Bug 121384 - random crashes with no reason
Summary: random crashes with no reason
Status: RESOLVED FIXED
Alias: None
Product: kmail
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Debian testing Linux
: NOR crash with 20 votes (vote)
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
: 122731 124220 124498 (view as bug list)
Depends on:
Blocks:
 
Reported: 2006-02-04 20:51 UTC by Robert Gomułka
Modified: 2007-09-14 12:17 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Gomułka 2006-02-04 20:51:34 UTC
Version:            (using KDE KDE 3.5.1)
Installed from:    Debian testing/unstable Packages
OS:                Linux

I have received new mail. I was on 4th desktop. I switched to 1st desktop (on which I have KMail run). Then KMail crashed with following backtrace (no debugging symbols unfortunately):
(no debugging symbols found)
Using host libthread_db library "/lib/tls/libthread_db.so.1".
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread -1249134912 (LWP 4193)]
[New Thread -1278276688 (LWP 4209)]
[New Thread -1269888080 (LWP 4208)]
[New Thread -1261499472 (LWP 4207)]
[New Thread -1253110864 (LWP 4206)]
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
[KCrash handler]
#5  0xb70bea80 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#6  0xb683a70f in KPIM::ProgressItem::progressItemStatus ()
   from /usr/lib/libkdepim.so.1
#7  0xb683a77f in KPIM::ProgressItem::setStatus ()
   from /usr/lib/libkdepim.so.1
#8  0xb6867275 in KPIM::BroadcastStatus::setStatusMsgTransmissionCompleted ()
   from /usr/lib/libkdepim.so.1
#9  0xb7d41baf in KMail::PopAccount::slotJobFinished ()
   from /usr/lib/libkmailprivate.so
#10 0xb7d42370 in KMail::PopAccount::slotCancel ()
   from /usr/lib/libkmailprivate.so
#11 0xb7d4371d in KMail::PopAccount::qt_invoke ()
   from /usr/lib/libkmailprivate.so
#12 0xb70beb57 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3
#13 0xb744f055 in QSignal::signal () from /usr/lib/libqt-mt.so.3
#14 0xb70dca40 in QSignal::activate () from /usr/lib/libqt-mt.so.3
#15 0xb70e4354 in QSingleShotTimer::event () from /usr/lib/libqt-mt.so.3
#16 0xb7054698 in QApplication::internalNotify () from /usr/lib/libqt-mt.so.3
#17 0xb70548b6 in QApplication::notify () from /usr/lib/libqt-mt.so.3
#18 0xb7759fde in KApplication::notify () from /usr/lib/libkdecore.so.4
#19 0xb6fe45e5 in QApplication::sendEvent () from /usr/lib/libqt-mt.so.3
#20 0xb704598c in QEventLoop::activateTimers () from /usr/lib/libqt-mt.so.3
#21 0xb6ff835c in QEventLoop::processEvents () from /usr/lib/libqt-mt.so.3
#22 0xb706cda2 in QEventLoop::enterLoop () from /usr/lib/libqt-mt.so.3
#23 0xb706cccb in QEventLoop::exec () from /usr/lib/libqt-mt.so.3
#24 0xb7053225 in QApplication::exec () from /usr/lib/libqt-mt.so.3
#25 0x0804a098 in ?? ()
#26 0xbfe76058 in ?? ()
#27 0xbfe76244 in ?? ()
#28 0x00000000 in ?? ()

As far as I can tell KMail itself is rather stable, don't crash in random places. I am sure my hardware is ok (no other troubles related to RAM, CPU, cooling, others).

Kernel: 2.6.14

I cannot provide a path to reproduce this bug.
Comment 1 Ismail Onur Filiz 2006-03-11 07:53:32 UTC
*** Bug 122731 has been marked as a duplicate of this bug. ***
Comment 2 Ismail Onur Filiz 2006-03-29 19:33:08 UTC
*** Bug 124498 has been marked as a duplicate of this bug. ***
Comment 3 Juuso Alasuutari 2006-03-30 09:08:25 UTC
In this and both duplicates it's libqt-mt.so* that shows up in backtrace. Could QT version have anything to do with this? I just recently upgraded QT 3.3.5 --> 3.3.6, and I didn't have crashes before. On the other hand, I also upgraded my kernel version 2.6.15.6 --> 2.6.16 at the same time. But I don't see anything else that's broken other than kmail crashing.

By the way, do you have one or several mailboxes and are they set on auto check? I have two set that way.
Comment 4 Robert Gomułka 2006-03-30 09:25:03 UTC
Hello,
I have QT version of 3.3.6, too. But I had version 3.3.5 when I reported this bug.
Yes, I have multiple accounts with auto-check flag (to be more precise, 4 of them including local mail).
Comment 5 Juuso Alasuutari 2006-03-30 09:39:56 UTC
OK. Do you know what compiler flags debian unstable uses for kdepim? I recently recompiled my whole kde bunch with prelinking and combreloc enabled, so that might be one cause in my case. But of course if debian doesn't use any fancy CFLAGS and you still experience this, that's not likely.
Comment 6 Robert Gomułka 2006-03-30 10:19:51 UTC
Here you are:
CC="cc" CXX="g++" CFLAGS="-g -Wall -O2" CXXFLAGS="-g -Wall -O2" CPPFLAGS="" KMIX=/usr/bin/kmix KTTSD=/usr/bin/kttsd /root/kdepim-3.5.1/build-tree/kdepim-3.5.1/configure  --build=i486-linux-gnu --prefix=/usr --includedir="\${prefix}/include/kde" --mandir="\${prefix}/share/man" --infodir="\${prefix}/share/info" --sysconfdir=/etc --localstatedir=/var --libexecdir="\${prefix}/lib/kdepim" --disable-maintainer-mode --disable-dependency-tracking  --with-qt-dir=/usr/share/qt3 --disable-rpath --with-xinerama --enable-final --disable-debug

Above is the exact call to configure.
And below I put sample compilation output, which I think will contain all the compilation flags (sorry, I couldn't find them in simplier form).
g++ -DHAVE_CONFIG_H -I. -I/root/kdepim-3.5.1/build-tree/kdepim-3.5.1/kabc/kabc2mutt -I../.. -I/usr/include/kde/kabc -I/root/kdepim-3.5.1/build-tree/kdepim-3.5.1/libkdepim -I/usr/include/kde -I/usr/share/qt3/include -I/usr/X11R6/include   -DQT_THREAD_SUPPORT  -D_REENTRANT -D_FILE_OFFSET_BITS=64  -Wno-long-long -Wundef -ansi -D_XOPEN_SOURCE=500 -D_BSD_SOURCE -Wcast-align -Wconversion -Wchar-subscripts -Wall -W -Wpointer-arith -DNDEBUG -DNO_DEBUG -O2 -g -Wall -O2 -Wformat-security -Wmissing-format-attribute -Wno-non-virtual-dtor -fno-exceptions -fno-check-new -fno-common -DQT_CLEAN_NAMESPACE -DQT_NO_ASCII_CAST -DQT_NO_STL -DQT_NO_COMPAT -DQT_NO_TRANSLATION  -c -o kabc2mutt.all_cpp.o `test -f 'kabc2mutt.all_cpp.cpp' || echo '/root/kdepim-3.5.1/build-tree/kdepim-3.5.1/kabc/kabc2mutt/'`kabc2mutt.all_cpp.cpp
/bin/sh ../../libtool --mode=link --tag=CXX g++  -Wno-long-long -Wundef -ansi -D_XOPEN_SOURCE=500 -D_BSD_SOURCE -Wcast-align -Wconversion -Wchar-subscripts -Wall -W -Wpointer-arith -DNDEBUG -DNO_DEBUG -O2 -g -Wall -O2 -Wformat-security -Wmissing-format-attribute -Wno-non-virtual-dtor -fno-exceptions -fno-check-new -fno-common -DQT_CLEAN_NAMESPACE -DQT_NO_ASCII_CAST -DQT_NO_STL -DQT_NO_COMPAT -DQT_NO_TRANSLATION    -o kabc2mutt -L/usr/lib -L/usr/share/qt3/lib -L/usr/X11R6/lib     kabc2mutt.all_cpp.o  -lkabc -lkdecore

By the way - can you reproduce this problem easily?
Comment 7 Juuso Alasuutari 2006-03-30 10:34:16 UTC
Doesn't seem like there are any extra flags there.

I don't know of any other way to reproduce this bug other than just waiting until it happens. :)
Comment 8 Thiago Macieira 2006-04-01 22:55:17 UTC
*** Bug 124220 has been marked as a duplicate of this bug. ***
Comment 9 Ismail Onur Filiz 2006-04-09 23:19:58 UTC
The problematic code part seems to be popaccount.cpp:777 :
 
if( mMailCheckProgressItem ) { // do this only once...
  bool canceled = kmkernel->mailCheckAborted() || mMailCheckProgressItem->canceled();
  int numMessages = canceled ? indexOfCurrentMsg : idsOfMsgs.count();
  BroadcastStatus::instance()->setStatusMsgTransmissionCompleted(
    this->name(), numMessages, numBytes, numBytesRead, numBytesToRead, mLeaveOnServer, mMailCheckProgressItem );
  mMailCheckProgressItem->setComplete();
  mMailCheckProgressItem = 0;
  checkDone( ( numMessages > 0 ), canceled ? CheckAborted : CheckOK );
}

Since the check is in place, the problem seems that mMailCheckProgressItem is deleted after the if line but before the other functions are called. So it's not easy to reproduce. Does it sound like a good first try at Valgrind's Helgrind? I never used it before but I want to try it.
Comment 10 Ingo Klöcker 2006-07-05 22:06:54 UTC
SVN commit 558673 by kloecker:

Fix progress item related crashes during POP3 fetches.

BUGS: 110487, 118112, 119112, 121384, 127210, 130303


 M  +4 -1      kmaccount.cpp  
 M  +30 -20    popaccount.cpp  


--- branches/KDE/3.5/kdepim/kmail/kmaccount.cpp #558672:558673
@@ -444,8 +444,11 @@
   if (mTimer)
     mTimer->start(mInterval*60000);
   if ( mMailCheckProgressItem ) {
-    mMailCheckProgressItem->setComplete(); // that will delete it
+    // set mMailCheckProgressItem = 0 before calling setComplete() to prevent
+    // a race condition
+    ProgressItem *savedMailCheckProgressItem = mMailCheckProgressItem;
     mMailCheckProgressItem = 0;
+    savedMailCheckProgressItem->setComplete(); // that will delete it
   }
 
   emit newMailsProcessed( mNewInFolder );
--- branches/KDE/3.5/kdepim/kmail/popaccount.cpp #558672:558673
@@ -348,8 +348,9 @@
 void PopAccount::slotAbortRequested()
 {
   if (stage == Idle) return;
-  disconnect( mMailCheckProgressItem, SIGNAL( progressItemCanceled( KPIM::ProgressItem* ) ),
-           this, SLOT( slotAbortRequested() ) );
+  if ( mMailCheckProgressItem )
+    disconnect( mMailCheckProgressItem, SIGNAL( progressItemCanceled( KPIM::ProgressItem* ) ),
+                this, SLOT( slotAbortRequested() ) );
   stage = Quit;
   if (job) job->kill();
   job = 0;
@@ -655,7 +656,8 @@
     processMsgsTimer.start(processingDelay);
   }
   else if (stage == Retr) {
-    mMailCheckProgressItem->setProgress( 100 );
+    if ( mMailCheckProgressItem )
+      mMailCheckProgressItem->setProgress( 100 );
     processRemainingQueuedMessages();
 
     mHeaderDeleteUids.clear();
@@ -732,20 +734,22 @@
     // If there are messages to delete then delete them
     if ( !idsOfMsgsToDelete.isEmpty() ) {
       stage = Dele;
-      mMailCheckProgressItem->setStatus(
-        i18n( "Fetched 1 message from %1. Deleting messages from server...",
-              "Fetched %n messages from %1. Deleting messages from server...",
-              numMsgs )
-        .arg( mHost ) );
+      if ( mMailCheckProgressItem )
+        mMailCheckProgressItem->setStatus(
+          i18n( "Fetched 1 message from %1. Deleting messages from server...",
+                "Fetched %n messages from %1. Deleting messages from server...",
+                numMsgs )
+          .arg( mHost ) );
       url.setPath("/remove/" + idsOfMsgsToDelete.join(","));
       kdDebug(5006) << "url: " << url.prettyURL() << endl;
     } else {
       stage = Quit;
-      mMailCheckProgressItem->setStatus(
-        i18n( "Fetched 1 message from %1. Terminating transmission...",
-              "Fetched %n messages from %1. Terminating transmission...",
-              numMsgs )
-        .arg( mHost ) );
+      if ( mMailCheckProgressItem )
+        mMailCheckProgressItem->setStatus(
+          i18n( "Fetched 1 message from %1. Terminating transmission...",
+                "Fetched %n messages from %1. Terminating transmission...",
+                numMsgs )
+          .arg( mHost ) );
       url.setPath(QString("/commit"));
       kdDebug(5006) << "url: " << url.prettyURL() << endl;
     }
@@ -760,11 +764,12 @@
       mUidsOfNextSeenMsgsDict.remove( mUidForIdMap[*it] );
     }
     idsOfMsgsToDelete.clear();
-    mMailCheckProgressItem->setStatus(
-      i18n( "Fetched 1 message from %1. Terminating transmission...",
-            "Fetched %n messages from %1. Terminating transmission...",
-            numMsgs )
-      .arg( mHost ) );
+    if ( mMailCheckProgressItem )
+      mMailCheckProgressItem->setStatus(
+        i18n( "Fetched 1 message from %1. Terminating transmission...",
+              "Fetched %n messages from %1. Terminating transmission...",
+              numMsgs )
+        .arg( mHost ) );
     KURL url = getUrl();
     url.setPath(QString("/commit"));
     job = KIO::get( url, false, false );
@@ -783,8 +788,11 @@
       int numMessages = canceled ? indexOfCurrentMsg : idsOfMsgs.count();
       BroadcastStatus::instance()->setStatusMsgTransmissionCompleted(
         this->name(), numMessages, numBytes, numBytesRead, numBytesToRead, mLeaveOnServer, mMailCheckProgressItem );
-      mMailCheckProgressItem->setComplete();
+      // set mMailCheckProgressItem = 0 before calling setComplete() to prevent
+      // a race condition
+      ProgressItem *savedMailCheckProgressItem = mMailCheckProgressItem;
       mMailCheckProgressItem = 0;
+      savedMailCheckProgressItem->setComplete(); // that will delete it
       checkDone( ( numMessages > 0 ), canceled ? CheckAborted : CheckOK );
     }
   }
@@ -873,7 +881,9 @@
       numMsgBytesRead = curMsgLen;
     numBytesRead += numMsgBytesRead - oldNumMsgBytesRead;
     dataCounter++;
-    if (dataCounter % 5 == 0)
+    if ( mMailCheckProgressItem &&
+         ( dataCounter % 5 == 0 ||
+           ( indexOfCurrentMsg + 1 == numMsgs && numMsgBytesRead == curMsgLen ) ) )
     {
       QString msg;
       if (numBytes != numBytesToRead && mLeaveOnServer)