Bug 91617

Summary: crash in assignJobToSlave (dangling slave?)
Product: [Unmaintained] kmail Reporter: Matthias Kretz <kretz>
Component: disconnected IMAPAssignee: kdepim bugs <kdepim-bugs>
Status: RESOLVED UNMAINTAINED    
Severity: crash CC: duffeck, kde, swhitlat
Priority: NOR    
Version: SVN trunk (KDE 4)   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Matthias Kretz 2004-10-18 21:06:37 UTC 
Version:           unknown (using KDE 3.3.89 (CVS >= 20040820), compiled sources)
Compiler:          gcc version 3.3.4 (Debian 1:3.3.4-3)
OS:                Linux (i686) release 2.6.7

KMail (or rather Kontact) crashed on me on random once again. Finally drkonqi came up (most of the time it crashes silently) so here's a gdb session. Hope you can make sense of it.
To me it looks like the Slave object is not valid anymore - dangling pointer to a slave...

(gdb) bt
#0  0x411cd40e in __waitpid_nocancel () from /lib/tls/libpthread.so.0
#1  0x40d0cd5e in KCrash::defaultCrashHandler (sig=11) at /home/mkretz/KDE/src/kdelibs/kdecore/kcrash.cpp:249
#2  <signal handler called>
#3  0x0805d534 in QShared::ref (this=0x0) at qshared.h:49
#4  0x41fb1cb9 in QString (this=0xbfffeec0, s=@0x92fee28) at tools/qstring.cpp:1397
#5  0x40607db8 in KIO::Slave::slaveProtocol (this=0x92fedf0) at slave.h:117
#6  0x40604c4b in KIO::Scheduler::_assignJobToSlave (this=0x8405b40, slave=0x92fedf0, job=0x8c42380)
    at /home/mkretz/KDE/src/kdelibs/kio/kio/scheduler.cpp:798
#7  0x42539c13 in KIO::Scheduler::assignJobToSlave (slave=0x92fedf0, job=0x8c42380) at scheduler.h:216
#8  0x4256d8ae in KMail::ImapAccountBase::slotNoopTimeout (this=0x849ce30)
    at /home/mkretz/KDE/src/kdepim/kmail/imapaccountbase.cpp:450
#9  0x4257055c in KMail::ImapAccountBase::qt_invoke (this=0x849ce30, _id=12, _o=0xbffff0c0) at imapaccountbase.moc:242
#10 0x4257814b in KMAcctCachedImap::qt_invoke (this=0x849ce30, _id=12, _o=0xbffff0c0) at kmacctcachedimap.moc:97
#11 0x41c4d810 in QObject::activate_signal (this=0x849cf88, clist=0x849d0e0, o=0xbffff0c0) at kernel/qobject.cpp:2357
#12 0x41c4d668 in QObject::activate_signal (this=0x849cf88, signal=2) at kernel/qobject.cpp:2326
#13 0x4202c474 in QTimer::timeout (this=0x849cf88) at .moc/debug-shared-mt/moc_qtimer.cpp:82
#14 0x41c79212 in QTimer::event (this=0x849cf88, e=0xbffff350) at kernel/qtimer.cpp:219
#15 0x41bdd419 in QApplication::internalNotify (this=0xbffff5e0, receiver=0x849cf88, e=0xbffff350)
    at kernel/qapplication.cpp:2635
#16 0x41bdc8a0 in QApplication::notify (this=0xbffff5e0, receiver=0x849cf88, e=0xbffff350) at kernel/qapplication.cpp:2358
#17 0x40c7be05 in KApplication::notify (this=0xbffff5e0, receiver=0x849cf88, event=0xbffff350)
    at /home/mkretz/KDE/src/kdelibs/kdecore/kapplication.cpp:518
#18 0x402091c6 in QApplication::sendEvent (receiver=0x849cf88, event=0xbffff350) at qapplication.h:491
#19 0x41bc8b91 in QEventLoop::activateTimers (this=0x80a2660) at kernel/qeventloop_unix.cpp:558
#20 0x41b7953d in QEventLoop::processEvents (this=0x80a2660, flags=4) at kernel/qeventloop_x11.cpp:389
#21 0x41bf47f9 in QEventLoop::enterLoop (this=0x80a2660) at kernel/qeventloop.cpp:198
#22 0x41bf4712 in QEventLoop::exec (this=0x80a2660) at kernel/qeventloop.cpp:145
#23 0x41bdd5bb in QApplication::exec (this=0xbffff5e0) at kernel/qapplication.cpp:2758
#24 0x0805cd0f in main (argc=1, argv=0xbffff7b4) at /home/mkretz/KDE/src/kdepim/kontact/src/main.cpp:153
(gdb) frame 4
p#4  0x41fb1cb9 in QString (this=0xbfffeec0, s=@0x92fee28) at tools/qstring.cpp:1397
1397    tools/qstring.cpp: No such file or directory.
        in tools/qstring.cpp
(gdb) print d
$1 = (QStringData *) 0x0
(gdb) print s.d
$2 = (QStringData *) 0x0
(gdb) print s
$3 = (const QString &) @0x92fee28: {static null = {static null = <same as static member of an already seen type>,
    d = 0x8075070, static shared_null = 0x8075070}, d = 0x0, static shared_null = 0x8075070}
(gdb) source /home/mkretz/KDE/src/kdesdk/scripts/kde-devel-gdb
(gdb) printqstring s
Cannot access memory at address 0x0
(gdb) print s
$4 = (const QString &) @0x92fee28: {d = 0x0}
(gdb) frame 5
#5  0x40607db8 in KIO::Slave::slaveProtocol (this=0x92fedf0) at slave.h:117
117             QString slaveProtocol() { return m_slaveProtocol; }
(gdb) print d
$5 = (KIO::SlavePrivate *) 0x8a4c9a0
(gdb) print serv
$6 = (class KServerSocket *) 0x42df9890
(gdb) print m_slaveProtocol
$7 = {d = 0x0}
(gdb) print className()
[Switching to Thread 1092067104 (LWP 7618)]
$8 = 0x0
(gdb) print name()
$9 = 0x42df9890 "f«ÞBî«ÞBÜÏÞB¤åÞBªåÞBH\231KA;xßBExßB"
(gdb) print this
$10 = (class KIO::Slave * const) 0x92fedf0
(gdb) print m_pid
$11 = 0
(gdb) print metaObject()

Program received signal SIGSEGV, Segmentation fault.
0x00000038 in ?? ()
The program being debugged was signaled while in a function called from GDB.
GDB remains in the frame where the signal was received.
To change this behavior use "set unwindonsignal on"
Evaluation of the expression containing the function (at 0x38) will be abandoned.
(gdb) bt
#0  0x00000038 in ?? ()
#1  <function called from gdb>
#2  0x411cd40e in __waitpid_nocancel () from /lib/tls/libpthread.so.0
#3  0x40d0cd5e in KCrash::defaultCrashHandler (sig=11) at /home/mkretz/KDE/src/kdelibs/kdecore/kcrash.cpp:249
#4  <signal handler called>
#5  0x0805d534 in QShared::ref (this=0x0) at qshared.h:49
#6  0x41fb1cb9 in QString (this=0xbfffeec0, s=@0x92fee28) at tools/qstring.cpp:1397
#7  0x40607db8 in KIO::Slave::slaveProtocol (this=0x92fedf0) at slave.h:117
#8  0x40604c4b in KIO::Scheduler::_assignJobToSlave (this=0x8405b40, slave=0x92fedf0, job=0x8c42380)
    at /home/mkretz/KDE/src/kdelibs/kio/kio/scheduler.cpp:798
#9  0x42539c13 in KIO::Scheduler::assignJobToSlave (slave=0x92fedf0, job=0x8c42380) at scheduler.h:216
#10 0x4256d8ae in KMail::ImapAccountBase::slotNoopTimeout (this=0x849ce30)
    at /home/mkretz/KDE/src/kdepim/kmail/imapaccountbase.cpp:450
#11 0x4257055c in KMail::ImapAccountBase::qt_invoke (this=0x849ce30, _id=12, _o=0xbffff0c0) at imapaccountbase.moc:242
#12 0x4257814b in KMAcctCachedImap::qt_invoke (this=0x849ce30, _id=12, _o=0xbffff0c0) at kmacctcachedimap.moc:97
#13 0x41c4d810 in QObject::activate_signal (this=0x849cf88, clist=0x849d0e0, o=0xbffff0c0) at kernel/qobject.cpp:2357
#14 0x41c4d668 in QObject::activate_signal (this=0x849cf88, signal=2) at kernel/qobject.cpp:2326
#15 0x4202c474 in QTimer::timeout (this=0x849cf88) at .moc/debug-shared-mt/moc_qtimer.cpp:82
#16 0x41c79212 in QTimer::event (this=0x849cf88, e=0xbffff350) at kernel/qtimer.cpp:219
#17 0x41bdd419 in QApplication::internalNotify (this=0xbffff5e0, receiver=0x849cf88, e=0xbffff350)
    at kernel/qapplication.cpp:2635
#18 0x41bdc8a0 in QApplication::notify (this=0xbffff5e0, receiver=0x849cf88, e=0xbffff350) at kernel/qapplication.cpp:2358
#19 0x40c7be05 in KApplication::notify (this=0xbffff5e0, receiver=0x849cf88, event=0xbffff350)
    at /home/mkretz/KDE/src/kdelibs/kdecore/kapplication.cpp:518
#20 0x402091c6 in QApplication::sendEvent (receiver=0x849cf88, event=0xbffff350) at qapplication.h:491
#21 0x41bc8b91 in QEventLoop::activateTimers (this=0x80a2660) at kernel/qeventloop_unix.cpp:558
#22 0x41b7953d in QEventLoop::processEvents (this=0x80a2660, flags=4) at kernel/qeventloop_x11.cpp:389
#23 0x41bf47f9 in QEventLoop::enterLoop (this=0x80a2660) at kernel/qeventloop.cpp:198
#24 0x41bf4712 in QEventLoop::exec (this=0x80a2660) at kernel/qeventloop.cpp:145
#25 0x41bdd5bb in QApplication::exec (this=0xbffff5e0) at kernel/qapplication.cpp:2758
#26 0x0805cd0f in main (argc=1, argv=0xbffff7b4) at /home/mkretz/KDE/src/kdepim/kontact/src/main.cpp:153
(gdb) frame 7
#7  0x40607db8 in KIO::Slave::slaveProtocol (this=0x92fedf0) at slave.h:117
117             QString slaveProtocol() { return m_slaveProtocol; }
(gdb) call dumpObjectTree()

Program received signal SIGSEGV, Segmentation fault.
0x00000079 in ?? ()
The program being debugged was signaled while in a function called from GDB.
GDB remains in the frame where the signal was received.
To change this behavior use "set unwindonsignal on"
Evaluation of the expression containing the function (QObject::dumpObjectTree()) will be abandoned.
(gdb) bt
#0  0x00000079 in ?? ()
#1  0x41c4e740 in dumpRecursive (level=0, object=0x92fedf0) at kernel/qobject.cpp:2481
#2  0x41c4e89f in QObject::dumpObjectTree (this=0x92fedf0) at kernel/qobject.cpp:2508
#3  <function called from gdb>
#4  0x00000038 in ?? ()
#5  <function called from gdb>
#6  0x411cd40e in __waitpid_nocancel () from /lib/tls/libpthread.so.0
#7  0x40d0cd5e in KCrash::defaultCrashHandler (sig=11) at /home/mkretz/KDE/src/kdelibs/kdecore/kcrash.cpp:249
#8  <signal handler called>
#9  0x0805d534 in QShared::ref (this=0x0) at qshared.h:49
#10 0x41fb1cb9 in QString (this=0xbfffeec0, s=@0x92fee28) at tools/qstring.cpp:1397
#11 0x40607db8 in KIO::Slave::slaveProtocol (this=0x92fedf0) at slave.h:117
#12 0x40604c4b in KIO::Scheduler::_assignJobToSlave (this=0x8405b40, slave=0x92fedf0, job=0x8c42380)
    at /home/mkretz/KDE/src/kdelibs/kio/kio/scheduler.cpp:798
#13 0x42539c13 in KIO::Scheduler::assignJobToSlave (slave=0x92fedf0, job=0x8c42380) at scheduler.h:216
#14 0x4256d8ae in KMail::ImapAccountBase::slotNoopTimeout (this=0x849ce30)
    at /home/mkretz/KDE/src/kdepim/kmail/imapaccountbase.cpp:450
#15 0x4257055c in KMail::ImapAccountBase::qt_invoke (this=0x849ce30, _id=12, _o=0xbffff0c0) at imapaccountbase.moc:242
#16 0x4257814b in KMAcctCachedImap::qt_invoke (this=0x849ce30, _id=12, _o=0xbffff0c0) at kmacctcachedimap.moc:97
#17 0x41c4d810 in QObject::activate_signal (this=0x849cf88, clist=0x849d0e0, o=0xbffff0c0) at kernel/qobject.cpp:2357
#18 0x41c4d668 in QObject::activate_signal (this=0x849cf88, signal=2) at kernel/qobject.cpp:2326
#19 0x4202c474 in QTimer::timeout (this=0x849cf88) at .moc/debug-shared-mt/moc_qtimer.cpp:82
#20 0x41c79212 in QTimer::event (this=0x849cf88, e=0xbffff350) at kernel/qtimer.cpp:219
#21 0x41bdd419 in QApplication::internalNotify (this=0xbffff5e0, receiver=0x849cf88, e=0xbffff350)
    at kernel/qapplication.cpp:2635
#22 0x41bdc8a0 in QApplication::notify (this=0xbffff5e0, receiver=0x849cf88, e=0xbffff350) at kernel/qapplication.cpp:2358
#23 0x40c7be05 in KApplication::notify (this=0xbffff5e0, receiver=0x849cf88, event=0xbffff350)
    at /home/mkretz/KDE/src/kdelibs/kdecore/kapplication.cpp:518
#24 0x402091c6 in QApplication::sendEvent (receiver=0x849cf88, event=0xbffff350) at qapplication.h:491
#25 0x41bc8b91 in QEventLoop::activateTimers (this=0x80a2660) at kernel/qeventloop_unix.cpp:558
#26 0x41b7953d in QEventLoop::processEvents (this=0x80a2660, flags=4) at kernel/qeventloop_x11.cpp:389
#27 0x41bf47f9 in QEventLoop::enterLoop (this=0x80a2660) at kernel/qeventloop.cpp:198
#28 0x41bf4712 in QEventLoop::exec (this=0x80a2660) at kernel/qeventloop.cpp:145
#29 0x41bdd5bb in QApplication::exec (this=0xbffff5e0) at kernel/qapplication.cpp:2758
#30 0x0805cd0f in main (argc=1, argv=0xbffff7b4) at /home/mkretz/KDE/src/kdepim/kontact/src/main.cpp:153
(gdb)
Comment 1 David Faure 2004-10-18 21:09:47 UTC 
Very interesting, it looks like a crash our customer is seeing.
I agree that it looks like mSlave is dangling - something that could very well
happen if some code killed a job assigned to that slave, without setting mSlave to 0.
Of course the normal code does that, but.... did you use e.g. the IMAP subscription dialog,
recently before the crash?
Comment 2 Matthias Kretz 2004-10-18 22:20:58 UTC 
Since starting Kontact I can't remember using any of the IMAP stuff at all. I 
was working on my local folders and the only thing IMAP was doing was 
checking mails.

What could be interesting though, is that I used a VPN connection to my 
university network (cisco VPN client) - at the time of the crash it was 
disabled again. That could have changed the IP on my side. Also the IMAP 
server is a dialup machine (using dyndns.org) so the IP of the server could 
also have changed.
Comment 3 Thiago Macieira 2004-12-16 20:28:56 UTC 
Bugs #95273 and #89615 could be duplicates.
Comment 4 Till Adam 2005-01-02 12:19:13 UTC 
Adjusting summary
Comment 5 Till Adam 2005-01-02 12:19:57 UTC 
*** Bug 95273 has been marked as a duplicate of this bug. ***
Comment 6 Thomas McGuire 2008-05-16 18:52:32 UTC 
*** Bug 162148 has been marked as a duplicate of this bug. ***
Comment 7 Nicolas L. 2010-08-15 11:50:20 UTC 
is this bug still valid under kde 4.4 or 4.5 ?
Comment 8 Myriam Schweingruber 2012-08-19 12:04:25 UTC 
Closing for lack of feedback. Kmail1 is currently unmaintained. Please feel free to reopen this report if you can reproduce it with Kmail2 4.8.5 or later and provide a new backtrace.