Crash on deleting event
I compile Evolution under ASAN/clang. Then I start Evolution and it is in the Calendar window List view. I delete an event. ASAN terminates Evolution and reports:
(evolution-alarm-notify:16505): GLib-GIO-WARNING **: 17:03:36.179: Your application did not unregister from D-Bus before destruction. Consider using g_application_run().
=================================================================
==16493==ERROR: AddressSanitizer: heap-use-after-free on address 0x6070001db1b8 at pc 0x7f4768aecd5d bp 0x7ffdc69c44d0 sp 0x7ffdc69c44c8
READ of size 8 at 0x6070001db1b8 thread T0
#0 0x7f4768aecd5c in calendar_view_delete_event /git/gnome/evolution/build-asan/../src/calendar/gui/e-calendar-view.c:272:55
#1 0x7f4768af2f01 in calendar_view_delete_selection /git/gnome/evolution/build-asan/../src/calendar/gui/e-calendar-view.c:1113:3
#2 0x7f4782379f36 in e_selectable_delete_selection /git/gnome/evolution/build-asan/../src/e-util/e-selectable.c:119:3
#3 0x7f47683cab23 in action_event_delete_cb /git/gnome/evolution/build-asan/../src/modules/calendar/e-cal-shell-view-actions.c:726:2
#4 0x7f4787a3eef1 in g_closure_invoke /git/gnome/glib/build_A/../gobject/gclosure.c:810:7
#5 0x7f4787a5202b in signal_emit_unlocked_R /git/gnome/glib/build_A/../gobject/gsignal.c:3742:8
#6 0x7f4787a5ceca in g_signal_emit_valist /git/gnome/glib/build_A/../gobject/gsignal.c:3498:5
#7 0x7f4787a5d811 in g_signal_emit /git/gnome/glib/build_A/../gobject/gsignal.c:3554:3
#8 0x7f4788e55f30 in _gtk_action_emit_activate /git/gnome/gtk/build_A/../gtk/deprecated/gtkaction.c:909:3
#9 0x7f4787a3eef1 in g_closure_invoke /git/gnome/glib/build_A/../gobject/gclosure.c:810:7
#10 0x7f4787a5202b in signal_emit_unlocked_R /git/gnome/glib/build_A/../gobject/gsignal.c:3742:8
#11 0x7f4787a5ceca in g_signal_emit_valist /git/gnome/glib/build_A/../gobject/gsignal.c:3498:5
#12 0x7f4787a5d811 in g_signal_emit /git/gnome/glib/build_A/../gobject/gsignal.c:3554:3
#13 0x7f4788e55f30 in _gtk_action_emit_activate /git/gnome/gtk/build_A/../gtk/deprecated/gtkaction.c:909:3
#14 0x7f4787a3f125 in _g_closure_invoke_va /git/gnome/glib/build_A/../gobject/gclosure.c:873:7
#15 0x7f4787a5d23d in g_signal_emit_valist /git/gnome/glib/build_A/../gobject/gsignal.c:3407:8
#16 0x7f4787a5d811 in g_signal_emit /git/gnome/glib/build_A/../gobject/gsignal.c:3554:3
#17 0x7f4788e0d749 in gtk_widget_activate /git/gnome/gtk/build_A/../gtk/gtkwidget.c:7841:7
#18 0x7f4788cce925 in gtk_menu_shell_activate_item /git/gnome/gtk/build_A/../gtk/gtkmenushell.c:1375:3
#19 0x7f4788ccec11 in gtk_menu_shell_button_release /git/gnome/gtk/build_A/../gtk/gtkmenushell.c:791:19
#20 0x7f4788b4e91d in _gtk_marshal_BOOLEAN__BOXEDv /git/gnome/gtk/build_A/gtk/gtkmarshalers.c:130:14
#21 0x7f4787a3f125 in _g_closure_invoke_va /git/gnome/glib/build_A/../gobject/gclosure.c:873:7
#22 0x7f4787a5c57f in g_signal_emit_valist /git/gnome/glib/build_A/../gobject/gsignal.c:3407:8
#23 0x7f4787a5d811 in g_signal_emit /git/gnome/glib/build_A/../gobject/gsignal.c:3554:3
#24 0x7f4788e0ad19 in gtk_widget_event_internal /git/gnome/gtk/build_A/../gtk/gtkwidget.c:7808:4
#25 0x7f4788e0ad19 in gtk_widget_event_internal /git/gnome/gtk/build_A/../gtk/gtkwidget.c:7677:1
#26 0x7f4788cb6c97 in propagate_event_up /git/gnome/gtk/build_A/../gtk/gtkmain.c:2587:25
#27 0x7f4788cb6c97 in propagate_event /git/gnome/gtk/build_A/../gtk/gtkmain.c:2690:5
#28 0x7f4788cb8e2a in gtk_main_do_event /git/gnome/gtk/build_A/../gtk/gtkmain.c:1920:9
#29 0x7f4788cb8e2a in gtk_main_do_event /git/gnome/gtk/build_A/../gtk/gtkmain.c:1690:1
#30 0x7f47889fab64 in _gdk_event_emit /git/gnome/gtk/build_A/../gdk/gdkevents.c:73:6
#31 0x7f4788a26651 in gdk_event_source_dispatch /git/gnome/gtk/build_A/../gdk/wayland/gdkeventsource.c:124:7
#32 0x7f47879542ac in g_main_dispatch /git/gnome/glib/build_A/../glib/gmain.c:3309:28
#33 0x7f47879542ac in g_main_context_dispatch /git/gnome/glib/build_A/../glib/gmain.c:3974:7
#34 0x7f47879544ff in g_main_context_iterate.isra.0 /git/gnome/glib/build_A/../glib/gmain.c:4047:5
#35 0x7f47879547d2 in g_main_loop_run /git/gnome/glib/build_A/../glib/gmain.c:4241:5
#36 0x7f4788cb7e94 in gtk_main /git/gnome/gtk/build_A/../gtk/gtkmain.c:1328:7
#37 0x4f7710 in main /git/gnome/evolution/build-asan/../src/shell/main.c:694:2
#38 0x7f4780fc1b5a in __libc_start_main /src/glibc-2.29/csu/../csu/libc-start.c:308:16
#39 0x421cb9 in _start /src/glibc-2.29/csu/../sysdeps/x86_64/start.S:120
0x6070001db1b8 is located 8 bytes inside of 80-byte region [0x6070001db1b0,0x6070001db200)
freed by thread T0 here:
#0 0x4c263f in free /src/llvm/llvm-10.0.0.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:123:3
#1 0x7f4768aca6b2 in e_cal_list_view_get_selected_events /git/gnome/evolution/build-asan/../src/calendar/gui/e-cal-list-view.c:599:3
#2 0x7f4768aeb954 in e_calendar_view_get_selected_events /git/gnome/evolution/build-asan/../src/calendar/gui/e-calendar-view.c:1422:9
#3 0x7f4768af1d96 in calendar_view_update_actions /git/gnome/evolution/build-asan/../src/calendar/gui/e-calendar-view.c:448:9
#4 0x7f4782379b90 in e_selectable_update_actions /git/gnome/evolution/build-asan/../src/e-util/e-selectable.c:65:2
#5 0x7f47822c2036 in focus_tracker_selectable_update_actions /git/gnome/evolution/build-asan/../src/e-util/e-focus-tracker.c:336:2
#6 0x7f47822c2036 in focus_tracker_targets_received_cb /git/gnome/evolution/build-asan/../src/e-util/e-focus-tracker.c:388:3
#7 0x7f4788e4ceb2 in request_targets_received_func /git/gnome/gtk/build_A/../gtk/gtkclipboard.c:1332:3
previously allocated by thread T0 here:
#0 0x4c2af7 in calloc /src/llvm/llvm-10.0.0.src/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
#1 0x7f4787959cd0 in g_malloc0 /git/gnome/glib/build_A/../glib/gmem.c:132:13
#2 0x7f4768aeb954 in e_calendar_view_get_selected_events /git/gnome/evolution/build-asan/../src/calendar/gui/e-calendar-view.c:1422:9
#3 0x7f4768af2ec6 in calendar_view_delete_selection /git/gnome/evolution/build-asan/../src/calendar/gui/e-calendar-view.c:1104:13
#4 0x7f4782379f36 in e_selectable_delete_selection /git/gnome/evolution/build-asan/../src/e-util/e-selectable.c:119:3
#5 0x7f47683cab23 in action_event_delete_cb /git/gnome/evolution/build-asan/../src/modules/calendar/e-cal-shell-view-actions.c:726:2
#6 0x7f4787a3eef1 in g_closure_invoke /git/gnome/glib/build_A/../gobject/gclosure.c:810:7
SUMMARY: AddressSanitizer: heap-use-after-free /git/gnome/evolution/build-asan/../src/calendar/gui/e-calendar-view.c:272:55 in calendar_view_delete_event
Shadow bytes around the buggy address:
0x0c0e800335e0: fa fa fd fd fd fd fd fd fd fd fd fa fa fa fa fa
0x0c0e800335f0: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fd fd
0x0c0e80033600: fd fd fd fd fd fd fd fd fa fa fa fa fd fd fd fd
0x0c0e80033610: fd fd fd fd fd fd fa fa fa fa 00 00 00 00 00 00
0x0c0e80033620: 00 00 06 fa fa fa fa fa 00 00 00 00 00 00 00 00
=>0x0c0e80033630: 00 00 fa fa fa fa fd[fd]fd fd fd fd fd fd fd fd
0x0c0e80033640: fa fa fa fa fd fd fd fd fd fd fd fd fd fa fa fa
0x0c0e80033650: fa fa fd fd fd fd fd fd fd fd fd fa fa fa fa fa
0x0c0e80033660: 00 00 00 00 00 00 00 00 00 fa fa fa fa fa 00 00
0x0c0e80033670: 00 00 00 00 00 00 00 fa fa fa fa fa fd fd fd fd
0x0c0e80033680: fd fd fd fd fd fa fa fa fa fa 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==16493==ABORTING
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information