[Bug 160149] New: application crash, eip contains 4 byte ascii string
Thomas Pollet
thomas.pollet at gmail.com
Mon Mar 31 09:56:44 BST 2008
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.kde.org/show_bug.cgi?id=160149
Summary: application crash, eip contains 4 byte ascii string
Product: kmail
Version: 1.9.4
Platform: RedHat RPMs
OS/Version: Linux
Status: UNCONFIRMED
Severity: crash
Priority: NOR
Component: general
AssignedTo: kdepim-bugs kde org
ReportedBy: thomas.pollet gmail com
Version: 1.9.4 (using KDE 3.5.9DevelKDE 3.5.6)
Installed from: RedHat RPMsRedHat RPMsRedHat RPMs
OS: Linux
Hi,
I found kmail crashing when downloading imap mail.
#6 0x53205349 in ?? ()
#7 0x03c6adb0 in KMail::ImapJob::slotGetNextMessage ()
from /usr/lib/libkmailprivate.so
...
>>> print struct.pack("<L",0x53205349)
IS S
so 0x53205349 is too much of anascii string to be sane. It looks like part of the subject of a mail I received. But I can't reproduce.
the disassembly looks like this:
0x03c6adaa <_ZN5KMail7ImapJob18slotGetNextMessageEv+74>: call *0xe0(%eax)
0x03c6adb0 <_ZN5KMail7ImapJob18slotGetNextMessageEv+80>: test %eax,%eax
the correspending code from imapjob.cpp here:
KMFolderImap *msgParent = msg ? static_cast<KMFolderImap*>(msg->storage()) : 0;
if ( !msgParent || !msg || msg->UID() == 0 )
msg->UID() is the call *0xe0(%eax)
so it looks like the msg vtable memory got corrupted earlier on. Though, the call to msg->storage() was successful, yet msg->storage() is in a different part of the class hierarchy.
I've been looking/testing the code to see where it got corrupted but I couldn't figure that out.
Regards,
Thomas Pollet
More information about the Kdepim-bugs
mailing list