Bug 304915 – [PATCH] Evolution crashes in libgnomecanvas

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 304915 - [PATCH] Evolution crashes in libgnomecanvas


Summary:	[PATCH] Evolution crashes in libgnomecanvas


Status:	VERIFIED FIXED

Product:	GAL
Classification:	Deprecated
Component:	GAL Miscellaneous
Version:	2.4.x
Hardware:	Other FreeBSD

Importance:	High critical
Target Milestone:	---
Assigned To:	Radek Doulik
QA Contact:	Evolution QA team

URL:
Whiteboard:

Duplicates:	305078 305089 305131 305177 305232 305258 305444 307602 308604 308714 308952 309783 309793 309822 309973 310019 310075 310091 310093 310139 310158 310169 310200 310259 310436 310497 310708 310713 310756 310760 310770 310927 310969 311032 311173 311246 311263 311581 311610 311647 311668 311670 311675 311793 311834 311849 311952 311968 312119 312754 312792 313155 313441 313804 315684 315770 315783 315837 (view as bug list)
Depends on:
Blocks:

Reported:	2005-05-20 21:04 UTC by Joe Marcus Clarke
Modified:	2005-09-13 05:58 UTC

See Also:
GNOME target:	---
GNOME version:	2.9/2.10

Attachments
Remove g_assert() to fix Evo crash (378 bytes, patch) 2005-05-20 21:06 UTC, Joe Marcus Clarke	none	Details \| Review
Checks for NULL instead of completely disabling assertion check (412 bytes, patch) 2005-05-21 10:31 UTC, Jan de Groot	committed	Details \| Review
Fix canvas-related crash in gal (384 bytes, patch) 2005-05-24 05:34 UTC, Joe Marcus Clarke	accepted-commit_now	Details \| Review
alternate fix - fix the dispose method (1.27 KB, patch) 2005-05-26 08:49 UTC, Not Zed	committed	Details \| Review

Description Joe Marcus Clarke 2005-05-20 21:04:59 UTC

Steps to reproduce:
1. Launch evolution.
2. Start to compose a new email.
3. Close the email window


Stack trace:
Program received signal SIGSEGV, Segmentation fault.

+ Trace 59965

Thread 1 (LWP 100092)

#0 gcbp_destroy_gdk
at gnome-canvas-shape.c line 1346
#1 gnome_canvas_shape_destroy
at gnome-canvas-shape.c line 279
#2 gnome_canvas_re_destroy
at gnome-canvas-rect-ellipse.c line 169
#3 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#4 g_type_class_meta_marshal
at gclosure.c line 514
#5 IA__g_closure_invoke
at gclosure.c line 437
#6 signal_emit_unlocked_R
at gsignal.c line 2604
#7 IA__g_signal_emit_valist
at gsignal.c line 2247
#8 IA__g_signal_emit
at gsignal.c line 2291
#9 gtk_object_dispose
at gtkobject.c line 377
#10 gnome_canvas_item_dispose
at gnome-canvas.c line 358
#11 IA__g_object_run_dispose
at gobject.c line 603
#12 IA__gtk_object_destroy
at gtkobject.c line 362
#13 gnome_canvas_group_destroy
at gnome-canvas.c line 1543
#14 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#15 g_type_class_meta_marshal
at gclosure.c line 514
#16 IA__g_closure_invoke
at gclosure.c line 437
#17 signal_emit_unlocked_R
at gsignal.c line 2604
#18 IA__g_signal_emit_valist
at gsignal.c line 2247
#19 IA__g_signal_emit
at gsignal.c line 2291
#20 gtk_object_dispose
at gtkobject.c line 377
#21 gnome_canvas_item_dispose
at gnome-canvas.c line 358
#22 IA__g_object_run_dispose
at gobject.c line 603
#23 IA__gtk_object_destroy
at gtkobject.c line 362
#24 gnome_canvas_destroy
at gnome-canvas.c line 2195
#25 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#26 g_type_class_meta_marshal
at gclosure.c line 514
#27 IA__g_closure_invoke
at gclosure.c line 437
#28 signal_emit_unlocked_R
at gsignal.c line 2604
#29 IA__g_signal_emit_valist
at gsignal.c line 2247
#30 IA__g_signal_emit
at gsignal.c line 2291
#31 gtk_object_dispose
at gtkobject.c line 377
#32 gtk_widget_dispose
at gtkwidget.c line 6479
#33 IA__g_object_run_dispose
at gobject.c line 603
#34 IA__gtk_object_destroy
at gtkobject.c line 362
#35 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#36 gtk_bin_forall
at gtkbin.c line 166
#37 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#38 gtk_container_destroy
at gtkcontainer.c line 829
#39 gtk_button_destroy
at gtkbutton.c line 462
#40 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#41 g_type_class_meta_marshal
at gclosure.c line 514
#42 IA__g_closure_invoke
at gclosure.c line 437
#43 signal_emit_unlocked_R
at gsignal.c line 2604
#44 IA__g_signal_emit_valist
at gsignal.c line 2247
#45 IA__g_signal_emit
at gsignal.c line 2291
#46 gtk_object_dispose
at gtkobject.c line 377
#47 gtk_widget_dispose
at gtkwidget.c line 6479
#48 IA__g_object_run_dispose
at gobject.c line 603
#49 IA__gtk_object_destroy
at gtkobject.c line 362
#50 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#51 gtk_table_forall
at gtktable.c line 962
#52 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#53 gtk_container_destroy
at gtkcontainer.c line 829
#54 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#55 g_type_class_meta_marshal
at gclosure.c line 514
#56 IA__g_closure_invoke
at gclosure.c line 437
#57 signal_emit_unlocked_R
at gsignal.c line 2604
#58 IA__g_signal_emit_valist
at gsignal.c line 2247
#59 IA__g_signal_emit
at gsignal.c line 2291
#60 gtk_object_dispose
at gtkobject.c line 377
#61 gtk_widget_dispose
at gtkwidget.c line 6479
#62 IA__g_object_run_dispose
at gobject.c line 603
#63 IA__gtk_object_destroy
at gtkobject.c line 362
#64 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#65 gtk_box_forall
at gtkbox.c line 702
#66 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#67 gtk_container_destroy
at gtkcontainer.c line 829
#68 color_palette_destroy
from /usr/X11R6/lib/libgal-2.4.so.0
#69 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#70 g_type_class_meta_marshal
at gclosure.c line 514
#71 IA__g_closure_invoke
at gclosure.c line 437
#72 signal_emit_unlocked_R
at gsignal.c line 2604
#73 IA__g_signal_emit_valist
at gsignal.c line 2247
#74 IA__g_signal_emit
at gsignal.c line 2291
#75 gtk_object_dispose
at gtkobject.c line 377
#76 gtk_widget_dispose
at gtkwidget.c line 6479
#77 IA__g_object_run_dispose
at gobject.c line 603
#78 IA__gtk_object_destroy
at gtkobject.c line 362
#79 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#80 gtk_box_forall
at gtkbox.c line 702
#81 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#82 gtk_container_destroy
at gtkcontainer.c line 829
#83 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#84 g_type_class_meta_marshal
at gclosure.c line 514
#85 IA__g_closure_invoke
at gclosure.c line 437
#86 signal_emit_unlocked_R
at gsignal.c line 2604
#87 IA__g_signal_emit_valist
at gsignal.c line 2247
#88 IA__g_signal_emit
at gsignal.c line 2291
#89 gtk_object_dispose
at gtkobject.c line 377
#90 gtk_widget_dispose
at gtkwidget.c line 6479
#91 IA__g_object_run_dispose
at gobject.c line 603
#92 IA__gtk_object_destroy
at gtkobject.c line 362
#93 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#94 gtk_frame_forall
#95 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#96 gtk_container_destroy
at gtkcontainer.c line 829
#97 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#98 g_type_class_meta_marshal
at gclosure.c line 514
#99 IA__g_closure_invoke
at gclosure.c line 437
#100 signal_emit_unlocked_R
at gsignal.c line 2604
#101 IA__g_signal_emit_valist
at gsignal.c line 2247
#102 IA__g_signal_emit
at gsignal.c line 2291
#103 gtk_object_dispose
at gtkobject.c line 377
#104 gtk_widget_dispose
at gtkwidget.c line 6479
#105 IA__g_object_run_dispose
at gobject.c line 603
#106 IA__gtk_object_destroy
at gtkobject.c line 362
#107 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#108 gtk_bin_forall
at gtkbin.c line 166
#109 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#110 gtk_container_destroy
at gtkcontainer.c line 829
#111 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#112 g_type_class_meta_marshal
at gclosure.c line 514
#113 IA__g_closure_invoke
at gclosure.c line 437
#114 signal_emit_unlocked_R
at gsignal.c line 2604
#115 IA__g_signal_emit_valist
at gsignal.c line 2247
#116 IA__g_signal_emit
at gsignal.c line 2291
#117 gtk_object_dispose
at gtkobject.c line 377
#118 gtk_widget_dispose
at gtkwidget.c line 6479
#119 IA__g_object_run_dispose
at gobject.c line 603
#120 IA__gtk_object_destroy
at gtkobject.c line 362
#121 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#122 gtk_bin_forall
at gtkbin.c line 166
#123 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#124 gtk_container_destroy
at gtkcontainer.c line 829
#125 gtk_window_destroy
at gtkwindow.c line 3754
#126 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#127 g_type_class_meta_marshal
at gclosure.c line 514
#128 IA__g_closure_invoke
at gclosure.c line 437
#129 signal_emit_unlocked_R
at gsignal.c line 2604
#130 IA__g_signal_emit_valist
at gsignal.c line 2247
#131 IA__g_signal_emit
at gsignal.c line 2291
#132 gtk_object_dispose
at gtkobject.c line 377
#133 gtk_widget_dispose
at gtkwidget.c line 6479
#134 gtk_window_dispose
at gtkwindow.c line 1742
#135 IA__g_object_run_dispose
at gobject.c line 603
#136 IA__gtk_object_destroy
at gtkobject.c line 362
#137 gi_combo_box_destroy
from /usr/X11R6/lib/gtkhtml/libgnome-gtkhtml-editor-3.6.so
#138 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#139 g_type_class_meta_marshal
at gclosure.c line 514
#140 IA__g_closure_invoke
at gclosure.c line 437
#141 signal_emit_unlocked_R
at gsignal.c line 2604
#142 IA__g_signal_emit_valist
at gsignal.c line 2247
#143 IA__g_signal_emit
at gsignal.c line 2291
#144 gtk_object_dispose
at gtkobject.c line 377
#145 gtk_widget_dispose
at gtkwidget.c line 6479
#146 IA__g_object_run_dispose
at gobject.c line 603
#147 IA__gtk_object_destroy
at gtkobject.c line 362
#148 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#149 toolbar_content_remove
at gtktoolbar.c line 3875
#150 gtk_toolbar_remove
at gtktoolbar.c line 2410
#151 IA__g_cclosure_marshal_VOID__OBJECT
at gmarshal.c line 636
#152 g_type_class_meta_marshal
at gclosure.c line 514
#153 IA__g_closure_invoke
at gclosure.c line 437
#154 signal_emit_unlocked_R
at gsignal.c line 2418
#155 IA__g_signal_emit_valist
at gsignal.c line 2247
#156 IA__g_signal_emit
at gsignal.c line 2291
#157 IA__gtk_container_remove
at gtkcontainer.c line 995
#158 gtk_widget_dispose
at gtkwidget.c line 6471
#159 IA__g_object_run_dispose
at gobject.c line 603
#160 IA__gtk_object_destroy
at gtkobject.c line 362
#161 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#162 gtk_toolbar_forall
at gtktoolbar.c line 2437
#163 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#164 gtk_container_destroy
at gtkcontainer.c line 829
#165 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#166 g_type_class_meta_marshal
at gclosure.c line 514
#167 IA__g_closure_invoke
at gclosure.c line 437
#168 signal_emit_unlocked_R
at gsignal.c line 2604
#169 IA__g_signal_emit_valist
at gsignal.c line 2247
#170 IA__g_signal_emit
at gsignal.c line 2291
#171 gtk_object_dispose
at gtkobject.c line 377
#172 gtk_widget_dispose
at gtkwidget.c line 6479
#173 IA__g_object_run_dispose
at gobject.c line 603
#174 IA__gtk_object_destroy
at gtkobject.c line 362
#175 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#176 gtk_box_forall
at gtkbox.c line 702
#177 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#178 gtk_container_destroy
at gtkcontainer.c line 829
#179 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#180 g_type_class_meta_marshal
at gclosure.c line 514
#181 IA__g_closure_invoke
at gclosure.c line 437
#182 signal_emit_unlocked_R
at gsignal.c line 2604
#183 IA__g_signal_emit_valist
at gsignal.c line 2247
#184 IA__g_signal_emit
at gsignal.c line 2291
#185 gtk_object_dispose
at gtkobject.c line 377
#186 gtk_widget_dispose
at gtkwidget.c line 6479
#187 IA__g_object_run_dispose
at gobject.c line 603
#188 IA__gtk_object_destroy
at gtkobject.c line 362
#189 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#190 gtk_box_forall
at gtkbox.c line 702
#191 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#192 gtk_container_destroy
at gtkcontainer.c line 829
#193 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#194 g_type_class_meta_marshal
at gclosure.c line 514
#195 IA__g_closure_invoke
at gclosure.c line 437
#196 signal_emit_unlocked_R
at gsignal.c line 2604
#197 IA__g_signal_emit_valist
at gsignal.c line 2247
#198 IA__g_signal_emit
at gsignal.c line 2291
#199 gtk_object_dispose
at gtkobject.c line 377
#200 gtk_widget_dispose
at gtkwidget.c line 6479
#201 IA__g_object_run_dispose
at gobject.c line 603
#202 IA__gtk_object_destroy
at gtkobject.c line 362
#203 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#204 bonobo_control_destroy
from /usr/X11R6/lib/libbonoboui-2.so.0
#205 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#206 g_type_class_meta_marshal
at gclosure.c line 514
#207 IA__g_closure_invoke
at gclosure.c line 437
#208 signal_emit_unlocked_R
at gsignal.c line 2526
#209 IA__g_signal_emit_valist
at gsignal.c line 2247
#210 IA__g_signal_emit
at gsignal.c line 2291
#211 bonobo_object_destroy_T
from /usr/local/lib/libbonobo-2.so.0
#212 bonobo_object_unref
from /usr/local/lib/libbonobo-2.so.0
#213 impl_Bonobo_Unknown_unref
from /usr/local/lib/libbonobo-2.so.0
#214 _ORBIT_skel_small_Bonobo_Unknown_unref
from /usr/local/lib/libbonobo-activation.so.4
#215 ORBit_c_stub_invoke
from /usr/local/lib/libORBit-2.so.0
#216 Bonobo_Unknown_unref
from /usr/local/lib/libbonobo-activation.so.4
#217 bonobo_object_release_unref
from /usr/local/lib/libbonobo-2.so.0
#218 bonobo_control_frame_bind_to_control
from /usr/X11R6/lib/libbonoboui-2.so.0
#219 bonobo_control_frame_dispose
from /usr/X11R6/lib/libbonoboui-2.so.0
#220 g_object_last_unref
at gobject.c line 558
#221 IA__g_object_unref
at gobject.c line 1591
#222 bonobo_object_finalize_internal_T
from /usr/local/lib/libbonobo-2.so.0
#223 bonobo_object_unref
from /usr/local/lib/libbonobo-2.so.0
#224 bonobo_socket_set_control_frame
from /usr/X11R6/lib/libbonoboui-2.so.0
#225 bonobo_socket_dispose
from /usr/X11R6/lib/libbonoboui-2.so.0
#226 IA__g_object_run_dispose
at gobject.c line 603
#227 IA__gtk_object_destroy
at gtkobject.c line 362
#228 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#229 gtk_bin_forall
at gtkbin.c line 166
#230 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#231 gtk_container_destroy
at gtkcontainer.c line 829
#232 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#233 g_type_class_meta_marshal
at gclosure.c line 514
#234 IA__g_closure_invoke
at gclosure.c line 437
#235 signal_emit_unlocked_R
at gsignal.c line 2604
#236 IA__g_signal_emit_valist
at gsignal.c line 2247
#237 IA__g_signal_emit
at gsignal.c line 2291
#238 gtk_object_dispose
at gtkobject.c line 377
#239 gtk_widget_dispose
at gtkwidget.c line 6479
#240 bonobo_widget_dispose
from /usr/X11R6/lib/libbonoboui-2.so.0
#241 IA__g_object_run_dispose
at gobject.c line 603
#242 IA__gtk_object_destroy
at gtkobject.c line 362
#243 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#244 gtk_box_forall
at gtkbox.c line 702
#245 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#246 gtk_container_destroy
at gtkcontainer.c line 829
#247 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#248 g_type_class_meta_marshal
at gclosure.c line 514
#249 IA__g_closure_invoke
at gclosure.c line 437
#250 signal_emit_unlocked_R
at gsignal.c line 2604
#251 IA__g_signal_emit_valist
at gsignal.c line 2247
#252 IA__g_signal_emit
at gsignal.c line 2291
#253 gtk_object_dispose
at gtkobject.c line 377
#254 gtk_widget_dispose
at gtkwidget.c line 6479
#255 IA__g_object_run_dispose
at gobject.c line 603
#256 IA__gtk_object_destroy
at gtkobject.c line 362
#257 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#258 bonobo_dock_forall
from /usr/X11R6/lib/libbonoboui-2.so.0
#259 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#260 gtk_container_destroy
at gtkcontainer.c line 829
#261 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#262 g_type_class_meta_marshal
at gclosure.c line 514
#263 IA__g_closure_invoke
at gclosure.c line 437
#264 signal_emit_unlocked_R
at gsignal.c line 2604
#265 IA__g_signal_emit_valist
at gsignal.c line 2247
#266 IA__g_signal_emit
at gsignal.c line 2291
#267 gtk_object_dispose
at gtkobject.c line 377
#268 gtk_widget_dispose
at gtkwidget.c line 6479
#269 IA__g_object_run_dispose
at gobject.c line 603
#270 IA__gtk_object_destroy
at gtkobject.c line 362
#271 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#272 gtk_box_forall
at gtkbox.c line 702
#273 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#274 gtk_container_destroy
at gtkcontainer.c line 829
#275 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#276 g_type_class_meta_marshal
at gclosure.c line 514
#277 IA__g_closure_invoke
at gclosure.c line 437
#278 signal_emit_unlocked_R
at gsignal.c line 2604
#279 IA__g_signal_emit_valist
at gsignal.c line 2247
#280 IA__g_signal_emit
at gsignal.c line 2291
#281 gtk_object_dispose
at gtkobject.c line 377
#282 gtk_widget_dispose
at gtkwidget.c line 6479
#283 IA__g_object_run_dispose
at gobject.c line 603
#284 IA__gtk_object_destroy
at gtkobject.c line 362
#285 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#286 gtk_bin_forall
at gtkbin.c line 166
#287 IA__gtk_container_foreach
at gtkcontainer.c line 1292
#288 gtk_container_destroy
at gtkcontainer.c line 829
#289 gtk_window_destroy
at gtkwindow.c line 3754
#290 destroy
from /usr/X11R6/lib/evolution/2.2/components/libevolution-mail.so
#291 IA__g_cclosure_marshal_VOID__VOID
at gmarshal.c line 77
#292 g_type_class_meta_marshal
at gclosure.c line 514
#293 IA__g_closure_invoke
at gclosure.c line 437
#294 signal_emit_unlocked_R
at gsignal.c line 2604
#295 IA__g_signal_emit_valist
at gsignal.c line 2247
#296 IA__g_signal_emit
at gsignal.c line 2291
#297 gtk_object_dispose
at gtkobject.c line 377
#298 gtk_widget_dispose
at gtkwidget.c line 6479
#299 gtk_window_dispose
at gtkwindow.c line 1742
#300 bonobo_window_dispose
from /usr/X11R6/lib/libbonoboui-2.so.0
#301 composer_dispose
from /usr/X11R6/lib/evolution/2.2/components/libevolution-mail.so
#302 IA__g_object_run_dispose
at gobject.c line 603
#303 IA__gtk_object_destroy
at gtkobject.c line 362
#304 IA__gtk_widget_destroy
at gtkwidget.c line 1958
#305 composer_send_queued_cb
from /usr/X11R6/lib/evolution/2.2/components/libevolution-mail.so
#306 append_mail_appended
from /usr/X11R6/lib/evolution/2.2/components/libevolution-mail.so
#307 mail_msgport_replied
from /usr/X11R6/lib/evolution/2.2/components/libevolution-mail.so
#308 g_io_unix_dispatch
at giounix.c line 162
#309 g_main_dispatch
at gmain.c line 1933
#310 IA__g_main_context_dispatch
at gmain.c line 2483
#311 g_main_context_iterate
at gmain.c line 2564
#312 IA__g_main_loop_run
at gmain.c line 2768
#313 bonobo_main
from /usr/local/lib/libbonobo-2.so.0
#314 main


Other information:
The attached patch removes a g_assert() in gcbp_destroy_gdk() as the new code in
gnome_canvas_item_dispose() NULLs out the canvas member of the item structure. 
This way, that assert could never be valid.  Alternatively, I suppose you could
check whether shape->canvas is not NULL, then do the assert.

Comment 1 Joe Marcus Clarke 2005-05-20 21:06:21 UTC

Created attachment 46689 [details] [review]
Remove g_assert() to fix Evo crash

Comment 2 Jan de Groot 2005-05-21 10:31:30 UTC

Created attachment 46710 [details] [review]
Checks for NULL instead of completely disabling assertion check

This patch does what the author of the original patch suggested.

Comment 3 Christian Kirbach 2005-05-22 09:04:37 UTC

Should be fair enough for a workaroun, I think.

I'll leave it for the maintainers to decide on the patches.

Accepting report.

Comment 4 Jan de Groot 2005-05-22 09:52:00 UTC

Got another crasher: open a mail in a new window with evolution, then close it.
Evolution will crash with my version of the patch, don't know if it crashes with
Joes patch.

Comment 5 Sebastien Bacher 2005-05-22 18:16:51 UTC

*** Bug 305089 has been marked as a duplicate of this bug. ***

Comment 6 Andre Schaefer 2005-05-22 18:43:35 UTC

*** Bug 305078 has been marked as a duplicate of this bug. ***

Comment 7 Matthew Hall 2005-05-23 00:56:46 UTC

It seems this crasher was introduced with the addition of 

item->canvas = NULL;

to gnome_canvas_item_dispose() in libgnomecanvas/gnome-canvas.c to 2.10.1.

Removing this line completely fixes the crash in both the new email window/email
in a new window cases. 

Maybe item->canvas is being free()'d somewhere else and causing a segv? 
Is item->canvas supposed to be g_free()'d before NULL'ed?

Comment 8 Arkady L. Shane 2005-05-23 19:26:38 UTC

*** Bug 305177 has been marked as a duplicate of this bug. ***

Comment 9 Sebastien Bacher 2005-05-23 21:07:20 UTC

*** Bug 305131 has been marked as a duplicate of this bug. ***

Comment 10 Kjartan Maraas 2005-05-23 22:10:55 UTC

Tim, could you take a look at this? New crasher caused by one of the patches you
looked at earlier.

Comment 11 Tim Janik 2005-05-23 22:42:29 UTC

i'm afraid i can't practically look at this, because i currently lack the
environment to build evolution and the canvas (even gtk atm).

i'm highly suspecting #90259 to be the culprit here though. looking at the bug
duplicates hardenes that suspicion. i think #305131 correctly analyzes the
actual problem, item->canvas is reset way too early.
gnome_canvas_destroy() will now properly destroy the root item (as does the
group handler for its children), so the canvas will stay valid for items even
after dispose. as a result, gnome_canvas_item_dispose() should *not* reset
item->canvas before chaining dispose, since this causes ::destroy to be emitted
on items with a NULL canvas (which the existing code simply does not expect). 

moving the canvas pointer reset until after chaining dipose should be good
enough (this leaves item->canvas intact for the first emission of ::destroy),
here's a pseudo patch:

gnome-canvas.c @@ gnome_canvas_item_dispose
        if (item->parent)
                group_remove (GNOME_CANVAS_GROUP (item->parent), item);

-       item->canvas = NULL;

        g_free (item->xform);
        item->xform = NULL;

        G_OBJECT_CLASS (item_parent_class)->dispose (object);
+       /* items should remove any references to item->canvas after the first
::destroy */
+       item->canvas = NULL;
 }

Comment 12 Joe Marcus Clarke 2005-05-24 05:33:34 UTC

Even with this latest patch, Evo will still crash.  However, this time, it's in
gal.  I believe the problem is related to this libgnomecanvas change, however. 
See the attached patch.  With both Tim's patch, and this gal patch, Evo no
longer crashes.

Comment 13 Joe Marcus Clarke 2005-05-24 05:34:35 UTC

Created attachment 46825 [details] [review]
Fix canvas-related crash in gal

Comment 14 Kjartan Maraas 2005-05-24 18:12:39 UTC

Chris, do you think this is really a bug in e-canvas.c and is this the correct fix?

Comment 15 Kjartan Maraas 2005-05-24 19:49:54 UTC

I commited the libgnomecanvas part from Tim, Chris Lahey said the e-canvas.c
patch looked ok, but I'll mail it to evolution-patches@ximian.com for review
just to follow procedure.

Comment 16 Not Zed 2005-05-26 08:49:56 UTC

Created attachment 46895 [details] [review]
alternate fix - fix the dispose method

This fixes the eti dispose method instead, so the function isn't called with a
null canvas in the first place.  fixes the crash for me.

Comment 17 Chris Lahey 2005-05-26 15:57:31 UTC

I prefer the alternate fix.  It's more correct.

Wouldn't hurt to add a g_return_if_fail to the e_canvas call also.

Comment 18 Sebastien Bacher 2005-05-28 13:18:33 UTC

*** Bug 305232 has been marked as a duplicate of this bug. ***

Comment 19 Vincent Noel 2005-05-31 19:41:00 UTC

I installed the latest versions of libgnomecanvas, evolution and
evolution-data-server and I don't see this crash anymore (I reported bug 305232
which was marked as a duplicate of this one). Note that I didn't update gal.

Comment 20 Kaushal Kumar 2005-06-01 04:21:36 UTC

Thanks Vincent. I still have committed the patch from Not Zed in gal head,
gnome-2-10, since it just adds an additional check, in case such a problem
re-appears later. Closing.

Comment 21 Kjartan Maraas 2005-06-01 09:27:28 UTC

*** Bug 305444 has been marked as a duplicate of this bug. ***

Comment 22 Sebastien Bacher 2005-07-09 12:44:04 UTC

*** Bug 309822 has been marked as a duplicate of this bug. ***

Comment 23 Sebastien Bacher 2005-07-09 12:44:38 UTC

*** Bug 309793 has been marked as a duplicate of this bug. ***

Comment 24 Sebastien Bacher 2005-07-09 12:44:54 UTC

*** Bug 309783 has been marked as a duplicate of this bug. ***

Comment 25 Sebastien Bacher 2005-07-09 12:46:06 UTC

*** Bug 308952 has been marked as a duplicate of this bug. ***

Comment 26 Sebastien Bacher 2005-07-09 12:46:39 UTC

*** Bug 308714 has been marked as a duplicate of this bug. ***

Comment 27 Sebastien Bacher 2005-07-09 12:47:04 UTC

*** Bug 308604 has been marked as a duplicate of this bug. ***

Comment 28 Sebastien Bacher 2005-07-09 12:47:29 UTC

*** Bug 307602 has been marked as a duplicate of this bug. ***

Comment 29 Sebastien Bacher 2005-07-09 12:48:39 UTC

*** Bug 305258 has been marked as a duplicate of this bug. ***

Comment 30 Teppo Turtiainen 2005-07-10 23:29:00 UTC

*** Bug 309973 has been marked as a duplicate of this bug. ***

Comment 31 Teppo Turtiainen 2005-07-12 03:33:07 UTC

*** Bug 310075 has been marked as a duplicate of this bug. ***

Comment 32 Teppo Turtiainen 2005-07-12 10:42:13 UTC

*** Bug 310091 has been marked as a duplicate of this bug. ***

Comment 33 Teppo Turtiainen 2005-07-12 10:44:14 UTC

*** Bug 310093 has been marked as a duplicate of this bug. ***

Comment 34 Teppo Turtiainen 2005-07-12 15:50:08 UTC

*** Bug 310139 has been marked as a duplicate of this bug. ***

Comment 35 Teppo Turtiainen 2005-07-12 18:45:55 UTC

*** Bug 310158 has been marked as a duplicate of this bug. ***

Comment 36 Teppo Turtiainen 2005-07-12 18:48:06 UTC

*** Bug 310019 has been marked as a duplicate of this bug. ***

Comment 37 Teppo Turtiainen 2005-07-12 22:32:35 UTC

*** Bug 310169 has been marked as a duplicate of this bug. ***

Comment 38 Teppo Turtiainen 2005-07-13 10:28:36 UTC

*** Bug 310200 has been marked as a duplicate of this bug. ***

Comment 39 Teppo Turtiainen 2005-07-15 08:06:36 UTC

*** Bug 310436 has been marked as a duplicate of this bug. ***

Comment 40 Teppo Turtiainen 2005-07-15 14:22:27 UTC

*** Bug 310497 has been marked as a duplicate of this bug. ***

Comment 41 Sebastien Bacher 2005-07-18 09:30:19 UTC

*** Bug 310713 has been marked as a duplicate of this bug. ***

Comment 42 Sebastien Bacher 2005-07-18 09:30:47 UTC

*** Bug 310708 has been marked as a duplicate of this bug. ***

Comment 43 Teppo Turtiainen 2005-07-18 15:54:16 UTC

*** Bug 310756 has been marked as a duplicate of this bug. ***

Comment 44 Teppo Turtiainen 2005-07-18 15:54:29 UTC

*** Bug 310760 has been marked as a duplicate of this bug. ***

Comment 45 Teppo Turtiainen 2005-07-18 15:54:46 UTC

*** Bug 310770 has been marked as a duplicate of this bug. ***

Comment 46 Teppo Turtiainen 2005-07-20 05:48:38 UTC

*** Bug 310927 has been marked as a duplicate of this bug. ***

Comment 47 Teppo Turtiainen 2005-07-20 15:56:07 UTC

*** Bug 310969 has been marked as a duplicate of this bug. ***

Comment 48 Teppo Turtiainen 2005-07-20 17:40:51 UTC

*** Bug 311032 has been marked as a duplicate of this bug. ***

Comment 49 Teppo Turtiainen 2005-07-22 05:02:22 UTC

*** Bug 311173 has been marked as a duplicate of this bug. ***

Comment 50 Brent Smith (smitten) 2005-07-22 16:17:09 UTC

*** Bug 311246 has been marked as a duplicate of this bug. ***

Comment 51 Brent Smith (smitten) 2005-07-22 16:22:12 UTC

*** Bug 311263 has been marked as a duplicate of this bug. ***

Comment 52 Teppo Turtiainen 2005-07-26 14:46:45 UTC

*** Bug 311581 has been marked as a duplicate of this bug. ***

Comment 53 Teppo Turtiainen 2005-07-26 18:05:08 UTC

*** Bug 311610 has been marked as a duplicate of this bug. ***

Comment 54 Michele Baldessari 2005-07-26 19:02:58 UTC

*** Bug 311647 has been marked as a duplicate of this bug. ***

Comment 55 Michele Baldessari 2005-07-26 23:12:00 UTC

*** Bug 311668 has been marked as a duplicate of this bug. ***

Comment 56 Teppo Turtiainen 2005-07-27 05:21:50 UTC

*** Bug 311670 has been marked as a duplicate of this bug. ***

Comment 57 Teppo Turtiainen 2005-07-27 05:22:03 UTC

*** Bug 311675 has been marked as a duplicate of this bug. ***

Comment 58 Teppo Turtiainen 2005-07-27 16:44:53 UTC

*** Bug 310259 has been marked as a duplicate of this bug. ***

Comment 59 Teppo Turtiainen 2005-07-28 05:21:01 UTC

*** Bug 311793 has been marked as a duplicate of this bug. ***

Comment 60 Teppo Turtiainen 2005-07-28 17:58:18 UTC

*** Bug 311834 has been marked as a duplicate of this bug. ***

Comment 61 Teppo Turtiainen 2005-07-28 17:58:30 UTC

*** Bug 311849 has been marked as a duplicate of this bug. ***

Comment 62 Teppo Turtiainen 2005-07-29 15:20:25 UTC

*** Bug 311952 has been marked as a duplicate of this bug. ***

Comment 63 Teppo Turtiainen 2005-07-29 15:20:46 UTC

*** Bug 311968 has been marked as a duplicate of this bug. ***

Comment 64 Teppo Turtiainen 2005-08-01 05:13:42 UTC

*** Bug 312119 has been marked as a duplicate of this bug. ***

Comment 65 Teppo Turtiainen 2005-08-06 21:51:47 UTC

*** Bug 312754 has been marked as a duplicate of this bug. ***

Comment 66 Teppo Turtiainen 2005-08-07 16:55:45 UTC

*** Bug 312792 has been marked as a duplicate of this bug. ***

Comment 67 Subodh Soni 2005-08-09 12:40:12 UTC

Marking this bug as VERIFIED FIXED

Comment 68 Michele Baldessari 2005-08-10 20:04:38 UTC

*** Bug 313155 has been marked as a duplicate of this bug. ***

Comment 69 Teppo Turtiainen 2005-08-21 06:40:46 UTC

*** Bug 313441 has been marked as a duplicate of this bug. ***

Comment 70 Teppo Turtiainen 2005-08-21 06:41:05 UTC

*** Bug 313804 has been marked as a duplicate of this bug. ***

Comment 71 Brent Smith (smitten) 2005-09-12 02:55:21 UTC

*** Bug 315684 has been marked as a duplicate of this bug. ***

Comment 72 Brent Smith (smitten) 2005-09-13 03:23:56 UTC

*** Bug 315770 has been marked as a duplicate of this bug. ***

Comment 73 Brent Smith (smitten) 2005-09-13 03:56:04 UTC

*** Bug 315783 has been marked as a duplicate of this bug. ***

Comment 74 Brent Smith (smitten) 2005-09-13 05:58:49 UTC

*** Bug 315837 has been marked as a duplicate of this bug. ***