Bug 710752 – Invalid read in gtk_widget_queue_draw

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 710752 - Invalid read in gtk_widget_queue_draw


Summary:	Invalid read in gtk_widget_queue_draw


Status:	RESOLVED OBSOLETE

Product:	eog
Classification:	Core
Component:	image viewer
Version:	3.8.x
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	---
Assigned To:	EOG Maintainers
QA Contact:	EOG Maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2013-10-23 20:00 UTC by Sebastien Bacher
Modified:	2021-06-19 08:47 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Sebastien Bacher 2013-10-23 20:00:43 UTC

Using eog 3.8.2, those warnings are listed when using the preference dialog

==21565== Invalid read of size 4
==21565==    at 0x470D8CD: gtk_widget_queue_draw (gtkwidget.c:4989)
==21565==    by 0x45068E7: gtk_color_button_set_rgba (gtkcolorbutton.c:748)
==21565==    by 0x45070CB: gtk_color_button_set_property (gtkcolorbutton.c:900)
==21565==    by 0x4EB3BE9: g_object_set_property (gobject.c:1366)
==21565==    by 0x4AACFA2: g_settings_binding_key_changed (gsettings.c:2418)
==21565==    by 0x6DBE07F: ???
==21565==  Address 0x13d72238 is 4 bytes after a block of size 28 free'd
==21565==    at 0x402AC38: free (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==21565==    by 0x4BFA0A7: cairo_region_destroy (in /usr/lib/i386-linux-gnu/libcairo.so.2.11200.16)
==21565==    by 0x4974CF5: recompute_visible_regions_internal (gdkwindow.c:1055)
==21565==    by 0x4974C19: recompute_visible_regions_internal (gdkwindow.c:1133)
==21565==    by 0x497AE09: gdk_window_hide (gdkwindow.c:1169)
==21565==    by 0x497B1CD: _gdk_window_destroy_hierarchy (gdkwindow.c:2129)
==21565==    by 0x497B56B: gdk_window_destroy (gdkwindow.c:2192)
==21565==    by 0x463E5B3: gtk_separator_tool_item_unrealize (gtkseparatortoolitem.c:319)
==21565==    by 0x4EAD528: g_cclosure_marshal_VOID__VOIDv (gmarshal.c:115)
==21565==    by 0x4EAA286: g_type_class_meta_marshalv (gclosure.c:997)
==21565==    by 0x4EABAED: _g_closure_invoke_va (gclosure.c:840)
==21565==    by 0x4EC4E6F: g_signal_emit_valist (gsignal.c:3238)
==21565==    by 0x4EC59E2: g_signal_emit (gsignal.c:3386)
==21565==    by 0x4710992: gtk_widget_unrealize (gtkwidget.c:4884)
==21565==    by 0x47149D4: gtk_widget_unparent (gtkwidget.c:4010)
==21565==    by 0x46A905D: toolbar_content_remove (gtktoolbar.c:3313)
==21565==    by 0x46A9487: gtk_toolbar_stop_sliding (gtktoolbar.c:1389)
==21565==    by 0x46A9DA3: toolbar_content_new_tool_item (gtktoolbar.c:3297)
==21565==    by 0x809E9D2: item_added_cb (egg-editable-toolbar.c:1247)
==21565==    by 0x80A3A54: _egg_marshal_VOID__INT_INT (eggmarshalers.c:93)
==21565==    by 0x4EAB8AD: g_closure_invoke (gclosure.c:777)
==21565==    by 0x4EBDDF8: signal_emit_unlocked_R (gsignal.c:3586)
==21565==    by 0x4EC5752: g_signal_emit_valist (gsignal.c:3330)
==21565==    by 0x4EC59E2: g_signal_emit (gsignal.c:3386)
==21565==    by 0x80A0AE0: impl_add_item (egg-toolbars-model.c:425)
==21565==    by 0x80A1566: egg_toolbars_model_add_item (egg-toolbars-model.c:438)
==21565==    by 0x809DE2F: toolbar_drag_data_received_cb (egg-editable-toolbar.c:737)
==21565==    by 0x45CB2E9: _gtk_marshal_VOID__OBJECT_INT_INT_BOXED_UINT_UINT (gtkmarshalers.c:5276)
==21565==    by 0x4EAB8AD: g_closure_invoke (gclosure.c:777)
==21565==    by 0x4EBDDF8: signal_emit_unlocked_R (gsignal.c:3586)
==21565==    by 0x4EC5752: g_signal_emit_valist (gsignal.c:3330)
==21565==    by 0x4EC5EA0: g_signal_emit_by_name (gsignal.c:3426)
==21565==    by 0x4729D17: gtk_drag_selection_received (gtkdnd.c:1922)
==21565==    by 0x45C8F74: _gtk_marshal_VOID__BOXED_UINT (gtkmarshalers.c:3268)
==21565==    by 0x4EAB8AD: g_closure_invoke (gclosure.c:777)
==21565==    by 0x4EBDDF8: signal_emit_unlocked_R (gsignal.c:3586)
==21565==    by 0x4EC5752: g_signal_emit_valist (gsignal.c:3330)
==21565==    by 0x4EC5EA0: g_signal_emit_by_name (gsignal.c:3426)
==21565==    by 0x46395ED: gtk_selection_retrieval_report (gtkselection.c:2983)

Comment 1 Sebastien Bacher 2013-10-23 20:09:22 UTC

That's likely the same error than the segfault on https://bugs.launchpad.net/eog/+bug/1216188

Comment 2 Felix Riemann 2013-11-22 22:29:33 UTC

Hmm,

okay while trying to reproduce I could make eog print a critical warning (but not crash) in gtk_widget_queue_draw with a similar backtrace.

For some reason the color is updated twice in the color button by GSettings.
Oddly it doesn't happen all the time.

Comment 3 André Klapper 2021-06-19 08:47:28 UTC

GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org.
As part of that, we are mass-closing older open tickets in bugzilla.gnome.org
which have not seen updates for a longer time (resources are unfortunately
quite limited so not every ticket can get handled).

If you can still reproduce the situation described in this ticket in a recent
and supported software version, then please follow
  https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines
and create a new ticket at
  https://gitlab.gnome.org/GNOME/eog/-/issues/

Thank you for your understanding and your help.