After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 631290 - Crash in vee_folder_synchronize_sync at camel-vee-folder.c:1322
Crash in vee_folder_synchronize_sync at camel-vee-folder.c:1322
Status: RESOLVED FIXED
Product: evolution
Classification: Applications
Component: Mailer
3.0.x (obsolete)
Other Linux
: Normal critical
: ---
Assigned To: Milan Crha
Evolution QA team
: 630791 631665 632212 (view as bug list)
Depends on:
Blocks:
 
 
Reported: 2010-10-04 07:45 UTC by Akhil Laddha
Modified: 2013-09-13 01:10 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
eds patch (1.03 KB, patch)
2010-10-20 12:25 UTC, Milan Crha 		committed Details | Review

Description Akhil Laddha 2010-10-04 07:45:12 UTC 
evolution 2.33.1

recovered from laptop suspend and evolution crashed.

(evolution:25679): camel-WARNING **: You must be working online to complete this operation

(evolution:25679): GLib-WARNING **: GError set over the top of a previous GError or uninitialized memory.
This indicates a bug in someone's code. You must ensure an error is NULL before it's set.
The overwriting error message was: You must be working online to complete this operation

(evolution:25679): camel-WARNING **: (5\xf1\xa5\xa0
*** glibc detected *** /home/lakhil/opt/gnome3/bin/evolution: double free or corruption (out): 0xa5d4d028 ***
======= Backtrace: =========
/lib/libc.so.6(+0x6dffb)[0xb64e9ffb]
/lib/libc.so.6(+0x6ed7b)[0xb64ead7b]
/lib/libc.so.6(cfree+0x6d)[0xb64eeadd]
/home/lakhil/opt/gnome3/lib/libglib-2.0.so.0(g_free+0x35)[0xb66359e7]
/home/lakhil/opt/gnome3/lib/libglib-2.0.so.0(g_error_free+0x4a)[0xb6619559]
/home/lakhil/opt/gnome3/lib/libglib-2.0.so.0(g_propagate_error+0x53)[0xb6619777]
/home/lakhil/opt/gnome3/lib/libglib-2.0.so.0(g_propagate_prefixed_error+0x24)[0xb66198c7]
/home/lakhil/opt/gnome3/lib/libcamel-provider-1.2.so.21(+0x6eeec)[0xb7bf9eec]
/home/lakhil/opt/gnome3/lib/libcamel-provider-1.2.so.21(camel_folder_synchronize_sync+0x15a)[0xb7bc69eb]
/home/lakhil/opt/gnome3/lib/evolution/2.92/libevolution-mail.so.0(+0x8bda9)[0xb5d82da9]
/home/lakhil/opt/gnome3/lib/evolution/2.92/libevolution-mail.so.0(+0x8488e)[0xb5d7b88e]
/home/lakhil/opt/gnome3/lib/libglib-2.0.so.0(+0x75437)[0xb665c437]
/home/lakhil/opt/gnome3/lib/libglib-2.0.so.0(+0x73e09)[0xb665ae09]
/lib/libpthread.so.0(+0x5b25)[0xb66f9b25]
/lib/libc.so.6(clone+0x5e)[0xb654f46e]
======= Memory map: ========
08048000-0804c000 r-xp 00000000 08:06 1228886    /home/lakhil/opt/gnome3/bin/evolution
0804c000-0804d000 r--p 00003000 08:06 1228886    /home/lakhil/opt/gnome3/bin/evolution
0804d000-0804e000 rw-p 00004000 08:06 1228886    /home/lakhil/opt/gnome3/bin/evolution
0804e000-0c54b000 rw-p 00000000 00:00 0          [heap]
a5200000-a53e4000 rw-p 00000000 00:00 0 
a53e4000-a5400000 ---p 00000000 00:00 0 
a5400000-a5493000 rw-p 00000000 00:00 0 
a5493000-a5500000 ---p 00000000 00:00 0 
a5500000-a5600000 rw-p 00000000 00:00 0 
a5600000-a5800000 rw-p 00000000 00:00 0 
a5800000-a5a00000 rw-p 00000000 00:00 0 
a5a00000-a5c00000 rw-p 00000000 00:00 0 
a5c00000-a5e00000 rw-p 00000000 00:00 0 
a5e00000-a6000000 rw-p 00000000 00:00 0 
a6000000-a6100000 rw-p 00000000 00:00 0 
a61ff000-a6200000 rw-p 00000000 00:00 0 
a6200000-a6300000 rw-p 00000000 00:00 0 
a6300000-a6400000 rw-p 00000000 00:00 0 
a6400000-a6600000 rw-p 00000000 00:00 0 
a6600000-a6800000 rw-p 00000000 00:00 0 
a6800000-a6900000 rw-p 00000000 00:00 0 
a70ff000-a7100000 ---p 00000000 00:00 0 
a7100000-a7900000 rw-p 00000000 00:00 0 
a7900000-a7a00000 rw-p 00000000 00:00 0 
a7b00000-a7bfd000 rw-p 00000000 00:00 0 
a7bfd000-a7c00000 ---p 00000000 00:00 0 
a7c00000-a7d00000 rw-p 00000000 00:00 0 
a7d00000-a7efe000 rw-p 00000000 00:00 0 
a7efe000-a7f00000 ---p 00000000 00:00 0 
a7f00000-a8000000 rw-p 00000000 00:00 0 
a8000000-a8200000 rw-p 00000000 00:00 0 
a8200000-a8300000 rw-p 00000000 00:00 0 
a8319000-a831b000 r-xp 00000000 08:02 1182084    /usr/lib/gconv/ISO8859-1.so
a831b000-a831c000 r--p 00001000 08:02 1182084    /usr/lib/gconv/ISO8859-1.so
a831c000-a831d000 rw-p 00002000 08:02 1182084    /usr/lib/gconv/ISO8859-1.so
a831d000-a83ff000 rw-p 00000000 00:00 0 
a83ff000-a8400000 ---p 00000000 00:00 0 
a8400000-a8c00000 rw-p 00000000 00:00 0 
a8c00000-a8e00000 rw-p 00000000 00:00 0 
a8e00000-a8f00000 rw-p 00000000 00:00 0 
a8f03000-a8f1d000 r--p 00000000 08:02 285590     /usr/share/fonts/truetype/andalemo.ttf
a8f1d000-a8f50000 r--p 00000000 08:02 285596     /usr/share/fonts/truetype/ariali.ttf
a8f50000-a8f56000 r-xp 00000000 08:06 1001309    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mail-notification.so
a8f56000-a8f57000 r--p 00005000 08:06 1001309    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mail-notification.so
a8f57000-a8f58000 rw-p 00006000 08:06 1001309    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mail-notification.so
a8f58000-a8f5c000 rw-p 00000000 00:00 0 
a975d000-a97bd000 rw-s 00000000 00:04 12025889   /SYSV00000000 (deleted)
a97bd000-a9803000 r--p 00000000 08:02 285597     /usr/share/fonts/truetype/arialbd.ttf
a9803000-a9807000 r-xp 00000000 08:06 1222099    /home/lakhil/opt/gnome3/lib/evolution/2.92/modules/libevolution-module-plugin-manager.so
a9807000-a9808000 r--p 00004000 08:06 1222099    /home/lakhil/opt/gnome3/lib/evolution/2.92/modules/libevolution-module-plugin-manager.so
a9808000-a9809000 rw-p 00005000 08:06 1222099    /home/lakhil/opt/gnome3/lib/evolution/2.92/modules/libevolution-module-plugin-manager.so
a9809000-a980c000 r-xp 00000000 08:06 1015955    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-backup-restore.so
a980c000-a980d000 r--p 00003000 08:06 1015955    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-backup-restore.so
a980d000-a980e000 rw-p 00004000 08:06 1015955    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-backup-restore.so
a980e000-a9814000 r-xp 00000000 08:06 1015961    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-templates.so
a9814000-a9815000 r--p 00005000 08:06 1015961    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-templates.so
a9815000-a9816000 rw-p 00006000 08:06 1015961    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-templates.so
a9816000-a9819000 r-xp 00000000 08:06 1015944    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mailing-list-actions.so
a9819000-a981a000 r--p 00002000 08:06 1015944    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mailing-list-actions.so
a981a000-a981b000 rw-p 00003000 08:06 1015944    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mailing-list-actions.so
a981b000-a9823000 r-xp 00000000 08:06 1015941    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mail-to-task.so
a9823000-a9824000 r--p 00007000 08:06 1015941    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mail-to-task.so
a9824000-a9825000 rw-p 00008000 08:06 1015941    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mail-to-task.so
a9825000-a9829000 r-xp 00000000 08:06 1015904    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mark-all-read.so
a9829000-a982a000 r--p 00003000 08:06 1015904    /home/lakhil/opt/gnome3/lib/evolution/2.34/plugins/liborg-gnome-mark-all-read.so
Program received signal SIGABRT, Aborted.
[Switching to Thread 0xa8bffb70 (LWP 26407)]
0xffffe430 in __kernel_vsyscall ()
(gdb) t a a bt

+ Trace 223993

(gdb)
Comment 1 Milan Crha 2010-10-20 12:25:03 UTC 
Created attachment 172838 [details] [review]
eds patch

for evolution-data-server;

I think I know what is going on here:

(In reply to comment #0)
> recovered from laptop suspend and evolution crashed.

vee_folder_synchronize_sync is called, the 'local_error' is NULL

> (evolution:25679): camel-WARNING **: You must be working online to complete
> this operation

The above error occurred on the folder, and is propagated to *error. The thing is that 'local_error' is now not NULL, and it points to "nowhere". And we continue next round, with the next folder
 
> (evolution:25679): GLib-WARNING **: GError set over the top of a previous
> GError or uninitialized memory.
> This indicates a bug in someone's code. You must ensure an error is NULL before
> it's set.
> The overwriting error message was: You must be working online to complete this
> operation

The next folder tried to set the same error message into nowhere pointing 'local_error', and 'local_error' was left without any change.
 
> (evolution:25679): camel-WARNING **: (5\xf1\xa5\xa0

Proof that 'local_error' points to nowhere. And then it aborts when it tries to free already freed 'local_error'. A very nice double-free.

------------------------------------------------------------------------

This patch:
a) ensures the 'local_error' is always NULL before calling sync on respective
   folder.
b) remembers only the first error from the all folders and the rest is just
   silently ignored
Comment 2 Milan Crha 2010-10-20 12:28:08 UTC 
Created commit 6e20d4a in eds master (2.91.2+)
Created commit c5ba10f in eds gnome-2-32 (2.32.1+)
Comment 3 David Woodhouse 2010-10-20 22:43:03 UTC 
*** Bug 632212 has been marked as a duplicate of this bug. ***
Comment 4 David Woodhouse 2010-10-21 11:26:03 UTC 
*** Bug 631665 has been marked as a duplicate of this bug. ***
Comment 5 Milan Crha 2010-11-03 13:18:17 UTC 
*** Bug 630791 has been marked as a duplicate of this bug. ***
Comment 6 Milan Crha 2010-11-05 10:27:08 UTC 
Downstream bug report about the same:
https://bugzilla.redhat.com/show_bug.cgi?id=647874