Bug 802411

Summary: [abrt] evolution-3.3.91-1.fc17: g_logv: Process /usr/bin/evolution was killed by signal 5 (SIGTRAP)
Product: [Fedora] Fedora Reporter: Artur Flinta <aflinta>
Component: evolutionAssignee: Matthew Barnes <mbarnes>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 17CC: bdpepple, lucilanga, mbarnes, mcrha, mikhail.v.gavrilov, rick+rhbugzilla
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:5fe1ba532475ee2cb666102c816a2dceb8660ca0
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-03-13 09:35:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: dso_list
none
File: gconf_subtree
none
File: build_ids
none
File: maps
none
File: backtrace
none
valgrind-empathy-log
none
valgrind-empathy-log
none
valgrind empathy log from another machine none

Description Artur Flinta 2012-03-12 13:48:00 UTC 
libreport version: 2.0.8
abrt_version:   2.0.7
backtrace_rating: 4
cmdline:        evolution
comment:        Died just after starting with newly configured EWS account. 
crash_function: g_logv
executable:     /usr/bin/evolution
kernel:         3.3.0-0.rc6.git0.2.fc17.x86_64
pid:            1627
pwd:            /home/aflinta
reason:         Process /usr/bin/evolution was killed by signal 5 (SIGTRAP)
time:           Mon 12 Mar 2012 02:46:21 PM CET
uid:            1000
username:       aflinta
xsession_errors: evolution-mail-CRITICAL **: e_mail_account_store_add_service: assertion `account != NULL' failed

backtrace:      Text file, 70937 bytes
build_ids:      Text file, 7831 bytes
dso_list:       Text file, 19898 bytes
gconf_subtree:  Text file, 4577 bytes
maps:           Text file, 94249 bytes

environ:
:XDG_VTNR=1
:XDG_SESSION_ID=2
:HOSTNAME=vF17
:IMSETTINGS_INTEGRATE_DESKTOP=yes
:SHELL=/bin/bash
:TERM=dumb
:HISTSIZE=1000
:GNOME_KEYRING_CONTROL=/tmp/keyring-Kp6c6o
:IMSETTINGS_MODULE=none
:USER=aflinta
:USERNAME=aflinta
:MAIL=/var/spool/mail/aflinta
:PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/home/aflinta/.local/bin:/home/aflinta/bin
:DESKTOP_SESSION=gnome
:QT_IM_MODULE=xim
:PWD=/home/aflinta
:XMODIFIERS=@im=none
:GNOME_KEYRING_PID=777
:LANG=en_US.UTF-8
:GDMSESSION=gnome
:HISTCONTROL=ignoredups
:XDG_SEAT=seat0
:HOME=/home/aflinta
:SHLVL=1
:LOGNAME=aflinta
:DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-GhPDkzLDD9,guid=30a7ab0457b19f1b82a5e82a0000000d
:'LESSOPEN=||/usr/bin/lesspipe.sh %s'
:WINDOWPATH=1
:XDG_RUNTIME_DIR=/run/user/aflinta
:DISPLAY=:0
:XAUTHORITY=/var/run/gdm/auth-for-aflinta-vreMqo/database
:_=/usr/bin/gnome-session
:GNOME_DESKTOP_SESSION_ID=this-is-deprecated
:SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/779,unix/unix:/tmp/.ICE-unix/779
:SSH_AUTH_SOCK=/tmp/keyring-Kp6c6o/ssh
:GPG_AGENT_INFO=/tmp/keyring-Kp6c6o/gpg:0:1
:GJS_DEBUG_OUTPUT=stderr
:'GJS_DEBUG_TOPICS=JS ERROR;JS LOG'
:G_MESSAGES_DEBUG=all
:GIO_LAUNCHED_DESKTOP_FILE=/usr/share/applications/evolution.desktop
:GIO_LAUNCHED_DESKTOP_FILE_PID=1627
:DESKTOP_STARTUP_ID=gnome-shell-990-vF17-evolution-4_TIME1099478

smolt_data:
:
:
:General
:=================================
:UUID: 5ae09fb7-2b9e-4bf2-8364-4b0e553a6147
:OS: Fedora release 17 (Beefy Miracle)
:Default run level: Unknown
:Language: en_US.UTF-8
:Platform: x86_64
:BogoMIPS: 5188.21
:CPU Vendor: GenuineIntel
:CPU Model: QEMU Virtual CPU version 0.15.1
:CPU Stepping: 3
:CPU Family: 6
:CPU Model Num: 2
:Number of CPUs: 1
:CPU Speed: 2593
:System Memory: 996
:System Swap: 1983
:Vendor: Bochs
:System: Bochs 
:Form factor: Other
:Kernel: 3.3.0-0.rc6.git0.2.fc17.x86_64
:SELinux Enabled: 1
:SELinux Policy: targeted
:SELinux Enforce: Enforcing
:MythTV Remote: Unknown
:MythTV Role: Unknown
:MythTV Theme: Unknown
:MythTV Plugin: 
:MythTV Tuner: -1
:
:
:Devices
:=================================
:(6900:4098:6900:5) pci, virtio-pci, RAM, Virtio memory balloon
:(4115:184:6900:4352) pci, None, VIDEO, GD 5446
:(6900:4096:6900:1) pci, virtio-pci, ETHERNET, Virtio network device
:(32902:9832:6900:4352) pci, snd_hda_intel, MULTIMEDIA, 82801FB/FBM/FR/FW/FRW (ICH6 Family) High Definition Audio Controller
:(32902:4663:6900:4352) pci, None, HOST/PCI, Qemu virtual machine
:(6900:4097:6900:2) pci, virtio-pci, SCSI, Virtio block device
:(32902:28947:6900:4352) pci, piix4_smbus, BRIDGE, Qemu virtual machine
:(32902:28704:6900:4352) pci, uhci_hcd, USB, Qemu virtual machine
:(32902:28688:6900:4352) pci, ata_piix, STORAGE, Qemu virtual machine
:(32902:28672:6900:4352) pci, None, PCI/ISA, Qemu virtual machine
:
:
:Filesystem Information
:=================================
:device mtpt type bsize frsize blocks bfree bavail file ffree favail
:-------------------------------------------------------------------
:/dev/mapper/vg_vf17-lv_root / ext4 4096 4096 1453979 297959 225051 365040 217133 217133
:/dev/vda2 /boot ext4 1024 1024 508745 433511 407911 128016 127793 127793
:

var_log_messages:
:Mar 12 14:11:07 vF17 yum[1389]: Updated: evolution-data-server-3.3.91-1.fc17.x86_64
:Mar 12 14:13:24 vF17 yum[1389]: Updated: evolution-3.3.91-1.fc17.x86_64
:Mar 12 14:14:42 vF17 yum[1389]: Updated: evolution-NetworkManager-3.3.91-1.fc17.x86_64
:Mar 12 14:18:23 vF17 yum[1389]: Updated: evolution-help-3.3.91-1.fc17.noarch
:Mar 12 14:28:14 vF17 yum[1255]: Installed: evolution-ews-3.3.91-1.fc17.x86_64
:Mar 12 14:29:40 vF17 kernel: [  216.471068] evolution[1293]: segfault at e50000013c ip 00007f2aae85172c sp 00007f2a81ffaa00 error 4 in libgobject-2.0.so.0.3120.0[7f2aae83d000+4d000]
:Mar 12 14:29:41 vF17 abrt[1297]: Saved core dump of pid 1277 (/usr/bin/evolution) to /var/spool/abrt/ccpp-2012-03-12-14:29:40-1277 (86884352 bytes)
:Mar 12 14:46:22 vF17 abrt[1667]: Saved core dump of pid 1627 (/usr/bin/evolution) to /var/spool/abrt/ccpp-2012-03-12-14:46:21-1627 (117014528 bytes)
Comment 1 Artur Flinta 2012-03-12 13:48:05 UTC 
Created attachment 569398 [details]
File: dso_list
Comment 2 Artur Flinta 2012-03-12 13:48:07 UTC 
Created attachment 569399 [details]
File: gconf_subtree
Comment 3 Artur Flinta 2012-03-12 13:48:10 UTC 
Created attachment 569400 [details]
File: build_ids
Comment 4 Artur Flinta 2012-03-12 13:48:15 UTC 
Created attachment 569401 [details]
File: maps
Comment 5 Artur Flinta 2012-03-12 13:48:20 UTC 
Created attachment 569402 [details]
File: backtrace
Comment 6 Milan Crha 2012-03-13 09:35:23 UTC 
Thanks for a bug report. I moved this upstream as [1]. Please see [1] for any further updates. If possible, please CC yourself there, in case upstream developers will have additional questions.

[1] https://bugzilla.gnome.org/show_bug.cgi?id=671969
Comment 7 Milan Crha 2012-03-13 09:36:21 UTC 
*** Bug 802419 has been marked as a duplicate of this bug. ***
Comment 8 Milan Crha 2012-04-03 06:31:20 UTC 
*** Bug 809252 has been marked as a duplicate of this bug. ***
Comment 9 Mikhail 2012-04-06 07:10:36 UTC 
interesting because occurs when i open empathy chat window
Comment 10 Mikhail 2012-04-06 07:33:43 UTC 
These Crashes occurred at a time https://bugzilla.redhat.com/show_bug.cgi?id=810440
Comment 11 Mikhail 2012-04-06 07:55:19 UTC 
What do these crashes except that they occurred at a time?
https://bugzilla.redhat.com/show_bug.cgi?id=802411
https://bugzilla.redhat.com/show_bug.cgi?id=575462
https://bugzilla.redhat.com/show_bug.cgi?id=809809
Comment 12 Milan Crha 2012-04-06 12:35:19 UTC 
I do not see anything common for those crashes, maybe some module/library writes into an already freed chunk of memory, causing memory corruption in "random" part of memory, causing crash of an unrelated module (the "random" here means it rewrites part of memory which can belong to any or none module/library).

If you can reproduce this with empathy, then I suggest to run it under valgrind and see what it'll show (after some time of usage), I would do it like this:
a) close empathy
b) install debuginfo packages for empathy (make sure it'll be of the same
   version as the installed empathy)
c) run empathy under valgrind and use it for some time (it'll be significantly
   slower due to all memory checking):
   $ G_SLICE=always-malloc valgrind --num-callers=50 empathy &>log.txt
Note valgrind can avoid certain kinds of crashes, thus even if it'll not crash after some time then the log can contain information about incorrect memory usage.
Comment 13 Mikhail 2012-04-07 09:50:32 UTC 
Created attachment 575907 [details]
valgrind-empathy-log
Comment 14 Mikhail 2012-04-07 09:51:10 UTC 
Please see valgrind log.
Comment 15 Mikhail 2012-04-07 09:59:59 UTC 
Created attachment 575911 [details]
valgrind-empathy-log
Comment 16 Mikhail 2012-04-09 10:42:08 UTC 
Created attachment 576168 [details]
valgrind empathy log from another machine
Comment 17 Milan Crha 2012-04-10 07:21:09 UTC 
Thanks for the update. The logs are basically the same, except the other machine (the last log) doesn't show uses of uninitialized values from the nouveau driver, but otherwise it shows one invalid write (which can cause memory corruptions) when glib NULL-ifies pointer in a structure which is already freed (I do not see what the structure is, it was freed on a signal notification from libebook (it seems you do not have installed debuginfo package of the same version as is yours evolution-data-server package, because valgrind cannot read debug information for this library), though this might be after an error which is shown few lines above this invalid write. There is no usage of g_nullify_pointer() in evolution-data-server, thus this might come from empathy itself. After this invalid write there are many invalid reads caused by empathy itself.

I'm moving this to empathy, same as the upstream bug report.
Comment 18 Milan Crha 2012-04-10 07:24:10 UTC 
(In reply to comment #17)
> I'm moving this to empathy, same as the upstream bug report.

Oops, Mikhail, can you open a new bug report against empathy instead, please? I just realized that the upstream bug report is about something different (I didn't read this whole bug carefully before writing comment #17) :-/
Comment 19 Mikhail 2012-04-14 14:07:47 UTC 
This will go? https://bugzilla.redhat.com/show_bug.cgi?id=808736
Comment 20 Milan Crha 2012-04-16 07:01:20 UTC 
Yes, it works. Thanks.