Ubuntu
qtbase-opensource-src package

Shell crashes when swiping the greeter with Qt 5.1.1

Bug #1223032 reported by Ricardo Salveti on 2013-09-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	qtbase-opensource-src (Ubuntu)	Fix Released	Critical	Unassigned
	unity8 (Ubuntu)	Invalid	Critical	Unassigned

Bug Description

Using unity8 from https://launchpad.net/~canonical-qt5-edgers/+archive/qt5-beta-proper together with Qt 5.1.1, which following packages:

unity8 1:7.81.3+13.10.20130905.2 -0+201309091433~302~ubuntu13.10.1
libqt5core5:armhf 5.1.1+dfsg-2ubuntu1~saucy1~test5
libqt5opengl5:armhf 5.1.1+dfsg-2ubuntu1~saucy1~test5

Qt5.1.1 based build:
http://s-jenkins:8080/job/ubuntu-touch-image-saucy-qt51/5/artifact/saucy-preinstalled-phablet-armhf.zip

Steps to reproduce:
1 - Boot the phone
2 - Swipe the greeter

Doesn't happen all the time, not easy to reproduce.

Backtrace:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x4d930460 (LWP 1577)]
0x00000000 in ?? ()
(gdb) bt full
#0 0x00000000 in ?? ()
No symbol table info available.
#1 0x40521df6 in QSGOpaqueTextureMaterial::compare (this=0x4e248f8c, o=0x4e2a1e54) at scenegraph/util/qsgtexturematerial.cpp:317
        diff = <optimized out>
        other = 0x4e2a1e54
#2 0x4051b0e4 in nodeLessThan (nodeA=0x4e248ee8, nodeB=0x4e2a1db0) at scenegraph/coreapi/qsgdefaultrenderer.cpp:86
        cmp = <optimized out>
        nodeB = 0x4e2a1db0
        nodeA = 0x4e248ee8
#3 0x4051bbb8 in QAlgorithmsPrivate::qSortHelper<QSGNode**, QSGNode*, bool (*)(QSGNode*, QSGNode*)> (start=0x4e10fe98, end=0x4e10fea0, end@entry=0x4e10fea4, t=@0x4e10fe98: 0x4e2a1db0,
    lessThan=lessThan@entry=0x4051b091 <nodeLessThan(QSGNode*, QSGNode*)>) at /usr/include/qt5/QtCore/qalgorithms.h:348
        span = 3
        low = 0x4e10fe98
        high = <optimized out>
        pivot = 0x4e10fe9c
#4 0x4051bba4 in QAlgorithmsPrivate::qSortHelper<QSGNode**, QSGNode*, bool (*)(QSGNode*, QSGNode*)> (start=<optimized out>, end=0x4e10feb4, t=@0x4e10fe98: 0x4e2a1db0,
    lessThan=lessThan@entry=0x4051b091 <nodeLessThan(QSGNode*, QSGNode*)>) at /usr/include/qt5/QtCore/qalgorithms.h:382
        span = <optimized out>
        low = 0x4e10fea4
        high = <optimized out>
        pivot = <optimized out>
#5 0x4051bb28 in qSort<QSGNode**, bool (*)(QSGNode*, QSGNode*)> (lessThan=<optimized out>, end=<optimized out>, start=<optimized out>) at /usr/include/qt5/QtCore/qalgorithms.h:184
No locals.
#6 QSGDefaultRenderer::render (this=0x4e10fcc0) at scenegraph/coreapi/qsgdefaultrenderer.cpp:240
        end = 8
        i = 0
        lessThan = 0x4051b091 <nodeLessThan(QSGNode*, QSGNode*)>
        start = <optimized out>
        r = <optimized out>
        sortNodes = <optimized out>
        opaqueStart = <optimized out>
        transparentStart = <optimized out>
#7 0x4051f1de in QSGRenderer::renderScene (this=this@entry=0x4e10fcc0, bindable=...) at scenegraph/coreapi/qsgrenderer.cpp:274
        profileFrames = false
        bindTime = 0
        renderTime = 0
#8 0x4051f2e8 in QSGRenderer::renderScene (this=this@entry=0x4e10fcc0) at scenegraph/coreapi/qsgrenderer.cpp:231
        b = warning: RTTI symbol not found for class 'QSGRenderer::renderScene()::B'
{<QSGBindable> = {_vptr.QSGBindable = 0x40648ad8 <vtable for QSGRenderer::renderScene()::B+8>}, <No data fields>}
#9 0x40525e56 in QSGContext::renderNextFrame (this=<optimized out>, renderer=0x4e10fcc0, fboId=<optimized out>) at scenegraph/qsgcontext.cpp:313
No locals.
#10 0x4054952e in QQuickWindowPrivate::renderSceneGraph (this=this@entry=0x19e3000, size=...) at items/qquickwindow.cpp:336
        _qml_memory_scope = {pushed = false}
        fboId = <optimized out>
        devicePixelRatio = <optimized out>
#11 0x40536ace in QSGRenderThread::syncAndRender (this=this@entry=0x19e3738) at scenegraph/qsgthreadedrenderloop.cpp:595
        i = 0
        profileFrames = <optimized out>
        syncRequested = <optimized out>
        __PRETTY_FUNCTION__ = "void QSGRenderThread::syncAndRender()"
        waitTimer = {t1 = 2116, t2 = 385602945}
        repaintRequested = <optimized out>
#12 0x40537996 in QSGRenderThread::run (this=0x19e3738) at scenegraph/qsgthreadedrenderloop.cpp:666
No locals.
#13 0x40a2986c in QThreadPrivate::start (arg=0x19e3738) at thread/qthread_unix.cpp:345
        __clframe = {__cancel_routine = 0x40a28ff1 <QThreadPrivate::finish(void*)>, __cancel_arg = 0x19e3738, __do_it = 1, __cancel_type = <optimized out>}
        thr = 0x19e3738
        data = <optimized out>
        objectName = {static null = {<No data fields>}, d = 0x40b9be94 <QArrayData::shared_null>}
#14 0x41793e64 in start_thread (arg=0x4d930460) at pthread_create.c:313
        pd = 0x4d930460
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {1301481080, 1301480544, 0, 1301478888, -1097374448, 1084397521, -1097374448, 27146232, 1301478888, 1098464835, 0 <repeats 16 times>,
                536870931, 0 <repeats 37 times>}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
        not_first_call = <optimized out>
        pagesize_m1 = <optimized out>
        sp = <optimized out>
        freesize = <optimized out>
        __PRETTY_FUNCTION__ = "start_thread"
#15 0x40f58758 in ?? () at ../ports/sysdeps/unix/sysv/linux/arm/nptl/../clone.S:96 from /lib/arm-linux-gnueabihf/libc.so.6
No locals.
#16 0x40f58758 in ?? () at ../ports/sysdeps/unix/sysv/linux/arm/nptl/../clone.S:96 from /lib/arm-linux-gnueabihf/libc.so.6

Tags:

CVE References

2013-4549

Ricardo Salveti (rsalveti) on 2013-09-09

tags:	added: qt5.1
Changed in qtbase-opensource-src (Ubuntu):
importance:	Undecided → Critical
Changed in unity8 (Ubuntu):
importance:	Undecided → Critical

Revision history for this message

Michał Sawicz (saviq) wrote on 2013-09-18:

Doesn't look like unity8 can actually do anything here - the trace looks limited to Qt.

Changed in unity8 (Ubuntu):
status:	New → Incomplete

Revision history for this message

Timo Jyrinki (timo-jyrinki) wrote on 2013-12-03:

Does not crash with Qt 5.2 anymore.

Changed in unity8 (Ubuntu):
status:	Incomplete → Invalid
Changed in qtbase-opensource-src (Ubuntu):
status:	New → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-03-14:

Download full text (13.3 KiB)

This bug was fixed in the package qtbase-opensource-src - 5.2.1+dfsg-1ubuntu7

---------------
qtbase-opensource-src (5.2.1+dfsg-1ubuntu7) trusty; urgency=medium

[ Colin Watson ]
* Add arm64 to archs that don't use -m64

qtbase-opensource-src (5.2.1+dfsg-1ubuntu6) trusty; urgency=medium

* Add Use-None-instead-of-GLX_NONE.patch:
- Cherry-pick upstream patch (LP: #1288278)

qtbase-opensource-src (5.2.1+dfsg-1ubuntu5) trusty; urgency=medium

* Only run tests on armhf, amd64 and i386.

qtbase-opensource-src (5.2.1+dfsg-1ubuntu4) trusty; urgency=medium

[ Chris Gagnon ]
* Enable unit tests

qtbase-opensource-src (5.2.1+dfsg-1ubuntu3) trusty; urgency=medium

* Revert the transitional package change final landing.

qtbase-opensource-src (5.2.1+dfsg-1ubuntu2) trusty; urgency=medium

* libqt5core5 transitional package to be able to run ABI related tests

qtbase-opensource-src (5.2.1+dfsg-1ubuntu1) trusty; urgency=low

  [ Dmitry Shachnev ]
  * Update watch file (taken from Debian).
  * Fix generating documentation by building qdoc before using it.
  * Remove qtcreator.qdoc from qtbase5-doc.install, as it is already in
    qtbase5-dev.install.
  * Merge with Debian up to 5.2.0~beta1+dfsg-3.
    - Fixes build failures on powerpc and armel.
  * Add debian/patches/fix_cppcodemarker_crash.patch to fix qdoc
    crash that caused ubuntu-ui-toolkit to FTBFS (LP: #1217331).

  [ Łukasz 'sil2100' Zemczak ]
  * Cherry-pick two submitted patches to support appmenu-qt: (LP: #1157213)
    - make_qkdetheme_constructor_public.diff
    - platformtheme_env.diff

  [ Timo Jyrinki ]
  * New upstream release 5.2.1 (LP: #1256341) (LP: #1223032) (LP: #1222988)
    (LP: #1223042) (LP: #1253120) (LP: #1251262)
  * Sync with Debian 5.2.0+dfsg-7, remaining changes:
    - Remove firebird and ibase dependencies
    - Maintainer fields and Vcs-Bzr
    - No gdb required on ppc64el
    - Provides: qt-default to qt5-default
    - Define explicit list on which archs openvg required
    - Additional patches:
      + disable_overlay_scrollbars.diff
      + load_testability_from_env_var.patch
      + make_qkdetheme_constructor_public.diff
      + platformtheme_env.diff
      + qdoc-Fix-crash-in-Generator-generateInnerNode.patch
      + 0001-Do-not-overwrite-basePixmap-of-QIconLoader-PixmapEnt.patch
    - Use our symbols files
    - Additional multi-arch packages (not correct policy-wise)
  * Drop upstream patches:
    - add_since_52_to_new_QColor_features.patch
    - fix_cppcodemarker_crash.patch
    - fix_usr-move_workaround_in_the_presence_of_multi-arch.patch
    - make_QColor_understand_AARRGGBB.patch
    - Add-workaround-for-GL-on-Android-emulator.patch
    - 0001-Do-not-overwrite-basePixmap-of-QIconLoader-PixmapEnt.patch
    - fix_destroy_qapp_segfault.diff
  * Remove Ubuntu patches:
    - enable_appmenu_support.diff (obsolete)
    - 0001-Implement-XEmbed-protocol.patch (submitted and merged upstream)
    - fix_maliit_activation.patch (not used anymore)
    - inputmethod_fix_focusout.patch (not used anymore)
    - fix_number_precision_qjsondocument.patch_8e8becdc.patch (upstream)
    - bug1227629.patch (merged upstream)
    - fix_rowinserted.patch (LP: #1242630...

This bug was fixed in the package qtbase-opensource-src - 5.2.1+dfsg-1ubuntu7

---------------
qtbase-opensource-src (5.2.1+dfsg-1ubuntu7) trusty; urgency=medium

[ Colin Watson ]
  * Add arm64 to archs that don't use -m64

qtbase-opensource-src (5.2.1+dfsg-1ubuntu6) trusty; urgency=medium

* Add Use-None-instead-of-GLX_NONE.patch:
    - Cherry-pick upstream patch (LP: #1288278)

qtbase-opensource-src (5.2.1+dfsg-1ubuntu5) trusty; urgency=medium

* Only run tests on armhf, amd64 and i386.

qtbase-opensource-src (5.2.1+dfsg-1ubuntu4) trusty; urgency=medium

[ Chris Gagnon ]
  * Enable unit tests

qtbase-opensource-src (5.2.1+dfsg-1ubuntu3) trusty; urgency=medium

* Revert the transitional package change final landing.

qtbase-opensource-src (5.2.1+dfsg-1ubuntu2) trusty; urgency=medium

* libqt5core5 transitional package to be able to run ABI related tests

qtbase-opensource-src (5.2.1+dfsg-1ubuntu1) trusty; urgency=low

[ Łukasz 'sil2100' Zemczak ]
  * Cherry-pick two submitted patches to support appmenu-qt: (LP: #1157213)
    - make_qkdetheme_constructor_public.diff
    - platformtheme_env.diff

qtbase-opensource-src (5.2.0+dfsg-7) unstable; urgency=medium

[ Dmitry Shachnev ]
  * Use canonical Vcs-Browser field.

[ Lisandro Damián Nicanor Pérez Meyer ]
  * Install qmake's arch-specific data in an arch-specific path by using the
    hostdatadir option while calling configure.
  * Upload to unstable.

qtbase-opensource-src (5.2.0+dfsg-6) experimental; urgency=medium

[ Dmitry Shachnev ]
  * Build-depend on libxcb-xkb-dev, to get more input languages support.
  * Also, build-depend on libxcb-sync-dev instead of removed libxcb-sync0-dev.
  * Fix misspelled DEB_HOST_ARCH_OS in debian/rules comments.
  * Re-introduce qtbase5-doc-html package.

[ Lisandro Damián Nicanor Pérez Meyer ]
  * Backport fix_crash_stale_pointer_dereferencing.patch to solve a crash
    while using harfbuzz-ng.
  * Update symbols files with buildd's logs.

qtbase-opensource-src (5.2.0+dfsg-5) experimental; urgency=medium

* Workaround sparc's FTBFS due to it's qatomic code.
  * Build Qt against system's harfbuzz (Closes: #733972).
  * Update symbol's files unsing buildd's logs.

qtbase-opensource-src (5.2.0+dfsg-4) experimental; urgency=medium

[ Dmitry Shachnev ]
  * Remove unused piece of code in debian/rules.

[ Lisandro Damián Nicanor Pérez Meyer ]
  * Enable processor detection for s390[x] and sparc.
    - Do not use Wcast-align on header's tests on sparc, thus avoiding a FTBFS.
  * Update symbols files using buildds' logs.
  * Patch out Google-AdSense tracker from examples.
  * Update Standars-Version to 3.9.5, no changes required.

qtbase-opensource-src (5.2.0+dfsg-3) experimental; urgency=low

[ Pino Toscano ]
  * Further fix for MIPS, also in the orderedMemoryFence implementation;
    patch mips_more_pre-mips32.diff.
  * rules: small simplification in the platform_arg (mkspec) selection.
  * Initial support for GNU/kFreeBSD:
    - provide qmake mkspec, and use LD_LIBRARY_PATH; patch gnukfreebsd.diff
    - rules: use the gnukfreebsd-g++ when configure'ing
  * Get rid of our glibc-g++ qmake mkspec: it was a mistake with Qt4 (3?)
    already, and it is no more working with non-Linux OSes; as a consequence,
    error out for OSes with no qmake mkspec explicitly set in rules.
  * Remove the Pre-Depends on dpkg >= 1.15.6~, since that version is available
    in Squeeze already.

[ Lisandro Damián Nicanor Pérez Meyer ]
  * Update symbols files with buildds' logs.

[ Dmitry Shachnev ]
  * Explicitly define all DEB_HOST_ARCH{,_BITS} variables and remove duplicate
    variables.

qtbase-opensource-src (5.2.0+dfsg-2) experimental; urgency=medium

[ Pino Toscano ]
  * Simplify and sort qtbase5-dev.install-armel and qtbase5-dev.install-armhf.
  * Include sys/utsname.h for uname(3); patch uname_include.diff.
  * Move few Linux-only files from qtbase5-dev.install-common to
    qtbase5-dev.install-linux.
  * Remove the cmake files of QtSql plugins on dh_auto_install phase instead
    of dh_install.

qtbase-opensource-src (5.2.0+dfsg-1) experimental; urgency=low

[ Dmitry Shachnev ]
  * Fix two wrongly sorted lines in qtbase5-private-dev.install (thanks Timo).
  * Do not list armhf-specific paths in qtbase5-dev.install-armel.

[ Lisandro Damián Nicanor Pérez Meyer ]
  * New upstream release.
  * Update install files.
  * Update symbols files, marking private symbols as such.
  * Remove Disallow_deep_or_widely_nested_entity_references.patch, it has been
    applied upstream.
  * Upstream made all archs use double for qreal (see #731261 for more
    context).
    - Rename libqt5core5 to libqt5core5a to help in the transition:
      - Make libqt5core5a break and replace libqt5core5 << 5.2.0+dfsg~.
      - Rename the associated files (install, lintian-overrides and symbols).
      - Adjust dependencies in debian/control.
      - Add lintian override for package not matching SONAME.
    - Re create symbols that used the qreal subst, they are now all doubles.
  * A user of Qt built by a distro doesn't needs to find where the SQL plugins
    are via CMake. Do not install them (Closes: #729602).

qtbase-opensource-src (5.2.0~beta1+dfsg-3) experimental; urgency=low

[ Lisandro Damián Nicanor Pérez Meyer ]
  * Also install KSM/EGL CMake's configuration files for armel:
    - Create debian/qtbase5-dev.install-armel.
  * Install the QEvdev CMake related files only in Linux, as they are not
    present in Hurd.
  * Update symbols files.

qtbase-opensource-src (5.2.0~beta1+dfsg-2) experimental; urgency=low

* Install KMS/EGL CMake's configuration files for armhf.
    - Create debian/qtbase5-dev.install-armhf.
    - Move debian/qtbase5-dev.install to debian/qtbase5-dev.install-common.
  * Update symbols files.
  * Import upstream's fix_power_atomic_code.patch for fixing PowerPC's FTBFS
    (Closes: #729265). Thanks Aurelien Jarno for the patch.
  * Import upstream's support_mips_atomic_on_pre-mips32_archs.patch for fixing
    MIPS's FTBFS (Closes: #729187). Thanks Aurelien Jarno for the patch.

qtbase-opensource-src (5.2.0~beta1+dfsg-1) experimental; urgency=low

[ Dmitry Shachnev ]
  * New upstream beta release.
  * Drop fix_usr-move_workaround_in_the_presence_of_multi-arch.patch,
    applied upstream.
  * Update .install files for new upstream release.
  * Make libqt5core5 provide qtbase-abi-5-2-0.
  * Update symbols files.
  * Add myself to Uploaders.

[ Lisandro Damián Nicanor Pérez Meyer ]
  * Use newer qtbase-abi-5-2-0 in lintian-overrides files.

qtbase-opensource-src (5.1.1+dfsg-6) unstable; urgency=high

* Backport Disallow_deep_or_widely_nested_entity_references.patch to fix
    CVE-2013-4549: XML Entity Expansion Denial of Service. Set severity
    to high.
  * Update symbols files with buildds' logs.

qtbase-opensource-src (5.1.1+dfsg-5) unstable; urgency=low

* Add mips64 and mipsel64 to the list of archs that should use linux-g++
    instead of linux-g++-64 (Closes: #727139).

qtbase-opensource-src (5.1.1+dfsg-4) unstable; urgency=low

[ Pino Toscano ]
  * Limit the libasound2-dev build dependency as linux-any, as the oss-alsa
    replacement is not usable for qt5 anyway.
  * Remove X11R6 library- and include-dirs from the hurd-g++ mkspec, as they
    might cause issues; patch hurd_opengl_incldir.diff.
  * Update symbols files.

qtbase-opensource-src (5.1.1+dfsg-3) unstable; urgency=low

[ Pino Toscano ]
  * Move libcomposeplatforminputcontextplugin.so, libqoffscreen.so and
    libqgtk2.so from libqt5gui5.install-linux to libqt5gui5.install-common,
    as they are compiled also on non-Linux OSes.

qtbase-opensource-src (5.1.1+dfsg-2) unstable; urgency=low

* Add upstream patch
    fix_usr-move_workaround_in_the_presence_of_multi-arch.patch to solve
    a CMake paths issue that involved a workaround for other distros
    (Closes: #721176).
  * Update symbols files with symbols from other archs.

qtbase-opensource-src (5.1.1+dfsg-1) unstable; urgency=low

* New upstream release.
  * Remove patches applied upstresm:
    - deppath_gnu.diff, the fix is now included upstream.
    - Dont_check_for_the_existence_of_priv_inc_dirs.patch
  * Update amd64 symbols and mark the private ones.
  * Update lintian overrides.

qtbase-opensource-src (5.1.0+dfsg-5) unstable; urgency=low

[ Pino Toscano ]
  * Extend patch sha3_64bit_BE.diff with another needed function; should
    really fix build on s390x and ppc64 now.

qtbase-opensource-src (5.1.0+dfsg-4) unstable; urgency=low

[ Pino Toscano ]
  * Fix build of the SHA3 implementation on 64bit big endian architectures
    (e.g. s390x and ppc64); patch sha3_64bit_BE.diff.
  * Update/simplify lintian overrides.
  * Fix build on ia64 by disabling the use of Linux perf events, which do not
    seem present on linux/ia64 kernels; patch linux_no_perf.diff.

qtbase-opensource-src (5.1.0+dfsg-3) unstable; urgency=low

* Upload to unstable.

qtbase-opensource-src (5.1.0+dfsg-2) experimental; urgency=low

* Add libxkbcommon-dev as build dependency, thus avoiding using the bundled
    lib.
  * Minor improvement of mark_private_symbols.sh.
  * Add Dont_check_for_the_existence_of_priv_inc_dirs.patch that avoids making
    our users install private headers in order to compile with CMake
    (Closes: #718348).
  * Armel also builds libqkms.so, added to the proper install file.
  * Update symbols files.

qtbase-opensource-src (5.1.0+dfsg-1) experimental; urgency=low

* New upstream release.
  * Do not build depend on libopenvg1-mesa-dev on hurd, it's not available
    there.
  * Fix watch file with new url.
  * Make libqt5core5 provide qtbase-abi-5-1-0.
  * Update symbols files with latest 5.0.2 build logs.
  * Remove patches applied upstream:
    - undef_B0.diff
    - Rename-qAbs-Function-for-timeval.patch
    - build_examples.patch, adding the new -compile-examples switch.
  * Refresh patches: deppath_gnu.diff.
  * Bump Build-Depends-Indep qttools5-dev-tools dependency to << 5.1.0~.
  * Do not remove the include dir on cleaning the sources. Prior to Qt 5.1 perl
    would be run and re-create the includes. In 5.1, perl only runs if .git is
    found and the build is done out-of-source. Thanks Pino and Thiago for the
    hints.
  * Fix typo in -no-direcfb switch in configure.
  * Update install files.
  * Update symbols files with current build. The missing symbols seemed to be
    internal/private stuff and optional ones, so everything should be OK.
  * Mark private symbols in symbols files.
  * Add a lintian override for libqt5core5. Symbols should declare a dependency
    on qtbase-abi-5-1-0.
  * Change symbols files and lintian overrides to provide qtbase-abi-5-1-0.
  * Minimal improve of README.source with private symbols handling.
  * Remove doc packages. The build system has changed and I can't build them
    anymore.
    - Remove independent build deps.
    - Remove the doc packages from debian/control.
    - Remove their asociated install files.
    - Remove the indep targets in debian/rules.
 -- Timo Jyrinki <timo-jyrinki@ubuntu.com>   Mon, 10 Mar 2014 11:01:46 +0000

Changed in qtbase-opensource-src (Ubuntu):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuqtbase-opensource-src package

Shell crashes when swiping the greeter with Qt 5.1.1

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
qtbase-opensource-src package