Bug 725045 – [abrt] Crash updating Google book's contact with photo

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 725045 - [abrt] Crash updating Google book's contact with photo


Summary:	[abrt] Crash updating Google book's contact with photo


Status:	RESOLVED FIXED

Product:	evolution-data-server
Classification:	Platform
Component:	Contacts
Version:	3.10.x (obsolete)
Hardware:	Other Linux

Importance:	Normal critical
Target Milestone:	---
Assigned To:	evolution-addressbook-maintainers
QA Contact:	Evolution QA team

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2014-02-24 09:20 UTC by Milan Crha
Modified:	2014-05-22 09:25 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Milan Crha 2014-02-24 09:20:57 UTC

Moving this from a downstream bug report:
https://bugzilla.redhat.com/show_bug.cgi?id=1068984

Version-Release number of selected component:
evolution-data-server-3.10.4-1.fc20

Additional info:
reporter:       libreport-2.1.12
backtrace_rating: 4
cmdline:        /usr/libexec/evolution-addressbook-factory
crash_function: vasprintf
executable:     /usr/libexec/evolution-addressbook-factory
kernel:         3.13.3-201.fc20.x86_64

Program terminated with signal SIGSEGV, Segmentation fault.

+ Trace 233232

Thread 5 (Thread 0x7fd287301840 (LWP 2429))

#0 poll
at ../sysdeps/unix/syscall-template.S line 81
#1 g_main_context_poll
at gmain.c line 4007
#2 g_main_context_iterate
at gmain.c line 3708
#3 g_main_loop_run
at gmain.c line 3907
#4 dbus_server_run_server
at e-dbus-server.c line 222
#5 ffi_call_unix64
at ../src/x86/unix64.S line 76
#6 ffi_call
at ../src/x86/ffi64.c line 522
#7 g_cclosure_marshal_generic_va
at gclosure.c line 1550
#8 _g_closure_invoke_va
at gclosure.c line 840
#9 g_signal_emit_valist
at gsignal.c line 3238
#10 g_signal_emit
at gsignal.c line 3386
#11 e_dbus_server_run
at e-dbus-server.c line 411
#12 main
at evolution-addressbook-factory.c line 132

Comment 1 Milan Crha 2014-02-24 10:47:14 UTC

This seems to me like an out-of-memory issue, also because the Google's backend related code only does:

1810	g_debug (G_STRFUNC);
1811
1812	g_debug ("Updating: %s", vcards[0]);
1813
1814	/* We make the assumption that the vCard list we're passed is

while the vcard[0] looks correct to me. The process status shows:
> VmPeak: 1808236 kB
> VmSize: 1799664 kB

I know of one memory leak fix, at bug #721030, which landed for 3.10.4+, but that was for a WebDAV book, not for the Google book backend.

Comment 2 Milan Crha 2014-04-03 10:25:27 UTC

Similar downstream bug report from 3.10.4:
https://bugzilla.redhat.com/show_bug.cgi?id=1082733

Description of problem:
while updating a contact

Version-Release number of selected component:
evolution-data-server-3.10.4-3.fc20

Additional info:
reporter:       libreport-2.2.0
backtrace_rating: 4
cmdline:        /usr/libexec/evolution-addressbook-factory
crash_function: magazine_cache_trim
executable:     /usr/libexec/evolution-addressbook-factory
kernel:         3.13.6-200.fc20.x86_64

I can confirm the record was actually changed.

It was Google's addressbook.

I was adding a postal address to an existing contact. The contact probably had Google+ account (I could see their avatar on my Android, and I hadn't added it manually) if this matters. 

The issue is not reproducible.

Core was generated by `/usr/libexec/evolution-addressbook-factory'.
Program terminated with signal SIGSEGV, Segmentation fault.

+ Trace 233427

Thread 1 (Thread 0x7f9e1ed87840 (LWP 3062))

#0 malloc_consolidate
at malloc.c line 4091
#1 _int_free
at malloc.c line 3999
#2 magazine_cache_trim
at gslice.c line 685
#3 magazine_cache_push_magazine
at gslice.c line 716
#4 thread_memory_magazine2_unload
at gslice.c line 815
#5 g_slice_free_chain_with_offset
at gslice.c line 1186
#6 g_list_free
at glist.c line 152
#7 g_list_free_full
at glist.c line 188
#8 vcard_finalize
at e-vcard.c line 164
#9 g_object_unref
at gobject.c line 3197
#10 e_book_backend_modify_contacts_finish
at e-book-backend.c line 1805
#11 data_book_complete_modify_contacts_cb
at e-data-book.c line 881
#12 g_simple_async_result_complete
at gsimpleasyncresult.c line 777
#13 complete_in_idle_cb
at gsimpleasyncresult.c line 789
#14 g_main_dispatch
at gmain.c line 3066
#15 g_main_context_dispatch
at gmain.c line 3642
#16 g_main_context_iterate
at gmain.c line 3713
#17 g_main_loop_run
at gmain.c line 3907
#18 dbus_server_run_server
at e-dbus-server.c line 222
#19 ffi_call_unix64
at ../src/x86/unix64.S line 76
#20 ffi_call
at ../src/x86/ffi64.c line 522
#21 g_cclosure_marshal_generic_va
at gclosure.c line 1550
#22 _g_closure_invoke_va
at gclosure.c line 840
#23 g_signal_emit_valist
at gsignal.c line 3238
#24 g_signal_emit
at gsignal.c line 3386
#25 e_dbus_server_run
at e-dbus-server.c line 411
#26 main
at evolution-addressbook-factory.c line 132

Comment 3 Milan Crha 2014-05-22 09:25:41 UTC

I wasn't able to reproduce it, because my Google contacts didn't have assigned photos. This crash (double free) happens only when the updated contact has set a photo.

Created commit e636dd4 in eds master (3.13.2+) [1]
Created commit 683bd3e in eds evolution-data-server-3-12 (3.12.3+)

[1] https://git.gnome.org/browse/evolution-data-server/commit/?id=e636dd4