Inkscape

Crash under Wayland in gdl code

Bug #1720096 reported by Tavmjong Bah
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Inkscape
Fix Released
Undecided
Unassigned

Bug Description

Inkscape (trunk/master) crashes under Wayland but not X11 when a second window is opened with docked dialogs.

To force X11 to be used:

$ GDK_BACKEND=x11 gdb ../trunk_run/bin/inkscape

Tested with Fedora 25.

*** Error in `/home/tavmjong/Src/inkscape/trunk_run/bin/inkscape': munmap_chunk(): invalid pointer: 0x0000000003e97d20 ***

#0 0x00007fffeb4dc8df in raise () at /lib64/libc.so.6
#1 0x00007fffeb4de4da in abort () at /lib64/libc.so.6
#2 0x00007fffeb5201f0 in __libc_message () at /lib64/libc.so.6
#3 0x00007fffeb52d438 in free () at /lib64/libc.so.6
#4 0x00007ffff28b76ce in g_free () at /lib64/libglib-2.0.so.0
#5 0x00007fffee73a3c0 in gdl_dock_object_finalize () at /lib64/libgdl-3.so.5
#6 0x00007ffff2b8f117 in g_object_unref () at /lib64/libgobject-2.0.so.0
#7 0x00007fffee7410ac in gdl_dock_add_item () at /lib64/libgdl-3.so.5
#8 0x00007ffff6b596f3 in Inkscape::UI::Widget::Dock::addItem(Inkscape::UI::Widget::DockItem&, GdlDockPlacement) (this=0x29cef70, item=..., placement=GDL_DOCK_TOP)
    at /home/tavmjong/Src/inkscape/trunk/src/ui/widget/dock.cpp:133
#9 0x00007ffff6b5542c in Inkscape::UI::Widget::DockItem::DockItem(Inkscape::UI::Widget::Dock&, Glib::ustring const&, Glib::ustring const&, Glib::ustring const&, Inkscape::UI::Widget::DockItem::State, GdlDockPlacement) (this=0x5c8c9b0, dock=..., name=..., long_name=..., icon_name=..., state=Inkscape::UI::Widget::DockItem::DOCKED_STATE, placement=GDL_DOCK_TOP)
    at /home/tavmjong/Src/inkscape/trunk/src/ui/widget/dock-item.cpp:71
#10 0x00007ffff68fca74 in Inkscape::UI::Dialog::Behavior::DockBehavior::DockBehavior(Inkscape::UI::Dialog::Dialog&) (this=0x5c8c9a0, dialog=...)
    at /home/tavmjong/Src/inkscape/trunk/src/ui/dialog/dock-behavior.cpp:44
#11 0x00007ffff68fcfc1 in Inkscape::UI::Dialog::Behavior::DockBehavior::create(Inkscape::UI::Dialog::Dialog&) (dialog=...) at /home/tavmjong/Src/inkscape/trunk/src/ui/dialog/dock-behavior.cpp:69
#12 0x00007ffff68f9867 in Inkscape::UI::Dialog::Dialog::Dialog(Inkscape::UI::Dialog::Behavior::Behavior* (*)(Inkscape::UI::Dialog::Dialog&), char const*, int, Glib::ustring const&) (this=0x5c8c8e8, behavior_factory=0x7ffff68fcf96 <Inkscape::UI::Dialog::Behavior::DockBehavior::create(Inkscape::UI::Dialog::Dialog&)>, prefs_path=0x5b117a8 "/dialogs/xml/", verb_num=246, apply_label=...)
    at /home/tavmjong/Src/inkscape/trunk/src/ui/dialog/dialog.cpp:74
#13 0x00007ffff68f475b in Inkscape::UI::Dialog::PanelDialog<Inkscape::UI::Dialog::Behavior::DockBehavior>::PanelDialog(Inkscape::UI::Widget::Panel&, char const*, int, Glib::ustring const&) (this=0x5c8c8d0,
    panel=..., prefs_path=0x5b117a8 "/dialogs/xml/", verb_num=246, apply_label=...) at /home/tavmjong/Src/inkscape/trunk/src/ui/dialog/panel-dialog.h:146
#14 0x00007ffff68f39b6 in Inkscape::UI::Dialog::PanelDialog<Inkscape::UI::Dialog::Behavior::DockBehavior>::create<Inkscape::UI::Dialog::XmlTree>() ()
    at /home/tavmjong/Src/inkscape/trunk/src/ui/dialog/panel-dialog.h:178
#15 0x00007ffff68ecc25 in Inkscape::UI::Dialog::(anonymous namespace)::create<Inkscape::UI::Dialog::XmlTree, Inkscape::UI::Dialog::Behavior::DockBehavior>() ()
    at /home/tavmjong/Src/inkscape/trunk/src/ui/dialog/dialog-manager.cpp:74
#16 0x00007ffff68ec2b4 in Inkscape::UI::Dialog::DialogManager::getDialog(unsigned int) (this=0x3a65940, name=4587) at /home/tavmjong/Src/inkscape/trunk/src/ui/dialog/dialog-manager.cpp:263
#17 0x00007ffff68ec39c in Inkscape::UI::Dialog::DialogManager::showDialog(unsigned int, bool) (this=0x3a65940, name=4587) at /home/tavmjong/Src/inkscape/trunk/src/ui/dialog/dialog-manager.cpp:284
#18 0x00007ffff68ec318 in Inkscape::UI::Dialog::DialogManager::showDialog(char const*, bool) (this=0x3a65940, name=0x5b0cf10 "XmlTree", grabfocus=false)
    at /home/tavmjong/Src/inkscape/trunk/src/ui/dialog/dialog-manager.cpp:275
#19 0x00007ffff6d05f63 in SPDesktop::show_dialogs() (this=0x145a540) at /home/tavmjong/Src/inkscape/trunk/src/desktop.cpp:1943
#20 0x00007ffff6c290d0 in sp_desktop_widget_size_allocate(GtkWidget*, GtkAllocation*) (widget=0x2f8de00, allocation=0x7fffffffcd20) at /home/tavmjong/Src/inkscape/trunk/src/widgets/desktop-widget.cpp:863
#21 0x00007fffee1b0521 in gtk_widget_size_allocate_with_baseline () at /lib64/libgtk-3.so.0
#22 0x00007fffee1c6cab in gtk_window_size_allocate () at /lib64/libgtk-3.so.0
#23 0x00007ffff2b8a3e5 in g_closure_invoke () at /lib64/libgobject-2.0.so.0
#24 0x00007ffff2b9be04 in signal_emit_unlocked_R () at /lib64/libgobject-2.0.so.0
#25 0x00007ffff2ba505f in g_signal_emit_valist () at /lib64/libgobject-2.0.so.0
#26 0x00007ffff2ba543f in g_signal_emit () at /lib64/libgobject-2.0.so.0
#27 0x00007fffee1b0717 in gtk_widget_size_allocate_with_baseline () at /lib64/libgtk-3.so.0
#28 0x00007fffee1c1251 in gtk_window_check_resize () at /lib64/libgtk-3.so.0
#29 0x00007ffff2b8a614 in _g_closure_invoke_va () at /lib64/libgobject-2.0.so.0
#30 0x00007ffff2ba4dd9 in g_signal_emit_valist () at /lib64/libgobject-2.0.so.0
#31 0x00007ffff2ba543f in g_signal_emit () at /lib64/libgobject-2.0.so.0
#32 0x00007fffedf91eb8 in gtk_container_idle_sizer () at /lib64/libgtk-3.so.0
#33 0x00007ffff2b8a3e5 in g_closure_invoke () at /lib64/libgobject-2.0.so.0
#34 0x00007ffff2b9c432 in signal_emit_unlocked_R () at /lib64/libgobject-2.0.so.0
#35 0x00007ffff2ba505f in g_signal_emit_valist () at /lib64/libgobject-2.0.so.0
#36 0x00007ffff2ba543f in g_signal_emit () at /lib64/libgobject-2.0.so.0
#37 0x00007fffedb76be3 in gdk_frame_clock_paint_idle () at /lib64/libgdk-3.so.0
#38 0x00007fffedb61eb8 in gdk_threads_dispatch () at /lib64/libgdk-3.so.0
#39 0x00007ffff28b289d in g_timeout_dispatch () at /lib64/libglib-2.0.so.0
#40 0x00007ffff28b1e52 in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
#41 0x00007ffff28b21d0 in g_main_context_iterate.isra () at /lib64/libglib-2.0.so.0
#42 0x00007ffff28b24f2 in g_main_loop_run () at /lib64/libglib-2.0.so.0
#43 0x00007fffee057655 in gtk_main () at /lib64/libgtk-3.so.0
#44 0x00000000004246f7 in sp_main_gui(int, char const**) (argc=1, argv=0x7fffffffdf28) at /home/tavmjong/Src/inkscape/trunk/src/main.cpp:1050

Tavmjong Bah (tavmjong-free)
tags: added: gtk3
Revision history for this message
Tavmjong Bah (tavmjong-free) wrote :

Wicked!

On creating a new file, a call to Application::add_desktop() (a.k.a INKSCAPE.add_desktop()) is made setting the active desktop to the new desktop. However, a SPDesktopWidget::onFocusInEvent() happens before the panels are created. This sets the active desktop back to the old desktop. The panels are then created using the wrong desktop.

sp_file_open()/sp_file_new() calls
 sp_desktop_widget_new() calls
  SPDesktopWidget::createInstance() calls
   Appllication::add_desktop() a.k.a INKSCAPE.add_desktop()

sp_file_new()/sp_file_open() calls
 sp_create_window() which emits signal (win->show()) that calls

  SPDesktop::onFocusInEvent() Sets desktop back to old desktop before above signal handled.

  sp_desktop_widget_size_allocate() calls This is strange, why is it here?
   SPDesktop->show_dialogs() calls
     _dlg_mgr->showDialog for each dialog in Inkscape
       Dialog::getDialog()
         PanelDialog<B>::create()
           Panel::_init() Wrong desktop used!

Misc. Notes:

sp_namedview_window_from_document() calls SPDesktop->show_dialogs. On Linux this is blocked "due to gdl dock bug"

Application::active_desktop() a.k.a. SP_ACTIVE_DESKTOP: returns desktop at front of _desktops.
Application::add_desktop(SPDesktop * desktop) : inserts desktop into _desktops at front.

SPDesktopWidget::createInstance: calls Application::add_desktop a.k.a INKSCAPE.add_desktop
  it also calls dtw->panels->setDesktop

SPDesktop::init(): sets calls DialogManager::getInstance()

Revision history for this message
Tavmjong Bah (tavmjong-free) wrote :

Fixed in c866617 by resetting active desktop before call to showDialogs().

Revision history for this message
Qantas94Heavy (qantas94heavy) wrote :

Closing as fix released as per comment above.

Closed by: https://gitlab.com/Qantas94Heavy

Changed in inkscape:
status: New → Fix Released
tbnorth (terry-n-brown)
tags: added: bug-migration
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.