| Summary: | Crash on checking mails: apparently a dangling KMMsgBase pointer is accessed | ||
|---|---|---|---|
| Product: | [Unmaintained] kmail | Reporter: | Matthias Kretz <kretz> |
| Component: | disconnected IMAP | Assignee: | kdepim bugs <kdepim-bugs> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | crash | ||
| Priority: | NOR | ||
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Platform: | unspecified | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed In: | ||
| Sentry Crash Report: | |||
| Attachments: | abort when dangling | ||
*** This bug has been marked as a duplicate of 106030 *** I was just able to reproduce the bug again - and perhaps it had nothing to do with the moved messages but with the "Last Search" folder. Steps to reproduce (didn't work another time, though): click on a folder, search for messages, close search dialog, click on "Last Search" folder, click on a mail there, check mail -> crash - KMFolderCachedImap::name() returns the name of the folder that the Search Folder is referencing - KMFolderCachedImap::uidsOnServer.count() == 1 Created attachment 18567 [details]
abort when dangling
I have KMail running with the attached patch now, hoping to find the code where
the dangling pointer is "created".
|
Version: unknown (using KDE 3.5.5, Kubuntu (edgy) 4:3.5.5-0ubuntu3) Compiler: Target: i486-linux-gnu OS: Linux (i686) release 2.6.17-10-generic This were the last steps before Kontact crashed: I checked email in "dimap account 2" and a local filter moved an email to a folder of "dimap account 1". I manually moved it back. Then checking mail in "dimap account 1" crashed: Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1". [Thread debugging using libthread_db enabled] [New Thread -1242293456 (LWP 5380)] [New Thread -1281942624 (LWP 5384)] [New Thread -1273549920 (LWP 5383)] [New Thread -1265157216 (LWP 5382)] [New Thread -1256764512 (LWP 5381)] [KCrash handler] #6 0x2d580a0d in ?? () #7 0xb55e9f7a in KMFolderImap::flagsToStatus (msg=0x9d55588, flags=1, newMsg=true) at /build/buildd/kdepim-3.5.5/./kmail/kmfolderimap.cpp:1407 #8 0xb5606f33 in KMFolderCachedImap::slotGetMessagesData (this=0x86530b8, job=0xaba59f0, data=@0xbfc94db0) at /build/buildd/kdepim-3.5.5/./kmail/kmfoldercachedimap.cpp:1465 #9 0xb5608532 in KMFolderCachedImap::qt_invoke (this=0x86530b8, _id=9, _o=0xbfc94ab0) at ./kmfoldercachedimap.moc:372 #10 0xb6fbc957 in QObject::activate_signal (this=0xaba59f0, clist=0xa03d200, o=0xbfc94ab0) at kernel/qobject.cpp:2356 #11 0xb6a9fbfd in KIO::TransferJob::data (this=0xaba59f0, t0=0xaba59f0, t1=@0xbfc94db0) at ./jobclasses.moc:993 #12 0xb6a9fc78 in KIO::TransferJob::slotData (this=0xaba59f0, _data=@0xbfc94db0) at /build/buildd/kdelibs-3.5.5/./kio/kio/job.cpp:906 #13 0xb6add6d9 in KIO::TransferJob::qt_invoke (this=0xaba59f0, _id=18, _o=0xbfc94ba4) at ./jobclasses.moc:1072 #14 0xb6fbc957 in QObject::activate_signal (this=0xa688578, clist=0x9fb58d0, o=0xbfc94ba4) at kernel/qobject.cpp:2356 #15 0xb6a9c41e in KIO::SlaveInterface::data (this=0xa688578, t0=@0xbfc94db0) at ./slaveinterface.moc:194 #16 0xb6afd3c3 in KIO::SlaveInterface::dispatch (this=0xa688578, _cmd=100, rawdata=@0xbfc94db0) at /build/buildd/kdelibs-3.5.5/./kio/kio/slaveinterface.cpp:234 #17 0xb6afb75a in KIO::SlaveInterface::dispatch (this=0xa688578) at /build/buildd/kdelibs-3.5.5/./kio/kio/slaveinterface.cpp:173 #18 0xb6aac43c in KIO::Slave::gotInput (this=0xa688578) at /build/buildd/kdelibs-3.5.5/./kio/kio/slave.cpp:300 #19 0xb6aeb360 in KIO::Slave::qt_invoke (this=0xa688578, _id=4, _o=0xbfc94ed8) at ./slave.moc:113 #20 0xb6fbc957 in QObject::activate_signal (this=0xa60a9e0, clist=0x9364ec8, o=0xbfc94ed8) at kernel/qobject.cpp:2356 #21 0xb6fbd26e in QObject::activate_signal (this=0xa60a9e0, signal=2, param=30) at kernel/qobject.cpp:2449 #22 0xb7349cdb in QSocketNotifier::activated (this=0xa60a9e0, t0=30) at .moc/debug-shared-mt/moc_qsocketnotifier.cpp:85 #23 0xb6fdf516 in QSocketNotifier::event (this=0xa60a9e0, e=0xbfc95208) at kernel/qsocketnotifier.cpp:258 #24 0xb6f53b88 in QApplication::internalNotify (this=0xbfc95500, receiver=0xa60a9e0, e=0xbfc95208) at kernel/qapplication.cpp:2635 #25 0xb6f559b7 in QApplication::notify (this=0xbfc95500, receiver=0xa60a9e0, e=0xbfc95208) at kernel/qapplication.cpp:2358 #26 0xb767cdb2 in KApplication::notify (this=0xbfc95500, receiver=0xa60a9e0, event=0xbfc95208) at /build/buildd/kdelibs-3.5.5/./kdecore/kapplication.cpp:550 #27 0xb6ee6389 in QApplication::sendEvent (receiver=0xa60a9e0, event=0xbfc95208) at ../include/qapplication.h:520 #28 0xb6f45f81 in QEventLoop::activateSocketNotifiers (this=0x809e3c8) at kernel/qeventloop_unix.cpp:578 #29 0xb6efaea7 in QEventLoop::processEvents (this=0x809e3c8, flags=4) at kernel/qeventloop_x11.cpp:383 #30 0xb6f6e25e in QEventLoop::enterLoop (this=0x809e3c8) at kernel/qeventloop.cpp:198 #31 0xb6f6e06e in QEventLoop::exec (this=0x809e3c8) at kernel/qeventloop.cpp:145 #32 0xb6f55731 in QApplication::exec (this=0xbfc95500) at kernel/qapplication.cpp:2758 #33 0x0805ad81 in main (argc=1, argv=0xb55facc0) at /build/buildd/kdepim-3.5.5/./kontact/src/main.cpp:161 #34 0xb771a8cc in __libc_start_main () from /lib/tls/i686/cmov/libc.so.6 #35 0x08058311 in _start () I also attached gdb and found that the KMMsgBase pointer must be the problem: (gdb) frame 7 #7 0xb55e9f7a in KMFolderImap::flagsToStatus (msg=0x9d55588, flags=1, newMsg=true) at /build/buildd/kdepim-3.5.5/./kmail/kmfolderimap.cpp:1407 (gdb) print msg $1 = (class KMMsgBase *) 0x9d55588 (gdb) print msg->isOfUnknownStatus() Program received signal SIGSEGV, Segmentation fault. [Switching to Thread -1242293456 (LWP 5380)] 0x2d580a0d in ?? () (gdb) frame 9 #9 0xb55e9f7a in KMFolderImap::flagsToStatus (msg=0x9d55588, flags=1, newMsg=true) at /build/buildd/kdepim-3.5.5/./kmail/kmfolderimap.cpp:1407 (gdb) print msg->status() Program received signal SIGSEGV, Segmentation fault. 0x0005ad43 in ?? ()