After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 683524 - *** glibc detected *** evolution: free(): invalid pointer: 0xff84f860 ***
*** glibc detected *** evolution: free(): invalid pointer: 0xff84f860 ***
Status: RESOLVED INCOMPLETE
Product: evolution
Classification: Applications
Component: Mailer
3.4.x (obsolete)
Other Linux
: Normal major
: ---
Assigned To: evolution-mail-maintainers
Evolution QA team
Depends on:
Blocks:
 
 
Reported: 2012-09-06 19:06 UTC by Paul Menzel
Modified: 2017-07-29 18:17 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
G_SLICE=always-malloc valgrind --num-callers=50 evolution &>20121019--evolution-valgrind.log (102.73 KB, text/plain)
2012-10-19 12:59 UTC, Paul Menzel 		Details

Description Paul Menzel 2012-09-06 19:06:47 UTC 
Using Evolution 3.4.3 from Debian Sid/unstable composing a message and choosing the From address, it crashed. The following was printed to the terminal.

(evolution:4307): GLib-WARNING **: GError set over the top of a previous GError or uninitialized memory.
This indicates a bug in someone's code. You must ensure an error is NULL before it's set.
The overwriting error message was: Server-Verbindung wurde unerwartet getrennt
*** glibc detected *** evolution: free(): invalid pointer: 0xff84f860 ***
======= Backtrace: =========
/lib/i386-linux-gnu/i686/cmov/libc.so.6(+0x6e3b1)[0xf6ca03b1]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(+0x6fc18)[0xf6ca1c18]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(cfree+0x6d)[0xf6ca4ccd]
/lib/i386-linux-gnu/libglib-2.0.so.0(+0x4f6fb)[0xf6df86fb]
[0x8b142474]
======= Memory map: ========
d575e000-d66f3000 r--p 00000000 fd:03 426226                             /usr/share/fonts/truetype/unifont/unifont.ttf
d66f3000-d66f4000 ---p 00000000 00:00 0 
d66f4000-d6ef4000 rw-p 00000000 00:00 0 
d78fd000-d78fe000 ---p 00000000 00:00 0 
d78fe000-d80fe000 rw-p 00000000 00:00 0 
d80fe000-d80ff000 ---p 00000000 00:00 0 
d80ff000-d88ff000 rw-p 00000000 00:00 0 
d9100000-d9300000 rw-p 00000000 00:00 0 
d9300000-d9500000 rw-p 00000000 00:00 0 
d9500000-d9600000 rw-p 00000000 00:00 0 
d9600000-d96fe000 rw-p 00000000 00:00 0 
d96fe000-d9700000 ---p 00000000 00:00 0 
d9700000-d9900000 rw-p 00000000 00:00 0 
d9900000-d9b00000 rw-p 00000000 00:00 0 
d9b00000-d9bf1000 rw-p 00000000 00:00 0 
d9bf1000-d9c00000 ---p 00000000 00:00 0 
d9c00000-d9d00000 rw-p 00000000 00:00 0 
d9d00000-d9de8000 rw-p 00000000 00:00 0 
d9de8000-d9e00000 ---p 00000000 00:00 0 
da700000-da7c1000 rw-p 00000000 00:00 0 
da7c1000-da800000 ---p 00000000 00:00 0 
da800000-da900000 rw-p 00000000 00:00 0 
da900000-daa00000 rw-p 00000000 00:00 0 
daa00000-dab00000 rw-p 00000000 00:00 0 
dab00000-dac00000 rw-p 00000000 00:00 0 
dac00000-dad00000 rw-p 00000000 00:00 0 
dad00000-dae00000 rw-p 00000000 00:00 0 
daf00000-db000000 rw-p 00000000 00:00 0 
db000000-db100000 rw-p 00000000 00:00 0 
db100000-db200000 rw-p 00000000 00:00 0 
db200000-db2ff000 rw-p 00000000 00:00 0 
db2ff000-db300000 ---p 00000000 00:00 0 
db300000-db400000 rw-p 00000000 00:00 0 
db500000-db6cf000 rw-p 00000000 00:00 0 
db6cf000-db700000 ---p 00000000 00:00 0 
db700000-db800000 rw-p 00000000 00:00 0 
db800000-db900000 rw-p 00000000 00:00 0 
db900000-dbb00000 rw-p 00000000 00:00 0 
dbb00000-dbd00000 rw-p 00000000 00:00 0 
dbd00000-dbe00000 rw-p 00000000 00:00 0 
dc2c6000-dc500000 r--s 00000000 fd:04 262410                             /var/lib/aspell/en-common.rws
dc500000-dc600000 rw-p 00000000 00:00 0 
dc700000-dc900000 rw-p 00000000 00:00 0 
dc900000-dcb00000 rw-p 00000000 00:00 0 
dcb00000-dcc00000 rw-p 00000000 00:00 0 
dcc00000-dcd00000 rw-p 00000000 00:00 0 
dcd00000-dcde1000 rw-p 00000000 00:00 0 
dcde1000-dce00000 ---p 00000000 00:00 0 
dcf00000-dd100000 rw-p 00000000 00:00 0 
dd100000-dd2fe000 rw-p 00000000 00:00 0 
dd2fe000-dd300000 ---p 00000000 00:00 0 
dd300000-dd400000 rw-p 00000000 00:00 0 
dd500000-dd600000 rw-p 00000000 00:00 0 
dd6f8000-ddf00000 rw-p 00000000 00:00 0 
ddf00000-ddfe6000 rw-p 00000000 00:00 0 
ddfe6000-de000000 ---p 00000000 00:00 0 
de000000-de100000 rw-p 00000000 00:00 0 
de100000-de300000 rw-p 00000000 00:00 0 
de300000-de500000 rw-p 00000000 00:00 0 
de500000-de5cb000 rw-p 00000000 00:00 0 
de5cb000-de600000 ---p 00000000 00:00 0 
de600000-de700000 rw-p 00000000 00:00 0 
de700000-de900000 rw-p 00000000 00:00 0 
de900000-dea00000 rw-p 00000000 00:00 0 
dea00000-deaf6000 rw-p 00000000 00:00 0 
deaf6000-deb00000 ---p 00000000 00:00 0 
deb00000-dec00000 rw-p 00000000 00:00 0 
decf9000-df1fa000 rw-p 00000000 00:00 0 
df1fa000-df1fb000 ---p 00000000 00:00 0 
df1fb000-df9fb000 rw-p 00000000 00:00 0 
df9fe000-e0200000 rw-p 00000000 00:00 0 
e0200000-e03f9000 rw-p 00000000 00:00 0 
e03f9000-e0400000 ---p 00000000 00:00 0 
e0400000-e0500000 rw-p 00000000 00:00 0 
e0500000-e0600000 rw-p 00000000 00:00 0 
e0600000-e0800000 rw-p 00000000 00:00 0 
e0800000-e0a00000 rw-p 00000000 00:00 0 
e0a00000-e0c00000 rw-p 00000000 00:00 0 
e0c00000-e0e00000 rw-p 00000000 00:00 0 
e0e00000-e0ffe000 rw-p 00000000 00:00 0 
e0ffe000-e1000000 ---p 00000000 00:00 0 
e1000000-e1100000 rw-p 00000000 00:00 0 
e1200000-e1400000 rw-p 00000000 00:00 0 
e1400000-e15f2000 rw-p 00000000 00:00 0 
e15f2000-e1600000 ---p 00000000 00:00 0 
e1600000-e17f0000 rw-p 00000000 00:00 0 
e17f0000-e1800000 ---p 00000000 00:00 0 
e1800000-e1a00000 rw-p 00000000 00:00 0 
e1a00000-e1b00000 rw-p 00000000 00:00 0 
e1b00000-e1bff000 rw-p 00000000 00:00 0 
e1bff000-e1c00000 ---p 00000000 00:00 0 
e1c00000-e1cff000 rw-p 00000000 00:00 0 
e1cff000-e1d00000 ---p 00000000 00:00 0 
e1d00000-e1e00000 rw-p 00000000 00:00 0 
e1e00000-e1f00000 rw-p 00000000 00:00 0 
e20fe000-e2200000 rw-p 00000000 00:00 0 
e2200000-e2400000 rw-p 00000000 00:00 0 
e2400000-e2600000 rw-p 00000000 00:00 0 
e2600000-e2800000 rw-p 00000000 00:00 0 
e2800000-e2a00000 rw-p 00000000 00:00 0 
e2a00000-e2ac1000 rw-p 00000000 00:00 0 
e2ac1000-e2b00000 ---p 00000000 00:00 0 
e2b00000-e2bfb000 rw-p 00000000 00:00 0 
e2bfb000-e2c00000 ---p 00000000 00:00 0 
e2c00000-e2dc2000 rw-p 00000000 00:00 0 
e2dc2000-e2e00000 ---p 00000000 00:00 0 
e2e00000-e2f00000 rw-p 00000000 00:00 0 
e2f00000-e3000000 rw-p 00000000 00:00 0 
e3000000-e3100000 rw-p 00000000 00:00 0 
e3100000-e3200000 rw-p 00000000 00:00 0 
e3200000-e3300000 rw-p 00000000 00:00 0 
e3300000-e3400000 rw-p 00000000 00:00 0 
e3400000-e3600000 rw-p 00000000 00:00 0 
e3600000-e3800000 rw-p 00000000 00:00 0 
e3800000-e38f1000 rw-p 00000000 00:00 0 
e38f1000-e3900000 ---p 00000000 00:00 0 
e3900000-e3a00000 rw-p 00000000 00:00 0 
e3a00000-e3bff000 rw-p 00000000 00:00 0 
e3bff000-e3c00000 ---p 00000000 00:00 0 
e3c00000-e3e00000 rw-p 00000000 00:00 0 
e3e00000-e3ec1000 rw-p 00000000 00:00 0 
e3ec1000-e3f00000 ---p 00000000 00:00 0 
e3f00000-e4000000 rw-p 00000000 00:00 0 
e4000000-e41f8000 rw-p 00000000 00:00 0 
e41f8000-e4200000 ---p 00000000 00:00 0 
e4200000-e42ea000 rw-p 00000000 00:00 0 
e42ea000-e4300000 ---p 00000000 00:00 0 
e4300000-e4400000 rw-p 00000000 00:00 0 
e4400000-e4600000 rw-p 00000000 00:00 0 
e4600000-e4a00000 rw-p 00000000 00:00 0 
e4a00000-e4b00000 rw-p 00000000 00:00 0 
e4b00000-e4bef000 rw-p 00000000 00:00 0 
e4bef000-e4c00000 ---p 00000000 00:00 0 
e4c00000-e4dfe000 rw-p 00000000 00:00 0 
e4dfe000-e4e00000 ---p 00000000 00:00 0 
e4e00000-e4ee6000 rw-p 00000000 00:00 0 
e4ee6000-e4f00000 ---p 00000000 00:00 0 
e4f00000-e5000000 rw-p 00000000 00:00 0 
e5000000-e50f4000 rw-p 00000000 00:00 0 
e50f4000-e5100000 ---p 00000000 00:00 0 
e5100000-e5200000 rw-p 00000000 00:00 0 
e5200000-e5400000 rw-p 00000000 00:00 0 
e5400000-e5500000 rw-p 00000000 00:00 0 
e5500000-e5600000 rw-p 00000000 00:00 0 
e5600000-e5800000 rw-p 00000000 00:00 0 
e5800000-e5a00000 rw-p 00000000 00:00 0 
e5a00000-e5b00000 rw-p 00000000 00:00 0 
e5b00000-e5c00000 rw-p 00000000 00:00 0 
e5c00000-e5e00000 rw-p 00000000 00:00 0 
e5e00000-e5fcb000 rw-p 00000000 00:00 0 
e5fcb000-e6000000 ---p 00000000 00:00 0 
e6000000-e6200000 rw-p 00000000 00:00 0 
e6200000-e6300000 rw-p 00000000 00:00 0 
e6300000-e6400000 rw-p 00000000 00:00 0 
e6400000-e6700000 rw-p 00000000 00:00 0 
e6700000-e6900000 rw-p 00000000 00:00 0 
e6900000-e69f3000 rw-p 00000000 00:00 0 
e69f3000-e6a00000 ---p 00000000 00:00 0 
e6a00000-e6b00000 rw-p 00000000 00:00 0 
e6b00000-e6d00000 rw-p 00000000 00:00 0 
e6d00000-e6f00000 rw-p 00000000 00:00 0 
e6f00000-e7000000 rw-p 00000000 00:00 0 
e7000000-e70fa000 rw-p 00000000 00:00 0 
e70fa000-e7100000 ---p 00000000 00:00 0 
e7100000-e7300000 rw-p 00000000 00:00 0 
e7300000-e7400000 rw-p 00000000 00:00 0 
e7400000-e74ff000 rw-p 00000000 00:00 0 
e74ff000-e7500000 ---p 00000000 00:00 0 
e7500000-e7600000 rw-p 00000000 00:00 0 
e7600000-e76fc000 rw-p 00000000 00:00 0 
e76fc000-e7700000 ---p 00000000 00:00 0 
e7700000-e7800000 rw-p 00000000 00:00 0 
e7800000-e7900000 rw-p 00000000 00:00 0 
e7900000-e7a00000 rw-p 00000000 00:00 0 
e7a00000-e7b00000 rw-p 00000000 00:00 0 
e7b00000-e7c00000 rw-p 00000000 00:00 0 
e7c00000-e7d00000 rw-p 00000000 00:00 0 
e7d3d000-e7dff000 rw-p 00000000 00:00 0 
e7e00000-e8000000 rw-p 00000000 00:00 0 
e8000000-e8100000 rw-p 00000000 00:00 0 
e8100000-e81fb000 rw-p 00000000 00:00 0 
e81fb000-e8200000 ---p 00000000 00:00 0 
e8200000-e8300000 rw-p 00000000 00:00 0 
e8300000-e8400000 rw-p 00000000 00:00 0 
e8400000-e84f6000 rw-p 00000000 00:00 0 
e84f6000-e8500000 ---p 00000000 00:00 0 
e8500000-e8600000 rw-p 00000000 00:00 0 
e8600000-e8700000 rw-p 00000000 00:00 0 
e873c000-e87fe000 rw-p 00000000 00:00 0 
e8800000-e89d1000 rw-p 00000000 00:00 0 
e89d1000-e8a00000 ---p 00000000 00:00 0 
e8a00000-e8b00000 rw-p 00000000 00:00 0 
e8b00000-e8c00000 rw-p 00000000 00:00 0 
e8c00000-e8e00000 rw-p 00000000 00:00 0 
e8e00000-e8f00000 rw-p 00000000 00:00 0 
e8fff000-e90ff000 rw-p 00000000 00:00 0 
e90ff000-e9200000 rw-p 00000000 00:00 0 
e9200000-e9300000 rw-p 00000000 00:00 0 
e9300000-e9400000 rw-p 00000000 00:00 0 
e9400000-e9600000 rw-p 00000000 00:00 0 
e9600000-e9700000 rw-p 00000000 00:00 0 
e975b000-e9800000 r--p 00000000 fd:03 404310                             /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans-Bold.ttf
e9800000-e9900000 rw-p 00000000 00:00 0 
e9922000-e99a3000 rw-p 00000000 00:00 0 
e99a3000-e99fa000 rw-p 00000000 00:00 0 
e9a09000-e9a4a000 rw-p 00000000 00:00 0 
e9a8c000-e9a92000 r-xp 00000000 fd:03 328306                             /usr/lib/i386-linux-gnu/libnotify.so.4.0.0
e9a92000-e9a93000 r--p 00006000 fd:03 328306                             /usr/lib/i386-linux-gnu/libnotify.so.4.0.0
e9a93000-e9a94000 rw-p 00007000 fd:03 328306                             /usr/lib/i386-linux-gnu/libnotify.so.4.0.0
e9a96000-e9a99000 r-xp 00000000 fd:03 41382                              /usr/lib/i386-linux-gnu/pango/1.6.0/modules/pango-hangul-fc.so
e9a99000-e9a9a000 r--p 00002000 fd:03 41382                              /usr/lib/i386-linux-gnu/pango/1.6.0/modules/pango-hangul-fc.so
e9a9a000-e9a9b000 rw-p 00003000 fd:03 41382                              /usr/lib/i386-linux-gnu/pango/1.6.0/modules/pango-hangul-fc.so
e9a9b000-e9a9d000 r-xp 00000000 fd:03 333220                             /usr/lib/i386-linux-gnu/gconv/ISO8859-15.so
e9a9d000-e9a9e000 r--p 00001000 fd:03 333220                             /usr/lib/i386-linux-gnu/gconv/ISO8859-15.so
e9a9e000-e9a9f000 rw-p 00002000 fd:03 333220                             /usr/lib/i386-linux-gnu/gconv/ISO8859-15.so
e9a9f000-e9aa0000 r-xp 00000000 fd:03 333260                             /usr/lib/i386-linux-gnu/gconv/ISO8859-1.so
e9aa0000-e9aa1000 r--p 00001000 fd:03 333260                             /usr/lib/i386-linux-gnu/gconv/ISO8859-1.so
e9aa1000-e9aa2000 rw-p 00002000 fd:03 333260                             /usr/lib/i386-linux-gnu/gconv/ISO8859-1.so
e9aa2000-e9aa6000 rw-p 00000000 00:00 0 
e9aaf000-e9ab1000 r-xp 00000000 fd:01 213643                             /lib/libnss_mdns4_minimal.so.2
e9ab1000-e9ab2000 rw-p 00001000 fd:01 213643                             /lib/libnss_mdns4_minimal.so.2
e9ab4000-e9ac4000 r--p 00000000 fd:03 543575                             /usr/share/fonts/truetype/ttf-bitstream-vera/VeraIt.ttf
e9ac4000-e9ac9000 r-xp 00000000 fd:03 909721                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mail-notification.so
e9ac9000-e9aca000 r--p 00004000 fd:03 909721                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mail-notification.so
e9aca000-e9acb000 rw-p 00005000 fd:03 909721                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mail-notification.so
e9acb000-e9ad4000 r-xp 00000000 fd:03 909681                             /usr/lib/evolution/3.4/plugins/liborg-gnome-templates.so
e9ad4000-e9ad5000 r--p 00008000 fd:03 909681                             /usr/lib/evolution/3.4/plugins/liborg-gnome-templates.so
e9ad5000-e9ad6000 rw-p 00009000 fd:03 909681                             /usr/lib/evolution/3.4/plugins/liborg-gnome-templates.so
e9ad6000-e9ada000 r-xp 00000000 fd:03 909768                             /usr/lib/evolution/3.4/plugins/liborg-gnome-backup-restore.so
e9ada000-e9adb000 r--p 00003000 fd:03 909768                             /usr/lib/evolution/3.4/plugins/liborg-gnome-backup-restore.so
e9adb000-e9adc000 rw-p 00004000 fd:03 909768                             /usr/lib/evolution/3.4/plugins/liborg-gnome-backup-restore.so
e9adc000-e9aeb000 r--p 00000000 fd:03 543576                             /usr/share/fonts/truetype/ttf-bitstream-vera/VeraBd.ttf
e9aeb000-e9aee000 r-xp 00000000 fd:03 909693                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mailing-list-actions.so
e9aee000-e9aef000 r--p 00002000 fd:03 909693                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mailing-list-actions.so
e9aef000-e9af0000 rw-p 00003000 fd:03 909693                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mailing-list-actions.so
e9af0000-e9af4000 r-xp 00000000 fd:03 910338                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mark-all-read.so
e9af4000-e9af5000 r--p 00004000 fd:03 910338                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mark-all-read.so
e9af5000-e9af6000 rw-p 00005000 fd:03 910338                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mark-all-read.so
e9af6000-e9b00000 r--p 00000000 fd:03 163869                             /usr/share/locale/de/LC_MESSAGES/evolution-exchange-3.4.mo
e9b00000-e9b08000 r-xp 00000000 fd:03 910020                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mail-to-task.so
e9b08000-e9b09000 r--p 00007000 fd:03 910020                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mail-to-task.so
e9b09000-e9b0a000 rw-p 00008000 fd:03 910020                             /usr/lib/evolution/3.4/plugins/liborg-gnome-mail-to-task.so
e9b0a000-e9b17000 r--p 00000000 fd:03 543585                             /usr/share/fonts/truetype/ttf-bitstream-vera/VeraMono.ttf
e9b17000-e9b1d000 r-xp 00000000 fd:03 339386                             /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-xpm.so
e9b1d000-e9b1e000 r--p 00005000 fd:03 339386                             /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-xpm.so
Comment 1 Paul Menzel 2012-09-06 19:07:38 UTC 
The backtrace is as follows.

Core was generated by `evolution'.
Program terminated with signal 6, Aborted.

+ Trace 230814

  • #0 __kernel_vsyscall
  • #0 __kernel_vsyscall
  • #1 *__GI_raise
    at ../nptl/sysdeps/unix/sysv/linux/raise.c line 64
  • #2 *__GI_abort
    at abort.c line 92
  • #3 __libc_message
    at ../sysdeps/unix/sysv/linux/libc_fatal.c line 189
  • #4 malloc_printerr
    at malloc.c line 6283
  • #5 _int_free
    at malloc.c line 4795
  • #6 *__GI___libc_free
    at malloc.c line 3738
  • #7 standard_free
    at /build/buildd-glib2.0_2.32.3-1-i386-987P8N/glib2.0-2.32.3/./glib/gmem.c line 98
  • #8 g_free
    at /build/buildd-glib2.0_2.32.3-1-i386-987P8N/glib2.0-2.32.3/./glib/gmem.c line 252
  • #9 message_info_free
    at camel-maildir-summary.c line 360
  • #10 camel_message_info_free
    at camel-folder-summary.c line 4404
  • #11 g_slist_foreach
    at /build/buildd-glib2.0_2.32.3-1-i386-987P8N/glib2.0-2.32.3/./glib/gslist.c line 840
  • #12 remove_cache
    at camel-folder-summary.c line 1946
  • #13 session_do_job_cb
    at camel-session.c line 165
  • #14 run_in_thread
    at /build/buildd-glib2.0_2.32.3-1-i386-987P8N/glib2.0-2.32.3/./gio/gsimpleasyncresult.c line 861
  • #15 io_job_thread
    at /build/buildd-glib2.0_2.32.3-1-i386-987P8N/glib2.0-2.32.3/./gio/gioscheduler.c line 177
  • #16 g_thread_pool_thread_proxy
    at /build/buildd-glib2.0_2.32.3-1-i386-987P8N/glib2.0-2.32.3/./glib/gthreadpool.c line 309
  • #17 g_thread_proxy
    at /build/buildd-glib2.0_2.32.3-1-i386-987P8N/glib2.0-2.32.3/./glib/gthread.c line 801
  • #18 start_thread
    at pthread_create.c line 304
  • #19 clone
    at ../sysdeps/unix/sysv/linux/i386/clone.S line 130 






Comment 2


Paul Menzel





          2012-09-06 19:09:01 UTC
        



I have no idea if this is related to bug 682398 [1]. I had no time yet to try the patch proposed by Milan.

[1] https://bugzilla.gnome.org/show_bug.cgi?id=682398






Comment 3


Milan Crha





          2012-09-11 14:00:07 UTC
        



Thanks for a bug report. Is it reproducible consistently on your machine, please? If so, it would be good to run evolution under valgrind and reproduce the crash (valgrind can avoid certain crashes, but it logs about them only), which should give a hint what could happen here. I run evolution under valgrind like this:
   $ G_SLICE=always-malloc vagrind --num-callers=50 evolution &>log.txt

The change from bug #682398 may not have any influence here.






Comment 4


Paul Menzel





          2012-10-19 10:06:58 UTC
        



It just happened with the patch from bug #682398 again. But it happens very seldomly.

[…]
(evolution:4289): evolution-mail-CRITICAL **: cmp_array_uids: assertion `md1 != NULL' failed
*** glibc detected *** evolution: free(): invalid pointer: 0xbfa27330 ***
======= Backtrace: =========
/lib/i386-linux-gnu/i686/cmov/libc.so.6(+0x6e3b1)[0xb6cec3b1]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(+0x6fc18)[0xb6cedc18]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(cfree+0x6d)[0xb6cf0ccd]
/lib/i386-linux-gnu/libglib-2.0.so.0(+0x4f77b)[0xb6e4477b]
[0x2]
[0x9b89]
[0xb8363c50]
[0x0]
======= Memory map: ========
88f33000-88f34000 ---p 00000000 00:00 0 
88f34000-89734000 rw-p 00000000 00:00 0 
8af37000-8af38000 ---p 00000000 00:00 0 
8af38000-8b738000 rw-p 00000000 00:00 0 
8b738000-8ff00000 r--p 00000000 fd:03 418401     /usr/share/icons/gnome/icon-theme.cache
[…]

I will try to get that Valgrind log.






Comment 5


Paul Menzel





          2012-10-19 12:59:34 UTC
        



Created attachment 226821 [details]
G_SLICE=always-malloc valgrind --num-callers=50 evolution &>20121019--evolution-valgrind.log

(In reply to comment #4)

[…]

> I will try to get that Valgrind log.

Hmm, that did not work well. First it is dead slow, which is expected I guess. Second, the password dialog windows did not show up again and therefore it hung.

I attach the log file nevertheless. Maybe you can spot something.

$ ps aux | grep valgrind
joey    28091 99.3 27.2 1519000 1059604 pts/6 Rl+  12:16 159:01 /usr/bin/valgrind.bin --num-callers=50 evolution

I had to kill the process with `kill -9 28091`.






Comment 6


Milan Crha





          2012-10-22 10:29:10 UTC
        



Thanks for the update. I see in the log basically two sources of issues. the first is Python. I thought they have it fixed already.

The other part if gconf_engine_get_fuller(), which was fixed only recently, within bug #667167. Maybe that is what is causing the invalid pointer operation?






Comment 7


Paul Menzel





          2012-10-22 13:03:08 UTC
        



(In reply to comment #6)
> Thanks for the update. I see in the log basically two sources of issues. the
> first is Python. I thought they have it fixed already.

Searching for the error

    Invalid read of size 4

I found the stackoverflow question [1], one of whose answers points to Python’s `README.valgrind` [2]. Skimming over this document, the error is suspected and can be suppressed by using a suppression file [3].

> The other part if gconf_engine_get_fuller(), which was fixed only recently,
> within bug #667167. Maybe that is what is causing the invalid pointer
> operation?

Could be. I manually build the latest GConf packages from Git and will see how it goes. As this issue is not reproducible, I should test it for like two weeks I guess.

[1] http://stackoverflow.com/questions/1519276/is-it-normal-that-running-python-under-valgrind-shows-many-errors-with-memory
[2] http://svn.python.org/projects/python/trunk/Misc/README.valgrind
[3] http://svn.python.org/projects/python/trunk/Misc/valgrind-python.supp






Comment 8


Tobias Mueller





          2013-03-16 11:36:39 UTC
        



Paul, any news on this bug?






Comment 9


Paul Menzel





          2013-03-25 09:49:01 UTC
        



(In reply to comment #7)
> (In reply to comment #6)

[…]

> > The other part if gconf_engine_get_fuller(), which was fixed only recently,
> > within bug #667167. Maybe that is what is causing the invalid pointer
> > operation?
> 
> Could be. I manually build the latest GConf packages from Git and will see how
> it goes. As this issue is not reproducible, I should test it for like two weeks
> I guess.

Even with the GConf patch applied I am still getting the crashes due to a memory leak. Unfortunately I am not able to debug this with Valgrind as it seems, that Valgrind has a bug finding debugging symbols [4][5]. :(

> [1] http://stackoverflow.com/questions/1519276/is-it-normal-that-running-python-under-valgrind-shows-many-errors-with-memory
> [2] http://svn.python.org/projects/python/trunk/Misc/README.valgrind
> [3] http://svn.python.org/projects/python/trunk/Misc/valgrind-python.supp
[4] https://bugzilla.gnome.org/show_bug.cgi?id=691303
[5] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701480






Comment 10


André Klapper





          2013-10-18 19:14:22 UTC
        



Is this still an issue in 3.10 or 3.8.5?






Comment 11


Paul Menzel





          2014-05-20 15:45:58 UTC
        



I think so. It still crashes but less often, i. e. only sporadic. There is still a memory leak somewhere I think. No idea if this is related to this report though. As you can see above I was unable to trace it down further and nobody was able to help me to find the cause.

Also I still see bug 728974 [1] and bug 729148 [2].

So I’d leave this open.

[1] https://bugzilla.gnome.org/show_bug.cgi?id=728974
[2] https://bugzilla.gnome.org/show_bug.cgi?id=729148






Comment 12


André Klapper





          2015-01-11 14:37:24 UTC
        



Can this specific issue still be seen in the latest 3.12 release(s)?






Comment 13


Milan Crha





          2015-04-24 09:49:39 UTC
        



Running under valgrind [1] may help to identify the issue, supposing you are able to reproduce this reliably.

[1] G_SLICE=always-malloc valgrind evolution &>log.txt






Comment 14


André Klapper





          2017-07-29 15:19:15 UTC
        



(In reply to Milan Crha from comment #13)
> Running under valgrind [1] may help to identify the issue, supposing you are
> able to reproduce this reliably.
> 
> [1] G_SLICE=always-malloc valgrind evolution &>log.txt

Paul: Can you still reproduce this in 3.24 (or 3.22) and provide a Valgrind log?






Comment 15


Paul Menzel





          2017-07-29 18:17:53 UTC
        



I haven’t seen this in a while, and I am currently using Evolution 3.22.6.

Sorry for not responding, but my work system and Evolution setup does not allow to run Evolution under Valgrind.