Inkscape

Reproducible segmentation fault on Undo Cut Path, Divide path, etc.

Bug #1809676 reported by Jonathan L on 2018-12-24

This bug affects 8 people

Affects		Status	Importance	Assigned to	Milestone
	Inkscape	Fix Released	Critical	Unassigned

Bug Description

SUMMARY

Inkscape crashes every time (segmentation fault) on undo cut-path on new file.

VERSION

Inkscape 0.92.3 (2405546, 2018-03-11)
uname: Linux white 4.15.0-43-generic #46-Ubuntu SMP Thu Dec 6 14:45:28 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
/etc/os-release PRETTY_NAME="Ubuntu 18.04.1 LTS"
XDG_SESSION_DESKTOP=xubuntu
XDG_CURRENT_DESKTOP=XFCE

SEVERITY

Severe

TO REPRODUCE

Remove preferences and so on (or backup out of the way) ~/.config/inkscape

1. run inkscape, from command line
2. create ellipse
3. create straight line by bezier
4. select all (by ctrl-A)
5. Path: cut-path (by ctrl-alt-/)
6. Undo (by ctlr-Z)
7. See error "Inkscape encountered an internal error and will close now. Automatic backup...". See Segmentation fault on terminal screen.

Fault appears every single time.

It makes no difference if the ellipse and line intersect.

If you save the file after step 3, quit, start inkscape on this file, continue from 4: problem does not manifest.

I was unable to manifest problem with squares or multiple ellipses.

SCREEN TEXT

jcl@white:/tmp$ rm -Rf ~/.config/inkscape
jcl@white:/tmp$ inkscape

Emergency save activated!

Emergency save document locations:
/home/jcl/New document 1.2018_12_24_20_42_03.0.svg
Emergency save completed. Inkscape will close now.
If you can reproduce this crash, please file a bug at www.inkscape.org
with a detailed description of the steps leading to the crash, so we can fix it.
Segmentation fault (core dumped)

POSSIBLY RELATED BUG

This problem might conceivably be a regression of https://bugs.launchpad.net/inkscape/+bug/1424717

See original description

Tags:

Revision history for this message

Jonathan L (7-jonathan) wrote on 2018-12-24:

Create this image from scratch, select all, cut-path, undo, see segfault. Edit (5.8 KiB, image/png)

tags:	added: segmentation-fault
description:	updated

Revision history for this message

Alvin Penner (apenner) wrote on 2018-12-24:

confirmed on Windows 10, Inkscape 0.92.3 (2405546, 2018-03-11)

backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x6fefbfe1 in ?? () from c:\program files (x86)\inkscape\libstdc++-6.dll
(gdb) bt
#0 0x6fefbfe1 in ?? () from c:\program files (x86)\inkscape\libstdc++-6.dll
#1 0x01527730 in libinkscape_base!_Z23sp_button_new_from_dataN8Inkscape8IconSizeE12SPButtonTypePNS_2UI4View4ViewEPKcS7_ ()
from c:\program files (x86)\inkscape\libinkscape_base.dll
#2 0x015b8409 in libinkscape_base!_Z27sp_paintbucket_toolbox_prepP9SPDesktopP15_GtkActionGroupP8_GObject ()
from c:\program files (x86)\inkscape\libinkscape_base.dll
#3 0x015b893f in libinkscape_base!_ZN8Inkscape3XML21CompositeNodeObserver22notifyAttributeChangedERNS0_4NodeEjNS_4Util10ptr_sharedIcEES6_ () from c:\program files (x86)\inkscape\libinkscape_base.dll
#4 0x08162000 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb) c
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x6fefbfe1 in ?? () from c:\program files (x86)\inkscape\libstdc++-6.dll
(gdb) c
Continuing.
[Inferior 1 (process 18232) exited with code 030000000005]

Changed in inkscape:
status:	New → Confirmed

Revision history for this message

Alvin Penner (apenner) wrote on 2018-12-24:

not reproduced on Windows 10, Inkscape 0.92+devel (44a3c91, 2018-12-16)

Revision history for this message

Jonathan L (7-jonathan) wrote on 2018-12-27:

Confirmed on stock current Ubuntu + Inkscape installed by GUI software installer.

Fresh install of Ubuntu under virtualbox, install Inkscape by GUI; error identical.

Inkscape 0.92.3 (5aff6ba, 2018-11-25)
Linux inkytest 4.15.0-29-generic #31-Ubuntu SMP Tue Jul 17 15:39:52 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
PRETTY_NAME="Ubuntu 18.04.1 LTS"
XDG_CURRENT_DESKTOP=ubuntu:GNOME

Revision history for this message

Max Gaukler (mgmax) wrote on 2018-12-29:

Example file which doesn't crash for me Edit (1.9 KiB, image/svg+xml)

I couldn't reproduce this with locally compiled versions of both the 0.92.x branch and the master branch. What I tried:

- Open attached file (or create ellipsis + line as described)
- select all (by ctrl-A)
- Path: cut-path (by ctrl-alt-/)
- Undo (by ctlr-Z)

Max Gaukler (mgmax) on 2019-01-04

tags:	added: crash cut undo
Changed in inkscape:
importance:	Undecided → High

Max Gaukler (mgmax) on 2019-01-19

Changed in inkscape:
importance:	High → Critical

Max Gaukler (mgmax) on 2019-01-19

summary:

- Reproducible segmentation fault on Undo Cut Path
+ Reproducible segmentation fault on Undo Cut Path, Divide path, etc.

Revision history for this message

Max Gaukler (mgmax) wrote on 2019-01-19:

Tested on Ubuntu 18.04.1, with empty config before every try: (rm -r ~/.config/inkscape/).

Bug confirmed with latest stable version from stable-ppa. (0.92.4+68~ubuntu18.04.1).

Bug not present in 1.0alpha from dev-ppa (package inkscape-trunk version 1:0.92.0+devel+201901190117~ubuntu18.04.1)

I get these results for both "cut path" as well as "divide path". The crash is somewhere in the undo code:

#0 0x00007f3ca3906394 in __dynamic_cast () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
No symbol table info available.
#1 0x00007f3ca6369ee4 in ?? () from /usr/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#2 0x00007f3ca63ee4cc in Inkscape::XML::CompositeNodeObserver::notifyAttributeChanged(Inkscape::XML::Node&, unsigned int, Inkscape::Util::ptr_shared<char>, Inkscape::Util::ptr_shared<char>) () from /usr/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#3 0x00007f3ca63fec91 in Inkscape::XML::SimpleNode::setAttribute(char const*, char const*, bool) () from /usr/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#4 0x00007f3ca63f03f4 in Inkscape::XML::undo_log_to_observer(Inkscape::XML::Event const*, Inkscape::XML::NodeObserver&) () from /usr/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#5 0x00007f3ca63f04e4 in sp_repr_undo_log(Inkscape::XML::Event*) () from /usr/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#6 0x00007f3ca643328c in Inkscape::DocumentUndo::undo(SPDocument*) () from /usr/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#7 0x00007f3ca6499c38 in sp_undo(SPDesktop*, SPDocument*) () from /usr/bin/../lib/inkscape/libinkscape_base.so
No symbol table info available.
#8 0x00007f3ca5f7992a in sp_action_perform(SPAction*, void*) () from /usr/bin/../lib/inkscape/libinkscape_base.so

Changed in inkscape:
status:	Confirmed → Triaged

Revision history for this message

Qantas94Heavy (qantas94heavy) wrote on 2019-03-11:

lp1809676-backtrace.txt Edit (27.0 KiB, text/plain)

Can reproduce in Inkscape 0.92.4 on openSUSE TW 20190301.

Since none of the backtraces have debug symbols, here's one with the distro debuginfo packages installed.

Revision history for this message

Tamir Bahar (tmr232) wrote on 2019-04-12:

Closing because bug is fixed in 1.0alpha (331007d, 2019-04-11)

Closed by: https://gitlab.com/tmr232

tags:	added: bug-migration
Changed in inkscape:
status:	Triaged → Fix Committed

Martin Owens (doctormo) on 2019-04-15

Changed in inkscape:
status:	Fix Committed → Fix Released

Revision history for this message

Qantas94Heavy (qantas94heavy) wrote on 2019-04-16:

The fix is not in a stable release of Inkscape yet.

Changed in inkscape:
status:	Fix Released → Fix Committed

Revision history for this message

Mark Jeronimus (mark-jeronimus) wrote on 2020-04-02:

#10

I have the same when I simply press Ctrl+Shift+P to attempt to open preferences. I never go there so I don't know when this started, but I know I haven't updated inkscape in a longer time than that, and I update Ubuntu 18.04 LTS regularly. My version is identical to OP.

Might this be the same bug or should I submit a new?

Max Gaukler (mgmax) on 2020-05-04

Changed in inkscape:
status:	Fix Committed → Fix Released

Revision history for this message

Rajinder Yadav (rajinder-yadav) wrote on 2020-05-05:

#11

@Mark thanks for the fix, we've all been waiting for this one :-D
Do you have an idea what version this fix will come out in?

Revision history for this message

Max Gaukler (mgmax) wrote on 2020-05-05:

#12

Inkscape 1.0 has just been released. If the issue still occurs, please report it on inkscape.org/report/

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.