Bug 235176

Summary: Kmail segfaults after startup with certain message on IMAP
Product: [Unmaintained] kmail Reporter: Pavel Krc <pavel.krc>
Component: generalAssignee: kdepim bugs <kdepim-bugs>
Status: RESOLVED DUPLICATE    
Severity: crash    
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Unlisted Binaries   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: Structure of the message causing the crash (after deleting attachments)

Description Pavel Krc 2010-04-23 15:30:11 UTC 
Application that crashed: kmail
Version of the application: 1.12.2
KDE Version: 4.3.2 (KDE 4.3.2)
Qt Version: 4.5.2
Operating System: Linux 2.6.31-20-generic i686
Distribution: Ubuntu 9.10

What I was doing when the application crashed:
After starting Kmail (with 3 online IMAP accounts), Kmail always ends with a segfault after ~ 2 secs (probably at opening a folder or message). I'm sorry that I have absolutely no time to study the backtrace at the moment, I will provide further details later.

 -- Backtrace:
Application: KMail (kmail), signal: Segmentation fault
[Current thread is 1 (Thread 0xb7706aa0 (LWP 6212))]

Thread 2 (Thread 0xb16e1b70 (LWP 6217)):
#0  0x00e70422 in __kernel_vsyscall ()
#1  0x0748e142 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/tls/i686/cmov/libpthread.so.0
#2  0x016f38d4 in pthread_cond_timedwait () from /lib/tls/i686/cmov/libc.so.6
#3  0x00c10def in QWaitConditionPrivate::wait (this=0x9f61260, mutex=0x9f6125c, time=30000) at thread/qwaitcondition_unix.cpp:85
#4  QWaitCondition::wait (this=0x9f61260, mutex=0x9f6125c, time=30000) at thread/qwaitcondition_unix.cpp:159
#5  0x00c059ae in QThreadPoolThread::run (this=0x9f59210) at concurrent/qthreadpool.cpp:140
#6  0x00c0fe32 in QThreadPrivate::start (arg=0x9f59210) at thread/qthread_unix.cpp:188
#7  0x0748980e in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#8  0x016e68de in clone () from /lib/tls/i686/cmov/libc.so.6

Thread 1 (Thread 0xb7706aa0 (LWP 6212)):
[KCrash Handler]
#6  QAbstractItemView::d_func (this=0x1) at itemviews/qabstractitemview.h:348
#7  QAbstractItemView::model (this=0x1) at itemviews/qabstractitemview.cpp:585
#8  0x06ac4f32 in QTreeWidgetItem::insertChild (this=0xa05d980, index=0, child=0xa1ef080) at itemviews/qtreewidget.cpp:1891
#9  0x06ac540d in QTreeWidgetItem::addChild (this=0xa05d980, child=0xa1ef080) at itemviews/qtreewidget.cpp:1876
#10 0x06ac5850 in QTreeWidgetItem (this=0xa1ef080, parent=0xa05d980, type=0) at itemviews/qtreewidget.cpp:1424
#11 0x01188194 in KMMimePartTreeItem (this=0xa1ef080, parent=0xa05d980, node=0xa18e550, description=..., mimetype=..., encoding=..., size=0, revertOrder=false) at ../../kmail/kmmimeparttree.cpp:378
#12 0x011cdbaa in partNode::fillMimePartTree (this=0xa18e550, parentItem=0xa05d980, mimePartTree=0x0, labelDescr=..., labelCntType=..., labelEncoding=..., size=0, revertOrder=<value optimized out>)
    at ../../kmail/partNode.cpp:496
#13 0x011ba82d in KMail::ObjectTreeParser::insertAndParseNewChildNode (this=0xbfa815b4, startNode=..., content=0xdf2398 "", cntDesc=0x14ec47d "encapsulated message", append=<value optimized out>)
    at ../../kmail/objecttreeparser.cpp:222
#14 0x011be857 in KMail::ObjectTreeParser::processMessageRfc822Subtype (this=0xbfa815b4, node=0x9f7b9e8) at ../../kmail/objecttreeparser.cpp:1426
#15 0x011c865b in process (this=0xa2e1778, otp=0xbfa815b4, node=0x9f7b9e8, result=...) at ../../kmail/bodypartformatter.cpp:116
#16 0x011b9e48 in KMail::ObjectTreeParser::parseObjectTree (this=0xbfa815b4, node=0x9f7b9e8) at ../../kmail/objecttreeparser.cpp:293
#17 0x011ba077 in KMail::ObjectTreeParser::stdChildHandling (this=0xbfa817e0, child=0x9f7b960) at ../../kmail/objecttreeparser.cpp:1143
#18 0x011ba3e1 in KMail::ObjectTreeParser::processMultiPartMixedSubtype (this=0xbfa817e0, node=0x9f7b8d8) at ../../kmail/objecttreeparser.cpp:1156
#19 0x011c861b in process (this=0xa20e520, otp=0xbfa817e0, node=0x9f7b8d8, result=...) at ../../kmail/bodypartformatter.cpp:118
#20 0x011b9e48 in KMail::ObjectTreeParser::parseObjectTree (this=0xbfa817e0, node=0x9f7b8d8) at ../../kmail/objecttreeparser.cpp:293
#21 0x0101de67 in KMReaderWin::parseMsg (this=0x97e4140, aMsg=0xa13bf50) at ../../kmail/kmreaderwin.cpp:1672
#22 0x0100b4d9 in KMReaderWin::displayMessage (this=0x97e4140) at ../../kmail/kmreaderwin.cpp:1605
#23 0x0100b6cb in KMReaderWin::updateReaderWin (this=0x97e4140) at ../../kmail/kmreaderwin.cpp:1545
#24 0x01015798 in KMReaderWin::update (this=0x97e4140, observable=0x1) at ../../kmail/kmreaderwin.cpp:947
#25 0x0126ead2 in KMail::ISubject::notify (this=0xa13bfc0) at ../../kmail/isubject.cpp:30
#26 0x00f0ce62 in KMMessage::updateBodyPart (this=0xa13bf50, partSpecifier=..., data=...) at ../../kmail/kmmessage.cpp:3235
#27 0x0123fdd0 in KMail::ImapJob::slotGetMessageResult (this=0xa0faef0, job=0xa142c40) at ../../kmail/imapjob.cpp:435
#28 0x0124460f in KMail::ImapJob::qt_metacall (this=0xa0faef0, _c=QMetaObject::InvokeMetaMethod, _id=12, _a=0xbfa81d68) at ./imapjob.moc:82
#29 0x00d16263 in QMetaObject::activate (sender=0xa142c40, from_signal_index=7, to_signal_index=7, argv=0xbfa81d68) at kernel/qobject.cpp:3113
#30 0x00d16ec2 in QMetaObject::activate (sender=0xa142c40, m=0x34fd68, local_signal_index=3, argv=0xbfa81d68) at kernel/qobject.cpp:3187
#31 0x001e9fe3 in KJob::result (this=0xa142c40, _t1=0xa142c40) at ./kjob.moc:188
#32 0x001ea469 in KJob::emitResult (this=0xa142c40) at ../../kdecore/jobs/kjob.cpp:304
#33 0x01fec660 in KIO::SimpleJob::slotFinished (this=0xa142c40) at ../../kio/kio/job.cpp:477
#34 0x01fecb7a in KIO::TransferJob::slotFinished (this=0xa142c40) at ../../kio/kio/job.cpp:948
#35 0x01fea8a3 in KIO::TransferJob::qt_metacall (this=0xa142c40, _c=QMetaObject::InvokeMetaMethod, _id=47, _a=0xbfa81fcc) at ./jobclasses.moc:343
#36 0x00d16263 in QMetaObject::activate (sender=0x98564b8, from_signal_index=8, to_signal_index=8, argv=0x0) at kernel/qobject.cpp:3113
#37 0x00d16ec2 in QMetaObject::activate (sender=0x98564b8, m=0x219ef64, local_signal_index=4, argv=0x0) at kernel/qobject.cpp:3187
#38 0x020b6557 in KIO::SlaveInterface::finished (this=0x98564b8) at ./slaveinterface.moc:165
#39 0x020ba44d in KIO::SlaveInterface::dispatch (this=0x98564b8, _cmd=104, rawdata=...) at ../../kio/kio/slaveinterface.cpp:175
#40 0x020b6a13 in KIO::SlaveInterface::dispatch (this=0x98564b8) at ../../kio/kio/slaveinterface.cpp:91
#41 0x020a8aea in KIO::Slave::gotInput (this=0x98564b8) at ../../kio/kio/slave.cpp:322
#42 0x020aaee3 in KIO::Slave::qt_metacall (this=0x98564b8, _c=QMetaObject::InvokeMetaMethod, _id=30, _a=0xbfa822ac) at ./slave.moc:76
#43 0x00d16263 in QMetaObject::activate (sender=0x9f775b8, from_signal_index=4, to_signal_index=4, argv=0x0) at kernel/qobject.cpp:3113
#44 0x00d16ec2 in QMetaObject::activate (sender=0x9f775b8, m=0x219b8a0, local_signal_index=0, argv=0x0) at kernel/qobject.cpp:3187
#45 0x01fb2f97 in KIO::Connection::readyRead (this=0x9f775b8) at ./connection.moc:86
#46 0x01fb4d5e in KIO::ConnectionPrivate::dequeue (this=0x9f752e8) at ../../kio/kio/connection.cpp:82
#47 0x01fb4e8e in KIO::Connection::qt_metacall (this=0x9f775b8, _c=QMetaObject::InvokeMetaMethod, _id=5, _a=0xa1e7160) at ./connection.moc:73
#48 0x00d0ef0b in QMetaCallEvent::placeMetaCall (this=0xa1fb328, object=0x9f775b8) at kernel/qobject.cpp:477
#49 0x00d105fe in QObject::event (this=0x9f775b8, e=0xa1fb328) at kernel/qobject.cpp:1111
#50 0x064f8f54 in QApplicationPrivate::notify_helper (this=0x968b440, receiver=0x9f775b8, e=0xa1fb328) at kernel/qapplication.cpp:4056
#51 0x0650067c in QApplication::notify (this=0xbfa82be0, receiver=0x9f775b8, e=0xa1fb328) at kernel/qapplication.cpp:3603
#52 0x007febfa in KApplication::notify (this=0xbfa82be0, receiver=0x9f775b8, event=0xa1fb328) at ../../kdeui/kernel/kapplication.cpp:302
#53 0x00d006cb in QCoreApplication::notifyInternal (this=0xbfa82be0, receiver=0x9f775b8, event=0xa1fb328) at kernel/qcoreapplication.cpp:610
#54 0x00d012b2 in QCoreApplication::sendEvent (receiver=0x0, event_type=0, data=0x95f8fa8) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:213
#55 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x95f8fa8) at kernel/qcoreapplication.cpp:1247
#56 0x00d0147d in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at kernel/qcoreapplication.cpp:1140
#57 0x00d2b3ff in QCoreApplication::sendPostedEvents (s=0x9621890) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:218
#58 postEventSourceDispatch (s=0x9621890) at kernel/qeventdispatcher_glib.cpp:210
#59 0x02b24e88 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#60 0x02b28730 in ?? () from /lib/libglib-2.0.so.0
#61 0x02b28863 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#62 0x00d2b02c in QEventDispatcherGlib::processEvents (this=0x9689658, flags=...) at kernel/qeventdispatcher_glib.cpp:327
#63 0x06599be5 in QGuiEventDispatcherGlib::processEvents (this=0x9689658, flags=...) at kernel/qguieventdispatcher_glib.cpp:202
#64 0x00cfec79 in QEventLoop::processEvents (this=0xbfa82aa4, flags=) at kernel/qeventloop.cpp:149
#65 0x00cff0ca in QEventLoop::exec (this=0xbfa82aa4, flags=...) at kernel/qeventloop.cpp:201
#66 0x00d0153f in QCoreApplication::exec () at kernel/qcoreapplication.cpp:888
#67 0x064f8dd7 in QApplication::exec () at kernel/qapplication.cpp:3525
#68 0x0804a702 in main (argc=3, argv=0xbfa82d94) at ../../kmail/main.cpp:146

Reported using DrKonqi
Comment 1 Pavel Krc 2010-05-07 15:51:32 UTC 
Finally I'm adding further details:

I realized it was a certain message that was crashing Kmail. When I put that message using another client to another folder (therefore Kmail wouldn't start with that one selected), it stopped crashing. After a successful launch, Kmail actually *WAS* able to display the message properly without crashing (even back in the original folder), i.e. it would only crash when that message was the first one to display after start.

I'd love to enclose the message as an attachment, unfortunately it contains data that I'm responsible to keep confidental. It was a message with no text and an encapsulated forwarded message. The encapsulated message had alternative plaintext/html content and two attachments, 5 MB in total. After deleting the attachments from the message, the problem vanished. I'm attaching the message structure *after* deleting the attachments.
Comment 2 Pavel Krc 2010-05-07 15:56:15 UTC 
Created attachment 43339 [details]
Structure of the message causing the crash (after deleting attachments)
Comment 3 Christophe Marin 2010-06-07 19:22:17 UTC 

*** This bug has been marked as a duplicate of bug 186502 ***