Description of problem: I was scrolling through a pdf at a 4k resolution and it crashed. Version-Release number of selected component: evince-3.32.0-8.fc31 Additional info: reporter: libreport-2.10.1 backtrace_rating: 4 cgroup: 0::/user.slice/user-1000.slice/user/dbus\x2d:1.2\x2dorg.gnome.Nautilus.slice/dbus-:1.2-org.gnome.Nautilus cmdline: evince /home/samuel/Downloads/mastering_vim_standard/Mastering_Vim_Quickly.pdf crash_function: g_datalist_clear executable: /usr/bin/evince global_pid: 51183 kernel: 5.3.0-1.fc31.x86_64 runlevel: N 5 type: CCpp uid: 1000
Created attachment 1616992 [details] File: backtrace
Created attachment 1616993 [details] File: core_backtrace
Created attachment 1616994 [details] File: cpuinfo
Created attachment 1616995 [details] File: dso_list
Created attachment 1616996 [details] File: environ
Created attachment 1616997 [details] File: limits
Created attachment 1616998 [details] File: maps
Created attachment 1616999 [details] File: mountinfo
Created attachment 1617000 [details] File: namespaces
Created attachment 1617001 [details] File: open_fds
Created attachment 1617002 [details] File: proc_pid_status
Created attachment 1617003 [details] File: var_log_messages
Similar problem has been detected: It seems that this crash happens when I select text. I can reproduce the issue easily by opening a document and quickly selecting text several time in Evince. reporter: libreport-2.10.1 backtrace_rating: 4 cgroup: 0::/user.slice/user-1000.slice/user/gnome-shell-wayland.service cmdline: evince crash_function: g_datalist_clear executable: /usr/bin/evince journald_cursor: s=8a944869392d4b8c971a23902b79b954;i=1b23;b=4ad6bee693dd455398808dfed0eb85cc;m=5f8329c;t=593d5369c1ad4;x=b9e1b10a7bc6cc43 kernel: 5.3.1-300.fc31.x86_64 package: evince-3.34.0-1.fc31 reason: evince killed by SIGABRT rootdir: / runlevel: N 5 type: CCpp uid: 1000
Similar problem has been detected: 1. Open arbitrary pdf file in evince 2. Drag with mouse to select some text 3. Click on the selected text and drag it 4. Release it on the evince window 5. Evince crashes This appears in the terminal window (when started from terminal): (evince:24499): Gtk-CRITICAL **: 14:59:05.148: gtk_widget_get_display: assertion 'GTK_IS_WIDGET (widget)' failed (evince:24499): GLib-GObject-WARNING **: 14:59:05.148: invalid (NULL) pointer instance (evince:24499): GLib-GObject-CRITICAL **: 14:59:05.148: g_signal_emit_by_name: assertion 'G_TYPE_CHECK_INSTANCE (instance)' failed (evince:24499): GLib-GObject-WARNING **: 14:59:05.148: invalid (NULL) pointer instance (evince:24499): GLib-GObject-CRITICAL **: 14:59:05.148: g_signal_emit_by_name: assertion 'G_TYPE_CHECK_INSTANCE (instance)' failed (evince:24499): Gtk-CRITICAL **: 14:59:05.149: gtk_target_list_unref: assertion 'list->ref_count > 0' failed (evince:24499): Gtk-CRITICAL **: 14:59:05.149: gtk_widget_destroy: assertion 'GTK_IS_WIDGET (widget)' failed double free or corruption (!prev) reporter: libreport-2.10.1 backtrace_rating: 4 cgroup: 0::/user.slice/user-1000.slice/user/gnome-terminal-server.service cmdline: /usr/bin/evince bla.pdf crash_function: g_datalist_clear executable: /usr/bin/evince journald_cursor: s=e489321471df494281fe9e4f6aa8b4f8;i=27ebb;b=62dc50694c0d451d9e87dc80013c24b5;m=6210fe7c9d;t=593bfcc8aabe5;x=9f2520a4fcc02d6e kernel: 5.3.0-1.fc31.x86_64 package: evince-3.34.0-1.fc31 reason: evince killed by SIGABRT rootdir: / runlevel: N 5 type: CCpp uid: 1000
Hi Jiri, I can not reproduce this. Could you try it with updated Fedora to check whether it was not fixed somewhere else?
I can reproduce this bug with evince-3.34.1-1.fc31. I had to try multiple times the drag and drop for the bug to occur.
(In reply to Gwendal from comment #16) > I can reproduce this bug with evince-3.34.1-1.fc31. I had to try multiple > times the drag and drop for the bug to occur. I forgot to mention that my Fedora 31 is fully up to date.
Thank you for the info. I'll give it some time yet then.
I can reproduce this now. It seems that some drag specific data are freed during changing of cursor and then once again during finishing of the drag. There is a delay between releasing of button and finishing of the drag in which the change of cursor occurs. Changing gdk_flush() (deprecated) in ev_view_set_cursor() to gdk_display_flush() helps. It probably does better job in catching such things. Regarding reproducing of this, it seems that releasing button on the selected text increases probability of the crash. You can test the change here: https://koji.fedoraproject.org/koji/taskinfo?taskID=38312395 (once the task finishes)
(In reply to Marek Kašík from comment #19) > You can test the change here: > https://koji.fedoraproject.org/koji/taskinfo?taskID=38312395 (once the task > finishes) The evince version from this task is not crashing for me.
(In reply to Jiri Cerny from comment #20) > (In reply to Marek Kašík from comment #19) > > You can test the change here: > > https://koji.fedoraproject.org/koji/taskinfo?taskID=38312395 (once the task > > finishes) > > The evince version from this task is not crashing for me. I have tested the fix as well and the crash seems to not occur anymore! Thanks :)
FEDORA-2019-4253d43e94 has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2019-4253d43e94
evince-3.34.1-2.fc31 has been pushed to the Fedora 31 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-4253d43e94
Similar problem has been detected: Click inside a pdf. Target was text, not a link or anything. reporter: libreport-2.10.1 backtrace_rating: 4 cgroup: 0::/user.slice/user-1000.slice/user/gnome-shell-wayland.service cmdline: evince /home/ole/Downloads/Fistarol-Itin2013_Article_DiagnosisAndTreatmentOfLichenS.pdf crash_function: g_datalist_clear executable: /usr/bin/evince journald_cursor: s=cabf1cacb6044588b1fc9c6a823875fd;i=62c80;b=c00eb07887ad440f889e07bcccd44a9f;m=110eee825b;t=5957ef2784a02;x=564441ee089b4686 kernel: 5.3.4-300.fc31.x86_64 package: evince-3.34.1-1.fc31 reason: evince killed by SIGABRT rootdir: / runlevel: N 5 type: CCpp uid: 1000
(In reply to Fedora Update System from comment #23) > evince-3.34.1-2.fc31 has been pushed to the Fedora 31 testing repository. If > problems still persist, please make note of it in this bug report. Just hit this crash with 3.34.1-2. Not fixed.
(In reply to Michael Catanzaro from comment #25) > Just hit this crash with 3.34.1-2. Not fixed. Ah sorry, ABRT had a crash saved from last week. False alarm, my bad!
evince-3.34.1-2.fc31 has been pushed to the Fedora 31 stable repository. If problems still persist, please make note of it in this bug report.