Bug 1223622 - Evolution dumps core while trying to recover unfinished message
Summary: Evolution dumps core while trying to recover unfinished message
Status: NEW
Alias: None
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: GNOME (show other bugs)
Version: Current
Hardware: Other Other
: P5 - None : Normal (vote)
Target Milestone: ---
Assignee: E-mail List
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-05-02 07:21 UTC by Martin Wilck
Modified: 2024-05-02 07:35 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Martin Wilck 2024-05-02 07:21:16 UTC 
Evolution startup shows dialog box "Do you want to recovers unfinished messages?". Some seconds after clicking "recover", it crashes.

Tumbleweed 20240428
evolution-3.52.0-2.2.x86_64

           PID: 6970 (evolution)
           UID: 17326 (mwilck)
           GID: 50 (suse)
        Signal: 11 (SEGV)
     Timestamp: Thu 2024-05-02 09:10:24 CEST (1min 44s ago)
  Command Line: /usr/bin/evolution
    Executable: /usr/bin/evolution
 Control Group: /user.slice/user-17326.slice/user@17326.service/app.slice/app-gnome-org.gnome.Evolution-6970.scope
          Unit: user@17326.service
     User Unit: app-gnome-org.gnome.Evolution-6970.scope
         Slice: user-17326.slice
     Owner UID: 17326 (mwilck)
       Boot ID: 9d5072f25c8f4cc8be20671b72aa7899
    Machine ID: c812e716b06e4d10bda69148c048f8a4
      Hostname: apollon
       Storage: /var/lib/systemd/coredump/core.evolution.17326.9d5072f25c8f4cc8be20671b72aa7899.6970.1714633824000000.zst (present)
  Size on Disk: 45.5M
       Message: Process 6970 (evolution) of user 17326 dumped core.

                Stack trace of thread 6970:
                #0  0x00007f2781e6693a n/a (module-composer-autosave.so + 0x393a)
                #1  0x00007f278996d21b e_simple_async_result_complete (libevolution-util.so + 0x16d21b)
                #2  0x00007f2782c5d08d n/a (libevolution-mail-composer.so + 0x2108d)
                #3  0x00007f278996d21b e_simple_async_result_complete (libevolution-util.so + 0x16d21b)
                #4  0x00007f278991bee8 n/a (libevolution-util.so + 0x11bee8)
                #5  0x00007f27813eeb6d n/a (module-webkit-editor.so + 0xfb6d)
                #6  0x00007f278f068668 g_closure_invoke (libgobject-2.0.so.0 + 0x17668)
                #7  0x00007f278f07cefc n/a (libgobject-2.0.so.0 + 0x2befc)
                #8  0x00007f278f07e911 n/a (libgobject-2.0.so.0 + 0x2d911)
                #9  0x00007f278f0845c2 g_signal_emit_valist (libgobject-2.0.so.0 + 0x335c2)
                #10 0x00007f278f08466f g_signal_emit (libgobject-2.0.so.0 + 0x3366f)
                #11 0x00007f278a8a7e8e n/a (libwebkit2gtk-4.1.so.0 + 0xca7e8e)
                #12 0x00007f278a3eaeb1 n/a (libwebkit2gtk-4.1.so.0 + 0x7eaeb1)
                #13 0x00007f278a3f8801 n/a (libwebkit2gtk-4.1.so.0 + 0x7f8801)
                #14 0x00007f278a76a35a n/a (libwebkit2gtk-4.1.so.0 + 0xb6a35a)
                #15 0x00007f278a8354de n/a (libwebkit2gtk-4.1.so.0 + 0xc354de)
                #16 0x00007f278a762135 n/a (libwebkit2gtk-4.1.so.0 + 0xb62135)
                #17 0x00007f278a7644da n/a (libwebkit2gtk-4.1.so.0 + 0xb644da)
                #18 0x00007f2787731252 n/a (libjavascriptcoregtk-4.1.so.0 + 0x1931252)
                #19 0x00007f278779fa89 n/a (libjavascriptcoregtk-4.1.so.0 + 0x199fa89)
                #20 0x00007f27877a052f n/a (libjavascriptcoregtk-4.1.so.0 + 0x19a052f)
                #21 0x00007f278f112710 n/a (libglib-2.0.so.0 + 0x5d710)
                #22 0x00007f278f114358 n/a (libglib-2.0.so.0 + 0x5f358)
                #23 0x00007f278f114a0c g_main_context_iteration (libglib-2.0.so.0 + 0x5fa0c)
                #24 0x00007f278ef4c94d g_application_run (libgio-2.0.so.0 + 0xe994d)
                #25 0x0000564a51c8a96f main (evolution + 0x396f)
                #26 0x00007f278942a1f0 __libc_start_call_main (libc.so.6 + 0x2a1f0)
                #27 0x00007f278942a2b9 __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x2a2b9)
Comment 1 Martin Wilck 2024-05-02 07:24:55 UTC 
(gdb) bt
#0  0x00007f2781e6693a in autosave_composer_created_cb (source_object=<optimized out>, result=<optimized out>, user_data=0x0)
    at /usr/src/debug/evolution-3.52.0/src/modules/composer-autosave/e-autosave-utils.c:132
#1  0x00007f278996d21b in e_simple_async_result_complete (result=0x564a54818670) at /usr/src/debug/evolution-3.52.0/src/e-util/e-simple-async-result.c:404
#2  e_simple_async_result_complete (result=0x564a54818670) at /usr/src/debug/evolution-3.52.0/src/e-util/e-simple-async-result.c:397
#3  0x00007f2782c5d08d in e_msg_composer_editor_created_cb (source_object=<optimized out>, result=0x564a558ce240, user_data=0x564a54818670)
    at /usr/src/debug/evolution-3.52.0/src/composer/e-msg-composer.c:3326
#4  0x00007f278996d21b in e_simple_async_result_complete (result=0x564a558ce240) at /usr/src/debug/evolution-3.52.0/src/e-util/e-simple-async-result.c:404
#5  e_simple_async_result_complete (result=0x564a558ce240) at /usr/src/debug/evolution-3.52.0/src/e-util/e-simple-async-result.c:397
#6  0x00007f278991bee8 in e_html_editor_content_editor_initialized (user_data=0x564a558ce240, content_editor=0x564a53ba0200)
    at /usr/src/debug/evolution-3.52.0/src/e-util/e-html-editor.c:1295
#7  e_html_editor_content_editor_initialized (content_editor=0x564a53ba0200, user_data=0x564a558ce240)
    at /usr/src/debug/evolution-3.52.0/src/e-util/e-html-editor.c:1268
#8  0x00007f27813eeb6d in webkit_editor_load_changed_cb (load_event=<optimized out>, wk_editor=0x564a53ba0200)
    at /usr/src/debug/evolution-3.52.0/src/modules/webkit-editor/e-webkit-editor.c:5090
#9  webkit_editor_load_changed_cb (wk_editor=0x564a53ba0200, load_event=<optimized out>)
    at /usr/src/debug/evolution-3.52.0/src/modules/webkit-editor/e-webkit-editor.c:5029
Comment 2 Martin Wilck 2024-05-02 07:31:16 UTC 
(gdb) l 120
115	autosave_composer_created_cb (GObject *source_object,
116				      GAsyncResult *result,
117				      gpointer user_data)
118	{
119		GTask *task;
120		EMsgComposer *composer;
121		GError *error = NULL;
122	
123		task = G_TASK (user_data);
124		composer = e_msg_composer_new_finish (result, &error);
(gdb) 
125		if (error) {
126			g_warning ("%s: Failed to create msg composer: %s", G_STRFUNC, error->message);
127			g_task_return_error (task, g_steal_pointer (&error));
128		} else {
129			CreateComposerData *ccd;
130	
131			ccd = g_task_get_task_data (task);
132			e_msg_composer_setup_with_message (composer, ccd->message, TRUE, NULL, NULL, NULL, NULL);   // *** CRASH HERE ***
133			g_object_set_data_full (
134				G_OBJECT (composer),
(gdb) 
135				SNAPSHOT_FILE_KEY, g_object_ref (ccd->snapshot_file),
136				(GDestroyNotify) delete_snapshot_file);
137			g_task_return_pointer (task, g_object_ref_sink (composer), g_object_unref);
138		}
139	
140		g_object_unref (task);
141	}

The problem is that user_data is a NULL pointer:

(gdb) p user_data
$4 = (gpointer) 0x0

(gdb) up
#1  0x00007f278996d21b in e_simple_async_result_complete (result=0x564a54818670) at /usr/src/debug/evolution-3.52.0/src/e-util/e-simple-async-result.c:404
404			result->priv->callback (result->priv->source_object, G_ASYNC_RESULT (result), result->priv->callback_user_data);


(gdb) p *result->priv
$9 = {
  source_object = 0x0,
  callback = 0x7f2781e66890 <autosave_composer_created_cb>,
  callback_user_data = 0x0,   // <== ** HERE
  source_tag = 0x7f2782c5d0a0 <e_msg_composer_new>,
  user_data = 0x564a534add80,
  destroy_user_data = 0x7f278f06eb20 <g_object_unref>,
  op_pointer = 0x564a54a9a010,
  destroy_op_pointer = 0x0,
  cancellable = 0x0,
  error = 0x0
}
Comment 4 Martin Wilck 2024-05-02 07:35:52 UTC 
As to be expected, the problem does not occur if I don't select "Recover". Which I now did, because I need to read my email. Which also means that I probably won't be able to reproduce this easily.