X-Authentication-Warning: delorie.com: mail set sender to geda-user-bounces using -f X-Recipient: geda-user AT delorie DOT com X-Cam-AntiVirus: no malware found X-Cam-SpamDetails: not scanned X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Subject: PCB Use-after free bug [WAS: Re: [geda-user] PCB 2011-09-18 on WinXP - possible problems] From: Peter Clifton To: geda-user AT delorie DOT com Date: Fri, 23 Sep 2011 00:27:47 +0100 In-Reply-To: <281807.1624.4103-26766-555981712-1316680336@seznam.cz> References: <281807 DOT 1624 DOT 4103-26766-555981712-1316680336 AT seznam DOT cz> Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-dRdP+NHpQTVl/aPwAg5t" X-Mailer: Evolution 3.1.91- Message-ID: <1316734071.20531.15.camel@localhost> Mime-Version: 1.0 Reply-To: geda-user AT delorie DOT com Errors-To: nobody AT delorie DOT com X-Mailing-List: geda-user AT delorie DOT com X-Unsubscribes-To: listserv AT delorie DOT com Precedence: bulk --=-dRdP+NHpQTVl/aPwAg5t Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, 2011-09-22 at 10:32 +0200, Vaclav Peroutka wrote: > - If I want to create new layout after I opened some one before, after I = enter layout name, PCB always crashes - I suppose that this is a bug. Could you file this for me at: http://launchpad.net/pcb/+filebug You can add the following information to the report. It doesn't seem to crash on Linux - but it ought to.. see this Valgrind output: =3D=3D22404=3D=3D Invalid read of size 8 =3D=3D22404=3D=3D at 0x4D82B3: ghid_route_style_selector_sync (ghid-rout= e-style-selector.c:594) =3D=3D22404=3D=3D by 0x4BAB28: RouteStylesChanged (gtkhid-main.c:1157) =3D=3D22404=3D=3D by 0x49E0D3: hid_actionv (actions.c:247) =3D=3D22404=3D=3D by 0x447B7B: CreateNewPCB (create.c:194) =3D=3D22404=3D=3D by 0x4273E8: ActionNew (action.c:5902) =3D=3D22404=3D=3D by 0x49E0D3: hid_actionv (actions.c:247) =3D=3D22404=3D=3D by 0x49E483: hid_parse_actionstring (actions.c:331) =3D=3D22404=3D=3D by 0x4CCDE8: ghid_menu_cb (gui-top-window.c:373) =3D=3D22404=3D=3D by 0x6B35253: g_closure_invoke (gclosure.c:774) =3D=3D22404=3D=3D by 0x6B484FA: signal_emit_unlocked_R (gsignal.c:3272) =3D=3D22404=3D=3D by 0x6B51B16: g_signal_emit_valist (gsignal.c:3003) =3D=3D22404=3D=3D by 0x6B51CE1: g_signal_emit (gsignal.c:3060) =3D=3D22404=3D=3D Address 0xd3c4458 is 13,880 bytes inside a block of size= 14,120 free'd =3D=3D22404=3D=3D at 0x4C282E0: free (vg_replace_malloc.c:366) =3D=3D22404=3D=3D by 0x4273DE: ActionNew (action.c:5901) =3D=3D22404=3D=3D by 0x49E0D3: hid_actionv (actions.c:247) =3D=3D22404=3D=3D by 0x49E483: hid_parse_actionstring (actions.c:331) =3D=3D22404=3D=3D by 0x4CCDE8: ghid_menu_cb (gui-top-window.c:373) =3D=3D22404=3D=3D by 0x6B35253: g_closure_invoke (gclosure.c:774) =3D=3D22404=3D=3D by 0x6B484FA: signal_emit_unlocked_R (gsignal.c:3272) =3D=3D22404=3D=3D by 0x6B51B16: g_signal_emit_valist (gsignal.c:3003) =3D=3D22404=3D=3D by 0x6B51CE1: g_signal_emit (gsignal.c:3060) =3D=3D22404=3D=3D by 0x5A821D2: _gtk_action_emit_activate (gtkaction.c:7= 94) =3D=3D22404=3D=3D by 0x6B35253: g_closure_invoke (gclosure.c:774) =3D=3D22404=3D=3D by 0x6B47CD6: signal_emit_unlocked_R (gsignal.c:3202) =3D=3D22404=3D=3D=20 =3D=3D22404=3D=3D Invalid read of size 8 =3D=3D22404=3D=3D at 0x470944: Parse (parse_l.l:282) =3D=3D22404=3D=3D by 0x471913: ParseFont (parse_l.l:356) =3D=3D22404=3D=3D by 0x447973: CreateDefaultFont (create.c:941) =3D=3D22404=3D=3D by 0x447C58: CreateNewPCB (create.c:211) =3D=3D22404=3D=3D by 0x4273E8: ActionNew (action.c:5902) =3D=3D22404=3D=3D by 0x49E0D3: hid_actionv (actions.c:247) =3D=3D22404=3D=3D by 0x49E483: hid_parse_actionstring (actions.c:331) =3D=3D22404=3D=3D by 0x4CCDE8: ghid_menu_cb (gui-top-window.c:373) =3D=3D22404=3D=3D by 0x6B35253: g_closure_invoke (gclosure.c:774) =3D=3D22404=3D=3D by 0x6B484FA: signal_emit_unlocked_R (gsignal.c:3272) =3D=3D22404=3D=3D by 0x6B51B16: g_signal_emit_valist (gsignal.c:3003) =3D=3D22404=3D=3D by 0x6B51CE1: g_signal_emit (gsignal.c:3060) =3D=3D22404=3D=3D Address 0xd3c4538 is 14,104 bytes inside a block of size= 14,120 free'd =3D=3D22404=3D=3D at 0x4C282E0: free (vg_replace_malloc.c:366) =3D=3D22404=3D=3D by 0x4273DE: ActionNew (action.c:5901) =3D=3D22404=3D=3D by 0x49E0D3: hid_actionv (actions.c:247) =3D=3D22404=3D=3D by 0x49E483: hid_parse_actionstring (actions.c:331) =3D=3D22404=3D=3D by 0x4CCDE8: ghid_menu_cb (gui-top-window.c:373) =3D=3D22404=3D=3D by 0x6B35253: g_closure_invoke (gclosure.c:774) =3D=3D22404=3D=3D by 0x6B484FA: signal_emit_unlocked_R (gsignal.c:3272) =3D=3D22404=3D=3D by 0x6B51B16: g_signal_emit_valist (gsignal.c:3003) =3D=3D22404=3D=3D by 0x6B51CE1: g_signal_emit (gsignal.c:3060) =3D=3D22404=3D=3D by 0x5A821D2: _gtk_action_emit_activate (gtkaction.c:7= 94) =3D=3D22404=3D=3D by 0x6B35253: g_closure_invoke (gclosure.c:774) =3D=3D22404=3D=3D by 0x6B47CD6: signal_emit_unlocked_R (gsignal.c:3202) =3D=3D22404=3D=3D=20 --=20 Peter Clifton Electrical Engineering Division, Engineering Department, University of Cambridge, 9, JJ Thomson Avenue, Cambridge CB3 0FA Tel: +44 (0)7729 980173 - (No signal in the lab!) Tel: +44 (0)1223 748328 - (Shared lab phone, ask for me) --=-dRdP+NHpQTVl/aPwAg5t Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJOe8RzAAoJEOo4D/b1x+QVr/oIAKCWYL2jSEX8BrKX10Ushgb7 egxsOOFi0eqOfIC/yewKVyDcRwpyQD3ZXIWJc++BiEKxmj/Ycfe+/vAGpjAFaiH/ 6+6ZeTCautyK99fvbRhkuv2AfOsaVSRYFWiN4gemBxpOisqvsqaKk/VTjfur7AC1 DzNe9ZM9+tiFYTFVpWcNEMEr14QLZ+1z13+hiUFaCKjszzkUNOAvZHJKBgeOnHBB MQXT8N/dn6HohohZrdtaeoAYDVn46x66dsxDiR/x1JXZlGgggEbAK5ThV9wMseDu XTs/u1/3zg45AOccCPlmleeTTqTHt0RUT8KFRlXy6/vt9u9WWAud7VFzEXJIq7s= =efVb -----END PGP SIGNATURE----- --=-dRdP+NHpQTVl/aPwAg5t--