462877 – KMail crashes when clicking away from a PGP signed email to another email before the signature is verified

Bug 462877 - KMail crashes when clicking away from a PGP signed email to another email before the signature is verified

Summary: KMail crashes when clicking away from a PGP signed email to another email bef...

Status:	REPORTED

Alias:	None

Product:	kmail2
Classification:	Applications
Component:	general (show other bugs)
Version:	unspecified
Platform:	openSUSE Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	kdepim bugs

URL:
Keywords:	drkonqi

Depends on:
Blocks:

Reported:	2022-12-11 02:32 UTC by Marc Joliet
Modified:	2023-09-05 22:49 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
New crash information added by DrKonqi (5.97 KB, text/plain) 2022-12-12 10:56 UTC, Marc Joliet	Details
New crash information added by DrKonqi (6.03 KB, text/plain) 2022-12-12 15:23 UTC, Marc Joliet	Details
New crash information added by DrKonqi (6.68 KB, text/plain) 2022-12-14 13:24 UTC, Marc Joliet	Details
New crash information added by DrKonqi (6.60 KB, text/plain) 2023-01-27 19:59 UTC, Marc Joliet	Details
New crash information (7.55 KB, text/plain) 2023-07-12 15:20 UTC, Marc Joliet	Details
New crash information added by DrKonqi (7.01 KB, text/plain) 2023-09-05 22:34 UTC, Marc Joliet	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Marc Joliet 2022-12-11 02:32:28 UTC

Application: kmail (5.22.0 (22.12.0))

Qt Version: 5.15.7
Frameworks Version: 5.100.0
Operating System: Linux 6.0.10-1-default x86_64
Windowing System: X11
Distribution: openSUSE Tumbleweed
DrKonqi: 5.26.4 [KCrashBackend]

-- Information about the crash:
KMail crashed with a SEGFAULT when I selected its window and clicked on an Email to read.

The reporter is unsure if this crash is reproducible.

-- Backtrace:
Application: KMail (kmail), signal: Segmentation fault

[KCrash Handler]
#4  0x00007faa979b4802 in KMime::Content::headerByType(char const*) const () from /lib64/libKF5Mime.so.5
#5  0x00007faa979b565a in KMime::Content::contentTransferEncoding(bool) () from /lib64/libKF5Mime.so.5
#6  0x00007faa979b663f in ?? () from /lib64/libKF5Mime.so.5
#7  0x00007faa979b6777 in KMime::Content::decodedText(bool, bool) () from /lib64/libKF5Mime.so.5
#8  0x00007faa98026d3d in MimeTreeParser::ObjectTreeParser::extractNodeInfos (isFirstTextPart=<optimized out>, curNode=0x55acfe5a9aa0, this=0x7ffe3c030ab0) at /usr/src/debug/messagelib-22.12.0/mimetreeparser/src/objecttreeparser.cpp:270
#9  MimeTreeParser::ObjectTreeParser::extractNodeInfos (this=this@entry=0x7ffe3c030ab0, curNode=0x55acfe5a9aa0, isFirstTextPart=isFirstTextPart@entry=true) at /usr/src/debug/messagelib-22.12.0/mimetreeparser/src/objecttreeparser.cpp:267
#10 0x00007faa980289e8 in MimeTreeParser::ObjectTreeParser::parseObjectTree (this=0x7ffe3c030ab0, node=<optimized out>, parseOnlySingleNode=<optimized out>) at /usr/src/debug/messagelib-22.12.0/mimetreeparser/src/objecttreeparser.cpp:122
#11 0x00007faa98357158 in MessageViewer::ViewerPrivate::parseContent (this=0x55acfcd6ce20, content=0x55acfe5a8cd0) at /usr/src/debug/messagelib-22.12.0/messageviewer/src/viewer/viewer_p.cpp:863
#12 0x00007faa98363389 in MessageViewer::ViewerPrivate::displayMessage (this=0x55acfcd6ce20) at /usr/include/qt5/QtCore/qsharedpointer_impl.h:301
#13 MessageViewer::ViewerPrivate::updateReaderWin (this=0x55acfcd6ce20) at /usr/src/debug/messagelib-22.12.0/messageviewer/src/viewer/viewer_p.cpp:2153
#14 0x00007faa991132cd in QtPrivate::QSlotObjectBase::call (a=0x7ffe3c030cf0, r=0x55acfcd6ce20, this=0x55acfce2ac60) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#15 doActivate<false> (sender=0x55acfcba8fc0, signal_index=3, argv=0x7ffe3c030cf0) at kernel/qobject.cpp:3919
#16 0x00007faa9910c74f in QMetaObject::activate (sender=<optimized out>, m=m@entry=0x7faa98040920 <MimeTreeParser::NodeHelper::staticMetaObject>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffe3c030cf0) at kernel/qobject.cpp:3979
#17 0x00007faa9800ca1e in MimeTreeParser::NodeHelper::update (this=<optimized out>, _t1=<optimized out>) at /usr/src/debug/messagelib-22.12.0/build/mimetreeparser/src/KF5MimeTreeParser_autogen/EWIEGA46WW/moc_nodehelper.cpp:133
#18 0x00007faa991132cd in QtPrivate::QSlotObjectBase::call (a=0x7ffe3c030df0, r=0x55acfcba8fc0, this=0x55acfe5b8810) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#19 doActivate<false> (sender=0x55acfe500930, signal_index=3, argv=0x7ffe3c030df0) at kernel/qobject.cpp:3919
#20 0x00007faa9910c74f in QMetaObject::activate (sender=sender@entry=0x55acfe500930, m=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffe3c030df0) at kernel/qobject.cpp:3979
#21 0x00007faa9802d5f4 in MimeTreeParser::CryptoBodyPartMemento::update (_t1=<optimized out>, this=0x55acfe500930) at /usr/src/debug/messagelib-22.12.0/build/mimetreeparser/src/KF5MimeTreeParser_autogen/YHS7SJUNTZ/moc_cryptobodypartmemento.cpp:144
#22 MimeTreeParser::CryptoBodyPartMemento::notify (this=0x55acfe500930) at /usr/src/debug/messagelib-22.12.0/mimetreeparser/src/memento/cryptobodypartmemento.h:48
#23 MimeTreeParser::VerifyDetachedBodyPartMemento::slotKeyListJobDone (this=0x55acfe500930) at /usr/src/debug/messagelib-22.12.0/mimetreeparser/src/memento/verifydetachedbodypartmemento.cpp:157
#24 0x00007faa991132cd in QtPrivate::QSlotObjectBase::call (a=0x7ffe3c030e90, r=0x55acfe500930, this=0x55acfe5c5c80) at ../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#25 doActivate<false> (sender=0x7faa600537f0, signal_index=4, argv=0x7ffe3c030e90) at kernel/qobject.cpp:3919
#26 0x00007faa97b776c7 in QGpgME::_detail::ThreadedJobMixin<QGpgME::KeyListJob, std::tuple<GpgME::KeyListResult, std::vector<GpgME::Key, std::allocator<GpgME::Key> >, QString, GpgME::Error> >::slotFinished (this=0x7faa600537f0) at /usr/src/debug/gpgme-1.18.0/lang/qt/src/threadedjobmixin.h:217
#27 0x00007faa99107c40 in QObject::event (this=0x7faa600537f0, e=0x7faa0800a700) at kernel/qobject.cpp:1347
#28 0x00007faa99da53fe in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x7faa600537f0, e=0x7faa0800a700) at kernel/qapplication.cpp:3637
#29 0x00007faa990dc128 in QCoreApplication::notifyInternal2 (receiver=0x7faa600537f0, event=0x7faa0800a700) at kernel/qcoreapplication.cpp:1064
#30 0x00007faa990df0c1 in QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x55acfc6d4990) at kernel/qcoreapplication.cpp:1821
#31 0x00007faa99134353 in postEventSourceDispatch (s=0x55acfc84e130) at kernel/qeventdispatcher_glib.cpp:277
#32 0x00007faa956bba90 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#33 0x00007faa956bbe48 in ?? () from /lib64/libglib-2.0.so.0
#34 0x00007faa956bbedc in g_main_context_iteration () from /lib64/libglib-2.0.so.0
#35 0x00007faa99133b56 in QEventDispatcherGlib::processEvents (this=0x55acfc84eca0, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#36 0x00007faa990dab9b in QEventLoop::exec (this=this@entry=0x7ffe3c031370, flags=..., flags@entry=...) at ../../include/QtCore/../../src/corelib/global/qflags.h:69
#37 0x00007faa990e2d06 in QCoreApplication::exec () at ../../include/QtCore/../../src/corelib/global/qflags.h:121
#38 0x000055acfbc76701 in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/kmail-22.12.0/src/main.cpp:184
[Inferior 1 (process 25150) detached]

The reporter indicates this bug may be a duplicate of or related to bug 263922.

Reported using DrKonqi

Comment 1 Marc Joliet 2022-12-12 10:56:49 UTC

Created attachment 154529 [details]
New crash information added by DrKonqi

kmail (5.22.0 (22.12.0)) using Qt 5.15.7

This was one of many crashes I got today trying to read the same email several times in a row.  So I suppose the bug is now at least partially reproducible.

-- Backtrace (Reduced):
#4  0x00007f29caeff7fe in KMime::Content::headerByType(char const*) const () from /lib64/libKF5Mime.so.5
#5  0x00007f29caf0065a in KMime::Content::contentTransferEncoding(bool) () from /lib64/libKF5Mime.so.5
[...]
#7  0x00007f29caf01777 in KMime::Content::decodedText(bool, bool) () from /lib64/libKF5Mime.so.5
#8  0x00007f29cb571d3d in MimeTreeParser::ObjectTreeParser::extractNodeInfos (isFirstTextPart=<optimized out>, curNode=0x55ba8ec971a0, this=0x7ffccd3ab7d0) at /usr/src/debug/messagelib-22.12.0/mimetreeparser/src/objecttreeparser.cpp:270
#9  MimeTreeParser::ObjectTreeParser::extractNodeInfos (this=this@entry=0x7ffccd3ab7d0, curNode=0x55ba8ec971a0, isFirstTextPart=isFirstTextPart@entry=true) at /usr/src/debug/messagelib-22.12.0/mimetreeparser/src/objecttreeparser.cpp:267

Comment 2 Marc Joliet 2022-12-12 15:23:13 UTC

Created attachment 154539 [details]
New crash information added by DrKonqi

kmail (5.22.0 (22.12.0)) using Qt 5.15.7

This is one of the latest crashes.  However, I then ran "akonadictl fsck" and "akonadictl vacuum", and immediately afterwards I was finally able to read the emails that were triggering the crash without any visible issue.

-- Backtrace (Reduced):
#4  0x00007f96609fc7fe in KMime::Content::headerByType(char const*) const () from /lib64/libKF5Mime.so.5
#5  0x00007f96609fd65a in KMime::Content::contentTransferEncoding(bool) () from /lib64/libKF5Mime.so.5
[...]
#7  0x00007f96609fe777 in KMime::Content::decodedText(bool, bool) () from /lib64/libKF5Mime.so.5
#8  0x00007f966106ed3d in MimeTreeParser::ObjectTreeParser::extractNodeInfos (isFirstTextPart=<optimized out>, curNode=0x5562b987b240, this=0x7fff079626c0) at /usr/src/debug/messagelib-22.12.0/mimetreeparser/src/objecttreeparser.cpp:270
#9  MimeTreeParser::ObjectTreeParser::extractNodeInfos (this=this@entry=0x7fff079626c0, curNode=0x5562b987b240, isFirstTextPart=isFirstTextPart@entry=true) at /usr/src/debug/messagelib-22.12.0/mimetreeparser/src/objecttreeparser.cpp:267

Comment 3 Marc Joliet 2022-12-14 13:24:57 UTC

Created attachment 154581 [details]
New crash information added by DrKonqi

kmail (5.22.0 (22.12.0)) using Qt 5.15.7

So the crashes still happen, and it's really annoying.  The backtrace is a little different, but the behaviour I encounter is the same, so I'm assuming this is still the same bug.  This is after a recent KDE frameworks update in OpenSuse Tumbleweed.

-- Backtrace (Reduced):
#4  0x00007f076d33d7fe in QVector<KMime::Headers::Base*>::begin (this=<optimized out>) at /usr/include/qt5/QtCore/qvector.h:220
#5  KMime::Content::headerByType (this=this@entry=0x564c37c96040, type=0x7f076d356046 "Content-Transfer-Encoding") at /usr/src/debug/kmime-22.12.0/src/kmime_content.cpp:617
#6  0x00007f076d33e65a in KMime::Content::header<KMime::Headers::ContentTransferEncoding> (create=true, this=0x564c37c96040) at /usr/src/debug/kmime-22.12.0/src/kmime_content.h:681
#7  KMime::Content::contentTransferEncoding (this=0x564c37c96040, create=<optimized out>) at /usr/src/debug/kmime-22.12.0/src/kmime_content.cpp:874
#8  0x00007f076d33f63f in KMime::ContentPrivate::decodeText (this=0x30, q=q@entry=0x564c37c96040) at /usr/src/debug/kmime-22.12.0/src/kmime_content.cpp:729

Comment 4 Marc Joliet 2022-12-26 21:26:46 UTC

OK, I think I've determined the precise cause of the crashes.  They consistently happen when:
- clicking away from an Email,
- that is signed with a PGP key,
- *before* KMail has finished verifying the signature.
If I wait for signature verification to finish, KMail does not crash.

Comment 5 Marc Joliet 2023-01-27 19:59:32 UTC

Created attachment 155711 [details]
New crash information added by DrKonqi

kmail (5.22.1 (22.12.1)) using Qt 5.15.8

Just adding a new backtrace to show that the bug still occurs, and it still happens consistently when opening an email before PGP signature verification has finished.

-- Backtrace (Reduced):
#4  0x00007ffbec33d7fe in QVector<KMime::Headers::Base*>::begin (this=<optimized out>) at /usr/include/qt5/QtCore/qvector.h:220
#5  KMime::Content::headerByType (this=this@entry=0x56336fe6cd40, type=0x7ffbec356046 "Content-Transfer-Encoding") at /usr/src/debug/kmime-22.12.1/src/kmime_content.cpp:617
#6  0x00007ffbec33e65a in KMime::Content::header<KMime::Headers::ContentTransferEncoding> (create=true, this=0x56336fe6cd40) at /usr/src/debug/kmime-22.12.1/src/kmime_content.h:681
#7  KMime::Content::contentTransferEncoding (this=0x56336fe6cd40, create=<optimized out>) at /usr/src/debug/kmime-22.12.1/src/kmime_content.cpp:874
#8  0x00007ffbec33f63f in KMime::ContentPrivate::decodeText (this=0x21, q=q@entry=0x56336fe6cd40) at /usr/src/debug/kmime-22.12.1/src/kmime_content.cpp:729

Comment 6 Marc Joliet 2023-07-12 15:20:06 UTC

Created attachment 160257 [details]
New crash information

I hadn't been able to reproduce the bug recently (maybe for a few weeks, but I'm not exactly sure), so I got adventurous and stopped waiting for the first PGP signature to be verified before looking at other emails.  But then it happened again this week, see attached crash report.  The reproducer remains the same: launch KMail, select a PGP signed email to read, then select a different email to read before the first one's PGP signature has finished verifying, and KMail should crash.

Comment 7 Marc Joliet 2023-09-05 22:34:57 UTC

Created attachment 161434 [details]
New crash information added by DrKonqi

kmail (5.24.0 (23.08.0)) using Qt 5.15.10

Same reproducer as usual: click away from GPG signed email before the signature was verified (this time coincidentally to an email that was *also* GPG signed, in case that might make a difference).

(I guess I'm just going to keep adding these until somebody says otherwise.)

-- Backtrace (Reduced):
#4  0x00007fdc99c54a3e in QVector<KMime::Headers::Base*>::begin (this=<optimized out>) at /usr/include/qt5/QtCore/qvector.h:220
#5  KMime::Content::headerByType (this=this@entry=0x55fe0cffe0c0, type=0x7fdc99c6d040 "Content-Transfer-Encoding") at /usr/src/debug/kmime-23.08.0/src/kmime_content.cpp:626
#6  0x00007fdc99c558aa in KMime::Content::header<KMime::Headers::ContentTransferEncoding> (create=true, this=0x55fe0cffe0c0) at /usr/src/debug/kmime-23.08.0/src/kmime_content.h:681
#7  KMime::Content::contentTransferEncoding (this=this@entry=0x55fe0cffe0c0, create=create@entry=true) at /usr/src/debug/kmime-23.08.0/src/kmime_content.cpp:883
#8  0x00007fdc99c5687f in KMime::ContentPrivate::decodeText (this=0x0, q=q@entry=0x55fe0cffe0c0) at /usr/src/debug/kmime-23.08.0/src/kmime_content.cpp:738