[kmail2] [Bug 470097] KMail crashes on close
Nicolas Fella
bugzilla_noreply at kde.org
Wed Jan 31 15:10:45 GMT 2024
https://bugs.kde.org/show_bug.cgi?id=470097
--- Comment #12 from Nicolas Fella <nicolas.fella at gmx.de> ---
==15427==ERROR: AddressSanitizer: global-buffer-overflow on address
0x7f20848ec398 at pc 0x7f208a53fabe bp 0x7ffe135e4180 sp 0x7ffe135e4178
READ of size 8 at 0x7f20848ec398 thread T0
#0 0x7f208a53fabd in KSelectionProxyModel::columnCount(QModelIndex const&)
const
/home/nico/kde-asan/src/kitemmodels/src/core/kselectionproxymodel.cpp:2362
#1 0x7f208447ffee in
QSortFilterProxyModelPrivate::find_source_sort_column() const
/home/nico/workspace/qt6/qtbase/src/corelib/itemmodels/qsortfilterproxymodel.cpp:660
#2 0x7f208448de6d in QSortFilterProxyModelPrivate::_q_clearMapping()
/home/nico/workspace/qt6/qtbase/src/corelib/itemmodels/qsortfilterproxymodel.cpp:468
#3 0x7f20844938e5 in QSortFilterProxyModelPrivate::_q_sourceReset()
/home/nico/workspace/qt6/qtbase/src/corelib/itemmodels/qsortfilterproxymodel.cpp:1587
#4 0x7f20844c11c5 in QtPrivate::FunctorCall<QtPrivate::IndexesList<>,
QtPrivate::List<>, void, void (QSortFilterProxyModelPrivate::*)()>::call(void
(QSortFilterProxyModelPrivate::*)(), QSortFilterProxyModelPrivate*, void**)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobjectdefs_impl.h:145
#5 0x7f20844c12fe in void QtPrivate::FunctionPointer<void
(QSortFilterProxyModelPrivate::*)()>::call<QtPrivate::List<>, void>(void
(QSortFilterProxyModelPrivate::*)(), QSortFilterProxyModelPrivate*, void**)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobjectdefs_impl.h:182
#6 0x7f20844c12fe in QtPrivate::QPrivateSlotObject<void
(QSortFilterProxyModelPrivate::*)(), QtPrivate::List<>, void>::impl(int,
QtPrivate::QSlotObjectBase*, QObject*, void**, bool*)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject_p.h:282
#7 0x7f2083e5eae9 in void doActivate<false>(QObject*, int, void**)
(/home/nico/kde-asan/usr/lib64/libQt6Core.so.6+0x45eae9) (BuildId:
824a9810afdfb1aa8af0d80927e7427053b3ce19)
#8 0x7f2083e3dc55 in QMetaObject::activate(QObject*, QMetaObject const*,
int, void**)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:4120
#9 0x7f20843c11e8 in
QAbstractItemModel::modelReset(QAbstractItemModel::QPrivateSignal)
/home/nico/workspace/qt6/qtbase/src/corelib/Core_autogen/include/moc_qabstractitemmodel.cpp:1113
#10 0x7f20843c7a27 in QAbstractItemModel::endResetModel()
/home/nico/workspace/qt6/qtbase/src/corelib/itemmodels/qabstractitemmodel.cpp:3415
#11 0x7f208a54033d in operator()
/home/nico/kde-asan/src/kitemmodels/src/core/kselectionproxymodel.cpp:2404
#12 0x7f208a54dd7c in call
/home/nico/kde-asan/usr/include/QtCore/qobjectdefs_impl.h:137
#13 0x7f208a54c986 in call<QtPrivate::List<>, void>
/home/nico/kde-asan/usr/include/QtCore/qobjectdefs_impl.h:345
#14 0x7f208a54c549 in impl
/home/nico/kde-asan/usr/include/QtCore/qobjectdefs_impl.h:555
#15 0x7f2083e5eae9 in void doActivate<false>(QObject*, int, void**)
(/home/nico/kde-asan/usr/lib64/libQt6Core.so.6+0x45eae9) (BuildId:
824a9810afdfb1aa8af0d80927e7427053b3ce19)
#16 0x7f2083e3dc55 in QMetaObject::activate(QObject*, QMetaObject const*,
int, void**)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:4120
#17 0x7f20844150b3 in
QItemSelectionModel::modelChanged(QAbstractItemModel*)
/home/nico/workspace/qt6/qtbase/src/corelib/Core_autogen/include/moc_qitemselectionmodel.cpp:524
#18 0x7f2084434fac in
QItemSelectionModelPrivate::modelChanged(QAbstractItemModel*)
/home/nico/workspace/qt6/qtbase/src/corelib/itemmodels/qitemselectionmodel_p.h:74
#19 0x7f2084434fac in QObjectCompatProperty<QItemSelectionModelPrivate,
QAbstractItemModel*, &QItemSelectionModelPrivate::_qt_property_model_offset,
&QItemSelectionModelPrivate::setModel,
&QItemSelectionModelPrivate::modelChanged, decltype(nullptr)>::notify()
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qproperty_p.h:678
#20 0x7f2084419b5c in QItemSelectionModelPrivate::modelDestroyed()
/home/nico/workspace/qt6/qtbase/src/corelib/itemmodels/qitemselectionmodel.cpp:1089
#21 0x7f20844427ed in QtPrivate::FunctorCall<QtPrivate::IndexesList<>,
QtPrivate::List<>, void, void (QItemSelectionModelPrivate::*)()>::call(void
(QItemSelectionModelPrivate::*)(), QItemSelectionModelPrivate*, void**)
(/home/nico/kde-asan/usr/lib64/libQt6Core.so.6+0xa427ed) (BuildId:
824a9810afdfb1aa8af0d80927e7427053b3ce19)
#22 0x7f2084442926 in QtPrivate::QPrivateSlotObject<void
(QItemSelectionModelPrivate::*)(), QtPrivate::List<>, void>::impl(int,
QtPrivate::QSlotObjectBase*, QObject*, void**, bool*)
(/home/nico/kde-asan/usr/lib64/libQt6Core.so.6+0xa42926) (BuildId:
824a9810afdfb1aa8af0d80927e7427053b3ce19)
#23 0x7f2083e5eae9 in void doActivate<false>(QObject*, int, void**)
(/home/nico/kde-asan/usr/lib64/libQt6Core.so.6+0x45eae9) (BuildId:
824a9810afdfb1aa8af0d80927e7427053b3ce19)
#24 0x7f2083e3dc55 in QMetaObject::activate(QObject*, QMetaObject const*,
int, void**)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:4120
#25 0x7f2083e3dded in QObject::destroyed(QObject*)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/moc_qobject.cpp:233
#26 0x7f2083e54f0e in QObject::~QObject()
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:1070
#27 0x7f20843c78ea in QAbstractItemModel::~QAbstractItemModel()
/home/nico/workspace/qt6/qtbase/src/corelib/itemmodels/qabstractitemmodel.cpp:1722
#28 0x7f2084450690 in QAbstractProxyModel::~QAbstractProxyModel()
/home/nico/workspace/qt6/qtbase/src/corelib/itemmodels/qabstractproxymodel.cpp:165
#29 0x7f208447f972 in QSortFilterProxyModel::~QSortFilterProxyModel()
/home/nico/workspace/qt6/qtbase/src/corelib/itemmodels/qsortfilterproxymodel.cpp:2022
#30 0x7f208add0056 in
Akonadi::EntityRightsFilterModel::~EntityRightsFilterModel()
/home/nico/kde-asan/src/akonadi/src/core/models/entityrightsfiltermodel.cpp:61
#31 0x7f20823d31e6 in
MailCommon::FolderTreeWidgetProxyModel::~FolderTreeWidgetProxyModel()
/home/nico/kde-asan/src/mailcommon/src/folder/foldertreewidgetproxymodel.cpp:91
#32 0x7f20823d3201 in
MailCommon::FolderTreeWidgetProxyModel::~FolderTreeWidgetProxyModel()
/home/nico/kde-asan/src/mailcommon/src/folder/foldertreewidgetproxymodel.cpp:91
#33 0x7f2083e4dd4f in QObjectPrivate::deleteChildren()
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:2216
#34 0x7f2086f96cac in QWidget::~QWidget()
/home/nico/workspace/qt6/qtbase/src/widgets/kernel/qwidget.cpp:1524
#35 0x7f20823cb5fd in MailCommon::FolderTreeWidget::~FolderTreeWidget()
/home/nico/kde-asan/src/mailcommon/src/folder/foldertreewidget.cpp:131
#36 0x7f20823cb621 in MailCommon::FolderTreeWidget::~FolderTreeWidget()
/home/nico/kde-asan/src/mailcommon/src/folder/foldertreewidget.cpp:131
#37 0x7f2083e4dd4f in QObjectPrivate::deleteChildren()
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:2216
#38 0x7f2086f96cac in QWidget::~QWidget()
/home/nico/workspace/qt6/qtbase/src/widgets/kernel/qwidget.cpp:1524
#39 0x7f20871935d2 in QFrame::~QFrame()
/home/nico/workspace/qt6/qtbase/src/widgets/widgets/qframe.cpp:229
#40 0x7f2087570d83 in QSplitter::~QSplitter()
/home/nico/workspace/qt6/qtbase/src/widgets/widgets/qsplitter.cpp:951
#41 0x7f2087570da8 in QSplitter::~QSplitter()
/home/nico/workspace/qt6/qtbase/src/widgets/widgets/qsplitter.cpp:951
#42 0x7f2083e4dd4f in QObjectPrivate::deleteChildren()
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:2216
#43 0x7f2086f96cac in QWidget::~QWidget()
/home/nico/workspace/qt6/qtbase/src/widgets/kernel/qwidget.cpp:1524
#44 0x7f20871935d2 in QFrame::~QFrame()
/home/nico/workspace/qt6/qtbase/src/widgets/widgets/qframe.cpp:229
#45 0x7f2087570d83 in QSplitter::~QSplitter()
/home/nico/workspace/qt6/qtbase/src/widgets/widgets/qsplitter.cpp:951
#46 0x7f2087570da8 in QSplitter::~QSplitter()
/home/nico/workspace/qt6/qtbase/src/widgets/widgets/qsplitter.cpp:951
#47 0x7f20b03bf54b in KMMainWidget::deleteWidgets()
/home/nico/kde-asan/src/kmail/src/kmmainwidget.cpp:985
#48 0x7f20b03b9230 in KMMainWidget::destruct()
/home/nico/kde-asan/src/kmail/src/kmmainwidget.cpp:392
#49 0x7f20b03b8fa4 in KMMainWidget::~KMMainWidget()
/home/nico/kde-asan/src/kmail/src/kmmainwidget.cpp:376
#50 0x7f20b03b90d1 in KMMainWidget::~KMMainWidget()
/home/nico/kde-asan/src/kmail/src/kmmainwidget.cpp:377
#51 0x7f2083e4dd4f in QObjectPrivate::deleteChildren()
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:2216
#52 0x7f2086f96cac in QWidget::~QWidget()
/home/nico/workspace/qt6/qtbase/src/widgets/kernel/qwidget.cpp:1524
#53 0x7f2086f96d18 in QWidget::~QWidget()
/home/nico/workspace/qt6/qtbase/src/widgets/kernel/qwidget.cpp:1550
#54 0x7f2083e4dd4f in QObjectPrivate::deleteChildren()
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:2216
#55 0x7f2086f96cac in QWidget::~QWidget()
/home/nico/workspace/qt6/qtbase/src/widgets/kernel/qwidget.cpp:1524
#56 0x7f2087414052 in QMainWindow::~QMainWindow()
/home/nico/workspace/qt6/qtbase/src/widgets/widgets/qmainwindow.cpp:340
#57 0x7f208cbcd240 in KMainWindow::~KMainWindow()
/home/nico/kde-asan/src/kxmlgui/src/kmainwindow.cpp:433
#58 0x7f208cd1325f in KXmlGuiWindow::~KXmlGuiWindow()
/home/nico/kde-asan/src/kxmlgui/src/kxmlguiwindow.cpp:217
#59 0x7f20b029065e in KMMainWin::~KMMainWin()
/home/nico/kde-asan/src/kmail/src/kmmainwin.cpp:143
#60 0x7f20b02906b1 in KMMainWin::~KMMainWin()
/home/nico/kde-asan/src/kmail/src/kmmainwin.cpp:143
#61 0x7f2083e34e6d in qDeleteInEventHandler(QObject*)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:4975
#62 0x7f2083e4342f in QObject::event(QEvent*)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qobject.cpp:1433
#63 0x7f2086fa8c68 in QWidget::event(QEvent*)
/home/nico/workspace/qt6/qtbase/src/widgets/kernel/qwidget.cpp:9398
#64 0x7f2087419818 in QMainWindow::event(QEvent*)
/home/nico/workspace/qt6/qtbase/src/widgets/widgets/qmainwindow.cpp:1321
#65 0x7f208cbd3b70 in KMainWindow::event(QEvent*)
/home/nico/kde-asan/src/kxmlgui/src/kmainwindow.cpp:905
#66 0x7f208cd13581 in KXmlGuiWindow::event(QEvent*)
/home/nico/kde-asan/src/kxmlgui/src/kxmlguiwindow.cpp:221
#67 0x7f2086e67853 in QApplicationPrivate::notify_helper(QObject*, QEvent*)
/home/nico/workspace/qt6/qtbase/src/widgets/kernel/qapplication.cpp:3298
#68 0x7f2086e7df75 in QApplication::notify(QObject*, QEvent*)
/home/nico/workspace/qt6/qtbase/src/widgets/kernel/qapplication.cpp:3245
#69 0x7f2083d59820 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1134
#70 0x7f2083d599ae in QCoreApplication::sendEvent(QObject*, QEvent*)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1575
#71 0x7f2083d5ad11 in QCoreApplicationPrivate::sendPostedEvents(QObject*,
int, QThreadData*)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1946
#72 0x7f2083d5b006 in QCoreApplication::sendPostedEvents(QObject*, int)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1803
#73 0x7f208450df25 in postEventSourceDispatch
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:244
#74 0x7f2079f13f2f in g_main_dispatch ../glib/gmain.c:3476
#75 0x7f2079f13f2f in g_main_context_dispatch_unlocked ../glib/gmain.c:4284
#76 0x7f2079f15b57 in g_main_context_iterate_unlocked ../glib/gmain.c:4349
#77 0x7f2079f1620b in g_main_context_iteration ../glib/gmain.c:4414
#78 0x7f208450c4b5 in
QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:394
#79 0x7f20863d9269 in
QPAEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
/home/nico/workspace/qt6/qtbase/src/gui/platform/unix/qeventdispatcher_glib.cpp:87
#80 0x7f2083d7686f in
QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventloop.cpp:100
#81 0x7f2083d77d17 in
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>)
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qeventloop.cpp:182
#82 0x7f2083d61a20 in QCoreApplication::exec()
/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qcoreapplication.cpp:1478
#83 0x7f208560d697 in QGuiApplication::exec()
/home/nico/workspace/qt6/qtbase/src/gui/kernel/qguiapplication.cpp:1926
#84 0x7f2086e66ee8 in QApplication::exec()
/home/nico/workspace/qt6/qtbase/src/widgets/kernel/qapplication.cpp:2568
#85 0x40aa5d in main /home/nico/kde-asan/src/kmail/src/main.cpp:174
#86 0x7f20832281af in __libc_start_call_main
../sysdeps/nptl/libc_start_call_main.h:58
#87 0x7f2083228278 in __libc_start_main_impl ../csu/libc-start.c:360
#88 0x404704 in _start ../sysdeps/x86_64/start.S:115
0x7f20848ec398 is located 40 bytes before global variable 'staticMetaObject'
defined in
'/home/nico/workspace/qt6/qtbase/src/corelib/Core_autogen/include/moc_qobjectcleanuphandler.cpp:69:31'
(0x7f20848ec3c0) of size 56
0x7f20848ec398 is located 0 bytes after global variable
'qt_incomplete_metaTypeArray' defined in
'/home/nico/workspace/qt6/qtbase/src/corelib/kernel/qmetatype.h:2659:54'
(0x7f20848ec380) of size 24
SUMMARY: AddressSanitizer: global-buffer-overflow
/home/nico/kde-asan/src/kitemmodels/src/core/kselectionproxymodel.cpp:2362 in
KSelectionProxyModel::columnCount(QModelIndex const&) const
Shadow bytes around the buggy address:
0x7f20848ec100: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
0x7f20848ec180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x7f20848ec200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x7f20848ec280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x7f20848ec300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x7f20848ec380: 00 00 00[f9]f9 f9 f9 f9 00 00 00 00 00 00 00 f9
0x7f20848ec400: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
0x7f20848ec480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x7f20848ec500: 00 00 00 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 f9
0x7f20848ec580: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
0x7f20848ec600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==15427==ABORTING
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list