Crash when copying conditional formatting rule
Gnumeric version 1.12.41 on Arch Linux 64-bit
Steps to reproduce:
- Run Gnumeric with a new blank document
- Select a cell and open the conditional formatting dialog (Format -> Cells -> Conditional Formatting...)
- Create some conditional formatting rule (e.g. cell value = x, x = 1, set cell background color)
- Click the Add button to add the conditional formatting rule to the cell
- Select the rule on the left after it has been added, then click the Copy button
For me, these steps crash Gnumeric reliably. Here's a backtrace with gdb:
(gdb) run
Starting program: /usr/bin/gnumeric
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
[New Thread 0x7fffe4a83700 (LWP 26876)]
[New Thread 0x7fffdffff700 (LWP 26877)]
[New Thread 0x7fffdf5f4700 (LWP 26878)]
[New Thread 0x7fffde368700 (LWP 26879)]
[New Thread 0x7fffddb67700 (LWP 26880)]
[Thread 0x7fffddb67700 (LWP 26880) exited]
[New Thread 0x7fffddb67700 (LWP 26883)]
[Thread 0x7fffddb67700 (LWP 26883) exited]
** (/usr/bin/gnumeric:26872): CRITICAL **: 17:02:29.288: gnm_style_get_cond_style: assertion 'style->cond_styles != NULL' failed
Thread 1 "gnumeric" received signal SIGSEGV, Segmentation fault.
0x00007ffff7954258 in gnm_style_dup () from /usr/lib/libspreadsheet-1.12.41.so
(gdb) bt
#0 0x00007ffff7954258 in gnm_style_dup () at /usr/lib/libspreadsheet-1.12.41.so
#1 0x00007ffff7a112e5 in () at /usr/lib/libspreadsheet-1.12.41.so
#2 0x00007ffff6667c96 in () at /usr/lib/libgobject-2.0.so.0
#3 0x00007ffff66839e9 in g_signal_emit_valist () at /usr/lib/libgobject-2.0.so.0
#4 0x00007ffff6684130 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#5 0x00007ffff6cc82ee in () at /usr/lib/libgtk-3.so.0
#6 0x00007ffff6cc8346 in () at /usr/lib/libgtk-3.so.0
#7 0x00007ffff6667c96 in () at /usr/lib/libgobject-2.0.so.0
#8 0x00007ffff66839e9 in g_signal_emit_valist () at /usr/lib/libgobject-2.0.so.0
#9 0x00007ffff6684130 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#10 0x00007ffff6cc66a1 in () at /usr/lib/libgtk-3.so.0
#11 0x00007ffff0c881c8 in ffi_call_unix64 () at /usr/lib/libffi.so.6
#12 0x00007ffff0c87c2a in ffi_call () at /usr/lib/libffi.so.6
#13 0x00007ffff666865f in g_cclosure_marshal_generic_va () at /usr/lib/libgobject-2.0.so.0
#14 0x00007ffff6667c96 in () at /usr/lib/libgobject-2.0.so.0
#15 0x00007ffff66839e9 in g_signal_emit_valist () at /usr/lib/libgobject-2.0.so.0
#16 0x00007ffff6684130 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#17 0x00007ffff6d883ca in () at /usr/lib/libgtk-3.so.0
#18 0x00007ffff666a9e8 in g_cclosure_marshal_VOID__BOXEDv () at /usr/lib/libgobject-2.0.so.0
#19 0x00007ffff6667c96 in () at /usr/lib/libgobject-2.0.so.0
#20 0x00007ffff66839e9 in g_signal_emit_valist () at /usr/lib/libgobject-2.0.so.0
#21 0x00007ffff6684130 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#22 0x00007ffff6d855cf in () at /usr/lib/libgtk-3.so.0
#23 0x00007ffff6d86c4b in () at /usr/lib/libgtk-3.so.0
#24 0x00007ffff6d89927 in () at /usr/lib/libgtk-3.so.0
#25 0x00007ffff6d55794 in gtk_event_controller_handle_event () at /usr/lib/libgtk-3.so.0
#26 0x00007ffff6f20784 in () at /usr/lib/libgtk-3.so.0
#27 0x00007ffff6dd2cf8 in () at /usr/lib/libgtk-3.so.0
#28 0x00007ffff6667c96 in () at /usr/lib/libgobject-2.0.so.0
#29 0x00007ffff66833a4 in g_signal_emit_valist () at /usr/lib/libgobject-2.0.so.0
#30 0x00007ffff6684130 in g_signal_emit () at /usr/lib/libgobject-2.0.so.0
#31 0x00007ffff6f22ae5 in () at /usr/lib/libgtk-3.so.0
#32 0x00007ffff6dcfb4b in () at /usr/lib/libgtk-3.so.0
#33 0x00007ffff6dd1d03 in gtk_main_do_event () at /usr/lib/libgtk-3.so.0
#34 0x00007ffff68e1526 in () at /usr/lib/libgdk-3.so.0
#35 0x00007ffff6912e45 in () at /usr/lib/libgdk-3.so.0
#36 0x00007ffff638d368 in g_main_context_dispatch () at /usr/lib/libglib-2.0.so.0
#37 0x00007ffff638d5b1 in () at /usr/lib/libglib-2.0.so.0
#38 0x00007ffff638d8e2 in g_main_loop_run () at /usr/lib/libglib-2.0.so.0
#39 0x00007ffff6dd0dcf in gtk_main () at /usr/lib/libgtk-3.so.0
#40 0x0000555555556fb2 in main ()