Oh look, again!


Detaching after fork from child process 8586.
[Thread 0x7fffd75fe710 (LWP 8585) exited]
[Thread 0x7fffbd094710 (LWP 8582) exited]
bbdb: Buddy list has changed since last sync.
[New Thread 0x7fffbd094710 (LWP 8598)]
bbdb: Synchronizing buddy list to contacts...
bbdb: Done syncing buddy list to contacts.
*** glibc detected *** /usr/bin/evolution: corrupted double-linked list: 0x000000000185fa20 ***
======= Backtrace: =========
/lib64/libc.so.6[0x30b7275676]
/lib64/libc.so.6[0x30b727815a]
/usr/lib64/evolution/2.30/plugins/liborg-gnome-evolution-bbdb.so(+0x4c22)[0x7fffbc28ec22]
/lib64/libglib-2.0.so.0(g_list_foreach+0x1c)[0x30b8a3958c]
/usr/lib64/evolution/2.30/plugins/liborg-gnome-evolution-bbdb.so(+0x4d62)[0x7fffbc28ed62]
/usr/lib64/evolution/2.30/plugins/liborg-gnome-evolution-bbdb.so(+0x5014)[0x7fffbc28f014]
/lib64/libglib-2.0.so.0[0x30b8a64e84]
/lib64/libpthread.so.0[0x30b7607761]
/lib64/libc.so.6(clone+0x6d)[0x30b72e14ed]
======= Memory map: ========
00400000-00404000 r-xp 00000000 08:06 47860                              /usr/bin/evolution
00604000-0060c000 rw-p 00004000 08:06 47860                              /usr/bin/evolution
0060c000-01882000 rw-p 00000000 00:00 0                                  [heap]
30b6c00000-30b6c1e000 r-xp 00000000 08:06 7584                           /lib64/ld-2.12.so
30b6e1e000-30b6e1f000 r--p 0001e000 08:06 7584                           /lib64/ld-2.12.so
30b6e1f000-30b6e20000 rw-p 0001f000 08:06 7584                           /lib64/ld-2.12.so
30b6e20000-30b6e21000 rw-p 00000000 00:00 0 
30b7200000-30b7375000 r-xp 00000000 08:06 7653                           /lib64/libc-2.12.so
30b7375000-30b7575000 ---p 00175000 08:06 7653                           /lib64/libc-2.12.so
30b7575000-30b7579000 r--p 00175000 08:06 7653                           /lib64/libc-2.12.so
30b7579000-30b757a000 rw-p 00179000 08:06 7653                           /lib64/libc-2.12.so
30b757a000-30b757f000 rw-p 00000000 00:00 0 
30b7600000-30b7617000 r-xp 00000000 08:06 7694                           /lib64/libpthread-2.12.so
30b7617000-30b7816000 ---p 00017000 08:06 7694                           /lib64/libpthread-2.12.so
30b7816000-30b7817000 r--p 00016000 08:06 7694                           /lib64/libpthread-2.12.so
30b7817000-30b7818000 rw-p 00017000 08:06 7694                           /lib64/libpthread-2.12.so
30b7818000-30b781c000 rw-p 00000000 00:00 0 
30b7a00000-30b7a02000 r-xp 00000000 08:06 11560                          /lib64/libdl-2.12.so
30b7a02000-30b7c02000 ---p 00002000 08:06 11560                          /lib64/libdl-2.12.so
30b7c02000-30b7c03000 r--p 00002000 08:06 11560                          /lib64/libdl-2.12.so
30b7c03000-30b7c04000 rw-p 00003000 08:06 11560                          /lib64/libdl-2.12.so
30b7e00000-30b7e83000 r-xp 00000000 08:06 8546                           /lib64/libm-2.12.so
30b7e83000-30b8082000 ---p 00083000 08:06 8546                           /lib64/libm-2.12.so
30b8082000-30b8083000 r--p 00082000 08:06 8546                           /lib64/libm-2.12.so
30b8083000-30b8084000 rw-p 00083000 08:06 8546                           /lib64/libm-2.12.so
30b8200000-30b8215000 r-xp 00000000 08:06 9790                           /lib64/libz.so.1.2.3
30b8215000-30b8414000 ---p 00015000 08:06 9790                           /lib64/libz.so.1.2.3
30b8414000-30b8415000 rw-p 00014000 08:06 9790                           /lib64/libz.so.1.2.3
30b8600000-30b8607000 r-xp 00000000 08:06 8161                           /lib64/librt-2.12.so
30b8607000-30b8806000 ---p 00007000 08:06 8161                           /lib64/librt-2.12.so
30b8806000-30b8807000 r--p 00006000 08:06 8161                           /lib64/librt-2.12.so
30b8807000-30b8808000 rw-p 00007000 08:06 8161                           /lib64/librt-2.12.so
30b8a00000-30b8afb000 r-xp 00000000 08:06 11735                          /lib64/libglib-2.0.so.0.2400.1
30b8afb000-30b8cfa000 ---p 000fb000 08:06 11735                          /lib64/libglib-2.0.so.0.2400.1
30b8cfa000-30b8cfc000 rw-p 000fa000 08:06 11735                          /lib64/libglib-2.0.so.0.2400.1
30b8e00000-30b8e1c000 r-xp 00000000 08:06 11573                          /lib64/libselinux.so.1
30b8e1c000-30b901b000 ---p 0001c000 08:06 11573                          /lib64/libselinux.so.1
30b901b000-30b901c000 r--p 0001b000 08:06 11573                          /lib64/libselinux.so.1
30b901c000-30b901d000 rw-p 0001c000 08:06 11573                          /lib64/libselinux.so.1
30b901d000-30b901e000 rw-p 00000000 00:00 0 
30b9200000-30b9204000 r-xp 00000000 08:06 25031                          /lib64/libgthread-2.0.so.0.2400.1
30b9204000-30b9403000 ---p 00004000 08:06 25031                          /lib64/libgthread-2.0.so.0.2400.1
30b9403000-30b9404000 rw-p 00003000 08:06 25031                          /lib64/libgthread-2.0.so.0.2400.1
30b9600000-30b9644000 r-xp 00000000 08:06 25076                          /lib64/libgobject-2.0.so.0.2400.1
30b9644000-30b9844000 ---p 00044000 08:06 25076                          /lib64/libgobject-2.0.so.0.2400.1
30b9844000-30b9846000 rw-p 00044000 08:06 25076                          /lib64/libgobject-2.0.so.0.2400.1
30b9a00000-30b9a16000 r-xp 00000000 08:06 29964                          /lib64/libresolv-2.12.so
30b9a16000-30b9c16000 ---p 00016000 08:06 29964                          /lib64/libresolv-2.12.so
30b9c16000-30b9c17000 r--p 00016000 08:06 29964                          /lib64/libresolv-2.12.so
30b9c17000-30b9c18000 rw-p 00017000 08:06 29964                          /lib64/libresolv-2.12.so
30b9c18000-30b9c1a000 rw-p 00000000 00:00 0 
30b9e00000-30b9e03000 r-xp 00000000 08:06 25123                          /lib64/libgmodule-2.0.so.0.2400.1
30b9e03000-30ba002000 ---p 00003000 08:06 25123                          /lib64/libgmodule-2.0.so.0.2400.1
30ba002000-30ba003000 rw-p 00002000 08:06 25123                          /lib64/libgmodule-2.0.so.0.2400.1
30ba200000-30ba2b0000 r-xp 00000000 08:06 29967                          /lib64/libgio-2.0.so.0.2400.1
30ba2b0000-30ba4b0000 ---p 000b0000 08:06 29967                          /lib64/libgio-2.0.so.0.2400.1
30ba4b0000-30ba4b3000 rw-p 000b0000 08:06 29967                          /lib64/libgio-2.0.so.0.2400.1
30ba4b3000-30ba4b4000 rw-p 00000000 00:00 0 
30ba600000-30ba739000 r-xp 00000000 08:06 23803                          /usr/lib64/libX11.so.6.3.0
30ba739000-30ba939000 ---p 00139000 08:06 23803                          /usr/lib64/libX11.so.6.3.0
30ba939000-30ba93f000 rw-p 00139000 08:06 23803                          /usr/lib64/libX11.so.6.3.0
30baa00000-30baa1b000 r-xp 00000000 08:06 23796                          /usr/lib64/libxcb.so.1.1.0
Program received signal SIGABRT, Aborted.
[Switching to Thread 0x7fffbd094710 (LWP 8598)]
0x00000030b72329a5 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64	  return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig);
Missing separate debuginfos, use: debuginfo-install PackageKit-gtk-module-0.6.6-1.fc13.x86_64 avahi-0.6.25-7.fc13.x86_64 avahi-glib-0.6.25-7.fc13.x86_64 bluez-libs-4.64-1.fc13.x86_64 cyrus-sasl-lib-2.1.23-11.fc13.x86_64 db4-4.8.30-1.fc13.x86_64 gnutls-2.8.6-2.fc13.x86_64 gtk2-engines-2.20.1-1.fc13.x86_64 gvfs-1.6.2-1.fc13.x86_64 hal-libs-0.5.14-3.fc13.x86_64 hunspell-1.2.8-17.fc13.x86_64 keyutils-libs-1.2-6.fc12.x86_64 krb5-libs-1.7.1-10.fc13.x86_64 libXau-1.0.5-1.fc12.x86_64 libXcomposite-0.4.1-2.fc13.x86_64 libXcursor-1.1.10-4.fc13.x86_64 libXdamage-1.1.2-2.fc13.x86_64 libXfixes-4.0.4-2.fc13.x86_64 libXi-1.3.2-1.fc13.x86_64 libXinerama-1.1-2.fc13.x86_64 libcom_err-1.41.10-7.fc13.x86_64 libgcrypt-1.4.5-4.fc13.x86_64 libglade2-2.6.4-3.fc12.x86_64 libgnome-keyring-2.30.1-1.fc13.x86_64 libgpg-error-1.7-1.fc13.x86_64 libogg-1.2.0-1.fc13.x86_64 libpng-1.2.44-1.fc13.x86_64 libselinux-2.0.90-5.fc13.x86_64 libtasn1-2.4-2.fc13.x86_64 libtdb-1.2.1-2.fc13.x86_64 libtool-ltdl-2.2.6-20.fc13.x86_64 libudev-153-2.fc13.x86_64 libusb-0.1.12-22.fc12.x86_64 libvorbis-1.3.1-1.fc13.x86_64 nss-softokn-3.12.6-3.fc13.x86_64 nss-softokn-freebl-3.12.6-3.fc13.x86_64 openssl-1.0.0a-1.fc13.x86_64 pixman-0.18.0-1.fc13.x86_64 xcb-util-0.3.6-1.fc12.x86_64
(gdb) thread apply all bt
bt_compidtostr              bt_free@plt                 btowc                       btreeGetPage                btreeMoveto                 btreeRestoreCursorPosition
bt_error                    bt_malloc                   btowc@plt                   btreeInitPage               btreeParseCell              
bt_free                     bt_malloc@plt               btreeEndTransaction         btreeInvokeBusyHandler      btreeParseCellPtr           
(gdb) thread apply all bt

+ Trace 223191

Thanks for a bug report. I can reproduce it too, valgrind identified this as:
==3056== Thread 16:
==3056== Invalid free() / delete / delete[]
==3056==    at 0x40057F6: free (vg_replace_malloc.c:325)
==3056==    by 0x501334E: g_free (gmem.c:204)
==3056==    by 0x11CBFAA6: free_gaim_body (gaimbuddies.c:510)
==3056==    by 0x5008055: g_list_foreach (glist.c:917)
==3056==    by 0x11CBFAF7: free_buddy_list (gaimbuddies.c:518)
==3056==    by 0x11CBEF70: bbdb_sync_buddy_list_in_thread (gaimbuddies.c:268)
==3056==    by 0x5038979: g_thread_create_proxy (gthread.c:1897)
==3056==    by 0xB29AB4: start_thread (pthread_create.c:297)
==3056==    by 0xA8083D: clone (clone.S:130)
==3056==  Address 0x6ed4ae0 is 0 bytes inside a block of size 10 free'd
==3056==    at 0x40057F6: free (vg_replace_malloc.c:325)
==3056==    by 0x501334E: g_free (gmem.c:204)
==3056==    by 0x11CBF610: bbdb_merge_buddy_to_contact (gaimbuddies.c:395)
==3056==    by 0x11CBEE84: bbdb_sync_buddy_list_in_thread (gaimbuddies.c:248)
==3056==    by 0x5038979: g_thread_create_proxy (gthread.c:1897)
==3056==    by 0xB29AB4: start_thread (pthread_create.c:297)
==3056==    by 0xA8083D: clone (clone.S:130)

Created attachment 169933 [details] [review]
evo patch

for evolution;

This fixes it. The list was freed properly for values from the EContact, but incorrectly when there was added the ICQ account for the body.

Created commit a96676f in evo master (2.31.92+)

Cheers, is there an updated package available for Fedora that I can try out, or do I revert to building from source for a while?

No package for Fedora 13, as a workaround is to disable synchronization with pidgin in Edit->Preferences->Mail Preferences, tab Automatic Contacts. For Fedora 14 there will be a build after today's release of 2.31.92.

I guess I'll do that then, rather that than have the bloody icon for bug reporting pop up all the time.

*** Bug 615752 has been marked as a duplicate of this bug. ***