Bug 1376583

Summary: [abrt] evolution-data-server: closure_invoke_notifiers(): evolution-calendar-factory-subprocess killed by SIGSEGV
Product: [Fedora] Fedora Reporter: pzeppegno
Component: evolution-data-serverAssignee: Milan Crha <mcrha>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 24CC: afarrag, mbarnes, mcrha
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
URL: https://retrace.fedoraproject.org/faf/reports/bthash/4f809926ee1d0c4610dbe76a967cb9967ff385e4
Whiteboard: abrt_hash:fb8a83593d94863c2b8daa471d53787818901a15;VARIANT_ID=workstation;
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-09-19 13:56:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
File: backtrace
none
File: cgroup
none
File: core_backtrace
none
File: dso_list
none
File: environ
none
File: exploitable
none
File: limits
none
File: maps
none
File: mountinfo
none
File: namespaces
none
File: open_fds
none
File: proc_pid_status
none
File: var_log_messages none

Description pzeppegno 2016-09-15 19:38:00 UTC 
Version-Release number of selected component:
evolution-data-server-3.20.5-3.fc24

Additional info:
reporter:       libreport-2.7.2
backtrace_rating: 4
cmdline:        /usr/libexec/evolution-calendar-factory-subprocess --factory caldav --bus-name org.gnome.evolution.dataserver.Subprocess.Backend.Calendarx2544x2 --own-path /org/gnome/evolution/dataserver/Subprocess/Backend/Calendar/2544/2
crash_function: closure_invoke_notifiers
executable:     /usr/libexec/evolution-calendar-factory-subprocess
global_pid:     2605
kernel:         4.7.3-200.fc24.x86_64
pkg_fingerprint: 73BD E983 81B4 6521
pkg_vendor:     Fedora Project
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (8 frames)
 #1 closure_invoke_notifiers at gclosure.c:274
 #2 g_closure_invalidate at gclosure.c:583
 #3 e_soup_ssl_trust_message_finalized_cb at e-soup-ssl-trust.c:118
 #4 weak_refs_notify at gobject.c:2636
 #6 caldav_server_list_objects at e-cal-backend-caldav.c:1681
 #7 caldav_synchronize_cache at e-cal-backend-caldav.c:2287
 #8 caldav_synch_slave_loop at e-cal-backend-caldav.c:2602
 #9 g_thread_proxy at gthread.c:780
Comment 1 pzeppegno 2016-09-15 19:38:06 UTC 
Created attachment 1201375 [details]
File: backtrace
Comment 2 pzeppegno 2016-09-15 19:38:07 UTC 
Created attachment 1201376 [details]
File: cgroup
Comment 3 pzeppegno 2016-09-15 19:38:08 UTC 
Created attachment 1201377 [details]
File: core_backtrace
Comment 4 pzeppegno 2016-09-15 19:38:10 UTC 
Created attachment 1201378 [details]
File: dso_list
Comment 5 pzeppegno 2016-09-15 19:38:12 UTC 
Created attachment 1201379 [details]
File: environ
Comment 6 pzeppegno 2016-09-15 19:38:14 UTC 
Created attachment 1201380 [details]
File: exploitable
Comment 7 pzeppegno 2016-09-15 19:38:15 UTC 
Created attachment 1201381 [details]
File: limits
Comment 8 pzeppegno 2016-09-15 19:38:17 UTC 
Created attachment 1201382 [details]
File: maps
Comment 9 pzeppegno 2016-09-15 19:38:18 UTC 
Created attachment 1201383 [details]
File: mountinfo
Comment 10 pzeppegno 2016-09-15 19:38:20 UTC 
Created attachment 1201384 [details]
File: namespaces
Comment 11 pzeppegno 2016-09-15 19:38:21 UTC 
Created attachment 1201385 [details]
File: open_fds
Comment 12 pzeppegno 2016-09-15 19:38:23 UTC 
Created attachment 1201386 [details]
File: proc_pid_status
Comment 13 pzeppegno 2016-09-15 19:38:24 UTC 
Created attachment 1201387 [details]
File: var_log_messages
Comment 14 Milan Crha 2016-09-19 13:56:18 UTC 
Thanks for a bug report. I thought this is related to your bug #1376561, but this one is against CalDAV, not EWS. Nonetheless, it also suggests a use-after-free of some sort.

I found out an upstream bug report about the same [1]. Please see it for any further updates. Finding a reproducer would be very valuable, though I understand that doing so with a possible use-after-free is pretty hard.

[1] https://bugzilla.gnome.org/show_bug.cgi?id=752144
Comment 15 Milan Crha 2017-10-23 09:41:02 UTC 
*** Bug 1504821 has been marked as a duplicate of this bug. ***