Ubuntu
inkscape package

inkscape crashed with SIGSEGV in pathv_to_linear_and_cubic_beziers()

Bug #1216167 reported by MohaMed Awd on 2013-08-24

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Inkscape	Invalid	High	Unassigned
	inkscape (Ubuntu)	Invalid	Medium	Unassigned

Bug Description

ProblemType: Crash
DistroRelease: Ubuntu 13.10
Package: inkscape 0.48.4-1ubuntu3
ProcVersionSignature: Ubuntu 3.11.0-3.6-generic 3.11.0-rc6
Uname: Linux 3.11.0-3-generic x86_64
NonfreeKernelModules: wl
ApportVersion: 2.12.1-0ubuntu2
Architecture: amd64
CrashCounter: 1
Date: Sat Aug 24 02:53:35 2013
ExecutablePath: /usr/bin/inkscape
InstallationDate: Installed on 2013-07-27 (27 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
MarkForUpload: True
ProcCmdline: inkscape
SegvAnalysis:
Segfault happened at: 0x7c47ed <_Z33pathv_to_linear_and_cubic_beziersRKSt6vectorIN4Geom4PathESaIS1_EE+45>: mov (%rsi),%rdi
PC (0x007c47ed) ok
source "(%rsi)" (0x00000010) not located in a known VMA region (needed readable region)!
destination "%rdi" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: inkscape
StacktraceTop:
pathv_to_linear_and_cubic_beziers(std::vector<Geom::Path, std::allocator<Geom::Path> > const&) ()
Inkscape::UI::PathManipulator::_createControlPointsFromGeometry() ()
Inkscape::UI::PathManipulator::_externalChange(unsigned int) ()
Inkscape::XML::CompositeNodeObserver::notifyAttributeChanged(Inkscape::XML::Node&, unsigned int, Inkscape::Util::ptr_shared<char>, Inkscape::Util::ptr_shared<char>) ()
Inkscape::XML::SimpleNode::setAttribute(char const*, char const*, bool) ()
Title: inkscape crashed with SIGSEGV in pathv_to_linear_and_cubic_beziers()
UpgradeStatus: Upgraded to saucy on 2013-08-04 (19 days ago)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo

Tags:

Revision history for this message

MohaMed Awd (aples4attack) wrote on 2013-08-24:

Dependencies.txt Edit (8.0 KiB, text/plain; charset="utf-8")
Disassembly.txt Edit (1.9 KiB, text/plain; charset="utf-8")
ProcEnviron.txt Edit (305 bytes, text/plain; charset="utf-8")
ProcMaps.txt Edit (64.7 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (828 bytes, text/plain; charset="utf-8")
Registers.txt Edit (831 bytes, text/plain; charset="utf-8")
Stacktrace.txt Edit (3.1 KiB, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (7.0 KiB, text/plain; charset="utf-8")

Revision history for this message

Apport retracing service (apport) wrote on 2013-08-26:

StacktraceTop:
pathv_to_linear_and_cubic_beziers (pathv=...) at helper/geom.cpp:469
Inkscape::UI::PathManipulator::_createControlPointsFromGeometry (this=this@entry=0x87fce60) at ui/tool/path-manipulator.cpp:999
Inkscape::UI::PathManipulator::_externalChange (this=0x87fce60, type=<optimized out>) at ui/tool/path-manipulator.cpp:963
Inkscape::XML::CompositeNodeObserver::notifyAttributeChanged (this=0x5f6f050, node=..., name=3553, old_value=..., new_value=...) at xml/composite-node-observer.cpp:94
Inkscape::XML::SimpleNode::setAttribute (this=0x5f6f000, name=<optimized out>, value=<optimized out>) at xml/simple-node.cpp:356

Revision history for this message

Apport retracing service (apport) wrote on 2013-08-26: Stacktrace.txt

Stacktrace.txt Edit (4.6 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2013-08-26: StacktraceSource.txt

StacktraceSource.txt Edit (3.5 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2013-08-26: ThreadStacktrace.txt

ThreadStacktrace.txt Edit (5.4 KiB, text/plain)

Changed in inkscape (Ubuntu):
importance:	Undecided → Medium
tags:	removed: need-amd64-retrace

Alex Valavanis (valavanisalex) on 2013-08-27

information type:	Private → Public
tags:	added: crash

Kris (kris-degussem) on 2013-12-23

Changed in inkscape:
importance:	Undecided → High

Revision history for this message

Johan Engelen (johanengelen) wrote on 2014-01-02:

I can't find anything obvious that is wrong in the code of the top 3 functions of the stack trace.
One thing to try is if pathv_to_linear_and_cubic_beziers is OK if the argument is a PathVector with an empty Path in it.
PathVector pv;
pv.push_back(Path());
pathv_to_linear_and_cubic_beziers(pv);

Windows build is broken so cannot try it right now.

Revision history for this message

Johan Engelen (johanengelen) wrote on 2014-02-27:

Perhaps this call
void PathManipulator::_createControlPointsFromGeometry()
{
//...
Geom::PathVector pathv = pathv_to_linear_and_cubic_beziers(_spcurve->get_pathvector());

If the _spcurve has been deleted by someone else, the _spcurve->get_pathvector() will return a corrupted pointer and will crash the program on first use in pathv_to_linear_and_cubic_beziers.

Revision history for this message

Qantas94Heavy (qantas94heavy) wrote on 2019-06-30:

As there have not been updates on this crash for years and I can't reproduce this on Inkscape 0.92.4, this bug will be closed.

If you can still reproduce this with the latest Inkscape version, please file a new report here: https://inkscape.org/report. Thank you!

Closed by: https://gitlab.com/Qantas94Heavy

Changed in inkscape:
status:	New → Invalid

Revision history for this message

Mattia Rizzolo (mapreri) wrote on 2019-06-30:

(following upstream)

Changed in inkscape (Ubuntu):
status:	New → Invalid

tbnorth (terry-n-brown) on 2019-11-29

tags:

added: bug-migration

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuinkscape package

inkscape crashed with SIGSEGV in pathv_to_linear_and_cubic_beziers()

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
inkscape package