Bug 340680

Summary: another crash-on-exit due to nested event handling
Product: [Applications] kontact Reporter: RJVB <rjvbertin>
Component: generalAssignee: kdepim bugs <kdepim-bugs>
Status: RESOLVED UNMAINTAINED    
Severity: crash CC: auxsvr, cpigat242, kdenis, martin.ruessler, sven, vonbirn
Priority: NOR Keywords: drkonqi
Version: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: Crash traceback for Kontact
New crash information added by DrKonqi
patch set *against KDEPIM 4.13.3*
New crash information added by DrKonqi

Description RJVB 2014-11-06 10:16:52 UTC 
Application: kontact (4.14.3)
KDE Platform Version: 4.14.2 (Compiled from sources)
Qt Version: 4.8.6
Operating System: Linux 3.13.11.6-ck1-kubuntu-amdf10-rjvb x86_64
Distribution: Ubuntu 14.04.1 LTS

-- Information about the crash:
- What I was doing when the application crashed:
Yet again KMail had gotten stuck in the RFC ("Retrieving Folder Contents" screen), so I Quit the application hoping to test my patch to the systray icon from yesterday a bit more.
Didn't get the chance: turns out there is another nested event loop code path to accessing a released resource: see the backtrace.

I am currently testing a patch for this on OS X (a check against kmkernel->shuttingDown() at an appropriate place), but the best protection against this kind of bug would be a switch to turn off all UI event handling (if fixing KJob::exec doesn't cut it).

kdepim is built from source here, using git/4.14 from a bit under 24h ago (see ppa:rjvbertin/kdepim)

-- Backtrace:
Application: Kontact (kontact), signal: Segmentation fault
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
To enable execution of this file add
	add-auto-load-safe-path /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.20-gdb.py
line to your configuration file "/home/bertin/.gdbinit".
To completely disable this security protection add
	set auto-load safe-path /
line to your configuration file "/home/bertin/.gdbinit".
For more information about this security protection see the
"Auto-loading safe path" section in the GDB manual.  E.g., run from the shell:
	info "(gdb)Auto-loading safe path"
[Current thread is 1 (Thread 0x7f56e45f2800 (LWP 5030))]

Thread 5 (Thread 0x7f56c4e83700 (LWP 5032)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f56df22081d in ?? () from /usr/lib/x86_64-linux-gnu/libQtWebKit.so.4
#2  0x00007f56df220859 in ?? () from /usr/lib/x86_64-linux-gnu/libQtWebKit.so.4
#3  0x00007f56db902182 in start_thread (arg=0x7f56c4e83700) at pthread_create.c:312
#4  0x00007f56e1860fbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 4 (Thread 0x7f5684568700 (LWP 5033)):
#0  pthread_cond_wait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185
#1  0x00007f56def6120d in ?? () from /usr/lib/x86_64-linux-gnu/libQtWebKit.so.4
#2  0x00007f56df24ffd6 in ?? () from /usr/lib/x86_64-linux-gnu/libQtWebKit.so.4
#3  0x00007f56db902182 in start_thread (arg=0x7f5684568700) at pthread_create.c:312
#4  0x00007f56e1860fbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 3 (Thread 0x7f5674c47700 (LWP 5037)):
#0  0x00007f56db46461a in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#1  0x00007f56db4649a9 in g_mutex_unlock () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f56db422680 in g_main_context_prepare () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f56db422f03 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007f56db4230ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007f56e221972e in QEventDispatcherGlib::processEvents (this=0x7f56700008c0, flags=...) at kernel/qeventdispatcher_glib.cpp:436
#6  0x00007f56e21e75af in QEventLoop::processEvents (this=this@entry=0x7f5674c46de0, flags=...) at kernel/qeventloop.cpp:149
#7  0x00007f56e21e78ed in QEventLoop::exec (this=this@entry=0x7f5674c46de0, flags=...) at kernel/qeventloop.cpp:204
#8  0x00007f56e20ca413 in QThread::exec (this=<optimized out>) at thread/qthread.cpp:538
#9  0x00007f56e20cce03 in QThreadPrivate::start (arg=0xec3f90) at thread/qthread_unix.cpp:349
#10 0x00007f56db902182 in start_thread (arg=0x7f5674c47700) at pthread_create.c:312
#11 0x00007f56e1860fbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 2 (Thread 0x7f5669406700 (LWP 9424)):
#0  0x00007f56db46461a in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#1  0x00007f56db464979 in g_mutex_lock () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x00007f56db422a6c in g_main_context_check () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#3  0x00007f56db422f7b in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x00007f56db4230ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#5  0x00007f56e221972e in QEventDispatcherGlib::processEvents (this=0x7f5664006a90, flags=...) at kernel/qeventdispatcher_glib.cpp:436
#6  0x00007f56e21e75af in QEventLoop::processEvents (this=this@entry=0x7f5669405da0, flags=...) at kernel/qeventloop.cpp:149
#7  0x00007f56e21e78ed in QEventLoop::exec (this=this@entry=0x7f5669405da0, flags=...) at kernel/qeventloop.cpp:204
#8  0x00007f56e20ca413 in QThread::exec (this=this@entry=0x54ed8f0) at thread/qthread.cpp:538
#9  0x00007f56e21c6423 in QInotifyFileSystemWatcherEngine::run (this=0x54ed8f0) at io/qfilesystemwatcher_inotify.cpp:265
#10 0x00007f56e20cce03 in QThreadPrivate::start (arg=0x54ed8f0) at thread/qthread_unix.cpp:349
#11 0x00007f56db902182 in start_thread (arg=0x7f5669406700) at pthread_create.c:312
#12 0x00007f56e1860fbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Thread 1 (Thread 0x7f56e45f2800 (LWP 5030)):
[KCrash Handler]
#6  operator QItemSelectionModel* (this=<error reading variable: Cannot access memory at address 0x8>) at ../../include/QtCore/../../src/corelib/kernel/qpointer.h:78
#7  QAbstractItemView::selectionModel (this=0x0) at itemviews/qabstractitemview.cpp:766
#8  0x00007f56800dfdaf in MailCommon::FolderTreeWidget::selectedCollections (this=0x144bfc0) at ../../mailcommon/folder/foldertreewidget.cpp:243
#9  0x00007f567bbec7a2 in KMMainWidget::updateFolderMenu (this=0x1434170) at ../../kmail/kmmainwidget.cpp:4110
#10 0x00007f567bd05289 in KMMainWidget::qt_static_metacall (_o=0x1434170, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at ./moc_kmmainwidget.cpp:526
#11 0x00007f56e21fe95a in QMetaObject::activate (sender=0x14343c8, m=<optimized out>, local_signal_index=<optimized out>, argv=0x0) at kernel/qobject.cpp:3567
#12 0x00007f56e2203121 in QObject::event (this=0x14343c8, e=<optimized out>) at kernel/qobject.cpp:1184
#13 0x00007f56e2be90ac in QApplicationPrivate::notify_helper (this=this@entry=0xaa7c50, receiver=receiver@entry=0x14343c8, e=e@entry=0x7fff1c157550) at kernel/qapplication.cpp:4570
#14 0x00007f56e2bf00c5 in QApplication::notify (this=this@entry=0x7fff1c158270, receiver=receiver@entry=0x14343c8, e=e@entry=0x7fff1c157550) at kernel/qapplication.cpp:4356
#15 0x00007f56e39bacca in KApplication::notify (this=0x7fff1c158270, receiver=0x14343c8, event=0x7fff1c157550) at ../../kdeui/kernel/kapplication.cpp:311
#16 0x00007f56e21e8c04 in QCoreApplication::notifyInternal (this=0x7fff1c158270, receiver=0x14343c8, event=0x7fff1c157550) at kernel/qcoreapplication.cpp:953
#17 0x00007f56e221c6e3 in sendEvent (event=<optimized out>, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#18 QTimerInfoList::activateTimers (this=0xaa7a10) at kernel/qeventdispatcher_unix.cpp:621
#19 0x00007f56e2219521 in timerSourceDispatch (source=<optimized out>) at kernel/qeventdispatcher_glib.cpp:193
#20 0x00007f56db422e04 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#21 0x00007f56db423048 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#22 0x00007f56db4230ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#23 0x00007f56e221970f in QEventDispatcherGlib::processEvents (this=0xa5ebb0, flags=...) at kernel/qeventdispatcher_glib.cpp:434
#24 0x00007f56e2c97d86 in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#25 0x00007f56e21e75af in QEventLoop::processEvents (this=this@entry=0x7fff1c1577c0, flags=...) at kernel/qeventloop.cpp:149
#26 0x00007f56e21e78ed in QEventLoop::exec (this=0x7fff1c1577c0, flags=...) at kernel/qeventloop.cpp:204
#27 0x00007f56e267faf3 in KJob::exec (this=0x1417eb0) at ../../kdecore/jobs/kjob.cpp:210
#28 0x00007f567bbbbb8b in KMKernel::cleanup (this=0x13268b0) at ../../kmail/kmkernel.cpp:1315
#29 0x00007f5680430cc6 in KMailPart::~KMailPart (this=0x117aaf0, vtt=0x7f5680635300 <VTT for KMailPart>) at ../../kmail/kmail_part.cpp:119
#30 0x00007f5680430e73 in ~KMailPart (this=<optimized out>, this=<optimized out>) at ../../kmail/kmail_part.cpp:114
#31 KMailPart::~KMailPart (this=0x117aaf0) at ../../kmail/kmail_part.cpp:114
#32 0x00007f56e424fc30 in KontactInterface::Plugin::~Plugin (this=0x101b290, vtt=<optimized out>) at ../../kontactinterface/plugin.cpp:92
#33 0x00007f5680ebbeda in ~KMailPlugin (this=<optimized out>, vtt=<optimized out>, this=<optimized out>, vtt=<optimized out>) at ../../../../kontact/plugins/kmail/kmail_plugin.cpp:176
#34 KMailPlugin::~KMailPlugin (this=0x101b290) at ../../../../kontact/plugins/kmail/kmail_plugin.cpp:174
#35 0x00007f5680ebbf4c in KMailPlugin::~KMailPlugin (this=0x101b290) at ../../../../kontact/plugins/kmail/kmail_plugin.cpp:174
#36 0x00007f56e3dff762 in Kontact::MainWindow::~MainWindow (this=0xc0ce10, vtt=0x7f56e4021ff0 <VTT for Kontact::MainWindow>) at ../../../kontact/src/mainwindow.cpp:296
#37 0x00007f56e3dffe07 in Kontact::MainWindow::~MainWindow (this=0xc0ce10) at ../../../kontact/src/mainwindow.cpp:271
#38 0x00007f56e3dffebc in Kontact::MainWindow::~MainWindow (this=0xc0ce10) at ../../../kontact/src/mainwindow.cpp:271
#39 0x00007f56e2203388 in QObject::event (this=this@entry=0xc0ce10, e=e@entry=0x1a11860) at kernel/qobject.cpp:1203
#40 0x00007f56e2c401f3 in QWidget::event (this=this@entry=0xc0ce10, event=event@entry=0x1a11860) at kernel/qwidget.cpp:8859
#41 0x00007f56e307536b in QMainWindow::event (this=this@entry=0xc0ce10, event=event@entry=0x1a11860) at widgets/qmainwindow.cpp:1478
#42 0x00007f56e3a6f441 in KMainWindow::event (this=this@entry=0xc0ce10, ev=ev@entry=0x1a11860) at ../../kdeui/widgets/kmainwindow.cpp:1084
#43 0x00007f56e3aa6ed9 in KXmlGuiWindow::event (this=0xc0ce10, ev=0x1a11860) at ../../kdeui/xmlgui/kxmlguiwindow.cpp:126
#44 0x00007f56e2be90ac in QApplicationPrivate::notify_helper (this=this@entry=0xaa7c50, receiver=receiver@entry=0xc0ce10, e=e@entry=0x1a11860) at kernel/qapplication.cpp:4570
#45 0x00007f56e2bf00c5 in QApplication::notify (this=this@entry=0x7fff1c158270, receiver=receiver@entry=0xc0ce10, e=e@entry=0x1a11860) at kernel/qapplication.cpp:4356
#46 0x00007f56e39bacca in KApplication::notify (this=0x7fff1c158270, receiver=0xc0ce10, event=0x1a11860) at ../../kdeui/kernel/kapplication.cpp:311
#47 0x00007f56e21e8c04 in QCoreApplication::notifyInternal (this=0x7fff1c158270, receiver=receiver@entry=0xc0ce10, event=event@entry=0x1a11860) at kernel/qcoreapplication.cpp:953
#48 0x00007f56e21ec957 in sendEvent (event=0x1a11860, receiver=0xc0ce10) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231
#49 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, receiver@entry=0x7f56e221a060 <postEventSourceDispatch(GSource*, GSourceFunc, gpointer)>, event_type=event_type@entry=0, data=0xa5d2b0) at kernel/qcoreapplication.cpp:1577
#50 0x00007f56e21ecd07 in QCoreApplication::sendPostedEvents (receiver=0x7f56e221a060 <postEventSourceDispatch(GSource*, GSourceFunc, gpointer)>, receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1470
#51 0x00007f56e221a073 in sendPostedEvents () at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:236
#52 postEventSourceDispatch (s=0xa96de0) at kernel/qeventdispatcher_glib.cpp:287
#53 0x00007f56db422e04 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#54 0x00007f56db423048 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#55 0x00007f56db4230ec in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#56 0x00007f56e221970f in QEventDispatcherGlib::processEvents (this=0xa5ebb0, flags=...) at kernel/qeventdispatcher_glib.cpp:434
#57 0x00007f56e2c97d86 in QGuiEventDispatcherGlib::processEvents (this=<optimized out>, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#58 0x00007f56e21e75af in QEventLoop::processEvents (this=this@entry=0x7fff1c158200, flags=...) at kernel/qeventloop.cpp:149
#59 0x00007f56e21e78ed in QEventLoop::exec (this=this@entry=0x7fff1c158200, flags=...) at kernel/qeventloop.cpp:204
#60 0x00007f56e21ed9a9 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1225
#61 0x0000000000404a7f in main (argc=<optimized out>, argv=<optimized out>) at ../../../kontact/src/main.cpp:219

The reporter indicates this bug may be a duplicate of or related to bug 288141.

Possible duplicates by query: bug 334897, bug 329016, bug 327428.

Reported using DrKonqi
Comment 1 vonbirn 2014-11-14 23:38:47 UTC 
Created attachment 89590 [details]
Crash traceback for Kontact
Comment 2 auxsvr 2015-05-10 16:35:19 UTC 
Created attachment 92526 [details]
New crash information added by DrKonqi

kontact (4.14.6) on KDE Platform 4.14.6 using Qt 4.8.6

- What I was doing when the application crashed:

Kontact was exiting when it crashed. I had emptied the trash beforehand.

-- Backtrace (Reduced):
#6  0x00007fd4c6d14c94 in QAbstractItemView::selectionModel() const (this=0x96afd70) at itemviews/qabstractitemview.cpp:766
#7  0x00007fd4608d914e in MailCommon::FolderTreeWidget::selectedCollections() const (this=<optimized out>) at /usr/src/debug/kdepim-4.14.6/mailcommon/folder/foldertreewidget.cpp:243
#8  0x00007fd460c7e5dd in KMMainWidget::updateFolderMenu() (this=0x16bfff0) at /usr/src/debug/kdepim-4.14.6/kmail/kmmainwidget.cpp:3975
#9  0x00007fd460c7f6ac in KMMainWidget::slotUpdateActionsAfterMailChecking() (this=<optimized out>) at /usr/src/debug/kdepim-4.14.6/kmail/kmmainwidget.cpp:428
#10 0x00007fd460d63c8a in KMMainWidget::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at /usr/src/debug/kdepim-4.14.6/build/kmail/moc_kmmainwidget.cpp:471
Comment 3 RJVB 2015-05-10 18:22:31 UTC 
Created attachment 92528 [details]
patch set *against KDEPIM 4.13.3*

This is the set of patches I'm running with KDE PIM 4.13.3 since shortly after I created this bug report. I haven't looked back since, so I don't know if the 4.14 series has become as stable as 4.13.3, but that earlier version works so good (on Linux and OS X) that I have no incentive to upgrade for the sake of upgrading.
The check against kmkernel->shuttingDown() is among the changes.
Comment 4 Sven Eden 2015-10-05 08:23:52 UTC 
Created attachment 94848 [details]
New crash information added by DrKonqi

kontact (4.14.10) on KDE Platform 4.14.12 using Qt 4.8.7

- What I was doing when the application crashed:

KMail got stuck somewhere, wherever I clicked it said "Please wait while retrieving folder contents", so I quit kontact.

About ~10 seconds later DrKonqi showed up, and the backtraces suggest this is the same or at least a similar crash.

-- Backtrace (Reduced):
#6  operator QItemSelectionModel* (this=<error reading variable: Cannot access memory at address 0xe00000110>) at ../../include/QtCore/../../../qt-everywhere-opensource-src-4.8.7/src/corelib/kernel/qpointer.h:78
#7  QAbstractItemView::selectionModel (this=0xe00000108) at /home/portage/dev-qt/qtgui-4.8.7/work/qt-everywhere-opensource-src-4.8.7/src/gui/itemviews/qabstractitemview.cpp:766
#8  0x00007fdf18bc657c in MailCommon::FolderTreeWidget::selectedCollections (this=<optimized out>) at /home/portage/kde-base/kdepim-common-libs-4.14.10/work/kdepim-common-libs-4.14.10/mailcommon/folder/foldertreewidget.cpp:243
#9  0x00007fdf19289ea3 in KMMainWidget::updateFolderMenu (this=0x13fc3d0) at /home/portage/kde-base/kmail-4.14.10/work/kmail-4.14.10/kmail/kmmainwidget.cpp:3928
#10 0x00007fdf1939aa8b in KMMainWidget::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>) at /home/portage/kde-base/kmail-4.14.10/work/kmail-4.14.10_build/kmail/moc_kmmainwidget.cpp:461
Comment 5 Denis Kurz 2017-06-23 22:07:22 UTC 
This bug has never been confirmed for a KDE PIM version that is based on KDE Frameworks, except possibly a Technology Preview version 5.0.x. Those Framework-based versions differ significantly from the old 4.x series. Therefore, I plan to close it in around two or three months. In the meantime, it is set to WAITINGFORINFO to give reporters the opportunity to check if it is still valid. As soon as someone confirms it for a recent version (at least 5.1, ideally even more recent), I'll gladly reopen it.

Please understand that we lack the manpower to triage bugs reported for versions almost two years beyond their end of life.
Comment 6 Denis Kurz 2018-02-01 09:51:42 UTC 
Just as announced in my last comment, I close this bug. If you encounter it again in a recent version (at least 5.1 aka 15.12; preferably much more recent), please open a new one unless it already exists. Thank you for all your input.