141573 – Kontact/KNode crashed after reading news

Bug 141573 - Kontact/KNode crashed after reading news

Summary: Kontact/KNode crashed after reading news

Status:	RESOLVED FIXED

Alias:	None

Product:	knode
Classification:	Miscellaneous
Component:	general (show other bugs)
Version:	unspecified
Platform:	Ubuntu Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	kdepim bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2007-02-12 03:13 UTC by tilleyrw
Modified:	2010-04-23 14:28 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description tilleyrw 2007-02-12 03:13:59 UTC

Version:            (using KDE KDE 3.5.6)
Installed from:    Ubuntu Packages

After finishing reading of several news articles, I clicked the "X" in the upper-right of the window to quit.  Kontact/KNode immediately crashed with the following backtrace:

(no debugging symbols found)
Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread -1242588368 (LWP 10856)]
[New Thread -1299670112 (LWP 11598)]
[New Thread -1286108256 (LWP 10861)]
[New Thread -1277715552 (LWP 10860)]
[New Thread -1269322848 (LWP 10859)]
[New Thread -1260930144 (LWP 10858)]
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[KCrash handler]
#6  0xb4e1ef4a in KMime::Content::encodedContent ()
   from /usr/lib/libkmime.so.2
#7  0xb29499c9 in KNArticleManager::saveArticleToFile ()
   from /usr/lib/libknodecommon.so
#8  0xb296b7a2 in KNode::ArticleWidget::slotSave ()
   from /usr/lib/libknodecommon.so
#9  0xb29b541c in KNode::ArticleWidget::qt_invoke ()
   from /usr/lib/libknodecommon.so
#10 0xb6f6a957 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#11 0xb6f6b3fc in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#12 0xb6780069 in KAction::activated () from /usr/lib/libkdeui.so.4
#13 0xb67b8842 in KAction::slotActivated () from /usr/lib/libkdeui.so.4
#14 0xb6885e4f in KAction::qt_invoke () from /usr/lib/libkdeui.so.4
#15 0xb6f6a957 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#16 0xb6f6b3fc in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#17 0xb75451f9 in KAccelPrivate::menuItemActivated ()
   from /usr/lib/libkdecore.so.4
#18 0xb7594897 in KAccelPrivate::emitActivatedSignal ()
   from /usr/lib/libkdecore.so.4
#19 0xb76167fe in KAccelPrivate::eventFilter () from /usr/lib/libkdecore.so.4
#20 0xb6f69f04 in QObject::activate_filters () from /usr/lib/libqt-mt.so.3
#21 0xb6f69f82 in QObject::event () from /usr/lib/libqt-mt.so.3
#22 0xb6fa165b in QWidget::event () from /usr/lib/libqt-mt.so.3
#23 0xb7077c5e in QMainWindow::event () from /usr/lib/libqt-mt.so.3
#24 0xb6f01b88 in QApplication::internalNotify () from /usr/lib/libqt-mt.so.3
#25 0xb6f03b58 in QApplication::notify () from /usr/lib/libqt-mt.so.3
#26 0xb7609c82 in KApplication::notify () from /usr/lib/libkdecore.so.4
#27 0xb75a0757 in KAccelEventHandler::x11Event ()
   from /usr/lib/libkdecore.so.4
#28 0xb76080b3 in KApplication::x11EventFilter ()
   from /usr/lib/libkdecore.so.4
#29 0xb6e802d3 in qt_set_x11_event_filter () from /usr/lib/libqt-mt.so.3
#30 0xb6e90a62 in QApplication::x11ProcessEvent () from /usr/lib/libqt-mt.so.3
#31 0xb6ea8320 in QEventLoop::processEvents () from /usr/lib/libqt-mt.so.3
#32 0xb6f1c25e in QEventLoop::enterLoop () from /usr/lib/libqt-mt.so.3
#33 0xb6f1c06e in QEventLoop::exec () from /usr/lib/libqt-mt.so.3
#34 0xb6f03731 in QApplication::exec () from /usr/lib/libqt-mt.so.3
#35 0x08061095 in ?? ()
#36 0xbfef7dac in ?? ()
#37 0x00000001 in ?? ()
#38 0x00000001 in ?? ()
#39 0x00000000 in ?? ()

Hope this helps, Bob

Comment 1 Philip Rodrigues 2007-02-12 18:33:30 UTC

Can you find steps to reproduce the crash?

Comment 2 tilleyrw 2007-02-13 01:03:27 UTC

On Monday 12 February 2007 12:33:31 pm Philip Rodrigues wrote:
[bugs.kde.org quoted mail]

I'll report my attempts to reproduce the bug.  It occurred after reading and 
saving an unknown number of articles.

Bob

Comment 3 Olivier Trichet 2009-05-17 16:20:00 UTC

Step to reproduce:
 - Open kontact
 - Open knode within kontact
 - Open an article in an external window
 - Close kontact (this let the previous external windows open)
 - Save the article (from the external window)
 => crash


Application: Kontact (kontact), signal: Segmentation fault
[KCrash Handler]
#5  0x00007fa2e9a63c83 in QListData::isEmpty (this=0x3860ac8) at /usr/include/qt4/QtCore/qlist.h:88
#6  0x00007fa2e9a78c13 in QList<KMime::Content*>::isEmpty (this=0x3860ac8) at /usr/include/qt4/QtCore/qlist.h:123
#7  0x00007fa2e9a76dec in KMime::Content::encodedContent (this=0x3860a00, useCrLf=false) at /home/kde/dev/src/kdepimlibs/kmime/kmime_content.cpp:387
#8  0x00007fa2d6709e5e in KNArticleManager::saveArticleToFile (this=0x349a610, a=0x3860a00, parent=0x3865e30) at /home/kde/dev/src/kdepim/knode/knarticlemanager.cpp:110
#9  0x00007fa2d6754aad in KNode::ArticleWidget::slotSave (this=0x3865e30) at /home/kde/dev/src/kdepim/knode/articlewidget.cpp:1257
#10 0x00007fa2d675aa7f in KNode::ArticleWidget::qt_metacall (this=0x3865e30, _c=QMetaObject::InvokeMetaMethod, _id=8, _a=0x7ffffbf834d0) at /home/kde/dev/build/kdepim/knode/articlewidget.moc:130
#11 0x00007fa2ef1dc862 in QMetaObject::activate (sender=0x393f710, from_signal_index=<value optimized out>, to_signal_index=6, argv=0x3df0160) at kernel/qobject.cpp:3120
#12 0x00007fa2ede774e7 in QAction::triggered (this=0x3860ac8, _t1=false) at .moc/release-shared/moc_qaction.cpp:236
#13 0x00007fa2ede78960 in QAction::activate (this=0x393f710, event=<value optimized out>) at kernel/qaction.cpp:1160
#14 0x00007fa2ede7b477 in QAction::event (this=0x3860ac8, e=<value optimized out>) at kernel/qaction.cpp:1079
#15 0x00007fa2eff78927 in KAction::event (this=0x393f710, event=0x7ffffbf83a50) at /home/kde/dev/src/kdelibs/kdeui/actions/kaction.cpp:88
#16 0x00007fa2ede7d4fd in QApplicationPrivate::notify_helper (this=0x2338c40, receiver=0x393f710, e=0x7ffffbf83a50) at kernel/qapplication.cpp:4057
#17 0x00007fa2ede8577a in QApplication::notify (this=0x7ffffbf86150, receiver=0x393f710, e=0x7ffffbf83a50) at kernel/qapplication.cpp:4022
#18 0x00007fa2f004873f in KApplication::notify (this=0x7ffffbf86150, receiver=0x393f710, event=0x7ffffbf83a50) at /home/kde/dev/src/kdelibs/kdeui/kernel/kapplication.cpp:307
#19 0x00007fa2ef1c6e4c in QCoreApplication::notifyInternal (this=0x7ffffbf86150, receiver=0x393f710, event=0x7ffffbf83a50) at kernel/qcoreapplication.cpp:610
#20 0x00007fa2edeb2e6d in QShortcutMap::dispatchEvent (this=<value optimized out>, e=0x7ffffbf83f80) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:213
#21 0x00007fa2edeb4ccc in QShortcutMap::tryShortcutEvent (this=0x2338d58, o=<value optimized out>, e=0x7ffffbf83f80) at kernel/qshortcutmap.cpp:369
#22 0x00007fa2ede867a1 in QApplication::notify (this=0x7ffffbf86150, receiver=0x3880110, e=0x7ffffbf83f80) at kernel/qapplication.cpp:3646
#23 0x00007fa2f004873f in KApplication::notify (this=0x7ffffbf86150, receiver=0x3880110, event=0x7ffffbf83f80) at /home/kde/dev/src/kdelibs/kdeui/kernel/kapplication.cpp:307
#24 0x00007fa2ef1c6e4c in QCoreApplication::notifyInternal (this=0x7ffffbf86150, receiver=0x3880110, event=0x7ffffbf83f80) at kernel/qcoreapplication.cpp:610
#25 0x00007fa2edf12774 in QKeyMapper::sendKeyEvent (keyWidget=0x3880110, grab=<value optimized out>, type=QEvent::KeyPress, code=83, modifiers={i = -67615568}, text=@0x7ffffbf844a0, 
    autorepeat=false, count=1, nativeScanCode=39, nativeVirtualKey=115, nativeModifiers=20) at kernel/qkeymapper_x11.cpp:1675
#26 0x00007fa2edf14aa9 in QKeyMapperPrivate::translateKeyEvent (this=0x237a560, keyWidget=0x3880110, event=0x7ffffbf85d80, grab=false) at kernel/qkeymapper_x11.cpp:1645
#27 0x00007fa2edeed626 in QApplication::x11ProcessEvent (this=0x7ffffbf86150, event=0x7ffffbf85d80) at kernel/qapplication_x11.cpp:3459
#28 0x00007fa2edf164d4 in x11EventSourceDispatch (s=0x233c380, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#29 0x00007fa2e8538e4a in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#30 0x00007fa2e853c510 in ?? () from /usr/lib/libglib-2.0.so.0
#31 0x00007fa2e853c6ac in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#32 0x00007fa2ef1f04bf in QEventDispatcherGlib::processEvents (this=0x230fb40, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:324
#33 0x00007fa2edf15c7f in QGuiEventDispatcherGlib::processEvents (this=0x3860ac8, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:202
#34 0x00007fa2ef1c56f2 in QEventLoop::processEvents (this=<value optimized out>, flags={i = -67608464}) at kernel/qeventloop.cpp:149
#35 0x00007fa2ef1c5abd in QEventLoop::exec (this=0x7ffffbf860b0, flags={i = -67608384}) at kernel/qeventloop.cpp:200
#36 0x00007fa2ef1c7d84 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#37 0x0000000000404284 in main (argc=1, argv=0x7ffffbf86658) at /home/kde/dev/src/kdepim/kontact/src/main.cpp:218

Comment 4 Olivier Trichet 2010-04-23 14:28:07 UTC

SVN commit 1117909 by otrichet:

Use boost::shared_ptr instead of plain pointer to handler KNArticle that are use all over the place.

Side effect: use a QList in KNArticleVector instead of a old fashion array

This fix crash cause by double free and freed-pointer access:
BUG: 172266
BUG: 225813
BUG: 141573
This should also fixed crash that happens while accessing article (that
were certainly already freed):
BUG: 134904
BUG: 216919
BUG: 230536
BUG: 132990

 M  +18 -23    articlewidget.cpp  
 M  +10 -12    articlewidget.h  
 M  +6 -6      headerview.cpp  
 M  +9 -5      knarticle.cpp  
 M  +18 -7     knarticle.h  
 M  +43 -168   knarticlecollection.cpp  
 M  +25 -23    knarticlecollection.h  
 M  +31 -39    knarticlefactory.cpp  
 M  +9 -11     knarticlefactory.h  
 M  +8 -8      knarticlefilter.cpp  
 M  +2 -2      knarticlefilter.h  
 M  +43 -42    knarticlemanager.cpp  
 M  +8 -5      knarticlemanager.h  
 M  +10 -11    knarticlewindow.cpp  
 M  +5 -6      knarticlewindow.h  
 M  +2 -2      kncleanup.cpp  
 M  +6 -6      kncomposer.cpp  
 M  +4 -3      kncomposer.h  
 M  +12 -34    knfolder.cpp  
 M  +14 -7     knfolder.h  
 M  +12 -13    knfoldermanager.cpp  
 M  +26 -42    kngroup.cpp  
 M  +21 -10    kngroup.h  
 M  +11 -14    kngroupbrowser.cpp  
 M  +3 -9      kngroupbrowser.h  
 M  +25 -29    kngroupmanager.cpp  
 M  +6 -1      kngroupmanager.h  
 M  +6 -4      kngroupselectdialog.cpp  
 M  +19 -16    knhdrviewitem.cpp  
 M  +6 -6      knhdrviewitem.h  
 M  +3 -3      knjobdata.cpp  
 M  +11 -4     knjobdata.h  
 M  +15 -13    knmainwidget.cpp  
 M  +5 -8      knmainwidget.h  
 M  +7 -6      knmemorymanager.cpp  
 M  +7 -7      knmemorymanager.h  
 M  +8 -9      knscoring.cpp  
 M  +4 -4      knscoring.h  
 M  +3 -5      knstatusfilter.cpp  
 M  +7 -6      knstatusfilter.h  
 M  +2 -2      mailsendjob.cpp  
 M  +1 -1      mailsendjob.h  
 M  +16 -17    nntpjobs.cpp  
 M  +5 -5      nntpjobs.h  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1117909