GNOME Bugzilla – Bug 438142
crash when rewriting folder summary/index (summary_update at camel-mbox-summary.c:502)
Last modified: 2013-05-30 18:45:41 UTC
What were you doing when the application crashed? Nothing. Left the computer alone and got this when I unlocked the screen Distribution: Fedora release 6.93 (Rawhide) Gnome Release: 2.18.0 2007-03-23 (Red Hat, Inc) BugBuddy Version: 2.18.0 System: Linux 2.6.21-1.3142.fc7 #1 SMP Mon May 7 21:14:09 EDT 2007 i686 X Vendor: The X.Org Foundation X Vendor Release: 10300000 Selinux: No Accessibility: Disabled GTK+ Theme: Clearlooks Icon Theme: Echo Memory status: size: 476704768 vsize: 476704768 resident: 279154688 share: 20647936 rss: 279154688 rss_rlim: 4294967295 CPU usage: start_time: 1179070339 rtime: 8592 utime: 5326 stime: 3266 cutime:1 cstime: 9 timeout: 0 it_real_value: 0 frequency: 100 Backtrace was generated from '/usr/bin/evolution' Using host libthread_db library "/lib/libthread_db.so.1". [Thread debugging using libthread_db enabled] [New Thread -1208633632 (LWP 2933)] [New Thread -1263920240 (LWP 16830)] [New Thread -1295795312 (LWP 14244)] [New Thread -1282606192 (LWP 3094)] [New Thread -1284904048 (LWP 2967)] 0x009be402 in __kernel_vsyscall ()
+ Trace 133963
Thread 2 (Thread -1263920240 (LWP 16830))
----------- .xsession-errors (145 sec old) --------------------- start play /usr/share/monkey-bubble/sounds/splash.ogg start play /usr/share/monkey-bubble/sounds/splash.ogg start play /usr/share/monkey-bubble/sounds/game.ogg start play /usr/share/monkey-bubble/sounds/splash.ogg start play /usr/share/monkey-bubble/sounds/game.ogg start play /usr/share/monkey-bubble/sounds/splash.ogg ** Message: <info> Du er nå koblet til trådløst nettverk «Lothlorien». (evolution:2933): e-data-server-ui-DEBUG: ep_msg_send: in main thread? 0 start play /usr/share/monkey-bubble/sounds/splash.ogg (evolution:2933): camel-local-provider-WARNING **: Didn't get the next message where I expected (474144295) got 474159020 instead (evolution:2933): camel-local-provider-WARNING **: Summary doesn't match the folder contents! eek! expecting offset 79507713 got 79511173, state = 2 --------------------------------------------------
Ran it under valgrind and got this: ==4520== Thread 3: ==4520== Invalid read of size 1 ==4520== at 0x41D3B0B: camel_index_add_name (camel-index.c:183) ==4520== by 0x422FD29: camel_folder_summary_info_new_from_parser (camel-folder-summary.c:1015) ==4520== by 0x422FF3B: camel_folder_summary_add_from_parser (camel-folder-summary.c:920) ==4520== by 0xB1613E7: summary_update (camel-mbox-summary.c:485) ==4520== by 0xB161D92: mbox_summary_check (camel-mbox-summary.c:572) ==4520== by 0xB15BAA6: camel_local_summary_check (camel-local-summary.c:268) ==4520== by 0xB15D567: mbox_append_message (camel-mbox-folder.c:203) ==4520== by 0x4234F69: camel_folder_append_message (camel-folder.c:648) ==4520== by 0x422888F: do_move (camel-filter-driver.c:546) ==4520== by 0x44B1130: e_sexp_term_eval (e-sexp.c:710) ==4520== by 0x44B1294: term_eval_begin (e-sexp.c:654) ==4520== by 0x44B1178: e_sexp_term_eval (e-sexp.c:700) ==4520== by 0x44B11FF: e_sexp_eval (e-sexp.c:1306) ==4520== by 0x422673B: camel_filter_driver_filter_message (camel-filter-driver.c:1461) ==4520== by 0x4226D7E: camel_filter_driver_filter_folder (camel-filter-driver.c:1279) ==4520== by 0xA13DAB5: em_filter_folder_element_filter (mail-ops.c:140) ==4520== by 0xA13DDB6: fetch_mail_fetch (mail-ops.c:325) ==4520== by 0xA139222: mail_msg_proxy (mail-mt.c:484) ==4520== by 0x5067E67: g_thread_pool_thread_proxy (gthreadpool.c:265) ==4520== by 0x506649E: g_thread_create_proxy (gthread.c:591) ==4520== by 0x43D72DA: start_thread (in /lib/libpthread-2.5.90.so) ==4520== by 0x518C83D: clone (in /lib/libc-2.5.90.so) ==4520== Address 0x28 is not stack'd, malloc'd or (recently) free'd
Looks like the crash is in Thread 2, Frame #6. camel-mbox-summary.c:502: if (mi->info.info.flags & CAMEL_MESSAGE_FOLDER_NOTSEEN) { The 'mi' pointer is non-NULL according to the stack trace, but it could be dangling. Not sure what to make of the valgrind output.
==4520== at 0x41D3B0B: camel_index_add_name (camel-index.c:183) ==4520== by 0x422FD29: camel_folder_summary_info_new_from_parser (camel-folder-summary.c:1015) ==4520== by 0x422FF3B: camel_folder_summary_add_from_parser (camel-folder-summary.c:920) these functions are crashers for bug 339602.
*** Bug 432574 has been marked as a duplicate of this bug. ***
there is a similar crash on https://bugs.launchpad.net/evolution/+bug/259437 using GNOME 2.23.90
*** Bug 565380 has been marked as a duplicate of this bug. ***
*** Bug 603750 has been marked as a duplicate of this bug. ***
Downstream bug report about the same in 2.32.0: https://bugzilla.redhat.com/show_bug.cgi?id=649999
No new reports in a few years so I'm closing this.