Bug 1295948 - [abrt] evince: find_class_funcs(): evince killed by SIGSEGV
Summary: [abrt] evince: find_class_funcs(): evince killed by SIGSEGV
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Fedora
Classification: Fedora
Component: evince
Version: 23
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Michael Stahl
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:33d5085a8406234f387224737e5...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-01-05 21:17 UTC by Christian Stadelmann
Modified: 2016-11-08 16:03 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-11-08 16:03:31 UTC
Type: ---

Attachments (Terms of Use)
File: backtrace (45.84 KB, text/plain)
2016-01-05 21:17 UTC, Christian Stadelmann 		no flags Details
File: core_backtrace (15.93 KB, text/plain)
2016-01-05 21:17 UTC, Christian Stadelmann 		no flags Details
File: dso_list (11.68 KB, text/plain)
2016-01-05 21:17 UTC, Christian Stadelmann 		no flags Details
File: exploitable (100 bytes, text/plain)
2016-01-05 21:17 UTC, Christian Stadelmann 		no flags Details
File: limits (1.29 KB, text/plain)
2016-01-05 21:17 UTC, Christian Stadelmann 		no flags Details
File: maps (67.80 KB, text/plain)
2016-01-05 21:17 UTC, Christian Stadelmann 		no flags Details
File: namespaces (85 bytes, text/plain)
2016-01-05 21:17 UTC, Christian Stadelmann 		no flags Details
File: open_fds (2.84 KB, text/plain)
2016-01-05 21:17 UTC, Christian Stadelmann 		no flags Details
File: proc_pid_status (1010 bytes, text/plain)
2016-01-05 21:17 UTC, Christian Stadelmann 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
GNOME Bugzilla 756852 0 None None None 2016-11-08 16:03:30 UTC

Description Christian Stadelmann 2016-01-05 21:17:36 UTC 
Description of problem:
I used the comment function in evince. Evince crashed when saving and when closing.

Version-Release number of selected component:
evince-3.18.2-3.fc23

Additional info:
reporter:       libreport-2.6.3
backtrace_rating: 4
cmdline:        
crash_function: find_class_funcs
executable:     /usr/bin/evince
kernel:         4.2.8-300.fc23.x86_64
runlevel:       N 5
type:           CCpp

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 find_class_funcs at inspector/object-tree.c:506
 #1 object_get_parent at inspector/object-tree.c:524
 #2 gtk_inspector_object_tree_find_object at inspector/object-tree.c:1172
 #4 gtk_object_tree_remove_dead_object at inspector/object-tree.c:616
 #5 weak_refs_notify at gobject.c:2634
 #7 g_hash_table_remove_all_nodes at ghash.c:548
 #9 g_hash_table_remove_all at ghash.c:1428
 #10 g_hash_table_destroy at ghash.c:1122
 #11 g_hash_table_remove_all_nodes at ghash.c:548
 #13 g_hash_table_remove_all at ghash.c:1428
Comment 1 Christian Stadelmann 2016-01-05 21:17:42 UTC 
Created attachment 1111936 [details]
File: backtrace
Comment 2 Christian Stadelmann 2016-01-05 21:17:43 UTC 
Created attachment 1111937 [details]
File: core_backtrace
Comment 3 Christian Stadelmann 2016-01-05 21:17:45 UTC 
Created attachment 1111938 [details]
File: dso_list
Comment 4 Christian Stadelmann 2016-01-05 21:17:46 UTC 
Created attachment 1111939 [details]
File: exploitable
Comment 5 Christian Stadelmann 2016-01-05 21:17:47 UTC 
Created attachment 1111940 [details]
File: limits
Comment 6 Christian Stadelmann 2016-01-05 21:17:49 UTC 
Created attachment 1111941 [details]
File: maps
Comment 7 Christian Stadelmann 2016-01-05 21:17:51 UTC 
Created attachment 1111942 [details]
File: namespaces
Comment 8 Christian Stadelmann 2016-01-05 21:17:52 UTC 
Created attachment 1111943 [details]
File: open_fds
Comment 9 Christian Stadelmann 2016-01-05 21:17:53 UTC 
Created attachment 1111944 [details]
File: proc_pid_status
Comment 10 Fedora Admin XMLRPC Client 2016-10-14 08:08:13 UTC 
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 11 Michael Stahl 2016-11-08 16:03:31 UTC 
cannot repro on current F24.

this gtk+ commit looks relevant, the stack in the cited bug looks the same,
so i'm assuming this is fixed:

commit f55e3f7eda1d54d1a87a098822cc5e345b2f36db
Author:     Matthias Clasen <mclasen>
AuthorDate: Sun Oct 25 13:11:17 2015 -0400

    inspector: Be more careful with dead objects
    
    gtk_inspector_object_tree_find_object accesses the type information
    of the object, so we can't safely use it on an already decaying
    object when we get a weak notify. Instead just walk the tree and
    compare pointers, that is safe.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=756852
Note You need to log in before you can comment on or make changes to this bug.