Bug 422092 - Akonadi Server crashing in ItemRetrievalManager while syncing GMail
Summary: Akonadi Server crashing in ItemRetrievalManager while syncing GMail
Status: RESOLVED DUPLICATE of bug 408897
Alias: None
Product: Akonadi
Classification: Frameworks and Libraries
Component: server (show other bugs)
Version: unspecified
Platform: unspecified Linux
: NOR crash
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords: drkonqi
Depends on:
Blocks:
 
Reported: 2020-05-26 11:32 UTC by Stephan Diestelhorst
Modified: 2020-06-14 11:47 UTC (History)
3 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments
DrKonqi report including backtrace (107.66 KB, text/plain)
2020-05-26 11:42 UTC, Stephan Diestelhorst
Details
DrKonqi report #2 (50.21 KB, text/plain)
2020-05-26 11:42 UTC, Stephan Diestelhorst
Details
New crash information added by DrKonqi (9.21 KB, text/plain)
2020-06-10 09:45 UTC, Stephan Diestelhorst
Details
New crash information added by DrKonqi (9.40 KB, text/plain)
2020-06-12 12:44 UTC, Peter Huyoff
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Stephan Diestelhorst 2020-05-26 11:32:35 UTC
Application: akonadiserver (5.14.1 (20.04.0))

Qt Version: 5.14.2
Frameworks Version: 5.70.0
Operating System: Linux 5.5.13-050513-generic x86_64
Windowing system: X11
Distribution: KDE neon User Edition 5.18

-- Information about the crash:
- What I was doing when the application crashed:

Just updated Akonadi and was  very happy to see that GMail is back.  This crashes doing some reference counting on the NULL object in Thread 5 but should be a pretty recent Akonadi build.

-- Backtrace (Reduced):
#4  0x00007f2c1d545d1c in std::__atomic_base<int>::load (__m=std::memory_order_relaxed, this=0x0) at /usr/include/c++/7/bits/atomic_base.h:396
#5  QAtomicOps<int>::loadRelaxed<int> (_q_value=...) at ../../include/QtCore/../../src/corelib/thread/qatomic_cxx11.h:239
#6  QBasicAtomicInteger<int>::loadRelaxed (this=0x0) at ../../include/QtCore/../../src/corelib/thread/qbasicatomic.h:107
[...]
#8  QString::operator= (this=this@entry=0x7f2bc40e0418, other=...) at text/qstring.cpp:2398
#9  0x000055c813140555 in Akonadi::Server::ItemRetrievalManager::retrievalJobFinished (this=0x55c813aa7000, request=0x7f2bc40e0400, errorMsg=...) at ./src/server/storage/itemretrievalmanager.cpp:176


Possible duplicates by query: bug 421812, bug 421668, bug 421501, bug 420495, bug 420184.

Reported using DrKonqi
Comment 1 Stephan Diestelhorst 2020-05-26 11:41:17 UTC
Just happened again multiple times and seems to be reproducible.  Will attach two full backtraces, somehow DrKonqi can't add them here.
Comment 2 Stephan Diestelhorst 2020-05-26 11:42:10 UTC
Created attachment 128797 [details]
DrKonqi report including backtrace
Comment 3 Stephan Diestelhorst 2020-05-26 11:42:36 UTC
Created attachment 128798 [details]
DrKonqi report #2
Comment 4 Stephan Diestelhorst 2020-05-26 17:26:28 UTC
On some more cursory looking, the second crash is slightly different than the first, but they both seem to originate from Akonadi::Server::ItemRetrievalManager::retrievalJobFinished (lines 176 and 182).

First:
Thread 5 (Thread 0x7f2c0954b700 (LWP 6087)):
[KCrash Handler]
#4  0x00007f2c1d545d1c in std::__atomic_base<int>::load (__m=std::memory_order_relaxed, this=0x0) at /usr/include/c++/7/bits/atomic_base.h:396
#5  QAtomicOps<int>::loadRelaxed<int> (_q_value=...) at ../../include/QtCore/../../src/corelib/thread/qatomic_cxx11.h:239
#6  QBasicAtomicInteger<int>::loadRelaxed (this=0x0) at ../../include/QtCore/../../src/corelib/thread/qbasicatomic.h:107
#7  QtPrivate::RefCount::deref (this=0x0) at ../../include/QtCore/../../src/corelib/tools/qrefcount.h:66
#8  QString::operator= (this=this@entry=0x7f2bc40e0418, other=...) at text/qstring.cpp:2398
#9  0x000055c813140555 in Akonadi::Server::ItemRetrievalManager::retrievalJobFinished (this=0x55c813aa7000, request=0x7f2bc40e0400, errorMsg=...) at ./src/server/storage/-|itemretrievalmanager.cpp:176
#10 0x00007f2c1d6e96d7 in QtPrivate::QSlotObjectBase::call (a=0x7f2c0954a810, r=0x55c813aa7000, this=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/   -|qobjectdefs_impl.h:398
#11 doActivate<false> (sender=0x7f2c0000a340, signal_index=3, argv=0x7f2c0954a810) at kernel/qobject.cpp:3870
#12 0x00007f2c1d6e3f92 in QMetaObject::activate (sender=sender@entry=0x7f2c0000a340, m=m@entry=0x55c81342f800 <Akonadi::Server::AbstractItemRetrievalJob::                -|staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7f2c0954a810) at kernel/qobject.cpp:3930
#13 0x000055c813190274 in Akonadi::Server::AbstractItemRetrievalJob::requestCompleted (this=this@entry=0x7f2c0000a340, _t1=<optimized out>, _t2=...) at ./obj-x86_64-     -|linux-gnu/src/server/libakonadiserver_autogen/5XLNPBDXWK/moc_itemretrievaljob.cpp:136
#14 0x000055c813143ace in Akonadi::Server::ItemRetrievalJob::callFinished (this=0x7f2c0000a340, watcher=<optimized out>) at ./src/server/storage/itemretrievaljob.cpp:76
#15 0x00007f2c1d6e96d7 in QtPrivate::QSlotObjectBase::call (a=0x7f2c0954a9e0, r=0x7f2c0000a340, this=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/   -|qobjectdefs_impl.h:398
#16 doActivate<false> (sender=0x7f2bdc0adb70, signal_index=3, argv=0x7f2c0954a9e0) at kernel/qobject.cpp:3870
#17 0x00007f2c1d6e3f92 in QMetaObject::activate (sender=<optimized out>, m=m@entry=0x7f2c1e04e5e0 <QDBusPendingCallWatcher::staticMetaObject>,                            -|local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7f2c0954a9e0) at kernel/qobject.cpp:3930
#18 0x00007f2c1de30ecf in QDBusPendingCallWatcher::finished (this=<optimized out>, _t1=<optimized out>) at .moc/moc_qdbuspendingcall.cpp:158
#19 0x00007f2c1d6e157b in QObject::event (this=0x7f2bdc0adb70, e=0x7f2c10002580) at kernel/qobject.cpp:1339
#20 0x00007f2c1d6ae491 in doNotify (event=0x7f2c10002580, receiver=0x7f2bdc0adb70) at kernel/qcoreapplication.cpp:1165
#21 QCoreApplication::notify (event=<optimized out>, receiver=<optimized out>, this=<optimized out>) at kernel/qcoreapplication.cpp:1151
#22 QCoreApplication::notifyInternal2 (receiver=0x7f2bdc0adb70, event=0x7f2c10002580) at kernel/qcoreapplication.cpp:1075
#23 0x00007f2c1d6ae67e in QCoreApplication::sendEvent (receiver=receiver@entry=0x7f2bdc0adb70, event=event@entry=0x7f2c10002580) at kernel/qcoreapplication.cpp:1470
#24 0x00007f2c1d6b1121 in QCoreApplicationPrivate::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=0x55c813aff900) at kernel/          -|qcoreapplication.cpp:1815
#25 0x00007f2c1d6b16b8 in QCoreApplication::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1674
#26 0x00007f2c1d70e103 in postEventSourceDispatch (s=0x7f2c00004b90) at kernel/qeventdispatcher_glib.cpp:277
#27 0x00007f2c19982417 in g_main_context_dispatch () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#28 0x00007f2c19982650 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#29 0x00007f2c199826dc in g_main_context_iteration () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#30 0x00007f2c1d70d7ac in QEventDispatcherGlib::processEvents (this=0x7f2c00000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#31 0x00007f2c1d6acd2a in QEventLoop::exec (this=this@entry=0x7f2c0954ada0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:225
#32 0x00007f2c1d4bd757 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:536
#33 0x00007f2c1d4bec2c in QThreadPrivate::start (arg=0x55c813a86be0) at thread/qthread_unix.cpp:342
#34 0x00007f2c1b5c56db in start_thread (arg=0x7f2c0954b700) at pthread_create.c:463
#35 0x00007f2c1cb5088f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Second:
Thread 5 (Thread 0x7fc7b234c700 (LWP 19533)):
[KCrash Handler]
#4  QListData::size (this=0x7fc77c148d80) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qlist.h:115
#5  QList<long long>::operator== (l=..., this=0x7fc77c148d80) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qlist.h:874
#6  Akonadi::Server::ItemRetrievalManager::retrievalJobFinished (this=0x5598b86df040, request=0x7fc77c090be0, errorMsg=...) at ./src/server/storage/itemretrievalmanager. -|cpp:182
#7  0x00007fc7c64c46d7 in QtPrivate::QSlotObjectBase::call (a=0x7fc7b234b7f0, r=0x5598b86df040, this=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/   -|qobjectdefs_impl.h:398
#8  doActivate<false> (sender=0x7fc7b801be10, signal_index=3, argv=0x7fc7b234b7f0) at kernel/qobject.cpp:3870
#9  0x00007fc7c64bef92 in QMetaObject::activate (sender=sender@entry=0x7fc7b801be10, m=m@entry=0x5598b776c800 <Akonadi::Server::AbstractItemRetrievalJob::                -|staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fc7b234b7f0) at kernel/qobject.cpp:3930
#10 0x00005598b74cd274 in Akonadi::Server::AbstractItemRetrievalJob::requestCompleted (this=this@entry=0x7fc7b801be10, _t1=<optimized out>, _t1@entry=0x7fc77c090be0,     -|_t2=...) at ./obj-x86_64-linux-gnu/src/server/libakonadiserver_autogen/5XLNPBDXWK/moc_itemretrievaljob.cpp:136
#11 0x00005598b7481735 in Akonadi::Server::ItemRetrievalJob::start (this=0x7fc7b801be10) at ./src/server/storage/itemretrievaljob.cpp:57
#12 0x00005598b747ef18 in Akonadi::Server::ItemRetrievalManager::processRequest (this=<optimized out>) at ./src/server/storage/itemretrievalmanager.cpp:164
#13 0x00007fc7c64bc57b in QObject::event (this=0x5598b86df040, e=0x7fc77c02e800) at kernel/qobject.cpp:1339
#14 0x00007fc7c6489491 in doNotify (event=0x7fc77c02e800, receiver=0x5598b86df040) at kernel/qcoreapplication.cpp:1165
#15 QCoreApplication::notify (event=<optimized out>, receiver=<optimized out>, this=<optimized out>) at kernel/qcoreapplication.cpp:1151
#16 QCoreApplication::notifyInternal2 (receiver=0x5598b86df040, event=0x7fc77c02e800) at kernel/qcoreapplication.cpp:1075
#17 0x00007fc7c648967e in QCoreApplication::sendEvent (receiver=receiver@entry=0x5598b86df040, event=event@entry=0x7fc77c02e800) at kernel/qcoreapplication.cpp:1470
#18 0x00007fc7c648c121 in QCoreApplicationPrivate::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=0x5598b872dd50) at kernel/          -|qcoreapplication.cpp:1815
#19 0x00007fc7c648c6b8 in QCoreApplication::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1674
#20 0x00007fc7c64e9103 in postEventSourceDispatch (s=0x7fc7a8004b90) at kernel/qeventdispatcher_glib.cpp:277
#21 0x00007fc7c275d417 in g_main_context_dispatch () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#22 0x00007fc7c275d650 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#23 0x00007fc7c275d6dc in g_main_context_iteration () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#24 0x00007fc7c64e87ac in QEventDispatcherGlib::processEvents (this=0x7fc7a8000b20, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#25 0x00007fc7c6487d2a in QEventLoop::exec (this=this@entry=0x7fc7b234bda0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:225
#26 0x00007fc7c6298757 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:536
#27 0x00007fc7c6299c2c in QThreadPrivate::start (arg=0x5598b86b7880) at thread/qthread_unix.cpp:342
#28 0x00007fc7c43a06db in start_thread (arg=0x7fc7b234c700) at pthread_create.c:463
#29 0x00007fc7c592b88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
Comment 5 Stephan Diestelhorst 2020-05-26 17:35:26 UTC
Bugs #419229 and #420495 definitely look very similar.
Comment 6 Stephan Diestelhorst 2020-05-26 17:36:30 UTC
Bug 419229 and bug 420495 definitely look related.
Comment 7 Stephan Diestelhorst 2020-06-10 09:45:32 UTC
Created attachment 129188 [details]
New crash information added by DrKonqi

akonadiserver (5.14.1 (20.04.0)) using Qt 5.14.2

- What I was doing when the application crashed:

Same thing, syncing my mailbox with GMail.  System freshly updated to 5.19, and crash still happens.

-- Backtrace (Reduced):
#4  0x00007fa092076d1c in std::__atomic_base<int>::load (__m=std::memory_order_relaxed, this=0x3030305c3030305c) at /usr/include/c++/7/bits/atomic_base.h:396
#5  QAtomicOps<int>::loadRelaxed<int> (_q_value=...) at ../../include/QtCore/../../src/corelib/thread/qatomic_cxx11.h:239
#6  QBasicAtomicInteger<int>::loadRelaxed (this=0x3030305c3030305c) at ../../include/QtCore/../../src/corelib/thread/qbasicatomic.h:107
[...]
#8  QString::operator= (this=this@entry=0x7fa01c159e58, other=...) at text/qstring.cpp:2398
#9  0x000055b66cde5555 in Akonadi::Server::ItemRetrievalManager::retrievalJobFinished (this=0x55b66d219810, request=0x7fa01c159e40, errorMsg=...) at ./src/server/storage/itemretrievalmanager.cpp:176
Comment 8 Stephan Diestelhorst 2020-06-11 20:48:03 UTC
I'm doing some debugging on this myself, and it seems that in  ItemRetrievalManager::retrievalJobFinished the request->resourceId is getting deallocated (looking at the faults either in reference counting, or CRC computation) while this function is still active.

Don't quite understand the logging regime here and who owns what data, but I hope that with a bit of logging and inspection, I can find out what is happening here.
Comment 9 Peter Huyoff 2020-06-12 12:44:17 UTC
Created attachment 129259 [details]
New crash information added by DrKonqi

akonadiserver (5.14.1 (20.04.0)) using Qt 5.15.0

- What I was doing when the application crashed:

KMail starts and akonadi crashes, while syncing gmail account.

-- Backtrace (Reduced):
#4  0x00007fa10fbdd8ce in std::__atomic_base<int>::load (__m=std::memory_order_relaxed, this=0x7fa090000080) at /usr/include/c++/10/bits/atomic_base.h:420
#5  QAtomicOps<int>::loadRelaxed<int> (_q_value=...) at ../../include/QtCore/../../src/corelib/thread/qatomic_cxx11.h:239
#6  QBasicAtomicInteger<int>::loadRelaxed (this=0x7fa090000080) at ../../include/QtCore/../../src/corelib/thread/qbasicatomic.h:107
[...]
#8  QString::operator= (this=this@entry=0x7fa090287518, other=...) at text/qstring.cpp:2395
#9  0x00005581055d9774 in Akonadi::Server::ItemRetrievalManager::retrievalJobFinished (this=0x558105789cc0, request=0x7fa090287500, errorMsg=...) at /usr/src/debug/akonadi-server-20.04.1-1.2.x86_64/src/server/storage/itemretrievalmanager.cpp:176
Comment 10 Daniel Vrátil 2020-06-14 11:47:24 UTC

*** This bug has been marked as a duplicate of bug 408897 ***