectors are the culprit

Revision history for this message
Buliabyak-users (buliabyak-users) wrote :

Originator: NO

Michael, this one still crashes. Drag around the first column of "UML"
boxes, group, ungroup - crash.

Revision history for this message
Michael Wybrow (mjwybrow) wrote :

Originator: NO

Oh, I can reproduce this one. Thanks Bulia, I will take a look.

Ryan Lerch (ryanlerch)
Changed in inkscape:
status: New → Confirmed
Revision history for this message
Bryce Harrington (bryce) wrote :

Hi Michael, have you had a chance to look into this? It would be good to get this one fixed for the release, it appears to be affecting all platforms, and the use case for it is not particularly unusual.

Changed in inkscape:
milestone: none → 0.46
Revision history for this message
Bryce Harrington (bryce) wrote :

Was able to reproduce the second crash using the file and steps reported.

For the first case, I'm not sure I did the steps correctly as I did not get a crash, but I did see a bunch of warnings spewed to the console:

WARNING: Requested update while update in progress, counter = 4
WARNING: Requested update while update in progress, counter = 4
WARNING: Requested update while update in progress, counter = 4
...

Revision history for this message
Michael Wybrow (mjwybrow) wrote :

I'm taking a look at this now.

Revision history for this message
Michael Wybrow (mjwybrow) wrote :

I have checked in a fix for this crash as revision 16899.
This does not fix the strange routing for some connectors attached to grouped objects, as in the example file in this bug report. This strange routing will be fixed as a separate change.

Changed in inkscape:
status: Confirmed → Fix Committed
Michael Wybrow (mjwybrow)
Changed in inkscape:
status: Fix Committed → Fix Released
Revision history for this message
Bryce Harrington (bryce) wrote :

Thanks Michael!!

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.