After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 665125 - [abrt] Crash under camel-folder-summary.c:remove_cache()
[abrt] Crash under camel-folder-summary.c:remove_cache()
Status: RESOLVED OBSOLETE
Product: evolution-data-server
Classification: Platform
Component: Mailer
3.12.x (obsolete)
Other Linux
: Normal critical
: ---
Assigned To: evolution-mail-maintainers
Evolution QA team
: 741748 742420 (view as bug list)
Depends on:
Blocks:
 
 
Reported: 2011-11-29 11:29 UTC by Milan Crha
Modified: 2018-12-11 16:56 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Milan Crha 2011-11-29 11:29:18 UTC 
Moving this from a downstream bug report:
https://bugzilla.redhat.com/show_bug.cgi?id=757809

libreport version: 2.0.7
abrt_version:   2.0.6
backtrace_rating: 4
cmdline:        evolution
comment:        No idea, Evolution was open and crashed all of a sudden.
crash_function: mTRIm
executable:     /usr/bin/evolution
kernel:         3.1.1-2.fc16.i686.PAE
reason:         Process /usr/bin/evolution was killed by signal 11 (SIGSEGV)
time:           Mon 28 Nov 2011 01:33:03 PM EST
xsession_errors: ** (evolution:1864): CRITICAL **: send_dbus_message: assertion
`display_name != NULL' failed

Core was generated by `evolution'.
Program terminated with signal 11, Segmentation fault.

+ Trace 229168

Thread 16 (Thread 0xb765fb40 (LWP 1866))

  • #0 __kernel_vsyscall
  • #1 read
    at ../sysdeps/unix/syscall-template.S line 82
  • #2 read
    at /usr/include/bits/unistd.h line 45
  • #3 unix_signal_helper_thread
    at gmain.c line 4551
  • #4 g_thread_create_proxy
    at gthread.c line 1962
  • #5 start_thread
    at pthread_create.c line 309
  • #6 tee
    at ../sysdeps/unix/syscall-template.S line 83
  • #7 ?? 






Comment 1


Milan Crha





          2015-01-07 11:20:33 UTC
        



*** Bug 741748 has been marked as a duplicate of this bug. ***






Comment 2


Milan Crha





          2015-01-07 11:21:36 UTC
        






+
Trace
    234518






Thread 1
          (Thread 0x7f04dd7fa700 (LWP 19264))


    

  • 
#0
raise

    
                from
                /lib64/libc.so.6

    

    • 

  • 
#1
abort

    
                from
                /lib64/libc.so.6

    

    • 

  • 
#2
??

    
                from
                /lib64/libc.so.6

    

    • 

  • 
#3
??

    
                from
                /lib64/libc.so.6

    

    • 

  • 
#4
??

    
                from
                /lib64/libc.so.6

    

    • 

  • 
#5
camel_content_type_unref

    
                at camel-mime-utils.c
                  line
                  2490

    

    • 

  • 
#6
content_info_free

    
                at camel-folder-summary.c
                  line
                  3767

    

    • 

  • 
#7
camel_folder_summary_content_info_free

    
                at camel-folder-summary.c
                  line
                  3212

    

    • 

  • 
#8
camel_message_info_unref

    
                at camel-folder-summary.c
                  line
                  4531

    

    • 

  • 
#9
g_slist_foreach

    
                at /var/tmp/portage/dev-libs/glib-2.40.2/work/glib-2.40.2/glib/gslist.c
                  line
                  877

    

    • 

  • 
#10
remove_cache

    
                at camel-folder-summary.c
                  line
                  2108

    

    • 

  • 
#11
session_do_job_cb

    
                at camel-session.c
                  line
                  197

    

    • 

  • 
#12
g_task_thread_pool_thread

    
                at /var/tmp/portage/dev-libs/glib-2.40.2/work/glib-2.40.2/gio/gtask.c
                  line
                  1213

    

    • 

  • 
#13
g_thread_pool_thread_proxy

    
                at /var/tmp/portage/dev-libs/glib-2.40.2/work/glib-2.40.2/glib/gthreadpool.c
                  line
                  307

    

    • 

  • 
#14
g_thread_proxy

    
                at /var/tmp/portage/dev-libs/glib-2.40.2/work/glib-2.40.2/glib/gthread.c
                  line
                  764

    

    • 

  • 
#15
start_thread

    
                from
                /lib64/libpthread.so.0

    

    • 

  • 
#16
clone

    
                from
                /lib64/libc.so.6

    

    • 













Comment 3


Milan Crha





          2015-01-07 15:01:57 UTC
        



*** Bug 742420 has been marked as a duplicate of this bug. ***






Comment 4


Paul Menzel





          2015-01-07 21:45:21 UTC
        



Any idea, what might cause this?

For now I haven’t been able to reproduce this when running Evolution under GDB, so it could be a timing issue? But I have no idea what effects GDB has on the running program.






Comment 5


Milan Crha





          2015-02-10 14:58:27 UTC
        



It looks like a memory corruption to me. The IMAP is the only built-in provider which uses the build-content property of the CamelFolderSummary, but it doesn't seem to be used in any useful way in the code, at least according to my brief searching.

I'd guess that some part of the code wrote somewhere where it should not, this time inside the message info, and it later caused this crash. It could write even in the message info which didn't have the value filled, made it pretend to have one and then free some garbage memory.






Comment 6


Milan Crha





          2018-12-11 16:56:14 UTC
        



I'm closing this as obsolete, but feel free to reopen or comment in case you can reproduce with the current 3.30.x stable series.