From a posting to fedora-list: The problem is that Ximian refuses even to consider the problem. Why should I have to trace a bug in someone else's code? More to the point, how do I solve the problem? As matters now stand, Evolution is unusable. When it sends and receives mail, it has a fifty percent chance of crashing. Here is the output of BugBuddy on my system: Distribution: Fedora Core release 2 (Tettnang) Package: Evolution Priority: Normal Version: GNOME2.6. unspecified Gnome-Distributor: Red Hat, Inc Synopsis: Crash on Send/Receive Mail Bugzilla-Product: Evolution Bugzilla-Component: Mailer Bugzilla-Version: unspecified BugBuddy-GnomeVersion: 2.0 (2.6.0) Description: Description of the crash: Whenever I do a Send/Receive, especially if there's any mail in the box, the program crashes. Steps to reproduce the crash: 1. Start Evolution. 2. Click Send/Receive. 3. [It doesn't get that far] Expected Results: Download mail. How often does this happen? Has happened three times in thirty seconds. My e-mail client is unusable. Additional Information: Debugging Information: Backtrace was generated from '/usr/bin/evolution' (no debugging symbols found)...Using host libthread_db library "/lib/tls/libthread_db.so.1". (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...[Thread debugging using libthread_db enabled] [New Thread -151129440 (LWP 2399)] [New Thread 93531056 (LWP 2422)] [Thread debugging using libthread_db enabled] [New Thread -151129440 (LWP 2399)] [New Thread 93531056 (LWP 2422)] [Thread debugging using libthread_db enabled] [New Thread -151129440 (LWP 2399)] [New Thread 93531056 (LWP 2422)] [New Thread 68639664 (LWP 2421)] [New Thread 58149808 (LWP 2420)] [New Thread 39386032 (LWP 2419)] [New Thread 28896176 (LWP 2418)] (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 #0 0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 #1 0x00f460db in __waitpid_nocancel () from /lib/tls/libpthread.so.0 #2 0x02ad5442 in libgnomeui_module_info_get () from /usr/lib/libgnomeui-2.so.0 #3 0x0809c8f1 in evolution_storage_set_view_factory_new_view () #4 <signal handler called> #5 0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 #6 0x00471057 in poll () from /lib/tls/libc.so.6 #7 0x00a49156 in g_main_loop_get_context () from /usr/lib/libglib-2.0.so.0 #8 0x00a48590 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #9 0x00a48c53 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 #10 0x006550a8 in bonobo_main () from /usr/lib/libbonobo-2.so.0 #11 0x0809ccf4 in main () Thread 6 (Thread 28896176 (LWP 2418)): #0 0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 No symbol table info available. #1 0x00473491 in ___newselect_nocancel () from /lib/tls/libc.so.6 No symbol table info available. #2 0x04f0c2de in camel_service_gethost () from /usr/lib/evolution/1.4/libcamel.so.0 No symbol table info available. #3 0x04f0bea8 in camel_service_gethost () from /usr/lib/evolution/1.4/libcamel.so.0 No symbol table info available. #4 0x0070c354 in camel_pop3_store_get_type () from /usr/lib/evolution/1.4/camel-providers/libcamelpop3.so No symbol table info available. #5 0x0070c8e0 in camel_pop3_store_get_type () from /usr/lib/evolution/1.4/camel-providers/libcamelpop3.so No symbol table info available. #6 0x0070d43d in camel_pop3_store_expunge () from /usr/lib/evolution/1.4/camel-providers/libcamelpop3.so No symbol table info available. #7 0x04f0b6c5 in camel_service_connect () from /usr/lib/evolution/1.4/libcamel.so.0 No symbol table info available. #8 0x04f0d634 in camel_session_get_service_connected () from /usr/lib/evolution/1.4/libcamel.so.0 No symbol table info available. #9 0x010902fe in mail_tool_get_inbox () from /usr/lib/evolution/1.4/components/libevolution-mail.so No symbol table info available. #10 0x01086882 in mail_filter_on_demand () from /usr/lib/evolution/1.4/components/libevolution-mail.so No symbol table info available. #11 0x010846fe in mail_msg_wait_all () from /usr/lib/evolution/1.4/components/libevolution-mail.so No symbol table info available. #12 0x02c1c5b7 in e_thread_busy () from /usr/lib/evolution/1.4/libeutil.so.0 No symbol table info available. #13 0x02c1c6e7 in e_thread_busy () from /usr/lib/evolution/1.4/libeutil.so.0 No symbol table info available. #14 0x00f3f98c in start_thread () from /lib/tls/libpthread.so.0 No symbol table info available. #15 0x0047a7da in clone () from /lib/tls/libc.so.6 No symbol table info available. Thread 5 (Thread 39386032 (LWP 2419)): #0 0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 No symbol table info available. #1 0x00f42922 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/tls/libpthread.so.0 No symbol table info available. #2 0x02c1bf65 in e_msgport_wait () from /usr/lib/evolution/1.4/libeutil.so.0 No symbol table info available. #3 0x02c1c77d in e_thread_busy () from /usr/lib/evolution/1.4/libeutil.so.0 No symbol table info available. #4 0x00f3f98c in start_thread () from /lib/tls/libpthread.so.0 No symbol table info available. #5 0x0047a7da in clone () from /lib/tls/libc.so.6 No symbol table info available. Thread 4 (Thread 58149808 (LWP 2420)): #0 0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 No symbol table info available. #1 0x00f44eee in __lll_mutex_lock_wait () from /lib/tls/libpthread.so.0 No symbol table info available. #2 0x00f41df4 in _L_mutex_lock_29 () from /lib/tls/libpthread.so.0 No symbol table info available. #3 0x00f6a860 in _dl_runtime_resolve () from /lib/ld-linux.so.2 No symbol table info available. #4 0x0809c8c3 in evolution_storage_set_view_factory_new_view () No symbol table info available. #5 0x0809c8c3 in evolution_storage_set_view_factory_new_view () No symbol table info available. #6 <signal handler called> No symbol table info available. #7 0x00425a33 in strlen () from /lib/tls/libc.so.6 No symbol table info available. #8 0x02c17804 in e_gethostbyname_r () from /usr/lib/evolution/1.4/libeutil.so.0 No symbol table info available. #9 0x04f0bf77 in camel_service_gethost () from /usr/lib/evolution/1.4/libcamel.so.0 No symbol table info available. #10 0x04f0bff8 in camel_service_gethost () from /usr/lib/evolution/1.4/libcamel.so.0 No symbol table info available. #11 0x00f3f98c in start_thread () from /lib/tls/libpthread.so.0 No symbol table info available. #12 0x0047a7da in clone () from /lib/tls/libc.so.6 No symbol table info available. Thread 3 (Thread 68639664 (LWP 2421)): #0 0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 No symbol table info available. #1 0x00f42922 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/tls/libpthread.so.0 No symbol table info available. #2 0x02c1bf65 in e_msgport_wait () from /usr/lib/evolution/1.4/libeutil.so.0 No symbol table info available. #3 0x04f0bfae in camel_service_gethost () from /usr/lib/evolution/1.4/libcamel.so.0 No symbol table info available. #4 0x00f3f98c in start_thread () from /lib/tls/libpthread.so.0 No symbol table info available. #5 0x0047a7da in clone () from /lib/tls/libc.so.6 No symbol table info available. Thread 2 (Thread 93531056 (LWP 2422)): #0 0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 No symbol table info available. #1 0x00f42922 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/tls/libpthread.so.0 No symbol table info available. #2 0x02c1bf65 in e_msgport_wait () from /usr/lib/evolution/1.4/libeutil.so.0 No symbol table info available. #3 0x04f0bfae in camel_service_gethost () from /usr/lib/evolution/1.4/libcamel.so.0 No symbol table info available. #4 0x00f3f98c in start_thread () from /lib/tls/libpthread.so.0 No symbol table info available. #5 0x0047a7da in clone () from /lib/tls/libc.so.6 No symbol table info available. Thread 1 (Thread -151129440 (LWP 2399)): #0 0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 No symbol table info available. #1 0x00f460db in __waitpid_nocancel () from /lib/tls/libpthread.so.0 No symbol table info available. #2 0x02ad5442 in libgnomeui_module_info_get () from /usr/lib/libgnomeui-2.so.0 No symbol table info available. #3 0x0809c8f1 in evolution_storage_set_view_factory_new_view () No symbol table info available. #4 <signal handler called> No symbol table info available. #5 0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 No symbol table info available. #6 0x00471057 in poll () from /lib/tls/libc.so.6 No symbol table info available. #7 0x00a49156 in g_main_loop_get_context () from /usr/lib/libglib-2.0.so.0 No symbol table info available. #8 0x00a48590 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 No symbol table info available. #9 0x00a48c53 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 No symbol table info available. #10 0x006550a8 in bonobo_main () from /usr/lib/libbonobo-2.so.0 No symbol table info available. #11 0x0809ccf4 in main () No symbol table info available. #0 0x00f5f7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 And here is what Ximian said about it: /------- Additional Comments From Gerardo Marin <gerardo> 2004-11-11 18:00 -------/ *** This bug has been marked as a duplicate of 43160 And here are the relevant comments from some of Ximian's people, when this issue evidently came up *a year and a half ago*: I can't find anything wrong with our code. I think there is just random memory corruption happening somewhere, except I can't find it. Also, mail_importer_init() is called fairly early in owner_set_cb() so the memory corruption has to happen before then. if all the crashes were in g_module_open(), I'd be blaming libc right about now, but unfortunately there are even a few crashes in mail_importer_module_init() which is a symbol loaded from each importer module. As far as I can tell, there is definetely no memory corruption happening within mail_importer_init(). looking at some of the backtraces, you can tell the correct (strdup'd) string is making it to g_module_open(), but the string passed to dlopen() by g_module_open is *not* the same pointer, so I wonder if glib is doing something fucked? Somehow I doubt this, but...*shrug* for all I know, this memory corruption could be in the shell or calendar or addressbook or summary...or... anywhere. #14 0x40ec9ce4 in _g_module_open ( file_name=0xfffffe00 <Address 0xfffffe00 out of bounds>, bind_lazy=0) at gmodule-dl.c:93 #15 0x40eca090 in g_module_open ( file_name=0x8218cc8 "/usr/lib/evolution/1.2/evolution-mail-importers/libmbox.so", flags=0) at gmodule.c:231 gmodule.c from glib 1.2 (which is where all the reports are afaict) doesn't do anything with the filename, it just passes the same pointer that we pass to it. but from the bt, those 2 pointers differ. I have no idea how. "Not Possible" /------- Additional Comments From Jeff Stedfast <fejj> 2003-05-19 14:42 -------/ hmmm, as far as the second type of trace, where the crasher is in mail_importer_module_init(), this bt seems the most complete: http://bugzilla.ximian.com/show_bug.cgi?id=41495 if one looks at that bt, one has to wonder if the corruption/bug/whatever is within gconf? /------- Additional Comments From Jeff Stedfast <fejj> 2003-05-19 14:48 -------/ nah, on closer inspection it doesn't seem to be gconf. higher up in the callchain, there's an invalid pointer being passed to parse_default_uri() ? I dunno, maybe the bt is corrupted too, who the hell knows. this bug report is a complete waste of time to even bother looking at imho :\ /------- Additional Comments From ettore <ettore> 2003-05-19 17:50 -------/ If the problem is memory corruption, then it can't be in shell or summary since the problem used to happen with 1.2 when things were in separate processes. So it must either be a bonobo-activation/oaf bug, or a race condition in the mailer code. /------- Additional Comments From Not Zed <notzed> 2003-05-19 21:11 -------/ Given that the 1.3 ones seem quite different from the earlier version ones (none of those are in mail importer init?), it is probably the strongest indication that the problem isn't actually with evolution code. i.e. my first impression and still strongest would be that it is a problem in libdl. Probably the next likeliest candidates are some problem in the indexing code, and/or the mail importer code. All areas, but particularly libdl, get heavily exercised at that initial startup stage - mail_importer_init is run at the same time as async tasks to open folders which are the first real calls to camel, and a lot of symbol resolution is happening. Without some sort of reliable reproduction scenario though ... and we dont even have any of the output from the terminal either, if there is any. I think i may have seen this once, but i'm not sure. I know i have a known buggy dynamic linker w/ multithreaded apps. FWIW some of the dups dont look particularly related, but only maybe half a dozen. /------- Additional Comments From Dan Winship <danw> 2003-05-20 07:51 -------/ Yeah, I wasn't paying enough attention and didn't notice that a bunch of them are crashes in other threads while mail_importer_init merely happened to be running. Although many of those are crashes in libdl still, so it may still all be related. Temlakos Ulrich Drepper wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Temlakos wrote: > > > >>I filed a report to Bugzilla.Ximian.com, and they said (a) "it's the >>same thing we've seen before," and (b) "it's not our fault; there's some >>memory corruption going on somewhere." They mentioned the "libc" file at >>some point in their correspondence on this issue. >> >> > >Memory corruptions are highly unlikely _caused_ by glibc. The malloc >functions will easily crash due to memory corruption but this does not >mean there is a bug in glibc. Every glibc change has the potential to >bring out new bugs; if objects are laid out differently in memory, >buffer overruns will affect different regions and the newly written to >ones might be more sensitive. > >You'll have to determine what these vague statements you got really mean. > >- -- >⧠Ulrich Drepper ⧠Red Hat, Inc. ⧠444 Castro St ⧠Mountain View, CA â >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.2.6 (GNU/Linux) > >iD8DBQFBlE942ijCOnn/RHQRAtKFAKCAe/S2Pt7ENLXLIGk5PuzJ6t1qiwCfQfB6 >pjLHWwxUe6qlaNP0n+EaZKw= >=F7fh >-----END PGP SIGNATURE----- > > >
OK, have now seen your later mailing list posting; marking this as a duplicate of bug #129527 *** This bug has been marked as a duplicate of 129527 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.