Bug 616318 – Don't use an unitialized key in folder_changed_remove_uid

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 616318 - Don't use an unitialized key in folder_changed_remove_uid


Summary:	Don't use an unitialized key in folder_changed_remove_uid


Status:	RESOLVED FIXED

Product:	evolution-data-server
Classification:	Platform
Component:	Mailer
Version:	2.28.x (obsolete)
Hardware:	Other Linux

Importance:	Normal critical
Target Milestone:	---
Assigned To:	evolution-mail-maintainers
QA Contact:	Evolution QA team

URL:
Whiteboard:

Duplicates:	586520 (view as bug list)
Depends on:
Blocks:

Reported:	2010-04-20 17:15 UTC by Claudio Saavedra
Modified:	2010-04-27 11:07 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
[PATCH] Don't use an unitialized key in folder_changed_remove_uid() (651 bytes, patch) 2010-04-21 08:15 UTC, Claudio Saavedra	committed	Details \| Review

Description Claudio Saavedra 2010-04-20 17:15:44 UTC

Stacktrace:

+ Trace 221479

Thread 10570 (Thread 0x97a3fb70 (LWP 25090))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 ??
from /usr/lib/libcamel-1.2.so.14
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 10560 (Thread 0xa25ffb70 (LWP 25079))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_timedwait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_timedwait.S line 179
#2 g_cond_timed_wait_posix_impl
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/gthread/gthread-posix.c line 242
#3 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 365
#4 IA__g_async_queue_timed_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 491
#5 g_thread_pool_wait_for_new_pool
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthreadpool.c line 171
#6 g_thread_pool_thread_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthreadpool.c line 374
#7 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#8 start_thread
at pthread_create.c line 300
#9 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 10550 (Thread 0x9aeffb70 (LWP 25068))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 __lll_unlock_wake
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/lowlevellock.S line 378
#2 _L_unlock_634
from /lib/i686/cmov/libpthread.so.0
#3 __pthread_mutex_unlock_usercnt
at pthread_mutex_unlock.c line 52
#4 camel_folder_summary_check_uid
from /usr/lib/libcamel-provider-1.2.so.14
#5 ??
from /usr/lib/libcamel-provider-1.2.so.14
#6 camel_folder_summary_uid
from /usr/lib/libcamel-provider-1.2.so.14
#7 ??
from /usr/lib/libcamel-provider-1.2.so.14
#8 camel_folder_get_message_info
from /usr/lib/libcamel-provider-1.2.so.14
#9 camel_folder_thread_messages_apply
from /usr/lib/libcamel-provider-1.2.so.14
#10 regen_list_exec
at message-list.c line 4180
#11 mail_msg_proxy
at mail-mt.c line 522
#12 g_thread_pool_thread_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthreadpool.c line 315
#13 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#14 start_thread
at pthread_create.c line 300
#15 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 10548 (Thread 0x9ba0eb70 (LWP 25063))

#0 IA__g_str_hash
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gstring.c line 134
#1 g_hash_table_lookup_node
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/ghash.c line 309
#2 IA__g_hash_table_lookup_extended
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/ghash.c line 932
#3 camel_folder_change_info_add_uid
from /usr/lib/libcamel-provider-1.2.so.14
#4 ??
from /usr/lib/libcamel-provider-1.2.so.14
#5 ??
from /usr/lib/libcamel-provider-1.2.so.14
#6 ??
from /usr/lib/libcamel-provider-1.2.so.14
#7 g_thread_pool_thread_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthreadpool.c line 315
#8 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#9 start_thread
at pthread_create.c line 300
#10 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 5614 (Thread 0xb3b6eb70 (LWP 31584))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 *__GI___poll
at ../sysdeps/unix/sysv/linux/poll.c line 87
#2 IA__g_poll
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gpoll.c line 127
#3 g_main_context_poll
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2904
#4 g_main_context_iterate
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2586
#5 IA__g_main_loop_run
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2799
#6 ??
from /usr/lib/libORBit-2.so.0
#7 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#8 start_thread
at pthread_create.c line 300
#9 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 5613 (Thread 0xa15fdb70 (LWP 31583))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 *__GI___poll
at ../sysdeps/unix/sysv/linux/poll.c line 87
#2 IA__g_poll
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gpoll.c line 127
#3 g_main_context_poll
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2904
#4 g_main_context_iterate
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2586
#5 IA__g_main_loop_run
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2799
#6 ??
from /usr/lib/libebook-1.2.so.9
#7 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#8 start_thread
at pthread_create.c line 300
#9 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 15 (Thread 0xace9fb70 (LWP 29732))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 ??
from /usr/lib/libcamel-1.2.so.14
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 14 (Thread 0xad6a0b70 (LWP 29731))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 ??
from /usr/lib/libcamel-1.2.so.14
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 11 (Thread 0xb1ffbb70 (LWP 29728))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 ??
from /usr/lib/libcamel-1.2.so.14
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 9 (Thread 0xb27fcb70 (LWP 29726))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 ??
from /usr/lib/libcamel-1.2.so.14
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 8 (Thread 0xb2ffdb70 (LWP 29725))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 ??
from /usr/lib/libcamel-1.2.so.14
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 7 (Thread 0xb37feb70 (LWP 29724))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 ??
from /usr/lib/libcamel-1.2.so.14
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 4 (Thread 0xb519bb70 (LWP 29721))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 ??
from /usr/lib/libcamel-1.2.so.14
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 3 (Thread 0xb599cb70 (LWP 29720))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 ??
from /usr/lib/libcamel-1.2.so.14
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 1 (Thread 0xb6290760 (LWP 29688))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 *__GI___poll
at ../sysdeps/unix/sysv/linux/poll.c line 87
#2 IA__g_poll
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gpoll.c line 127
#3 g_main_context_poll
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2904
#4 g_main_context_iterate
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2586
#5 IA__g_main_loop_run
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2799
#6 bonobo_main
from /usr/lib/libbonobo-2.so.0
#7 main
at main.c line 732

Comment 1 Akhil Laddha 2010-04-21 03:43:11 UTC

could be a dupe of bug 586520

Could you please install debug info packages of evolution-data-server, evolution and provide us better traces, tia.

Comment 2 Claudio Saavedra 2010-04-21 07:28:28 UTC

+ Trace 221490

Thread 612 (Thread 0xb45ffb70 (LWP 4267))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 sync_request_thread_cb
at camel-db.c line 78
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 596 (Thread 0xae69cb70 (LWP 4248))

#0 IA__g_str_hash
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gstring.c line 134
#1 g_hash_table_lookup_node
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/ghash.c line 309
#2 IA__g_hash_table_lookup_extended
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/ghash.c line 932
#3 camel_folder_change_info_add_uid
at camel-folder.c line 2434
#4 folder_changed_remove_uid
at camel-vee-folder.c line 1402
#5 folder_changed_change
at camel-vee-folder.c line 1630
#6 session_thread_proxy
at camel-session.c line 592
#7 g_thread_pool_thread_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthreadpool.c line 315
#8 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#9 start_thread
at pthread_create.c line 300
#10 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 592 (Thread 0xaba11b70 (LWP 4243))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 select
from /lib/i686/cmov/libc.so.6
#2 socket_connect
at camel-tcp-stream-raw.c line 361
#3 stream_connect
at camel-tcp-stream-raw.c line 411
#4 camel_tcp_stream_connect
at camel-tcp-stream.c line 106
#5 connect_to_server
at camel-imap-store.c line 577
#6 connect_to_server_wrapper
at camel-imap-store.c line 984
#7 imap_connect
at camel-imap-store.c line 1412
#8 camel_service_connect
at camel-service.c line 364
#9 camel_imap_store_connected
at camel-imap-store.c line 3009
#10 replay_offline_journal
at camel-imap-folder.c line 249
#11 imap_sync
at camel-imap-folder.c line 1410
#12 camel_folder_sync
at camel-folder.c line 321
#13 refresh_folders_exec
at mail-send-recv.c line 829
#14 mail_msg_proxy
at mail-mt.c line 522
#15 g_thread_pool_thread_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthreadpool.c line 315
#16 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#17 start_thread
at pthread_create.c line 300
#18 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 16 (Thread 0xad69ab70 (LWP 2584))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 sync_request_thread_cb
at camel-db.c line 78
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 15 (Thread 0xade9bb70 (LWP 2583))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 sync_request_thread_cb
at camel-db.c line 78
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 11 (Thread 0xaeea3b70 (LWP 2577))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 sync_request_thread_cb
at camel-db.c line 78
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 10 (Thread 0xafa12b70 (LWP 2576))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 sync_request_thread_cb
at camel-db.c line 78
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 9 (Thread 0xb2dfcb70 (LWP 2575))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 sync_request_thread_cb
at camel-db.c line 78
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 7 (Thread 0xb35fdb70 (LWP 2573))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 sync_request_thread_cb
at camel-db.c line 78
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 4 (Thread 0xb519bb70 (LWP 2570))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 sync_request_thread_cb
at camel-db.c line 78
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 3 (Thread 0xb599cb70 (LWP 2569))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 pthread_cond_wait
at ../nptl/sysdeps/unix/sysv/linux/i386/i686/../i486/pthread_cond_wait.S line 122
#2 g_async_queue_pop_intern_unlocked
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 358
#3 IA__g_async_queue_pop
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gasyncqueue.c line 398
#4 sync_request_thread_cb
at camel-db.c line 78
#5 g_thread_create_proxy
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gthread.c line 1893
#6 start_thread
at pthread_create.c line 300
#7 clone
at ../sysdeps/unix/sysv/linux/i386/clone.S line 130

Thread 1 (Thread 0xb6290760 (LWP 2540))

#0 _dl_sysinfo_int80
from /lib/ld-linux.so.2
#1 *__GI___poll
at ../sysdeps/unix/sysv/linux/poll.c line 87
#2 IA__g_poll
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gpoll.c line 127
#3 g_main_context_poll
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2904
#4 g_main_context_iterate
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2586
#5 IA__g_main_loop_run
at /build/buildd-glib2.0_2.24.0-1-i386-o5zIuQ/glib2.0-2.24.0/glib/gmain.c line 2799
#6 bonobo_main
from /usr/lib/libbonobo-2.so.0
#7 main
at main.c line 732

Comment 3 Claudio Saavedra 2010-04-21 07:33:19 UTC

Stacktrace has nothing to do with bug 586520. Unless, of course, you think the underlying cause is the same.

Comment 4 Claudio Saavedra 2010-04-21 07:41:12 UTC

The suspicious bits are in

+ Trace 221491

#3 camel_folder_change_info_add_uid


0xbe30 is out of bounds and, however, uid is passed as a lookup key to g_hash_table_lookup_extended().

Comment 5 Claudio Saavedra 2010-04-21 07:56:53 UTC

The suspicious code is this:

if (g_hash_table_lookup_extended (unmatched_uids, vuid, (gpointer *)&oldkey, &oldval)) {
        n = GPOINTER_TO_INT (oldval);
        if (n == 1) {
                g_hash_table_remove (unmatched_uids, oldkey);
                if (vee_folder_add_uid_test (folder_unmatched, sub, uid, hash))
                        camel_folder_change_info_add_uid (folder_unmatched->changes, oldkey);
                g_free (oldkey);
        } else {
                g_hash_table_insert (unmatched_uids, oldkey, GINT_TO_POINTER (n-1));
        }
} else {
        if (vee_folder_add_uid_test (folder_unmatched, sub, uid, hash))
                camel_folder_change_info_add_uid (folder_unmatched->changes, oldkey);
}

g_hash_table_lookup_extended() returns FALSE when the key is not found, and hence the oldkey will not be set. That's why I suspect oldkey is uninitialized when camel_folder_change_info_add_uid() is called.

Comment 6 Claudio Saavedra 2010-04-21 08:00:16 UTC

Moving to eds.

Comment 7 Claudio Saavedra 2010-04-21 08:15:22 UTC

Created attachment 159235 [details] [review]
[PATCH] Don't use an unitialized key in folder_changed_remove_uid()


If g_hash_table_lookup_extended() returns FALSE, then the oldkey
is unset, so don't use it to insert a new item in the hash table.

Fixes bug 616318.
---
 camel/camel-vee-folder.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

Comment 8 Claudio Saavedra 2010-04-21 08:15:54 UTC

Above patch is untested but you get the idea.

Comment 9 Milan Crha 2010-04-27 10:59:34 UTC

Thanks for a bug report and the patch. The change makes sense, good catch with it.

By the way, Akhil has right, it's the same issue, your lines are just slightly moved due to (I guess) newer sources. Nonetheless, here's the patch, so the older bug will be marked as a duplicate of this.

Comment 10 Milan Crha 2010-04-27 11:06:33 UTC

Created commit c5bbcdc in eds master (2.31.1+)
Created commit 134b84e in eds gnome-2-30 (2.30.2+)

Comment 11 Milan Crha 2010-04-27 11:07:16 UTC

*** Bug 586520 has been marked as a duplicate of this bug. ***