Inkscape

Fedora 28: Inkscape crashes when hitting ENTER on text input

Bug #1768958 reported by Kryo Stat
64
This bug affects 10 people
Affects Status Importance Assigned to Milestone
Inkscape
Fix Released
Undecided
Unassigned
Inkscape 0.92.5 "0.92.5"
Fedora
Fix Released
Undecided

Bug Description

Inkscape 0.92.3 (2405546, 2018-03-11)
Fedora 28

1) Open new document
2) Select Text Tool (F8)
3) Click on empty canvas
4) Hit ENTER

-> Inkscape crashes

Terminal output:

/usr/include/c++/8/bits/stl_vector.h:950: std::vector<_Tp, _Alloc>::const_reference std::vector<_Tp, _Alloc>::operator[](std::vector<_Tp, _Alloc>::size_type) const [with _Tp = Inkscape::Text::Layout::Character; _Alloc = std::allocator<Inkscape::Text::Layout::Character>; std::vector<_Tp, _Alloc>::const_reference = const Inkscape::Text::Layout::Character&; std::vector<_Tp, _Alloc>::size_type = long unsigned int]: Assertion '__builtin_expect(__n < this->size(), true)' failed.

Emergency save activated!

Emergency save document locations:
  /home/user/New document 1.2018_05_03_21_36_49.0.svg
Emergency save completed. Inkscape will close now.
If you can reproduce this crash, please file a bug at www.inkscape.org
with a detailed description of the steps leading to the crash, so we can fix it.
/usr/include/c++/8/bits/stl_vector.h:950: std::vector<_Tp, _Alloc>::const_reference std::vector<_Tp, _Alloc>::operator[](std::vector<_Tp, _Alloc>::size_type) const [with _Tp = Inkscape::Text::Layout::Character; _Alloc = std::allocator<Inkscape::Text::Layout::Character>; std::vector<_Tp, _Alloc>::const_reference = const Inkscape::Text::Layout::Character&; std::vector<_Tp, _Alloc>::size_type = long unsigned int]: Assertion '__builtin_expect(__n < this->size(), true)' failed.
Aborted (core dumped)

Revision history for this message
Alvin Penner (apenner) wrote :

- not reproduced on Windows 10, Inkscape 0.92.3 (2405546, 2018-03-11)

sounds similar to https://bugs.launchpad.net/inkscape/+bug/1445204
but this bug was fixed in August 2015, at
https://bazaar.launchpad.net/~inkscape.dev/inkscape/trunk/revision/14308

Revision history for this message
Jake Irvine (colonel-panic) wrote :

This happens to me too. It also seems to crash when double-clicking text after it has been created, showing the same error - but before the emergency save text...

Revision history for this message
makaro (tommk) wrote :

this happen to me too.

Fedora 28
Inkscape 0.92.3 (inkscape-0.92.3-1.fc28.x86_64). Same error, double click text crashed Inkscape. No matter which font I choose.

Revision history for this message
makaro (tommk) wrote :

the bug happen, when I trying to edit some text. It's not happen when I create new text

Revision history for this message
Kryo Stat (xk1) wrote :

Also happens when loading a file that has a line break in normal text (not flow text)

Revision history for this message
Hachmann (marenhachmann) wrote :

Not reproduced with Inkscape 0.92.x on Linux Mint 18.3 - could this be Fedora-specific?

Revision history for this message
Kryo Stat (xk1) wrote :

Could be. I opened a Bug report on the Fedora Bugtracker
https://bugzilla.redhat.com/show_bug.cgi?id=1575842

Revision history for this message
Hachmann (marenhachmann) wrote :

Just summarizing:

Related bug report in Fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=1575842

Related bug reports in Inkscape:
https://bugs.launchpad.net/inkscape/+bug/1769662
https://bugs.launchpad.net/inkscape/+bug/1768958 (this one)
https://bugs.launchpad.net/inkscape/+bug/1769394

Revision history for this message
Jake Irvine (colonel-panic) wrote :

Neither the snap package or a compiled version of inkscape seem to have this issue, so it must be fedora compilation specific.

Changed in inkscape:
status: New → Confirmed
Changed in fedora:
importance: Undecided → Unknown
status: New → Unknown
Revision history for this message
Hachmann (marenhachmann) wrote :

There are multiple reports about crashes during different text editing actions on Fedora 28, with at least three different traceback messages - however, I suspect they're all related somehow.

summary: - Inkscape crashes when hitting ENTER on text input
+ Fedora 28: Inkscape crashes when hitting ENTER on text input
Revision history for this message
David Millar (davmillar) wrote :

I was able to reproduce this with the same conditions and error output as the OP.

I also downgraded Inkscape using `sudo dnf downgrade inkscape` and tried version Inkscape 0.92.2 (5c3e80d, 2017-08-06). The same crash occurred with the same error output.

Revision history for this message
Jake Irvine (colonel-panic) wrote :

Hmm. Do older versions of software get recompiled for f28?

Revision history for this message
db8200 (db8200) wrote :

Although I have the same OS version and Inkscape version, I could not reproduce the crash when hitting Enter on empty text.
But I am affected by other crashes related to text:
https://bugs.launchpad.net/inkscape/+bug/1779779

Revision history for this message
Gwyn Ciesla (limburgher) wrote :

https://bugzilla.redhat.com/show_bug.cgi?id=1612618

Revision history for this message
Gwyn Ciesla (limburgher) wrote :

This will probably hit more and more people as whatever is newer in Fedora us updated in other distros. I think it's a bug in something Inkscape uses but I'm not sure what.

Bug Watch Updater (bug-watch-updater)
Changed in fedora:
importance: Unknown → Undecided
status: Unknown → Fix Released
Revision history for this message
mray (mrayyyy) wrote :

Closing because this can't be reproduced on Inkscape 1.0alpha (Ubuntu).

Closed by: https://gitlab.com/mray

Changed in inkscape:
status: Confirmed → Invalid
Revision history for this message
Hachmann (marenhachmann) wrote :

Uuuhm. This is a Fedora-specific bug. Please leave this open for a Fedora user to test.

Changed in inkscape:
status: Invalid → Confirmed
Revision history for this message
Hachmann (marenhachmann) wrote :

Or rather, to confirm the fix.

Revision history for this message
Hachmann (marenhachmann) wrote :

Or read up on the fedora bug reports, where maybe someone already has confirmed the fix.

Revision history for this message
Mc (mc...) wrote :

Fedora-specific crashes can be tested only if making sure that FORTIFY_SOURCE=2 is set in the build, and I do not remember if 1.0-alpha has it enabled.

Revision history for this message
Nathan Lee (nathan.lee) wrote :
Download full text (4.9 KiB)

Tested a bunch of issues regarding Fedora 28/29. I think this issue should be closed.

Gotta make sure _FORTIFY_SOURCE=2 was enabled in at least some of my tests.

I'm not sure how to ensure _FORTIFY_SOURCE=2 is enabled in 1.0alpha/0.92.x
I have tested on a build in a Fedora 28 VM for both of them and they show no error.

Tested on a Release build, which has -D_FORTIFY_SOURCE=2 and -O2 set, but I don't know how
to ensure/test that these flags aren't overridden.

I've attached the contents of compile_commands.json (generated by cmake I think)

======

"Method"

Here are the builds I've tested with
1. dnf install inkscape now installs inkscape 0.92.4 (unknown) on Fedora 28
2. dnf install inkscape now installs inkscape 0.92.4 (unknown) on Fedora 29
3. 1.0alpha 2019-04-16 (d7d7b926b4) custom build set to Release on Fedora 28
4. 0.92.4 2019-03-29 (da74ff7714) custom build set to Release on Fedora 28
5. dnf install inkscape && dnf downgrade inkscape to 0.92.2 (5c3e80d 2017-08-06) on Fedora 28
6. Last minute 1.0alpha appimage Fedora 29 from inkscape.org (i.e. not a job artefact)

Here are the issues I've tested:
a. This one (https://bugs.launchpad.net/inkscape/+bug/1768958), namely:
a1. Newline on new text
a2. create some text then hit enter
a3. edit some text (try to check two positions, see https://bugzilla.redhat.com/show_bug.cgi?id=1575842#c24)
a4. loading file with line break in normal text
b. two files in https://bugs.launchpad.net/inkscape/+bug/1769662
c. open Faust.svg mentioned in comments of https://bugs.launchpad.net/inkscape/+bug/1769394
d. pasting text with newline https://bugzilla.redhat.com/show_bug.cgi?id=1575842#c9
e. navigating up and down with text (single newline) https://bugzilla.redhat.com/show_bug.cgi?id=1575842#c21
f. highlighting text https://bugzilla.redhat.com/show_bug.cgi?id=1612618#c3
g. problem mentioned in https://bugs.launchpad.net/inkscape/+bug/1788977 (see video they uploaded with double click of A)
h. Open file mentioned in https://bugs.launchpad.net/inkscape/+bug/1774888

i. Double click single char in flowtext. https://bugs.launchpad.net/inkscape/+bug/1773050
j. https://bugs.launchpad.net/inkscape/+bug/1779779 (note marked fix released already but testing anyway)
k. https://bugs.launchpad.net/inkscape/+bug/1773049 (unclear instructions)

=====
Results

1, 2, 3, 4, 6 have no relates crashes or error messages. There were some crashes in 4, and some errors when opening 6. but unrelated to this.

5. For the 0.92.2 build:

a4 possibly replicated (I created the line break inbetwee two other lines) but then crash if file had an empty tspan `<tspan />` (i.e. empty line)
b. crash on open for first file (unexpected, prevents replication) and crash with other file (replication). I removed an empty tspan from the first file but I couldn't replicate the problem. If they tried adding a newline, then yes, I did replicate (crash on adding a newline).
f. crash when highlighting to the end of the line
j. not really replicated. PgDn from somewhere else (and thus ending on the last line) does crash it but not when the cursor is already at the end.
k. replicated? Unclear instructions

rest were replicated unremarkably.

====
Extra...

Read more...

Revision history for this message
Nathan Lee (nathan.lee) wrote :

Not looking good for my build tests, built from the INKSCAPE_0_92_3 tag and it looks like the bugs are not being replicated.

Still support closing since the 0.92.4 version from dnf still fails to replicate.

Still unsure though.

Revision history for this message
Nathan Lee (nathan.lee) wrote :

Alright, got it into my Linux Mint 19.1 builds.

Following the error message to the C++ header files or listening to Qantas94Heavy (https://gitlab.com/inkscape/inkscape/merge_requests/488#note_150761651) shows that -D_GLIBCXX_ASSERTIONS was added in Fedora 28.

Replicated in 0.92.x, need backports.

In 1.0alpha, reverting Trevor's patches reveals the bugs, which replicate the bugs in Fedora 28 (similar results to earlier testing in case 5)

Without reverting Trevor's patches: all test cases are fixed.

So closing as fix committed (in 1.0alpha)

Changed in inkscape:
status: Confirmed → Fix Committed
Revision history for this message
Qantas94Heavy (qantas94heavy) wrote :

Backport to 0.92.x has been merged here: https://gitlab.com/inkscape/inkscape/merge_requests/647

Changed in inkscape:
milestone: none → 0.92.5
tbnorth (terry-n-brown)
tags: added: bug-migration
Max Gaukler (mgmax)
Changed in inkscape:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.