Bug 655327

Summary: SIGSEGV: pk11_Finalize, PK11_DigestBegin, ssl3_ComputeRecordMAC
Product: [Fedora] Fedora Reporter: Nicolas Mailhot <nicolas.mailhot>
Component: nssAssignee: Elio Maldonado Batiz <emaldona>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: aew, alexjnewt, dan, dcbw, dirtdart666, emaldona, fredoche, kdudka, kengert, lucilanga, mbarnes, mcrha, sangu.fedora, tbzatek
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:f9d89b897c68d0a460bc10bbf130d4f61d92c7ef
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-01-10 22:19:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace none

Description Nicolas Mailhot 2010-11-20 14:07:04 UTC
abrt version: 1.1.14
architecture: x86_64
Attached file: backtrace
cmdline: evolution
component: evolution
executable: /usr/bin/evolution
kernel: 2.6.36-5.fc15.x86_64
package: evolution-2.91.2-1.fc15
reason: Process /usr/bin/evolution was killed by signal 11 (SIGSEGV)
release: Fedora release 15 (Rawhide)
How to reproduce: On shutdown
time: 1290260186
uid: 500

Comment 1 Nicolas Mailhot 2010-11-20 14:07:07 UTC
Created attachment 461724 [details]
File: backtrace

Comment 2 Milan Crha 2010-11-22 10:48:26 UTC
Thanks for a bug report. This particular one is happening in nss code, and supposing there didn't happen any memory corruption from evolution side then this might be related to the server certificate and nss library, rather than to the evolution itself, thus I'm moving this to nss.

Thread 1 (Thread 0x7faf19d9d700 (LWP 5075)):
#0  0x00007faf592d3e49 in pk11_Finalize (context=0x7faf2002edb0) at pk11cxt.c:957
#1  0x00007faf592d4d5d in PK11_DigestBegin (cx=0x7faf2002edb0) at pk11cxt.c:611
#2  0x00007faf598118f2 in ssl3_ComputeRecordMAC (spec=0x7faf20005328, useServerMacKey=<value optimized out>, type=<value optimized out>, version=<value optimized out>, seq_num=<value optimized out>, input=<value optimized out>, inputLength=23, outbuf=0x7faf20006d7c "\334\062\227'\005S'\302\240(o\020]\330x\314\315\323\f\210\240\377/7.\376\036\024\216i\357\207\276<\345\266\246{\333.\313r\205,\345\222\310F\260\255\v\360\224!\325t^\362\277BO\025pE\365r\002 j\323\366A\252\001\250\313\306\200\376\201\201\211\261v\270\334\337\340e\205\275\350\333\303\263", outLength=0x7faf19d9c35c) at ssl3con.c:1913
#3  0x00007faf59811e1f in ssl3_CompressMACEncryptRecord (contentLen=23, pIn=0x7faf100010c0 "A00057 SELECT Oseille\r\n", type=content_application_data, ss=0x7faf20003670) at ssl3con.c:2074
#4  ssl3_SendRecord (ss=0x7faf20003670, type=content_application_data, pIn=<value optimized out>, nIn=<value optimized out>, flags=0) at ssl3con.c:2241
#5  0x00007faf59812faf in ssl3_SendApplicationData (ss=0x7faf20003670, in=0x7faf100010c0 "A00057 SELECT Oseille\r\n", len=23, flags=0) at ssl3con.c:2357
#6  0x00007faf598269aa in ssl_SecureSend (ss=0x7faf20003670, buf=0x7faf100010c0 "A00057 SELECT Oseille\r\n", len=23, flags=<value optimized out>) at sslsecur.c:1241
#7  0x00007faf5982a712 in ssl_Write (fd=<value optimized out>, buf=0x7faf100010c0, len=23) at sslsock.c:1652
#8  0x00007faf5ab94b82 in write_to_prfd (fd=0x7faf20002790, buffer=0x7faf100010c0 "A00057 SELECT Oseille\r\n", n=23, cancellable=<value optimized out>, error=0x0) at camel-tcp-stream-raw.c:392
#9  0x00007faf59f5564a in camel_stream_write (stream=0x1a45300, buffer=0x7faf100010c0 "A00057 SELECT Oseille\r\n", n=23, cancellable=0x0, error=0x0) at camel-stream.c:166

Comment 3 Milan Crha 2010-12-02 12:39:14 UTC
*** Bug 659223 has been marked as a duplicate of this bug. ***

Comment 4 Tomáš Bžatek 2010-12-06 13:24:21 UTC
Any news? Seeing this in evolution-2.91.3-1.fc15.x86_64 every time, on app exit.

Comment 5 Dan Williams 2011-01-10 20:21:02 UTC
I get this crash in pk11_Finalize() when running evolution under valgrind, when I don't use valgrind I get an earlier crash, reported as bug 657254.

Comment 6 Dan Williams 2011-01-10 22:19:30 UTC
Pretty sure this is a dupe of 657254.  The imapx backend is still doing stuff with NSS (hitting up the server) when the Evo core calls camel_shutdown(), which deinits NSS, and thus any further crypto ops try to use invalid functions in NSS.

*** This bug has been marked as a duplicate of bug 657254 ***

Comment 7 Milan Crha 2011-02-01 13:28:29 UTC
*** Bug 674091 has been marked as a duplicate of this bug. ***

Comment 8 Milan Crha 2011-05-02 05:58:18 UTC
*** Bug 701082 has been marked as a duplicate of this bug. ***

Comment 9 Milan Crha 2011-06-21 04:52:56 UTC
*** Bug 714665 has been marked as a duplicate of this bug. ***

Comment 10 Milan Crha 2011-12-02 07:31:58 UTC
*** Bug 759185 has been marked as a duplicate of this bug. ***

Comment 11 Milan Crha 2011-12-07 09:01:45 UTC
*** Bug 760478 has been marked as a duplicate of this bug. ***