655327 – SIGSEGV: pk11_Finalize, PK11_DigestBegin, ssl3_ComputeRecordMAC

Bug 655327 - SIGSEGV: pk11_Finalize, PK11_DigestBegin, ssl3_ComputeRecordMAC

Summary: SIGSEGV: pk11_Finalize, PK11_DigestBegin, ssl3_ComputeRecordMAC

Keywords:
Status:	CLOSED DUPLICATE of bug 657254
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	nss
Sub Component:
Version:	rawhide
Hardware:	x86_64
OS:	Unspecified
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Elio Maldonado Batiz
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	abrt_hash:f9d89b897c68d0a460bc10bbf13...
Duplicates (6):	659223 674091 701082 714665 759185 760478 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-11-20 14:07 UTC by Nicolas Mailhot
Modified:	2011-12-07 09:01 UTC (History)
CC List:	14 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-01-10 22:19:30 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
File: backtrace (46.32 KB, text/plain) 2010-11-20 14:07 UTC, Nicolas Mailhot	no flags	Details
View All

Description Nicolas Mailhot 2010-11-20 14:07:04 UTC

abrt version: 1.1.14
architecture: x86_64
Attached file: backtrace
cmdline: evolution
component: evolution
executable: /usr/bin/evolution
kernel: 2.6.36-5.fc15.x86_64
package: evolution-2.91.2-1.fc15
reason: Process /usr/bin/evolution was killed by signal 11 (SIGSEGV)
release: Fedora release 15 (Rawhide)
How to reproduce: On shutdown
time: 1290260186
uid: 500

Comment 1 Nicolas Mailhot 2010-11-20 14:07:07 UTC

Created attachment 461724 [details]
File: backtrace

Comment 2 Milan Crha 2010-11-22 10:48:26 UTC

Thanks for a bug report. This particular one is happening in nss code, and supposing there didn't happen any memory corruption from evolution side then this might be related to the server certificate and nss library, rather than to the evolution itself, thus I'm moving this to nss.

Thread 1 (Thread 0x7faf19d9d700 (LWP 5075)):
#0  0x00007faf592d3e49 in pk11_Finalize (context=0x7faf2002edb0) at pk11cxt.c:957
#1  0x00007faf592d4d5d in PK11_DigestBegin (cx=0x7faf2002edb0) at pk11cxt.c:611
#2  0x00007faf598118f2 in ssl3_ComputeRecordMAC (spec=0x7faf20005328, useServerMacKey=<value optimized out>, type=<value optimized out>, version=<value optimized out>, seq_num=<value optimized out>, input=<value optimized out>, inputLength=23, outbuf=0x7faf20006d7c "\334\062\227'\005S'\302\240(o\020]\330x\314\315\323\f\210\240\377/7.\376\036\024\216i\357\207\276<\345\266\246{\333.\313r\205,\345\222\310F\260\255\v\360\224!\325t^\362\277BO\025pE\365r\002 j\323\366A\252\001\250\313\306\200\376\201\201\211\261v\270\334\337\340e\205\275\350\333\303\263", outLength=0x7faf19d9c35c) at ssl3con.c:1913
#3  0x00007faf59811e1f in ssl3_CompressMACEncryptRecord (contentLen=23, pIn=0x7faf100010c0 "A00057 SELECT Oseille\r\n", type=content_application_data, ss=0x7faf20003670) at ssl3con.c:2074
#4  ssl3_SendRecord (ss=0x7faf20003670, type=content_application_data, pIn=<value optimized out>, nIn=<value optimized out>, flags=0) at ssl3con.c:2241
#5  0x00007faf59812faf in ssl3_SendApplicationData (ss=0x7faf20003670, in=0x7faf100010c0 "A00057 SELECT Oseille\r\n", len=23, flags=0) at ssl3con.c:2357
#6  0x00007faf598269aa in ssl_SecureSend (ss=0x7faf20003670, buf=0x7faf100010c0 "A00057 SELECT Oseille\r\n", len=23, flags=<value optimized out>) at sslsecur.c:1241
#7  0x00007faf5982a712 in ssl_Write (fd=<value optimized out>, buf=0x7faf100010c0, len=23) at sslsock.c:1652
#8  0x00007faf5ab94b82 in write_to_prfd (fd=0x7faf20002790, buffer=0x7faf100010c0 "A00057 SELECT Oseille\r\n", n=23, cancellable=<value optimized out>, error=0x0) at camel-tcp-stream-raw.c:392
#9  0x00007faf59f5564a in camel_stream_write (stream=0x1a45300, buffer=0x7faf100010c0 "A00057 SELECT Oseille\r\n", n=23, cancellable=0x0, error=0x0) at camel-stream.c:166

Comment 3 Milan Crha 2010-12-02 12:39:14 UTC

*** Bug 659223 has been marked as a duplicate of this bug. ***

Comment 4 Tomáš Bžatek 2010-12-06 13:24:21 UTC

Any news? Seeing this in evolution-2.91.3-1.fc15.x86_64 every time, on app exit.

Comment 5 Dan Williams 2011-01-10 20:21:02 UTC

I get this crash in pk11_Finalize() when running evolution under valgrind, when I don't use valgrind I get an earlier crash, reported as bug 657254.

Comment 6 Dan Williams 2011-01-10 22:19:30 UTC

Pretty sure this is a dupe of 657254.  The imapx backend is still doing stuff with NSS (hitting up the server) when the Evo core calls camel_shutdown(), which deinits NSS, and thus any further crypto ops try to use invalid functions in NSS.

*** This bug has been marked as a duplicate of bug 657254 ***

Comment 7 Milan Crha 2011-02-01 13:28:29 UTC

*** Bug 674091 has been marked as a duplicate of this bug. ***

Comment 8 Milan Crha 2011-05-02 05:58:18 UTC

*** Bug 701082 has been marked as a duplicate of this bug. ***

Comment 9 Milan Crha 2011-06-21 04:52:56 UTC

*** Bug 714665 has been marked as a duplicate of this bug. ***

Comment 10 Milan Crha 2011-12-02 07:31:58 UTC

*** Bug 759185 has been marked as a duplicate of this bug. ***

Comment 11 Milan Crha 2011-12-07 09:01:45 UTC

*** Bug 760478 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.