250549 – KMail crashed when changing focus

Bug 250549 - KMail crashed when changing focus

Summary: KMail crashed when changing focus

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	kmail2
Classification:	Applications
Component:	general (show other bugs)
Version:	2.0.89
Platform:	unspecified Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	kdepim bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2010-09-08 12:54 UTC by Alex Merry
Modified:	2013-01-11 22:41 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Alex Merry 2010-09-08 12:54:18 UTC

Application: kmail (2.0.89)
KDE Platform Version: 4.5.67 (4.6 >= 20100901) (Compiled from sources)
Qt Version: 4.6.3
Operating System: Linux 2.6.35-ARCH x86_64
Distribution (Platform): Archlinux Packages

-- Information about the crash:
- What I was doing when the application crashed:

I had a composer window open, and typed a few things into the To: line edit, deleting them each time (the address I wanted wasn't in the address book).

I then switched focus to the main window by clicking in the message pane, and KMail crashed.

-- Backtrace:
Application: KMail (kmail), signal: Segmentation fault
[Current thread is 1 (Thread 0x7f69f5cb6760 (LWP 7122))]

Thread 2 (Thread 0x7f69da401710 (LWP 7130)):
#0  0x00007f69efe7040c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#1  0x00007f69e86f9e30 in WTF::TCMalloc_PageHeap::scavengerThread() () from /usr/lib/libQtWebKit.so.4
#2  0x00007f69e86f9e69 in WTF::TCMalloc_PageHeap::runScavengerThread(void*) () from /usr/lib/libQtWebKit.so.4
#3  0x00007f69efe6bcb0 in start_thread () from /lib/libpthread.so.0
#4  0x00007f69ef4357ad in clone () from /lib/libc.so.6
#5  0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f69f5cb6760 (LWP 7122)):
[KCrash Handler]
#6  0x00007f69f01f40ab in QObjectPrivate::isSignalConnected (sender=0x91ae5e0, m=<value optimized out>, local_signal_index=6, argv=0x0) at kernel/qobject_p.h:222
#7  QMetaObject::activate (sender=0x91ae5e0, m=<value optimized out>, local_signal_index=6, argv=0x0) at kernel/qobject.cpp:3210
#8  0x00007f69f1287bb6 in QLineEdit::focusOutEvent (this=0x91ae5e0, e=<value optimized out>) at widgets/qlineedit.cpp:1830
#9  0x00007f69f572f4e8 in KLineEdit::focusOutEvent (this=0x91ae5e0, ev=0x7fff148933c0) at /home/kde-devel/src/KDE/kdelibs/kdeui/widgets/klineedit.cpp:1799
#10 0x00007f69f0edf1dc in QWidget::event (this=0x91ae5e0, event=0x7fff148933c0) at kernel/qwidget.cpp:8157
#11 0x00007f69f1285f11 in QLineEdit::event (this=0x91ae5e0, e=0x7fff148933c0) at widgets/qlineedit.cpp:1480
#12 0x00007f69f572d680 in KLineEdit::event (this=0x91ae5e0, ev=0x7fff148933c0) at /home/kde-devel/src/KDE/kdelibs/kdeui/widgets/klineedit.cpp:1394
#13 0x00007f69f0e8fae4 in QApplicationPrivate::notify_helper (this=0x266aac0, receiver=0x91ae5e0, e=0x7fff148933c0) at kernel/qapplication.cpp:4302
#14 0x00007f69f0e93bca in QApplication::notify (this=<value optimized out>, receiver=0x91ae5e0, e=0x7fff148933c0) at kernel/qapplication.cpp:4185
#15 0x00007f69f5647c8d in KApplication::notify (this=0x7fff14894040, receiver=0x91ae5e0, event=0x7fff148933c0) at /home/kde-devel/src/KDE/kdelibs/kdeui/kernel/kapplication.cpp:310
#16 0x00007f69f01dfd8c in QCoreApplication::notifyInternal (this=0x7fff14894040, receiver=0x91ae5e0, event=0x7fff148933c0) at kernel/qcoreapplication.cpp:726
#17 0x00007f69f0e8dc9d in QCoreApplication::sendEvent (focus=0x2b20f30, reason=Qt::ActiveWindowFocusReason) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:215
#18 QApplicationPrivate::setFocusWidget (focus=0x2b20f30, reason=Qt::ActiveWindowFocusReason) at kernel/qapplication.cpp:2124
#19 0x00007f69f0ed2e21 in QWidget::setFocus (this=0x2b20f30, reason=Qt::ActiveWindowFocusReason) at kernel/qwidget.cpp:6161
#20 0x00007f69f0e931ed in QApplication::setActiveWindow (act=<value optimized out>) at kernel/qapplication.cpp:2480
#21 0x00007f69f0f0a25b in QApplication::x11ProcessEvent (this=0x7fff14894040, event=0x7fff14893be0) at kernel/qapplication_x11.cpp:3432
#22 0x00007f69f0f2f942 in x11EventSourceDispatch (s=0x266e540, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#23 0x00007f69e5ba1b33 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#24 0x00007f69e5ba2310 in g_main_context_iterate () from /usr/lib/libglib-2.0.so.0
#25 0x00007f69e5ba25ad in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#26 0x00007f69f020887f in QEventDispatcherGlib::processEvents (this=0x2287510, flags=<value optimized out>) at kernel/qeventdispatcher_glib.cpp:412
#27 0x00007f69f0f2f60e in QGuiEventDispatcherGlib::processEvents (this=<value optimized out>, flags=<value optimized out>) at kernel/qguieventdispatcher_glib.cpp:204
#28 0x00007f69f01df172 in QEventLoop::processEvents (this=<value optimized out>, flags=...) at kernel/qeventloop.cpp:149
#29 0x00007f69f01df3ac in QEventLoop::exec (this=0x7fff14893ee0, flags=...) at kernel/qeventloop.cpp:201
#30 0x00007f69f01e37bb in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1003
#31 0x0000000000403594 in main (argc=3, argv=0x7fff148941d8) at /home/kde-devel/src/KDE/kdepim/kmail/main.cpp:145

Reported using DrKonqi

Comment 1 Alex Merry 2010-09-09 15:20:00 UTC

Actually, simply typing stuff into the To: line and immediately deleting it all again causes this.

Valgrind output:

==14221== Invalid read of size 8
==14221==    at 0xA5A5BD7: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.h:125)
==14221==    by 0x95A2BB5: QLineEdit::focusOutEvent(QFocusEvent*) (qlineedit.cpp:1830)
==14221==    by 0x51784E7: KLineEdit::focusOutEvent(QFocusEvent*) (klineedit.cpp:1799)
==14221==    by 0x91FA1DB: QWidget::event(QEvent*) (qwidget.cpp:8157)
==14221==    by 0x95A0F10: QLineEdit::event(QEvent*) (qlineedit.cpp:1480)
==14221==    by 0x517667F: KLineEdit::event(QEvent*) (klineedit.cpp:1394)
==14221==    by 0x91AAAE3: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4302)
==14221==    by 0x91AEBC9: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4185)
==14221==    by 0x5090C8C: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:310)
==14221==    by 0xA591D8B: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:726)
==14221==    by 0x91A8C9C: QApplicationPrivate::setFocusWidget(QWidget*, Qt::FocusReason) (qcoreapplication.h:215)
==14221==    by 0x91EDE20: QWidget::setFocus(Qt::FocusReason) (qwidget.cpp:6161)
==14221==  Address 0x1a837ae8 is 8 bytes inside a block of size 80 free'd
==14221==    at 0x4C24D9E: operator delete(void*) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14221==    by 0xE8CC2CF: MessageComposer::RecipientLineEdit::~RecipientLineEdit() (recipientline.h:49)
==14221==    by 0xA5A2AC3: QObjectPrivate::deleteChildren() (qobject.cpp:1978)
==14221==    by 0x91FDCA4: QWidget::~QWidget() (qwidget.cpp:1476)
==14221==    by 0xE8CBA5D: KPIM::MultiplyingLine::~MultiplyingLine() (in /home/kde-devel/kde/lib/libmessagecomposer.so.4.6.0)
==14221==    by 0xE8CBB25: MessageComposer::RecipientLineNG::~RecipientLineNG() (in /home/kde-devel/kde/lib/libmessagecomposer.so.4.6.0)
==14221==    by 0xE8CBB81: MessageComposer::RecipientLineNG::~RecipientLineNG() (recipientline.h:68)
==14221==    by 0x62854A9: KPIM::MultiplyingLineView::slotDeleteLine() (multiplyinglineview_p.cpp:180)
==14221==    by 0x6285358: KPIM::MultiplyingLineView::slotDecideLineDeletion(KPIM::MultiplyingLine*) (multiplyinglineview_p.cpp:152)
==14221==    by 0x6286439: KPIM::MultiplyingLineView::qt_metacall(QMetaObject::Call, int, void**) (multiplyinglineview_p.moc:121)
==14221==    by 0xA5A5DEE: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3287)
==14221==    by 0x6283714: KPIM::MultiplyingLine::deleteLine(KPIM::MultiplyingLine*) (multiplyingline.moc:138)
==14221== 
==14221== Invalid read of size 4
==14221==    at 0xA5A60AB: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject_p.h:222)
==14221==    by 0x95A2BB5: QLineEdit::focusOutEvent(QFocusEvent*) (qlineedit.cpp:1830)
==14221==    by 0x51784E7: KLineEdit::focusOutEvent(QFocusEvent*) (klineedit.cpp:1799)
==14221==    by 0x91FA1DB: QWidget::event(QEvent*) (qwidget.cpp:8157)
==14221==    by 0x95A0F10: QLineEdit::event(QEvent*) (qlineedit.cpp:1480)
==14221==    by 0x517667F: KLineEdit::event(QEvent*) (klineedit.cpp:1394)
==14221==    by 0x91AAAE3: QApplicationPrivate::notify_helper(QObject*, QEvent*) (qapplication.cpp:4302)
==14221==    by 0x91AEBC9: QApplication::notify(QObject*, QEvent*) (qapplication.cpp:4185)
==14221==    by 0x5090C8C: KApplication::notify(QObject*, QEvent*) (kapplication.cpp:310)
==14221==    by 0xA591D8B: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:726)
==14221==    by 0x91A8C9C: QApplicationPrivate::setFocusWidget(QWidget*, Qt::FocusReason) (qcoreapplication.h:215)
==14221==    by 0x91EDE20: QWidget::setFocus(Qt::FocusReason) (qwidget.cpp:6161)
==14221==  Address 0x60 is not stack'd, malloc'd or (recently) free'd
==14221== 
*** KMail got signal 11 (Exiting)

Comment 2 Alex Merry 2010-09-09 15:22:59 UTC

Additional note: the activate() call that crashes is trying to emit the QT3_SUPPORT lostFocus() signal, and the reason for the crash is that sender->d_func() evaluates to 0 (presumeably because sender refers to a deleted QObject).

Comment 3 Tobias Koenig 2010-12-12 00:26:59 UTC

Hej Alex,

can you still reporduce this with current version?
Works fine for me, can't get it to crash.

Ciao,
Tobias

Comment 4 Alex Merry 2013-01-11 22:41:51 UTC

No, although I don't use KMail much any more.  I'll close this WORKSFORME, and reopen it if it happens again.