Description of problem: Just using Evolution as usual. Version-Release number of selected component: evolution-3.52.4-1.fc40 Additional info: reporter: libreport-2.17.15 backtrace_rating: 4 uid: 1001 dso_list: /usr/bin/evolution evolution-3.52.4-1.fc40.x86_64 (Fedora Project) 1722854482 package: evolution-3.52.4-1.fc40 rootdir: / crash_function: gnome_canvas_request_update comment: Just using Evolution as usual. cmdline: /usr/bin/evolution kernel: 6.10.6-200.fc40.x86_64 cgroup: 0::/user.slice/user-1001.slice/user/app.slice/app-gnome-org.gnome.Evolution-3363714.scope journald_cursor: s=490d139e85184c21b92250c4c79a5365;i=9935f10;b=a6540aaa2a364c1a92a23bf20ef21112;m=190cea7c686;t=622dfb542d295;x=a4c11c1664b78e15 reason: evolution killed by SIGSEGV executable: /usr/bin/evolution type: CCpp runlevel: N 5 Truncated backtrace: Thread no. 1 (16 frames) #0 gnome_canvas_request_update at /usr/src/debug/evolution-3.52.4-1.fc40.x86_64/src/libgnomecanvas/gnome-canvas.c:3176 #1 gnome_canvas_item_request_update at /usr/src/debug/evolution-3.52.4-1.fc40.x86_64/src/libgnomecanvas/gnome-canvas.c:1229 #3 signal_emit_unlocked_R.isra.0 at ../gobject/gsignal.c:3888 #4 signal_emit_valist_unlocked at ../gobject/gsignal.c:3520 #7 e_selection_model_array_insert_rows at /usr/src/debug/evolution-3.52.4-1.fc40.x86_64/src/e-util/e-selection-model-array.c:139 #8 model_rows_inserted at /usr/src/debug/evolution-3.52.4-1.fc40.x86_64/src/e-util/e-table-selection-model.c:164 #9 ffi_call_unix64 at ../src/x86/unix64.S:104 #10 ffi_call_int at ../src/x86/ffi64.c:673 #11 ffi_call at ../src/x86/ffi64.c:710 #12 g_cclosure_marshal_generic at ../gobject/gclosure.c:1538 #14 signal_emit_unlocked_R.isra.0 at ../gobject/gsignal.c:3888 #15 signal_emit_valist_unlocked at ../gobject/gsignal.c:3520 #18 cal_data_model_add_component_cb at /usr/src/debug/evolution-3.52.4-1.fc40.x86_64/src/calendar/gui/e-cal-data-model.c:648 #19 cal_data_model_foreach_subscriber_in_range at /usr/src/debug/evolution-3.52.4-1.fc40.x86_64/src/calendar/gui/e-cal-data-model.c:578 #20 cal_data_model_process_added_component at /usr/src/debug/evolution-3.52.4-1.fc40.x86_64/src/calendar/gui/e-cal-data-model.c:878 #22 cal_data_model_process_modified_or_added_objects at /usr/src/debug/evolution-3.52.4-1.fc40.x86_64/src/calendar/gui/e-cal-data-model.c:1320
Created attachment 2050838 [details] File: exploitable
Created attachment 2050839 [details] File: os_info
Created attachment 2050840 [details] File: environ
Created attachment 2050841 [details] File: maps
Created attachment 2050842 [details] File: proc_pid_status
Created attachment 2050843 [details] File: core_backtrace
Created attachment 2050844 [details] File: mountinfo
Created attachment 2050845 [details] File: open_fds
Created attachment 2050846 [details] File: backtrace
Created attachment 2050847 [details] File: cpuinfo
Created attachment 2050848 [details] File: limits
Thanks for a bug report. The backtace shows that the crash happened while one of the calendars (task lists or memo lists, it's not obvious from the backtrace which one it was) reported new events to be added into the GUI, which wanted to update the selection, when the crash happened. I do not recall seeing any such crash in the past and this code did not change for years, thus it's at least nothing new (not a regression). I will add safety checks into the top functions in the backtrace, which can avoid the crash, but which will not fix the root cause of the problem.
I made the change upstream [1] for 3.55.1+ and 3.54.1+, thus for Fedora 41 and rawhide. If it'll turn out the crash happens repeatedly for you, I can backport the change to the Fedora 40 as well. [1] https://gitlab.gnome.org/GNOME/evolution/-/commit/4530b4ecc1