https://bugs.kde.org/show_bug.cgi?id=488265
Bug ID: 488265
Summary: Segfault when double-clicking on a draft
(KMEditItemCommand)
Classification: Applications
Product: kmail2
Version: 5.24.5
Platform: Kubuntu
OS: Linux
Status: REPORTED
Severity: crash
Priority: NOR
Component: commands and actions
Assignee: kdepim-b...@kde.org
Reporter: k...@stefanw.anonaddy.com
Target Milestone: ---
Created attachment 170299
--> https://bugs.kde.org/attachment.cgi?id=170299&action=edit
Backtrace of the destructor being called too early
Double-clicking on a draft results in a segfault every time on my fresh Kubuntu
24.04 install.
ANALYSIS
The location varies slightly, but is always in KMCommand::completed
(https://github.com/KDE/kmail/blob/v23.08.5/src/kmcommands.cpp#L263). The
reason is that the KMCommand has already been destroyed in KMCommand::execute
(https://github.com/KDE/kmail/blob/v23.08.5/src/kmcommands.cpp#L259), as can be
seen from the other backtrace I attached.
The KMEditItemCommand starts an asynchronous job and queues its own destruction
at the finishing of that job
(https://github.com/KDE/kmail/blob/v23.08.5/src/kmcommands.cpp#L583 and
https://github.com/KDE/kmail/blob/v23.08.5/src/kmcommands.cpp#L626). The
assumption seems to be that that can happen only after the rest of the code is
executed, but actually the destruction occurs in win->setMessage
(https://github.com/KDE/kmail/blob/v23.08.5/src/kmcommands.cpp#L589).
This happens because PIM Messagelib gives back control by using a QEventLoop
(https://invent.kde.org/pim/messagelib/-/blob/v23.08.5/mimetreeparser/src/memento/compositememento.cpp?ref_type=tags#L47).
Maybe Messagelib behaved differently before this commit
(https://invent.kde.org/pim/messagelib/-/commit/938fab622b7eb258f89f9b1492a3a264c260be58),
but I haven't checked it.
STEPS TO REPRODUCE
1. Create a draft by clicking on "New" and pressing Ctrl+s
2. Go to the drafts folder and double-click on the draft.
OBSERVED RESULT
Crash (Segfault)
EXPECTED RESULT
Draft opens for editing
SOFTWARE/OS VERSIONS
Operating System: Ubuntu 24.04
KDE Plasma Version: 5.27.11
KDE Frameworks Version: 5.115.0
Qt Version: 5.15.13
Kernel Version: 6.8.0-35-generic (64-bit)
Graphics Platform: Wayland
Processors: 12 × 13th Gen Intel® Core™ i5-1335U
Memory: 15,3 GiB of RAM
Graphics Processor: Mesa Intel® Graphics
Manufacturer: HP
Product Name: HP EliteBook 860 16 inch G10 Notebook PC
System Version: SBKPF
BACKTRACE
(see also the attached backtrace where the destructor is called before the
crash)
Thread 1 "kmail" received signal SIGSEGV, Segmentation fault.
0x000075f37fa82646 in QQmlData::isSignalConnected (d=0xbc350e8e, index=4) at
qml/qqmlengine.cpp:849
849 if (ddata->ownedByQml1)
(gdb) bt
#0 0x000075f37fa82646 in QQmlData::isSignalConnected (d=0xbc350e8e, index=4)
at qml/qqmlengine.cpp:849
#1 0x000075f382d126fe in QObjectPrivate::isDeclarativeSignalConnected
(signal_index=4, this=<optimized out>) at kernel/qobject_p.h:110
#2 doActivate<false> (sender=0x599118280310, signal_index=4,
argv=0x7ffd94ddcc90) at kernel/qobject.cpp:3814
#3 0x000075f382d0b697 in QMetaObject::activate
(sender=sender@entry=0x599118280310, m=m@entry=0x75f38c53cc00
<KMCommand::staticMetaObject>, local_signal_index=local_signal_index@entry=1,
argv=argv@entry=0x7ffd94ddcc90) at kernel/qobject.cpp:3985
#4 0x000075f38c304cd4 in KMCommand::completed (this=this@entry=0x599118280310,
_t1=<optimized out>, _t1@entry=0x599118280310) at
/usr/src/kmail-4:23.08.5-0ubuntu5/obj-x86_64-linux-gnu/src/kmailprivate_autogen/EWIEGA46WW/moc_kmcommands.cpp:201
#5 0x000075f38c41dc93 in KMCommand::slotPostTransfer (this=0x599118280310,
result=KMCommand::OK) at
/usr/src/kmail-4:23.08.5-0ubuntu5/src/kmcommands.cpp:263
#6 0x000075f382d12e16 in QtPrivate::QSlotObjectBase::call (a=0x7ffd94ddcdf0,
r=0x599118280310, this=0x5991187bf4f0) at
../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#7 doActivate<false> (sender=0x599118280310, signal_index=3,
argv=0x7ffd94ddcdf0) at kernel/qobject.cpp:3925
#8 0x000075f382d0b697 in QMetaObject::activate (sender=<optimized out>,
m=m@entry=0x75f38c53cc00 <KMCommand::staticMetaObject>,
local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7ffd94ddcdf0)
at kernel/qobject.cpp:3985
#9 0x000075f38c304c70 in KMCommand::messagesTransfered (this=<optimized out>,
_t1=<optimized out>) at
/usr/src/kmail-4:23.08.5-0ubuntu5/obj-x86_64-linux-gnu/src/kmailprivate_autogen/EWIEGA46WW/moc_kmcommands.cpp:194
#10 0x000075f382d12e16 in QtPrivate::QSlotObjectBase::call (a=0x7ffd94ddcf00,
r=0x599118280310, this=0x599118c59990) at
../../include/QtCore/../../src/corelib/kernel/qobjectdefs_impl.h:398
#11 doActivate<false> (sender=0x5991182c3850, signal_index=6,
argv=0x7ffd94ddcf00) at kernel/qobject.cpp:3925
#12 0x000075f382d0b697 in QMetaObject::activate
(sender=sender@entry=0x5991182c3850, m=<optimized out>,
local_signal_index=local_signal_index@entry=3, argv=argv@entry=0x7ffd94ddcf00)
at kernel/qobject.cpp:3985
#13 0x000075f383fa8266 in KJob::result (this=this@entry=0x5991182c3850,
_t1=<optimized out>, _t1@entry=0x5991182c3850, _t2=...) at
/usr/src/kcoreaddons-5.115.0-0ubuntu5/obj-x86_64-linux-gnu/src/lib/KF5CoreAddons_autogen/include/moc_kjob.cpp:633
#14 0x000075f383fae0eb in KJob::finishJob (this=0x5991182c3850,
emitResult=<optimized out>) at
/usr/src/kcoreaddons-5.115.0-0ubuntu5/src/lib/jobs/kjob.cpp:98
#15 0x000075f382d06343 in QObject::event (this=0x5991182c3850,
e=0x5991173f1470) at kernel/qobject.cpp:1347
#16 0x000075f38396bd45 in QApplicationPrivate::notify_helper (this=<optimized
out>, receiver=0x5991182c3850, e=0x5991173f1470) at
kernel/qapplication.cpp:3640
#17 0x000075f382cd8118 in QCoreApplication::notifyInternal2
(receiver=0x5991182c3850, event=0x5991173f1470) at
kernel/qcoreapplication.cpp:1064
#18 0x000075f382cd8332 in QCoreApplication::sendEvent (receiver=<optimized
out>, event=<optimized out>) at kernel/qcoreapplication.cpp:1462
#19 0x000075f382cdb94b in QCoreApplicationPrivate::sendPostedEvents
(receiver=0x0, event_type=0, data=0x5991168d8070) at
kernel/qcoreapplication.cpp:1821
#20 0x000075f382cdbebd in QCoreApplication::sendPostedEvents
(receiver=<optimized out>, event_type=<optimized out>) at
kernel/qcoreapplication.cpp:1680
#21 0x000075f382d35c0f in postEventSourceDispatch (s=s@entry=0x599116906ed0) at
kernel/qeventdispatcher_glib.cpp:277
#22 0x000075f37e8075b5 in g_main_dispatch (context=0x75f370000ed0) at
../../../glib/gmain.c:3344
#23 0x000075f37e866717 in g_main_context_dispatch_unlocked
(context=0x75f370000ed0) at ../../../glib/gmain.c:4152
#24 g_main_context_iterate_unlocked.isra.0
(context=context@entry=0x75f370000ed0, block=block@entry=1,
dispatch=dispatch@entry=1, self=<optimized out>) at ../../../glib/gmain.c:4217
#25 0x000075f37e806a53 in g_main_context_iteration (context=0x75f370000ed0,
may_block=1) at ../../../glib/gmain.c:4282
#26 0x000075f382d35279 in QEventDispatcherGlib::processEvents
(this=0x5991168caab0, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#27 0x000075f382cd6a7b in QEventLoop::exec (this=this@entry=0x7ffd94ddd330,
flags=..., flags@entry=...) at
../../include/QtCore/../../src/corelib/global/qflags.h:69
#28 0x000075f382cdf3e8 in QCoreApplication::exec () at
../../include/QtCore/../../src/corelib/global/qflags.h:121
#29 0x000075f383138ecd in QGuiApplication::exec () at
kernel/qguiapplication.cpp:1863
#30 0x000075f38396bcb9 in QApplication::exec () at kernel/qapplication.cpp:2832
#31 0x0000599114c661b9 in main (argc=<optimized out>, argv=<optimized out>) at
/usr/src/kmail-4:23.08.5-0ubuntu5/src/main.cpp:188
--
You are receiving this mail because:
You are watching all bug changes.
