<div dir="ltr"><div>Hello all, I have a quite annoying kmail crash, tried to debug but the codebase didn't help much.</div><div></div><div>The crash happens in `kidentitymanager`, but I believe the culprit is in kmail itself.</div><div></div><div>on KMail's `identitynpage.cpp`, method `slotRemoveIdentity` there are only two relevant calls:</div><br><div>mIPage.mIdentityList->identityTreeModel()->removeIdentities(listIdentityNames);</div><div>save();</div><div><br></div><div>That in turn calls kidentitymanager's KIdentityManager::commit(), <br></div><div>the commit call fails here, on the iterator access.<br></div><div><br></div><div> for (QList<Identity>::ConstIterator it = d->shadowIdentities.constBegin(); <br></div><div> it != d->shadowIdentities.constEnd();</div><div> ++it)</div><div> {<br> const int index = seenUOIDs.indexOf((*it).uoid());</div><div><br></div><div>The crash is deep down inside QHash so for me this feels like memory corruption:</div><div><span style="font-family:monospace"><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"></span></span><span style="font-family:monospace"><br><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">Thread 1 "kmail" received signal SIGSEGV, Segmentation fault.</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">
</span><br><span style="color:rgb(178,104,24);background-color:rgb(255,255,255)">QHash<QString, QVariant>::contains</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> (</span><span style="color:rgb(24,178,178);background-color:rgb(255,255,255)">this</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">=0x555557a79a40, </span><span style="color:rgb(24,178,178);background-color:rgb(255,255,255)">key</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">=...) at </span><span style="color:rgb(24,178,24);background-color:rgb(255,255,255)">/usr/include/qt6/QtCore/qhash.h</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">:1015</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">
</span><br><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">1015</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> </span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> </span><span style="font-weight:bold;color:rgb(84,84,255);background-color:rgb(255,255,255)">return</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> d</span><span style="color:rgb(178,24,24);background-color:rgb(255,255,255)">-></span><span style="font-weight:bold;color:rgb(0,0,0);background-color:rgb(255,255,255)">findNode</span><span style="color:rgb(178,24,24);background-color:rgb(255,255,255)">(</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">key</span><span style="color:rgb(178,24,24);background-color:rgb(255,255,255)">)</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> </span><span style="color:rgb(178,24,24);background-color:rgb(255,255,255)">!=</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> nullptr</span><span style="color:rgb(178,24,24);background-color:rgb(255,255,255)">;</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">
</span><br><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">(gdb) bt</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">
</span><br><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">#0 </span><span style="color:rgb(178,104,24);background-color:rgb(255,255,255)">QHash<QString, QVariant>::contains</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> (this=0x555557a79a40, key=...) at </span><span style="color:rgb(24,178,24);background-color:rgb(255,255,255)">/usr/include/qt6/QtCore/qhash.h</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">:1015</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">
</span><br><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">#1 </span><span style="color:rgb(178,104,24);background-color:rgb(255,255,255)">KIdentityManagementCore::Identity::property</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> (this=this@entry=0x555557a79a30, key=...)</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">
</span><br><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> at </span><span style="color:rgb(24,178,24);background-color:rgb(255,255,255)">/home/tcanabrava/Data/Projects/kde/src/kidentitymanagement/src/core/identity.cpp</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">:286</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">
</span><br><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">#2 </span><span style="color:rgb(24,24,178);background-color:rgb(255,255,255)">0x00007fffe7923a10</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> in </span><span style="color:rgb(178,104,24);background-color:rgb(255,255,255)">KIdentityManagementCore::Identity::uoid</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> (this=this@entry=0x555557a79a30)</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">
</span><br><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> at </span><span style="color:rgb(24,178,24);background-color:rgb(255,255,255)">/home/tcanabrava/Data/Projects/kde/src/kidentitymanagement/src/core/identity.cpp</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">:353</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">
</span><br><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">#3 </span><span style="color:rgb(24,24,178);background-color:rgb(255,255,255)">0x00007fffe7932961</span><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)"> in </span><span style="color:rgb(178,104,24);background-color:rgb(255,255,255)">KIdentityManagementCore::IdentityManager::commit</span><br><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">
</span><br></span></div><div><span style="font-family:monospace">But all the memory we are directly acessing is in the stack. <br></span></div><div><span style="font-family:monospace">Note that the `contains` call doesn't exist on the current code, it was a try I did to make sure it wouldn't crash. the actuall code has a direct access to .value().</span></div><div><span style="font-family:monospace">but, well, it crashed anyway.</span></div><div><span style="font-family:monospace"><br></span></div><div><span style="font-family:monospace">Help appreciated.</span></div><div><span style="font-family:monospace">Tomaz</span></div><div><span style="font-family:monospace"><br></span></div></div>