segfault when entering expression as X-value
Submitted by John Denker
Link to original bug (#706591)
Description
Recipe to exhibit the bug: In a shell window: gdb gnumeric Insert an XY chart Modify properties of the chart as follows: Select Series1 and go to the "data" tab. In the x-values window, enter (1,2,3,4) then click on "Apply" Observe an error-message popup that says "All entries in the set must be references" Dismiss the error-message popup If gnumeric has not segfaulted already, re-modify the properties as above a few times, until it does. Chez moi it takes between 1 and 3 iterations to get the segfault.
Remark: If you enter 1,2,3,4 without the parentheses, the data validator apparently changes it to (1,2,3,4). Otherwise it would never have occurred to me to enter such an expression. Note that if the parentheses are added by the validator (not explicitly entered) the segfault does not occur AFAICT.
Workaround: If you enter {1,2,3,4} with curly braces instead of parentheses, it works as expected.
Priority: This is not super-critical, because there is a workaround. On the other hand, a segfault can cause the user to lose a lot of work. Also, this may be a symptom of a deeper problem.
The location of the segfault appears to be reproducible. The stack trace says:
#0 0x00007ffff67b969c in g_type_check_instance_is_a ()
from /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#1 0x00007ffff7ab8f46 in gnm_expr_entry_get_entry (gee=0x14b5a90)
at gnumeric-expr-entry.c:2779
#2 0x00007ffff7a09f81 in cb_graph_dim_editor_update (editor=0x14ba490,
gee=<optimized out>, user_requested=<optimized out>) at wbc-gtk.c:5253
#3 cb_graph_dim_editor_update (gee=<optimized out>,
user_requested=<optimized out>, editor=0x14ba490) at wbc-gtk.c:5203
#4 0x00007ffff7a0a001 in cb_update_idle (editor=<optimized out>)
at wbc-gtk.c:5280
#5 0x00007ffff64d8ab5 in g_main_context_dispatch ()
from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#6 0x00007ffff64d8de8 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#7 0x00007ffff64d91e2 in g_main_loop_run ()
from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#8 0x00007ffff70039b5 in gtk_main ()
from /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
#9 0x00000000004035ae in main (argc=<optimized out>, argv=<optimized out>)
at main-application.c:383
If it does not segfault on the first iteration, the following warnings may appear in the shell window:
** (/usr/bin/gnumeric:12351): CRITICAL **: gnm_expr_entry_get_entry: assertion `IS_GNM_EXPR_ENTRY (gee)' failed
(/usr/bin/gnumeric:12351): Gtk-CRITICAL **: gtk_editable_select_region: assertion `GTK_IS_EDITABLE (editable)' failed
gnumeric --version gnumeric version '1.12.1' datadir := '/usr/share/gnumeric/1.12.1' libdir := '/usr/lib/gnumeric/1.12.1'
uname -a Linux asclepias 2.6.39.4 #4 SMP Thu May 30 01:02:55 MST 2013 x86_64 x86_64 x86_64 GNU/Linux
Version: 1.12.x