Bug 162784 - kmail crashes with SIGBUS on a large (65000+ messages) IMAP mailbox
Summary: kmail crashes with SIGBUS on a large (65000+ messages) IMAP mailbox
Status: RESOLVED UNMAINTAINED
Alias: None
Product: kmail
Classification: Applications
Component: IMAP (show other bugs)
Version: unspecified
Platform: openSUSE All
: NOR crash
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-05-29 06:38 UTC by John Baldwin
Modified: 2012-08-19 11:03 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Baldwin 2008-05-29 06:38:41 UTC
Version:            (using KDE 3.5.8)
Installed from:    FreeBSD Ports
Compiler:          gcc version 3.4.6 [FreeBSD] 20060305 
OS:                FreeBSD

I think this is a stack overflow as I have over 65000 stack frames.  I won't cut and paste all of it (I don't have the patience).  Here are the first few frames from the top of stack:

(gdb) where
#0  0x2a1322ac in QListViewItem::listView () from /usr/local/lib/libqt-mt.so.3
#1  0x2a132528 in QListViewItem::enforceSortOrder ()
   from /usr/local/lib/libqt-mt.so.3
#2  0x2a132ef2 in QListViewItem::firstChild ()
   from /usr/local/lib/libqt-mt.so.3
#3  0x2a13dfa8 in QListViewItemIterator::operator++ ()
   from /usr/local/lib/libqt-mt.so.3
#4  0x2a13dfcc in QListViewItemIterator::operator++ ()
   from /usr/local/lib/libqt-mt.so.3
#5  0x2a13dfcc in QListViewItemIterator::operator++ ()
   from /usr/local/lib/libqt-mt.so.3
#6  0x2a13dfcc in QListViewItemIterator::operator++ ()
   from /usr/local/lib/libqt-mt.so.3
...

For the bottom of the stack I used frame to find the bottom and then walked up until I ran into QListViewItemIterator::operator++ ():

#65216 0x0804a686 in main ()
(gdb) down
#65215 0x29fe8f0f in QApplication::exec () from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65214 0x2a000436 in QEventLoop::exec () from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65213 0x2a0004e2 in QEventLoop::enterLoop () from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65212 0x29f9397c in QEventLoop::processEvents ()
   from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65211 0x29fdd584 in QEventLoop::activateSocketNotifiers ()
   from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65210 0x29a88b38 in KApplication::notify ()
   from /usr/local/lib/libkdecore.so.6
(gdb) down
#65209 0x29fe9efc in QApplication::notify () from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65208 0x29fe9d5f in QApplication::internalNotify ()
   from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65207 0x2a06aeff in QSocketNotifier::event ()
   from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65206 0x2a3a5170 in QSocketNotifier::activated ()
   from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65205 0x2a04eada in QObject::activate_signal ()
   from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65204 0x2a04e514 in QObject::activate_signal ()
   from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65203 0x29474c58 in KIO::Slave::qt_invoke () from /usr/local/lib/libkio.so.6
(gdb) down
#65202 0x2947489b in KIO::Slave::gotInput () from /usr/local/lib/libkio.so.6
(gdb) down
#65201 0x29478b13 in KIO::SlaveInterface::dispatch ()
   from /usr/local/lib/libkio.so.6
(gdb) down
#65200 0x2947a09c in KIO::SlaveInterface::dispatch ()
   from /usr/local/lib/libkio.so.6
(gdb) down
#65199 0x2947738c in KIO::SlaveInterface::finished ()
   from /usr/local/lib/libkio.so.6
(gdb) down
#65198 0x2a04ec32 in QObject::activate_signal ()
   from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65197 0x2a04e514 in QObject::activate_signal ()
   from /usr/local/lib/libqt-mt.so.3
(gdb) down
#65196 0x294a461b in KIO::ListJob::qt_invoke () from /usr/local/lib/libkio.so.6
(gdb) down
#65195 0x29491830 in KIO::ListJob::slotFinished ()
   from /usr/local/lib/libkio.so.6
(gdb)
#65194 0x2948c5cc in KIO::SimpleJob::slotFinished ()
   from /usr/local/lib/libkio.so.6
(gdb)
#65193 0x29489f5c in KIO::Job::emitResult () from /usr/local/lib/libkio.so.6
(gdb)
#65192 0x29489ebd in KIO::Job::result () from /usr/local/lib/libkio.so.6
(gdb)
#65191 0x2a04e514 in QObject::activate_signal ()
   from /usr/local/lib/libqt-mt.so.3
(gdb)
#65190 0x2838809f in KMFolderImap::qt_invoke ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65189 0x28385739 in KMFolderImap::slotListFolderResult ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65188 0x28377a87 in KMFolderImap::finishMailCheck ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65187 0x283779cf in KMFolderImap::folderComplete ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65186 0x2a04e49d in QObject::activate_signal ()
   from /usr/local/lib/libqt-mt.so.3
(gdb)
#65185 0x28461eb1 in KMMainWidget::qt_invoke ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65184 0x2845206d in KMMainWidget::folderSelected ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65183 0x28451c18 in KMMainWidget::folderSelected ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65182 0x282900c9 in KMHeaders::setFolder ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65181 0x28289996 in KMHeaders::updateMessageList ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65180 0x282823cc in KMHeaders::messageListUpdated ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65179 0x2a04ec32 in QObject::activate_signal ()
   from /usr/local/lib/libqt-mt.so.3
(gdb)
#65178 0x2a04e514 in QObject::activate_signal ()
   from /usr/local/lib/libqt-mt.so.3
(gdb)
#65177 0x284d1744 in KMail::HeaderListQuickSearch::qt_invoke ()
   from /usr/local/lib/libkmailprivate.so
(gdb)
#65176 0x2994eabb in KListViewSearchLine::qt_invoke ()
   from /usr/local/lib/libkdeui.so.6
(gdb)
#65175 0x2994cd84 in KListViewSearchLine::updateSearch ()
   from /usr/local/lib/libkdeui.so.6
(gdb)
#65174 0x2a13e199 in QListViewItemIterator::QListViewItemIterator ()
   from /usr/local/lib/libqt-mt.so.3
(gdb)
#65173 0x2a13dfcc in QListViewItemIterator::operator++ ()
   from /usr/local/lib/libqt-mt.so.3
(gdb)
#65172 0x2a13dfcc in QListViewItemIterator::operator++ ()
   from /usr/local/lib/libqt-mt.so.3

My guess is the real issue is in qt itself and the implementation of QListViewItemIterator::operator++ () and its apparent use of recursion.  I am using qt-3.3.8 (+ KDE patches) built from FreeBSD ports.  The QListViewItemIterator::operator++() routine from my build looks like this:

QListViewItemIterator &QListViewItemIterator::operator++()
{
    if ( !curr )
        return *this;

    QListViewItem *item = curr->firstChild();
    if ( !item ) {
        while ( (item = curr->nextSibling()) == 0  ) {
            curr = curr->parent();
            if ( curr == 0 )
                break;
        }
    }
    curr = item;
    // if the next one doesn't match the flags we try one more ahead
    if ( curr && !matchesFlags( curr ) )
        ++( *this );
    return *this;
}

I think the '++( *this)' is the source of the recursion.  Perhaps this could be done via an iterative algorithm instead?
Comment 1 Will Stephenson 2009-11-03 10:00:21 UTC
Same bug downstream: https://bugzilla.novell.com/show_bug.cgi?id=544946

I'm changing the bug to Linux so it doesn't get written off as FreeBSD specific.
Comment 2 Hans-Peter Jansen 2009-11-03 10:10:57 UTC
As Will already noted, I suffer from this bug exactly.

John, did you advanced on this issue in any way, or did you just moved on to kde4?
Comment 3 John Baldwin 2009-11-03 16:24:27 UTC
No, I still use kde3 on most machines, but I think I have worked around this
by splitting up my mailboxes so they aren't quite so large.
Comment 4 Myriam Schweingruber 2012-08-19 11:03:52 UTC
Thank you for your report. Kmail1 is currently unmaintained and the code has changed sufficiently in Kmail2 so the backtraces are not really useful anymore. Should you experience the same crash in Kmail 4.8.5 or later, please open a new report for Kmail2. Thank you for your understanding