753736 – [abrt] evolution-data-server-3.2.1-2.fc16: __GI_raise: Process /usr/libexec/e-calendar-factory was killed by signal 6 (SIGABRT)

Bug 753736 - [abrt] evolution-data-server-3.2.1-2.fc16: __GI_raise: Process /usr/libexec/e-calendar-factory was killed by signal 6 (SIGABRT)

Summary: [abrt] evolution-data-server-3.2.1-2.fc16: __GI_raise: Process /usr/libexec/e...

Keywords:
Status:	CLOSED DUPLICATE of bug 754026
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	glibc
Sub Component:
Version:	16
Hardware:	x86_64
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Jeff Law
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	abrt_hash:b3aa26f2cb86b16be9af0620cd5...
Duplicates (1):	753737 (view as bug list)
Depends On:	739399
Blocks:	753737
TreeView+	depends on / blocked

Reported:	2011-11-14 10:44 UTC by Theodore Lee
Modified:	2016-11-24 15:59 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2011-11-16 16:41:36 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
File: dso_list (8.58 KB, text/plain) 2011-11-14 10:44 UTC, Theodore Lee	no flags	Details
File: backtrace (35.37 KB, text/plain) 2011-11-14 10:44 UTC, Theodore Lee	no flags	Details
File: maps (37.15 KB, text/plain) 2011-11-14 10:44 UTC, Theodore Lee	no flags	Details
Valgrind log (10.35 KB, text/plain) 2011-11-15 09:51 UTC, Theodore Lee	no flags	Details
View All

Description Theodore Lee 2011-11-14 10:44:40 UTC

libreport version: 2.0.7
abrt_version:   2.0.6
backtrace_rating: 4
cmdline:        /usr/libexec/e-calendar-factory
crash_function: __GI_raise
executable:     /usr/libexec/e-calendar-factory
kernel:         3.1.1-1.fc16.x86_64
pid:            1978
pwd:            /
reason:         Process /usr/libexec/e-calendar-factory was killed by signal 6 (SIGABRT)
time:           Mon 14 Nov 2011 12:20:59 PM MYT
uid:            1000
username:       antiaircraft
var_log_messages: Nov 14 12:21:00 aa-sk abrt[1987]: Saved core dump of pid 1978 (/usr/libexec/e-calendar-factory) to /var/spool/abrt/ccpp-2011-11-14-12:20:59-1978 (72257536 bytes)
xsession_errors: 

backtrace:      Text file, 36218 bytes
dso_list:       Text file, 8782 bytes
maps:           Text file, 38043 bytes

environ:
:SHELL=/bin/bash
:DBUS_STARTER_ADDRESS=unix:abstract=/tmp/dbus-r8x5EPXzpX,guid=e155cb85fc189ac282a2ad480000001f
:XDG_SESSION_COOKIE=47d171440f72634427f287550000000d-1321244417.702249-377340363
:XDG_RUNTIME_DIR=/run/user/antiaircraft
:DISPLAY=:0
:DESKTOP_SESSION=gnome
:LC_MEASUREMENT=en_US.utf8
:SSH_AUTH_SOCK=/tmp/keyring-MAMM3R/ssh
:SESSION_MANAGER=local/unix:@/tmp/.ICE-unix/1266,unix/unix:/tmp/.ICE-unix/1266
:LC_MONETARY=en_US.utf8
:LC_NUMERIC=en_US.utf8
:LC_TIME=en_US.utf8
:WINDOWPATH=1
:PATH=/usr/local/bin:/usr/bin:/bin
:GNOME_DESKTOP_SESSION_ID=this-is-deprecated
:GDMSESSION=gnome
:XDG_VTNR=1
:USERNAME=antiaircraft
:XDG_SESSION_ID=2
:GPG_AGENT_INFO=/tmp/keyring-MAMM3R/gpg:0:1
:DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-r8x5EPXzpX,guid=e155cb85fc189ac282a2ad480000001f
:XDG_SEAT=seat0
:XAUTHORITY=/var/run/gdm/auth-for-antiaircraft-2wtHo3/database
:USER=antiaircraft
:DBUS_STARTER_BUS_TYPE=session
:GNOME_KEYRING_PID=1261
:SHLVL=1
:GDM_LANG=en_GB.utf8
:PWD=/home/antiaircraft
:GNOME_KEYRING_CONTROL=/tmp/keyring-MAMM3R
:LANG=en_GB.utf8
:_=/usr/bin/dbus-launch
:LOGNAME=antiaircraft
:HOME=/home/antiaircraft

Comment 1 Theodore Lee 2011-11-14 10:44:44 UTC

Created attachment 533491 [details]
File: dso_list

Comment 2 Theodore Lee 2011-11-14 10:44:47 UTC

Created attachment 533492 [details]
File: backtrace

Comment 3 Theodore Lee 2011-11-14 10:44:50 UTC

Created attachment 533493 [details]
File: maps

Comment 4 Milan Crha 2011-11-15 08:00:11 UTC

Thanks for a bug report. The backtrace shows and error:
> free(): invalid pointer
which might be most likely caused by memory corruption.
Do you have any exact steps how to reproduce it, please? Maybe if you run the factory under valgrind, then it'll show where the memory got corrupted. You can run it from console like this:
   $ G_SLICE=always-malloc valgrind --num-callers=50 /usr/libexec/e-calendar-factory &>log.txt

only before that make sure no other e-calendar-factory is running, neither  evolution itself, and make sure you've installed debug info packages at least for evolution-data-server and evolution.

Then run evolution and try to reproduce the issue. Valgrind can avoid crashes in certain situations, but it writes issues in the log, thus even if the factory doesn't crash, the log can contain the information about the memory issue. Please, upload the resulting log.txt file. Thanks in advance.

Comment 5 Milan Crha 2011-11-15 08:02:45 UTC

*** Bug 753737 has been marked as a duplicate of this bug. ***

Comment 6 Theodore Lee 2011-11-15 09:44:23 UTC

Hmm... I'm only seeing this crash when I log into GNOME, and even then only intermittently, but I'll see if I can reproduce it. I'm also running versions of various packages (notably glibc) from updates-testing, so that might be related.

Comment 7 Theodore Lee 2011-11-15 09:51:46 UTC

Created attachment 533728 [details]
Valgrind log

Okay, it looks like I can only reproduce the crash when e-calendar-factory is started while I don't have a network connection up. The log file from running e-calendar-factory under valgrind for a couple of minutes (without a network connection), then terminating it with ^C is now attached.

Comment 8 Milan Crha 2011-11-16 07:33:10 UTC

Thanks for the update. It did catch the issue and logged it:

==3240== Thread 7:
==3240== Invalid free() / delete / delete[]
==3240==    at 0x4A0662E: free (vg_replace_malloc.c:366)
==3240==    by 0x39721149B7: __free_in6ai (in /lib64/libc-2.14.90.so)
==3240==    by 0x39720DC7FD: getaddrinfo (in /lib64/libc-2.14.90.so)
==3240==    by 0x39758763AB: ??? (in /lib64/libgio-2.0.so.0.3000.1)
==3240==    by 0x39758766C9: ??? (in /lib64/libgio-2.0.so.0.3000.1)
==3240==    by 0x397406C6F7: ??? (in /lib64/libglib-2.0.so.0.3000.1)
==3240==    by 0x397406A1D5: ??? (in /lib64/libglib-2.0.so.0.3000.1)
==3240==    by 0x3972807D8F: start_thread (in /lib64/libpthread-2.14.90.so)
==3240==    by 0x39720EF2FC: clone (in /lib64/libc-2.14.90.so)
==3240==  Address 0x39723b2390 is 0 bytes inside data symbol "noai6ai_cached"

I'm moving this to glibc, where the issue comes from. Just to be sure, what is your currently installed glibc and glib2 version, please? (rpm -q glibc glib2)

Comment 9 Theodore Lee 2011-11-16 12:31:03 UTC

$ rpm -q glibc glib2
glibc-2.14.90-14.x86_64
glibc-2.14.90-14.i686
glib2-2.30.1-1.fc16.x86_64
glib2-2.30.1-1.fc16.i686

Note that, at the time I reported and reproduced this bug, I was running glibc-2.14.90-16 - I've since downgraded back to the version in stable, and it seems to have gotten rid of this issue (and a few others).

Comment 10 Jeff Law 2011-11-16 16:41:36 UTC


*** This bug has been marked as a duplicate of bug 754026 ***

Note You need to log in before you can comment on or make changes to this bug.