GNOME Bugzilla – Bug 651460
Crash in e_day_view_start_editing_event at e-day-view.c:6026
Last modified: 2017-08-31 13:39:23 UTC
evolution 3.1.2 (Groupwise) 1. Select (highlight) some time interval ( 30/60 minutes ) in day view 2. Type something 3. Press enter 4. Evolution crashes When i tried with valgrind, it showed many invalid reads. (evolution:9789): e-table-CRITICAL **: etss_value_at: assertion `VALID_ROW (etss, row)' failed (evolution:9789): e-table-CRITICAL **: e_cell_draw: assertion `row < e_table_model_row_count (ecell_view->e_table_model)' failed [Thread 0xb4079b70 (LWP 9793) exited] (evolution:9789): calendar-gui-CRITICAL **: e_day_view_add_event: assertion `end > add_event_data->day_view->lower' failed [Thread 0xb386bb70 (LWP 9796) exited] (evolution:9789): calendar-gui-WARNING **: e_day_view_get_event_position: index 3 is out of bounds [0,3) at array 0xb5709808 (evolution:9789): calendar-gui-WARNING **: e_day_view_get_selected_events: index 3 is out of bounds [0,3) at array 0xb5709808 (evolution:9789): calendar-gui-WARNING **: e_day_view_get_selected_events: index 3 is out of bounds [0,3) at array 0xb5709808 Program received signal SIGSEGV, Segmentation fault. 0xb5659aa7 in e_day_view_start_editing_event (day_view=0x86669c0, day=0, event_num=2, key_event=0x88b0cb8) at e-day-view.c:6026 6026 if (gtk_im_context_filter_keypress (((EText *)(event->canvas_item))->im_context, key_event)) { (gdb) bt
+ Trace 227317
Valgrind trace of evolution ==10013== Invalid read of size 4 ==10013== at 0x402A759: memcpy (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==10013== by 0x4C2A89E: XIGrabDevice (in /usr/lib/libXi.so.6.1.0) ==10013== by 0x53C018F: gdk_x11_device_xi2_grab (gdkdevice-xi2.c:416) ==10013== by 0x53B701A: gdk_pointer_grab (gdkwindow.c:8673) ==10013== by 0x6BDD340: e_day_view_on_main_canvas_button_press (e-day-view.c:3193) ==10013== by 0x50C18B9: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:85) ==10013== by 0x5802531: g_closure_invoke (gclosure.c:767) ==10013== by 0x5819965: signal_emit_unlocked_R (gsignal.c:3252) ==10013== by 0x5818DC3: g_signal_emit_valist (gsignal.c:2993) ==10013== by 0x5819023: g_signal_emit (gsignal.c:3040) ==10013== by 0x523FB83: gtk_widget_event_internal (gtkwidget.c:6114) ==10013== by 0x523F410: gtk_widget_event (gtkwidget.c:5830) ==10013== Address 0x9909b70 is 4 bytes after a block of size 4 alloc'd ==10013== at 0x40277F1: calloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==10013== by 0x4C2A834: XIGrabDevice (in /usr/lib/libXi.so.6.1.0) ==10013== by 0x53C018F: gdk_x11_device_xi2_grab (gdkdevice-xi2.c:416) ==10013== by 0x53B701A: gdk_pointer_grab (gdkwindow.c:8673) ==10013== by 0x6BDD340: e_day_view_on_main_canvas_button_press (e-day-view.c:3193) ==10013== by 0x50C18B9: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:85) ==10013== by 0x5802531: g_closure_invoke (gclosure.c:767) ==10013== by 0x5819965: signal_emit_unlocked_R (gsignal.c:3252) ==10013== by 0x5818DC3: g_signal_emit_valist (gsignal.c:2993) ==10013== by 0x5819023: g_signal_emit (gsignal.c:3040) ==10013== by 0x523FB83: gtk_widget_event_internal (gtkwidget.c:6114) ==10013== by 0x523F410: gtk_widget_event (gtkwidget.c:5830) ==10013== ==10013== Invalid read of size 4 ==10013== at 0x402A748: memcpy (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==10013== by 0x4C2A89E: XIGrabDevice (in /usr/lib/libXi.so.6.1.0) ==10013== by 0x53C018F: gdk_x11_device_xi2_grab (gdkdevice-xi2.c:416) ==10013== by 0x53B726B: gdk_keyboard_grab (gdkwindow.c:8773) ==10013== by 0x6BC7DA0: e_calendar_view_get_tooltips (e-calendar-view.c:2030) ==10013== by 0x58AD230: g_timeout_dispatch (gmain.c:3882) ==10013== by 0x58AA0C8: g_main_dispatch (gmain.c:2440) ==10013== by 0x58AB42D: g_main_context_dispatch (gmain.c:3013) ==10013== by 0x58AB882: g_main_context_iterate (gmain.c:3091) ==10013== by 0x58ABFEB: g_main_loop_run (gmain.c:3299) ==10013== by 0x50BFCCF: gtk_main (gtkmain.c:1358) ==10013== by 0x804ADAF: main (main.c:691) ==10013== Address 0xa7925cc is 0 bytes after a block of size 4 alloc'd ==10013== at 0x40277F1: calloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==10013== by 0x4C2A834: XIGrabDevice (in /usr/lib/libXi.so.6.1.0) ==10013== by 0x53C018F: gdk_x11_device_xi2_grab (gdkdevice-xi2.c:416) ==10013== by 0x53B726B: gdk_keyboard_grab (gdkwindow.c:8773) ==10013== by 0x6BC7DA0: e_calendar_view_get_tooltips (e-calendar-view.c:2030) ==10013== by 0x58AD230: g_timeout_dispatch (gmain.c:3882) ==10013== by 0x58AA0C8: g_main_dispatch (gmain.c:2440) ==10013== by 0x58AB42D: g_main_context_dispatch (gmain.c:3013) ==10013== by 0x58AB882: g_main_context_iterate (gmain.c:3091) ==10013== by 0x58ABFEB: g_main_loop_run (gmain.c:3299) ==10013== by 0x50BFCCF: gtk_main (gtkmain.c:1358) ==10013== by 0x804ADAF: main (main.c:691) ==10013== ==10013== Invalid read of size 4 ==10013== at 0x6BDA84C: e_day_view_update_event_label (e-day-view.c:2142) ==10013== by 0x6BE1730: e_day_view_reshape_day_event (e-day-view.c:4960) ==10013== by 0x6BE11E6: e_day_view_reshape_day_events (e-day-view.c:4848) ==10013== by 0x6BE0917: e_day_view_check_layout (e-day-view.c:4614) ==10013== by 0x6BE1DDC: e_day_view_add_new_event_in_selected_range (e-day-view.c:5128) ==10013== by 0x6BE23AF: e_day_view_do_key_press (e-day-view.c:5276) ==10013== by 0x6BE23E0: e_day_view_key_press (e-day-view.c:5283) ==10013== by 0x50C18B9: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:85) ==10013== by 0x5802842: g_type_class_meta_marshal (gclosure.c:878) ==10013== by 0x5802531: g_closure_invoke (gclosure.c:767) ==10013== by 0x5819B2A: signal_emit_unlocked_R (gsignal.c:3290) ==10013== by 0x5818DC3: g_signal_emit_valist (gsignal.c:2993) ==10013== Address 0x9b6e3cc is 4 bytes inside a block of size 128 free'd ==10013== at 0x402920B: realloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==10013== by 0x5878EBB: g_array_maybe_expand (garray.c:686) ==10013== by 0x5878437: g_array_append_vals (garray.c:353) ==10013== by 0x6BE073D: e_day_view_add_event (e-day-view.c:4559) ==10013== by 0x6BE1DD1: e_day_view_add_new_event_in_selected_range (e-day-view.c:5127) ==10013== by 0x6BE23AF: e_day_view_do_key_press (e-day-view.c:5276) ==10013== by 0x6BE23E0: e_day_view_key_press (e-day-view.c:5283) ==10013== by 0x50C18B9: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:85) ==10013== by 0x5802842: g_type_class_meta_marshal (gclosure.c:878) ==10013== by 0x5802531: g_closure_invoke (gclosure.c:767) ==10013== by 0x5819B2A: signal_emit_unlocked_R (gsignal.c:3290) ==10013== by 0x5818DC3: g_signal_emit_valist (gsignal.c:2993) ==10013== ==10013== Invalid read of size 4 ==10013== at 0x6BE175A: e_day_view_reshape_day_event (e-day-view.c:4964) ==10013== by 0x6BE11E6: e_day_view_reshape_day_events (e-day-view.c:4848) ==10013== by 0x6BE0917: e_day_view_check_layout (e-day-view.c:4614) ==10013== by 0x6BE1DDC: e_day_view_add_new_event_in_selected_range (e-day-view.c:5128) ==10013== by 0x6BE23AF: e_day_view_do_key_press (e-day-view.c:5276) ==10013== by 0x6BE23E0: e_day_view_key_press (e-day-view.c:5283) ==10013== by 0x50C18B9: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:85) ==10013== by 0x5802842: g_type_class_meta_marshal (gclosure.c:878) ==10013== by 0x5802531: g_closure_invoke (gclosure.c:767) ==10013== by 0x5819B2A: signal_emit_unlocked_R (gsignal.c:3290) ==10013== by 0x5818DC3: g_signal_emit_valist (gsignal.c:2993) ==10013== by 0x5819023: g_signal_emit (gsignal.c:3040) ==10013== Address 0x9b6e3c8 is 0 bytes inside a block of size 128 free'd ==10013== at 0x402920B: realloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==10013== by 0x5878EBB: g_array_maybe_expand (garray.c:686) ==10013== by 0x5878437: g_array_append_vals (garray.c:353) ==10013== by 0x6BE073D: e_day_view_add_event (e-day-view.c:4559) ==10013== by 0x6BE1DD1: e_day_view_add_new_event_in_selected_range (e-day-view.c:5127) ==10013== by 0x6BE23AF: e_day_view_do_key_press (e-day-view.c:5276) ==10013== by 0x6BE23E0: e_day_view_key_press (e-day-view.c:5283) ==10013== by 0x50C18B9: _gtk_marshal_BOOLEAN__BOXED (gtkmarshalers.c:85) ==10013== by 0x5802842: g_type_class_meta_marshal (gclosure.c:878) ==10013== by 0x5802531: g_closure_invoke (gclosure.c:767) ==10013== by 0x5819B2A: signal_emit_unlocked_R (gsignal.c:3290) ==10013== by 0x5818DC3: g_signal_emit_valist (gsignal.c:2993)
Downstream bug report about the same from 3.2.0: https://bugzilla.redhat.com/show_bug.cgi?id=744662
A similar downstream bug report from 3.6.2: https://bugzilla.redhat.com/show_bug.cgi?id=905356 Description of problem: I locked my latop then unplugged the network cable and went to another room. When I plugged and unlocked my laptop, the application crashed. I'm also using a VPN connection and my mail server is only available through that VPN connection. Then VPN went down when I unplugged the laptop. Version-Release number of selected component: evolution-3.6.2-3.fc18 Additional info: backtrace_rating: 4 cmdline: evolution crash_function: g_object_get executable: /usr/bin/evolution kernel: 3.7.4-204.fc18.x86_64
+ Trace 231465
Thread 1 (Thread 0x7f3d15bdba00 (LWP 3326))
I tried to reproduce with a local calendar and current development version (3.25.91) and no luck, thus I'm closing this.