GNOME Bugzilla – Bug 606316
Mail with an attachment in a Junk folder crashes Evo
Last modified: 2013-09-14 16:53:50 UTC
Actually now that I look this is probably a bug for evolution-data-server, but I've already entered it so... I'm using a Dovecot IMAP server with Evo built from the latest git. When I get mail with an attachment in my Junk folder, Evo crashes (maybe just when I try to view that mail?) Backtrace and some debug info is below. Milan writes on evolution-hackers: Oh, my fault, IMAP with mail with an attachment in junk folder. I can reproduce it too, with a message as an attachment. Please file a bug report about it. Thanks. Debug info: ----------- Here's some stack info, followed by a bit of spelunking. It looks like the results returned from camel_folder_summary_uid() in efhd_attachment_button() are bogus; we're getting back a CamelMessageInfo pointer which looks OK, but then when we cast it into a CamelMessageInfoBase we see the rest of the structure it points to seems to be garbage. This has happened to me before (recently) as well. That time I was able to get into the junk folder and delete/expunge and it was fixed. If this doesn't seem familiar to anyone I'll file a bug report. Does anyone want more details than this? I'm willing to provide them! Core was generated by `/opt/evo-master/bin/evolution'. Program terminated with signal 11, Segmentation fault.
+ Trace 219949
(gdb) l 807 808 /* FIXME: handle default shown case */ 809 d(printf("adding attachment button/content\n")); 810 811 mi = camel_folder_summary_uid (emf->folder->summary, emf->uid); 812 ci = camel_folder_summary_guess_content_info (mi, ((CamelDataWrapper *)pobject->part)->mime_type); 813 if (ci) { 814 size = ci->size; 815 /* what if its not encoded in base64 ? is it a case to consider? */ 816 if (ci->encoding && !g_ascii_strcasecmp (ci->encoding, "base64")) (gdb) p *emf->folder->summary $10 = {parent = {klass = 0x7f05980251c0, magic = 2007188717, hooks = 0x0, ref_count = 1, flags = 0, next = 0x1dc3210, prev = 0x1dc3410}, priv = 0x7f05980afdb0, version = 13, flags = 1, nextuid = 0, time = 0, saved_count = 0, unread_count = 8, deleted_count = 0, junk_count = 9, junk_not_deleted_count = 9, visible_count = 0, message_info_size = 48, content_info_size = 0, message_info_chunks = 0x0, content_info_chunks = 0x0, summary_path = 0x0, build_content = 0, uids = 0x1c40aa0, loaded_infos = 0x1c41940, folder = 0x1dcddd0, meta_summary = 0x7f05980ae640, cache_load_time = 0, timeout_handle = 0, collate = 0x0, sort_by = 0x0, later = {0x0, 0x0, 0x0, 0x0}} (gdb) p *emf->uid $11 = 52 '4'
Created attachment 150982 [details] [review] eds patch for evolution-data-server; This is enough to let it work properly. What Chen overlooked is a fact the virtual folder's CamelMessageInfo-s are proxies to real message infos, thus one cannot access its internal members directly. I guess this all will be fixed once for ever on camel move to GObject.
Created attachment 150984 [details] [review] evo patch for evolution; but with this it's even better, as not accessing other private member, not leaking message infos, not using uninitialized memory, and checking availability of the message info in a summary (it returned mi=NULL when I "not junk" a message and it moved itself on the next one).
Created commit 93f3612 in eds master (2.29.5+) Created commit d52040f in evo master (2.29.5+)
OK I got the latest git and rebuilt. I'll let you know if I see this again.
*** Bug 606065 has been marked as a duplicate of this bug. ***
It wasn't fixed completely, see bug #606811