After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 794596 - random crash (SIGSEGV)
random crash (SIGSEGV)
Status: RESOLVED INCOMPLETE
Product: evolution
Classification: Applications
Component: Mailer
3.26.x (obsolete)
Other Linux
: Normal critical
: ---
Assigned To: evolution-mail-maintainers
Evolution QA team
Depends on:
Blocks:
 
 
Reported: 2018-03-22 12:54 UTC by Paul Wise
Modified: 2018-03-26 10:44 UTC
See Also:
GNOME target: ---
GNOME version: 3.25/3.26


Attachments
gdb backtrace of the crash (86.11 KB, text/plain)
2018-03-22 12:54 UTC, Paul Wise
Details

Description Paul Wise 2018-03-22 12:54:20 UTC
Created attachment 370010 [details]
gdb backtrace of the crash

I got a random crash (SIGSEGV) in evolution. I am using evolution 3.26.5-1+b1, evolution-data-server 3.26.3-4 and GNOME 3.26 on Debian buster. If the below gdb backtrace summary and attached full gdb backtrace isn't useful, please close this bug.

Core was generated by `evolution'.
Program terminated with signal SIGSEGV, Segmentation fault.
  • #0 g_ascii_strncasecmp
    at ../../../../glib/gstrfuncs.c line 1851
  • #0 g_ascii_strncasecmp
    at ../../../../glib/gstrfuncs.c line 1851
  • #1 itip_strip_mailto
    at ./src/calendar/gui/itip-utils.c line 638
  • #2 itip_view_init_view
    at ./src/modules/itip-formatter/itip-view.c line 6081
  • #3 web_extension_proxy_created_cb
    at ./src/modules/itip-formatter/itip-view.c line 1862
  • #4 g_task_return_now
    at ../../../../gio/gtask.c line 1145
  • #5 g_task_return
    at ../../../../gio/gtask.c line 1203
  • #6 init_second_async_cb
    at ../../../../gio/gdbusproxy.c line 1808
  • #7 g_task_return_now
    at ../../../../gio/gtask.c line 1145
  • #8 g_task_return
    at ../../../../gio/gtask.c line 1203
  • #9 async_init_data_set_name_owner
    at ../../../../gio/gdbusproxy.c line 1499
  • #10 async_init_get_name_owner_cb
    at ../../../../gio/gdbusproxy.c line 1537
  • #11 g_task_return_now
    at ../../../../gio/gtask.c line 1145
  • #12 g_task_return
    at ../../../../gio/gtask.c line 1203
  • #13 g_dbus_connection_call_done
    at ../../../../gio/gdbusconnection.c line 5722
  • #14 g_task_return_now
    at ../../../../gio/gtask.c line 1145
  • #15 complete_in_idle_cb
    at ../../../../gio/gtask.c line 1159
  • #16 g_main_dispatch
    at ../../../../glib/gmain.c line 3142
  • #17 g_main_context_dispatch
    at ../../../../glib/gmain.c line 3795
  • #18 g_main_context_iterate
    at ../../../../glib/gmain.c line 3868
  • #19 g_main_loop_run
    at ../../../../glib/gmain.c line 4064
  • #20 gtk_main
    at ../../../../gtk/gtkmain.c line 1323
  • #21 main
    at ./src/shell/main.c line 670

Comment 1 Paul Wise 2018-03-22 12:55:11 UTC
Woops, evolution-data-server is version 3.26.5-2
Comment 2 Milan Crha 2018-03-23 10:29:58 UTC
Thanks for a bug report. If I read it properly, then you've selected a meeting invitation message and while evolution had been trying to format it for the preview it crashed, with possible use-after-free or something like that. I tried with my meeting invitation and it didn't crash, which might not mean much, because if this is truly related to use-after-free, then these can strike anywhere and that it crashed at this place for you might be just a coincidence.

I do not know what to suggest further, unless you can reproduce it, in which case we might try to debug this further on your machine. Also see bug #792688, which may or may not be related (the crash itself is different, but it also involves meeting invitations).

(In reply to Paul Wise from comment #1)
> Woops, evolution-data-server is version 3.26.5-2

Right, it makes more sense, because evolution requires at least the same version as it is.
Comment 3 Paul Wise 2018-03-24 04:42:16 UTC
I don't use or receive meeting invitations so any such message was probably spam. I've definitely received spam that includes meeting invitations before. I delete all spam so I don't have a copy of it any more.

I'd suggest closing the bug report.

It might be a good idea to do some fuzzing of the meeting invitations related code to see if any bugs can be found.
Comment 4 Milan Crha 2018-03-26 10:44:43 UTC
(In reply to Paul Wise from comment #3)
> I'd suggest closing the bug report.

Okay, thanks.

> It might be a good idea to do some fuzzing of the meeting invitations
> related code to see if any bugs can be found.

I agree, that would truly help. I only do not have any clue how to do it.