Bug 607257 – Add checks for event->comp_data != NULL

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 607257 - Add checks for event->comp_data != NULL


Summary:	Add checks for event->comp_data != NULL


Status:	RESOLVED FIXED

Product:	evolution
Classification:	Applications
Component:	Calendar
Version:	2.28.x (obsolete)
Hardware:	Other Linux

Importance:	Normal critical
Target Milestone:	---
Assigned To:	evolution-calendar-maintainers
QA Contact:	Evolution QA team

URL:
Whiteboard:

Duplicates:	599459 621305 (view as bug list)
Depends on:
Blocks:

Reported:	2010-01-17 22:04 UTC by Thomas
Modified:	2010-06-11 14:54 UTC

See Also:
GNOME target:	---
GNOME version:	2.27/2.28

Attachments
check if event->comp_data is non-NULL (891 bytes, patch) 2010-01-17 22:07 UTC, Thomas	reviewed	Details \| Review
evo patch (59.49 KB, patch) 2010-05-13 21:49 UTC, Milan Crha	committed	Details \| Review
adaptation for master patch to gnome-2-28 branch (55.22 KB, patch) 2010-05-14 20:59 UTC, Thomas	reviewed	Details \| Review

Description Thomas 2010-01-17 22:04:33 UTC

Another case of a pointer not being checked for NULL.
(gdb) p event->comp_data
$3 = (ECalModelComponent *) 0x0
(gdb) bt

+ Trace 220111

#0 e_day_view_on_main_canvas_motion
at ../../../../evolution/calendar/gui/e-day-view.c line 3705
#1 ??
from /usr/lib/libgtk-x11-2.0.so.0
#2 g_closure_invoke
from /usr/lib/libgobject-2.0.so.0
#3 ??
from /usr/lib/libgobject-2.0.so.0
#4 g_signal_emit_valist
from /usr/lib/libgobject-2.0.so.0
#5 g_signal_emit
from /usr/lib/libgobject-2.0.so.0
#6 ??
from /usr/lib/libgtk-x11-2.0.so.0
#7 gtk_propagate_event
from /usr/lib/libgtk-x11-2.0.so.0
#8 gtk_main_do_event
from /usr/lib/libgtk-x11-2.0.so.0
#9 ??
from /usr/lib/libgdk-x11-2.0.so.0
#10 g_main_context_dispatch
from /lib/libglib-2.0.so.0
#11 ??
from /lib/libglib-2.0.so.0
#12 g_main_loop_run
from /lib/libglib-2.0.so.0
#13 bonobo_main
from /usr/lib/libbonobo-2.so.0
#14 main
at ../../../evolution/shell/main.c line 732

Comment 1 Thomas 2010-01-17 22:07:49 UTC

Created attachment 151631 [details] [review]
check if  event->comp_data is non-NULL

Comment 2 Matthew Barnes 2010-03-25 15:54:25 UTC

Any clues on how to reproduce this?

Comment 3 Thomas 2010-03-25 18:54:17 UTC

(In reply to comment #2)
> Any clues on how to reproduce this?

No, sorry.

Comment 4 Akhil Laddha 2010-04-20 05:52:53 UTC

I did get similar crash in 2.28.3. Nothing specific, copied event to local calendar, changed the time of events and at last clicked on calendar preview.

Backtrace was generated from '/usr/bin/evolution.bin'

[?1034h[Thread debugging using libthread_db enabled]
[New Thread 0xaa67eb70 (LWP 6119)]
[New Thread 0xace17b70 (LWP 6115)]
[New Thread 0xad618b70 (LWP 6113)]
[New Thread 0xaf61cb70 (LWP 6111)]
[New Thread 0xafe1db70 (LWP 6110)]
[New Thread 0xb0e1fb70 (LWP 6109)]
[New Thread 0xb061eb70 (LWP 6108)]
[New Thread 0xade19b70 (LWP 5737)]
[New Thread 0xb0e60b70 (LWP 5651)]
0xffffe424 in __kernel_vsyscall ()

+ Trace 221469

Thread 1 (Thread 0xb556a760 (LWP 5637))

#0 __kernel_vsyscall
#1 waitpid
at ../sysdeps/unix/syscall-template.S line 82
#2 IA__g_spawn_sync
at gspawn.c line 386
#3 IA__g_spawn_command_line_sync
at gspawn.c line 700
#4 ??
from /usr/lib/gtk-2.0/modules/libgnomebreakpad.so
#5 ??
from /usr/lib/gtk-2.0/modules/libgnomebreakpad.so
#6 <signal handler called>
#7 e_day_view_on_main_canvas_motion
at e-day-view.c line 3705
#8 _gtk_marshal_BOOLEAN__BOXED
at gtkmarshalers.c line 84
#9 IA__g_closure_invoke
at gclosure.c line 767
#10 signal_emit_unlocked_R
at gsignal.c line 3247
#11 IA__g_signal_emit_valist
at gsignal.c line 2990
#12 IA__g_signal_emit
at gsignal.c line 3037
#13 gtk_widget_event_internal
at gtkwidget.c line 4767
#14 IA__gtk_propagate_event
at gtkmain.c line 2417
#15 IA__gtk_main_do_event
at gtkmain.c line 1622
#16 gdk_event_dispatch
at gdkevents-x11.c line 2373
#17 g_main_dispatch
at gmain.c line 1960
#18 IA__g_main_context_dispatch
at gmain.c line 2513
#19 g_main_context_iterate
at gmain.c line 2591
#20 IA__g_main_loop_run
at gmain.c line 2799
#21 bonobo_main
at bonobo-main.c line 311
#22 main
at main.c line 732


	Inferior 1 [process 5637] will be detached.

Quit anyway? (y or n) [answered Y; input not from terminal]


---- Critical and fatal warnings logged during execution ----

** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** GdkPixbuf **: gdk_pixbuf_composite: assertion `dest_x >= 0 && dest_x + dest_width <= dest->width' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** GdkPixbuf **: gdk_pixbuf_composite: assertion `dest_x >= 0 && dest_x + dest_width <= dest->width' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed 
** Gtk **: gtk_action_set_visible: assertion `GTK_IS_ACTION (action)' failed

Comment 5 Milan Crha 2010-04-27 16:34:47 UTC

I believe we can use this check, though it'll be better to add there some g_warning or g_return_if_fail call, to know that something was wrong.

Thomas, would you mind to create a larger patch with such runtime warnings added on "all" places where->comp_data is used for actual master?

It can be also with some utility function like:
gboolean check_comp_data ( *event, const gchar *func_name)
{
   if (!event || !event->comp_data)
      g_warning ("%s: comp_data on event %p is NULL", func_name);
   return event && event->comp_data;
}

which would be called on each place with
   check_comp_data (event, G_STRFUNC)

or you can make a define:
#define check_comp_data(e) check_comp_data_call (e, G_STRFUNC)
and rename the above function to check_comp_data_call
and use just
   check_comp_data (event)
on all other places.

Comment 6 Milan Crha 2010-04-27 16:36:17 UTC

You've more similar bugs and patches on different places in bugzilla already, if I recall correctly, thus with the above we can fix them all in once and mark them as a duplicate of this one.

Comment 7 Thomas 2010-04-28 01:06:12 UTC

(In reply to comment #6)
> You've more similar bugs and patches on different places in bugzilla already,
> if I recall correctly, thus with the above we can fix them all in once and mark
> them as a duplicate of this one.

I've uploaded the current patches I put on top of the gnome-2-28 branch via
stg to
http://www.t-mittelstaedt.de/evo-eds-patches-2-28.tar.gz
http://www.t-mittelstaedt.de/evo-patches-2-28.tar.gz

They are usually named like "issue_<bug_number>...".

I am very happy with evolution right now, can't remember when it crashed
the last time.

thomas

Comment 8 Milan Crha 2010-04-28 11:07:54 UTC

(In reply to comment #7)
> http://www.t-mittelstaedt.de/evo-eds-patches-2-28.tar.gz
 - bug #529331 - in 2.30.0
 - bug #556001 - hmm, slightly in doubt here, sound to me similar to bug #573240
 - bug #579360 - empty file, in 2.26.2
 - bug #595389 - empty file, in 2.28.something
 - bug #603854 + _i - moved to bug #603506, in 2.29.91

> http://www.t-mittelstaedt.de/evo-patches-2-28.tar.gz
 - bug #529331 - in 2.30.0
 - bug #544187 - what is that? a patch in a closed bug? please follow last
                 comment there
 - bug #599459 - I'm not sure on this as well
 - bug #604172 - moved to bug #589568, pretty hard to reproduce, isn't it?
 - bug #607257 - this one :)
 - bug #613764 - only because of above bug #529331

OK, here are your patches, though it's not what I was asking for. :)

Are you able to build the gnome-2-30 branch and produce patch for this bug with improvements I suggested in comment #5? No problem if you cannot right now, I can do it.

Comment 9 Milan Crha 2010-05-13 21:29:39 UTC

*** Bug 599459 has been marked as a duplicate of this bug. ***

Comment 10 Milan Crha 2010-05-13 21:49:31 UTC

Created attachment 161009 [details] [review]
evo patch

for evolution;

I thought of something like this. I added two simple functions to e-calendar-view.c/.h, and a macro for each, and then used them all around the calendar sources, either before accessing index of the array(s) (the above duplicate bug) or before accessing event->comp_data. I didn't add index check on places where is traversed whole array.

Comment 11 Milan Crha 2010-05-13 21:52:11 UTC

Created commit 5a124a6 in evo master (2.31.2+)

I believe there are more outstanding bug reports which are affected by same symptoms, and which will be transformed from a crash to a critical warning by the above patch. Let's see.

Comment 12 Thomas 2010-05-14 20:59:06 UTC

Created attachment 161094 [details] [review]
adaptation for master patch to gnome-2-28 branch

(In reply to comment #11)
> Created commit 5a124a6 in evo master (2.31.2+)
> 
> I believe there are more outstanding bug reports which are affected by same
> symptoms, and which will be transformed from a crash to a critical warning by
> the above patch. Let's see.

Okay, adapted your patch to my quite current gnome-2-28 branch version.
Have uploaded the diffs, just in case someone is interested. Haven't
seen any problems so far after restart.

Comment 13 Milan Crha 2010-05-17 09:51:43 UTC

Comment on attachment 161094 [details] [review]
adaptation for master patch to gnome-2-28 branch

OK, thanks, there is not planned any update for 2.28, but as you said, maybe someone else will use it.

Comment 14 Fabio Durán Verdugo 2010-06-11 14:54:10 UTC

*** Bug 621305 has been marked as a duplicate of this bug. ***