Bug 230536 - knode crashed on article delete
Summary: knode crashed on article delete
Status: RESOLVED FIXED
Alias: None
Product: knode
Classification: Miscellaneous
Component: general (show other bugs)
Version: unspecified
Platform: Debian testing Linux
: NOR crash
Target Milestone: ---
Assignee: kdepim bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-03-13 06:32 UTC by Ritesh Raj Sarraf
Modified: 2010-04-23 14:28 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Ritesh Raj Sarraf 2010-03-13 06:32:31 UTC 
Application: kontact (4.4.1)
KDE Platform Version: 4.4.1 (KDE 4.4.1)
Qt Version: 4.6.2
Operating System: Linux 2.6.32-3-amd64 x86_64
Distribution: Debian GNU/Linux testing (squeeze)

-- Information about the crash:
I tried to delete some of the articles that were present in my "Sent" folder. As soon as I click on Okay, knode crashed

The crash can be reproduced every time.

 -- Backtrace:
Application: Kontact (kontact), signal: Segmentation fault
The current source language is "auto; currently c".
[Current thread is 1 (Thread 0x7f4ac2a247f0 (LWP 14776))]

Thread 3 (Thread 0x7f4a9e75b910 (LWP 21693)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:220
#1  0x00007f4ac0dc7502 in QWaitConditionPrivate::wait (this=<value optimized out>, mutex=0x34db4d0, time=30000) at thread/qwaitcondition_unix.cpp:85
#2  QWaitCondition::wait (this=<value optimized out>, mutex=0x34db4d0, time=30000) at thread/qwaitcondition_unix.cpp:159
#3  0x00007f4ac0dbc939 in QThreadPoolThread::run (this=0x34f5bb0) at concurrent/qthreadpool.cpp:140
#4  0x00007f4ac0dc65d5 in QThreadPrivate::start (arg=0x34f5bb0) at thread/qthread_unix.cpp:248
#5  0x00007f4ab8e9c73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#6  0x00007f4abfac569d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()

Thread 2 (Thread 0x7f4aa0713910 (LWP 24658)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:220
#1  0x00007f4ac0dc7502 in QWaitConditionPrivate::wait (this=<value optimized out>, mutex=0x34db4d0, time=30000) at thread/qwaitcondition_unix.cpp:85
#2  QWaitCondition::wait (this=<value optimized out>, mutex=0x34db4d0, time=30000) at thread/qwaitcondition_unix.cpp:159
#3  0x00007f4ac0dbc939 in QThreadPoolThread::run (this=0x4595130) at concurrent/qthreadpool.cpp:140
#4  0x00007f4ac0dc65d5 in QThreadPrivate::start (arg=0x4595130) at thread/qthread_unix.cpp:248
#5  0x00007f4ab8e9c73a in start_thread (arg=<value optimized out>) at pthread_create.c:300
#6  0x00007f4abfac569d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#7  0x0000000000000000 in ?? ()
The current source language is "auto; currently asm".

Thread 1 (Thread 0x7f4ac2a247f0 (LWP 14776)):
[KCrash Handler]
#5  KNArticle::listItem (this=0xaf21f50, l=..., del=<value optimized out>) at ../../knode/knarticle.h:66
#6  KNFolder::removeArticles (this=0xaf21f50, l=..., del=<value optimized out>) at ../../knode/knfolder.cpp:499
#7  0x00007f4a95a85bfa in KNArticleManager::deleteArticles (this=<value optimized out>, l=..., ask=<value optimized out>) at ../../knode/knarticlemanager.cpp:595
#8  0x00007f4a95ac3119 in KNMainWidget::slotArtDelete (this=0xd2b56f0) at ../../knode/knmainwidget.cpp:1897
#9  0x00007f4a95ace6dd in KNMainWidget::qt_metacall (this=0xd2b56f0, _c=QMetaObject::InvokeMetaMethod, _id=<value optimized out>, _a=0x7fffaaa3f430) at ./knmainwidget.moc:292
#10 0x00007f4ac0ecdb1f in QMetaObject::activate (sender=0x9cc48b0, m=<value optimized out>, local_signal_index=<value optimized out>, argv=0x0) at kernel/qobject.cpp:3293
#11 0x00007f4ac0253702 in QAction::triggered (this=0x51e48b0, _t1=false) at .moc/release-shared/moc_qaction.cpp:263
#12 0x00007f4ac025577b in QAction::activate (this=0x9cc48b0, event=<value optimized out>) at kernel/qaction.cpp:1255
#13 0x00007f4ac069363d in QMenuPrivate::activateCausedStack (this=<value optimized out>, causedStack=..., action=0x9cc48b0, action_e=QAction::Trigger, self=true) at widgets/qmenu.cpp:1011
#14 0x00007f4ac06991ca in QMenuPrivate::activateAction (this=0x43df930, action=0x9cc48b0, action_e=QAction::Trigger, self=<value optimized out>) at widgets/qmenu.cpp:1103
#15 0x00007f4ac198305e in KMenu::mouseReleaseEvent (this=0xad430e0, e=0x0) at ../../kdeui/widgets/kmenu.cpp:471
#16 0x00007f4ac02afbe2 in QWidget::event (this=0xad430e0, event=0x7fffaaa40200) at kernel/qwidget.cpp:7998
#17 0x00007f4ac069b38b in QMenu::event (this=0xad430e0, e=0x7fffaaa40200) at widgets/qmenu.cpp:2414
#18 0x00007f4ac02598fc in QApplicationPrivate::notify_helper (this=0x23f51f0, receiver=0xad430e0, e=0x7fffaaa40200) at kernel/qapplication.cpp:4300
#19 0x00007f4ac02605bb in QApplication::notify (this=0x7fffaaa40d60, receiver=0xad430e0, e=0x7fffaaa40200) at kernel/qapplication.cpp:3865
#20 0x00007f4ac18a7336 in KApplication::notify (this=0x7fffaaa40d60, receiver=0xad430e0, event=0x7fffaaa40200) at ../../kdeui/kernel/kapplication.cpp:302
#21 0x00007f4ac0ebaddc in QCoreApplication::notifyInternal (this=0x7fffaaa40d60, receiver=0xad430e0, event=0x7fffaaa40200) at kernel/qcoreapplication.cpp:704
#22 0x00007f4ac025f78e in QCoreApplication::sendEvent (receiver=0xad430e0, event=0x7fffaaa40200, alienWidget=0x0, nativeWidget=0xad430e0, buttonDown=<value optimized out>, 
    lastMouseReceiver=<value optimized out>, spontaneous=true) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#23 QApplicationPrivate::sendMouseEvent (receiver=0xad430e0, event=0x7fffaaa40200, alienWidget=0x0, nativeWidget=0xad430e0, buttonDown=<value optimized out>, lastMouseReceiver=<value optimized out>, 
    spontaneous=true) at kernel/qapplication.cpp:2965
#24 0x00007f4ac02df785 in QETWidget::translateMouseEvent (this=0xad430e0, event=<value optimized out>) at kernel/qapplication_x11.cpp:4302
#25 0x00007f4ac02de04a in QApplication::x11ProcessEvent (this=<value optimized out>, event=0x7fffaaa40980) at kernel/qapplication_x11.cpp:3501
#26 0x00007f4ac0309732 in x11EventSourceDispatch (s=0x23ff310, callback=<value optimized out>, user_data=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:146
#27 0x00007f4ab85fb90e in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#28 0x00007f4ab85ff2c8 in ?? () from /lib/libglib-2.0.so.0
#29 0x00007f4ab85ff3f0 in g_main_context_iteration () from /lib/libglib-2.0.so.0
#30 0x00007f4ac0ee4233 in QEventDispatcherGlib::processEvents (this=0x23bda10, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:412
#31 0x00007f4ac030932e in QGuiEventDispatcherGlib::processEvents (this=0x51e48b0, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:204
#32 0x00007f4ac0eb9702 in QEventLoop::processEvents (this=<value optimized out>, flags=) at kernel/qeventloop.cpp:149
#33 0x00007f4ac0eb9adc in QEventLoop::exec (this=0x7fffaaa40ca0, flags=) at kernel/qeventloop.cpp:201
#34 0x00007f4ac0ebd81b in QCoreApplication::exec () at kernel/qcoreapplication.cpp:981
#35 0x0000000000403e7e in main (argc=<value optimized out>, argv=<value optimized out>) at ../../../kontact/src/main.cpp:224
The current source language is "auto; currently c".

Reported using DrKonqi
Comment 1 Olivier Trichet 2010-04-23 14:28:08 UTC 
SVN commit 1117909 by otrichet:

Use boost::shared_ptr instead of plain pointer to handler KNArticle that are use all over the place.

Side effect: use a QList in KNArticleVector instead of a old fashion array

This fix crash cause by double free and freed-pointer access:
BUG: 172266
BUG: 225813
BUG: 141573
This should also fixed crash that happens while accessing article (that
were certainly already freed):
BUG: 134904
BUG: 216919
BUG: 230536
BUG: 132990

 M  +18 -23    articlewidget.cpp  
 M  +10 -12    articlewidget.h  
 M  +6 -6      headerview.cpp  
 M  +9 -5      knarticle.cpp  
 M  +18 -7     knarticle.h  
 M  +43 -168   knarticlecollection.cpp  
 M  +25 -23    knarticlecollection.h  
 M  +31 -39    knarticlefactory.cpp  
 M  +9 -11     knarticlefactory.h  
 M  +8 -8      knarticlefilter.cpp  
 M  +2 -2      knarticlefilter.h  
 M  +43 -42    knarticlemanager.cpp  
 M  +8 -5      knarticlemanager.h  
 M  +10 -11    knarticlewindow.cpp  
 M  +5 -6      knarticlewindow.h  
 M  +2 -2      kncleanup.cpp  
 M  +6 -6      kncomposer.cpp  
 M  +4 -3      kncomposer.h  
 M  +12 -34    knfolder.cpp  
 M  +14 -7     knfolder.h  
 M  +12 -13    knfoldermanager.cpp  
 M  +26 -42    kngroup.cpp  
 M  +21 -10    kngroup.h  
 M  +11 -14    kngroupbrowser.cpp  
 M  +3 -9      kngroupbrowser.h  
 M  +25 -29    kngroupmanager.cpp  
 M  +6 -1      kngroupmanager.h  
 M  +6 -4      kngroupselectdialog.cpp  
 M  +19 -16    knhdrviewitem.cpp  
 M  +6 -6      knhdrviewitem.h  
 M  +3 -3      knjobdata.cpp  
 M  +11 -4     knjobdata.h  
 M  +15 -13    knmainwidget.cpp  
 M  +5 -8      knmainwidget.h  
 M  +7 -6      knmemorymanager.cpp  
 M  +7 -7      knmemorymanager.h  
 M  +8 -9      knscoring.cpp  
 M  +4 -4      knscoring.h  
 M  +3 -5      knstatusfilter.cpp  
 M  +7 -6      knstatusfilter.h  
 M  +2 -2      mailsendjob.cpp  
 M  +1 -1      mailsendjob.h  
 M  +16 -17    nntpjobs.cpp  
 M  +5 -5      nntpjobs.h  


WebSVN link: http://websvn.kde.org/?view=rev&revision=1117909