Crashes in messageserver5 since upgrading to 3.4.0.24

DrYak · 19 October 2020 17:36

REPRODUCIBILITY (% or how often): 100%
BUILD ID = OS VERSION (Settings > About product): 3.4.0.24
HARDWARE (Jolla1, Tablet, XA2,…): XA2 H4413
UI LANGUAGE: English
REGRESSION: (compared to previous public release: Yes, No, ?): Yes (probably) - emails updating didn’t crash before. (But I haven’t checked explicitely for memory corruption in messageserver5).

DESCRIPTION:

messageserver5 crashes with memory corruption in in Accounts::Provider::~Provider() () from /usr/lib/libaccounts-qt5.so.1 (console reports it as double free)

PRECONDITIONS:

e-mail provider: Infomaniak (mail.infomaniak.ch)
IMAP (StarTLS) or IMAPS (SSL) account set to “Always Up to date”.
(Or alternatively: manually force update).

STEPS TO REPRODUCE:

set messageserver5’s conf file to logs ouput to StdStream
start messageserver5 from the command line
optionnally: start messageserver5 within gdb (for backtrace)

EXPECTED RESULT:

messageserver5 should sync e-mails

ACTUAL RESULT:

messageserver5 crashes with “double free” error.
gdb backtrace show it to be happening in the destructor of Accounts::Provider::~Provider() () from /usr/lib/libaccounts-qt5.so.1

ADDITIONAL INFORMATION:

(I haven’t run valgrind so I can’t pin-point to how the exact memory corruption happens. Anyway double free should not happens, something is broken).

DrYak · 20 October 2020 06:59

Forgot to add:

Workaround

set all crashing IMAP accounts to “update every XX minutes” or “never”.
(This prevents messageserver5 from imediately crashing upon start.)
check account by manually entering their inbox in mail
(for some reasons this doesn’t trigger the crash).

dcaliste · 12 November 2020 15:08

Do you have the full backtrace in case ?

DrYak · 15 November 2020 18:02

Hi! No I haven’t kept them because to me it was clear that given the memory was crashing with double free, the best course of action will be to run valgrind on it.

I’ve tried to bring back the settings that caused the crashes, but somehow now messageserver5 doesn’t crash anymore (so I can regenerate a full log again).
Apparently changing the settings did somewhat update whatever was causing the crash? (I have seen other poeple on the forum solving the same problem by deleting the accounts and setting them up again. I suspect that some old left-over setting wasn’t playing nicely after the upgrade).

Still, even if it caused by broken settings, double free is definitely not something which should be happening anyway. At worse, in case of corrupted settings, it should gracefully exit with an error message complaining about the wrong setting.
Guess that some input isn’t properly sanitized / there’s some broken logic in the code.

I’ll try to find time to valgrind it eventually…