Ubuntu
ubuntu-system-settings-online-accounts package

online-accounts-ui crashed with SIGSEGV in oxide::CompositorThreadProxy::SendSwapSoftwareFrameOnOwnerThread()

Bug #1381558 reported by Alberto Mardegan
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Online Accounts setup for Ubuntu Touch
Invalid
Undecided
Unassigned
Oxide
Fix Released
High
Chris Coulson
Oxide branch-1.5
1.4
Fix Released
High
Chris Coulson
Oxide 1.4.0
ubuntu-system-settings-online-accounts (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

To reproduce this bug, edit the file
    /usr/lib/*/ubuntu-system-settings/private/Ubuntu/OnlineAccounts/Plugin/WebView.qml

and comment out line 53 ("visible = false"), then try creating a Twitter account (or any account, for that matter). Just before the account creating has completed, this crash happens.

ProblemType: Crash
DistroRelease: Ubuntu 14.10
Package: ubuntu-system-settings-online-accounts 0.4+14.10.20141006-0ubuntu1 [modified: usr/bin/online-accounts-hooks usr/bin/online-accounts-service usr/bin/online-accounts-ui usr/lib/x86_64-linux-gnu/pkgconfig/OnlineAccountsPlugin.pc usr/lib/x86_64-linux-gnu/ubuntu-system-settings/private/Ubuntu/OnlineAccounts/Plugin/WebView.qml usr/lib/x86_64-linux-gnu/ubuntu-system-settings/private/Ubuntu/OnlineAccounts/Plugin/qmldir]
ProcVersionSignature: Ubuntu 3.16.0-20.27-generic 3.16.3
Uname: Linux 3.16.0-20-generic x86_64
ApportVersion: 2.14.7-0ubuntu6
Architecture: amd64
CurrentDesktop: Unity
Date: Wed Oct 15 17:03:02 2014
ExecutablePath: /usr/bin/online-accounts-ui
InstallationDate: Installed on 2014-09-23 (22 days ago)
InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Alpha amd64 (20140923)
ProcCmdline: /usr/bin/online-accounts-ui --desktop_file_hint=/usr/share/applications/online-accounts-ui.desktop --socket /run/user/1000/online-accounts-ui/ui-5
SegvAnalysis:
 Segfault happened at: 0x7f19ec6bd692 <oxide::CompositorThreadProxy::SendSwapSoftwareFrameOnOwnerThread(unsigned int, gfx::Size const&, float, unsigned int, gfx::Rect const&, gpu::Mailbox const&)+178>: mov 0x8(%rbp),%r13
 PC (0x7f19ec6bd692) ok
 source "0x8(%rbp)" (0x00000008) not located in a known VMA region (needed readable region)!
 destination "%r13" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: ubuntu-system-settings-online-accounts
StacktraceTop:
 oxide::CompositorThreadProxy::SendSwapSoftwareFrameOnOwnerThread (this=0x1923420, surface_id=1, size=..., scale=<optimized out>, id=3, damage_rect=..., bitmap_id=...) at ../../../../shared/browser/compositor/oxide_compositor_thread_proxy.cc:102
 Run (this=0x7fffe91ad3f8) at ../../../../third_party/chromium/src/base/callback.h:401
 base::debug::TaskAnnotator::RunTask (this=this@entry=0x16094b8, queue_function=queue_function@entry=0x7f19ef0753ae "MessageLoop::PostTask", run_function=run_function@entry=0x7f19ef0753cd "MessageLoop::RunTask", pending_task=...) at ../../../../third_party/chromium/src/base/debug/task_annotator.cc:62
 base::MessageLoop::RunTask (this=this@entry=0x1609360, pending_task=...) at ../../../../third_party/chromium/src/base/message_loop/message_loop.cc:447
 base::MessageLoop::DeferOrRunPendingTask (this=this@entry=0x1609360, pending_task=...) at ../../../../third_party/chromium/src/base/message_loop/message_loop.cc:456
Title: online-accounts-ui crashed with SIGSEGV in oxide::CompositorThreadProxy::SendSwapSoftwareFrameOnOwnerThread()
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm autopilot cdrom dip lpadmin plugdev sambashare sudo

Revision history for this message
Alberto Mardegan (mardy) wrote :
information type: Private → Public
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 ?? ()
 ?? ()
 ?? ()
 ?? ()
 ?? ()

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : StacktraceSource.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in ubuntu-system-settings-online-accounts (Ubuntu):
status: New → Invalid
Revision history for this message
Apport retracing service (apport) wrote : Crash report cannot be processed

Thank you for your report!

However, processing it in order to get sufficient information for the
developers failed (it does not generate a useful symbolic stack trace). This
might be caused by some outdated packages which were installed on your system
at the time of the report:

no debug symbol package found for libunity-gtk2-parser0
no debug symbol package found for libasyncns0
no debug symbol package found for libxkbcommon-x11-0
no debug symbol package found for libnih1
no debug symbol package found for libpng12-0
no debug symbol package found for libselinux1
no debug symbol package found for unity-gtk2-module
no debug symbol package found for libqt5network5
no debug symbol package found for libatk1.0-0
no debug symbol package found for libnih-dbus1
no debug symbol package found for libxkbcommon0
no debug symbol package found for libexpat1
no debug symbol package found for qtdeclarative5-ubuntu-ui-toolkit-plugin

Please upgrade your system to the latest package versions. If you still
encounter the crash, please file a new report.

Thank you for your understanding, and sorry for the inconvenience!

tags: removed: need-amd64-retrace
Revision history for this message
Chris Coulson (chrisccoulson) wrote :

This crash is specific to the software compositing path, which is largely untested. From the trace, it looks like |bitmap| is probably NULL. I'm not entirely sure what would cause that

void CompositorThreadProxy::SendSwapSoftwareFrameOnOwnerThread(
    uint32 surface_id,
    const gfx::Size& size,
    float scale,
    unsigned id,
    const gfx::Rect& damage_rect,
    const cc::SharedBitmapId& bitmap_id) {
  scoped_ptr<cc::SharedBitmap> bitmap(
      content::HostSharedBitmapManager::current()->GetSharedBitmapFromId(
        size, bitmap_id));
  DCHECK(bitmap);

  scoped_refptr<CompositorFrameHandle> frame(
      new CompositorFrameHandle(surface_id, this, size, scale));
  frame->software_frame_data_.reset(
      new SoftwareFrameData(id, damage_rect, bitmap->pixels()));

  if (!owner().compositor) {
    DidSwapCompositorFrame(surface_id, frame);
    return;
  }

  owner().compositor->SendSwapCompositorFrameToClient(surface_id, frame);
}

Revision history for this message
Chris Coulson (chrisccoulson) wrote :

So, when a webview is hidden, the output surface backbuffers are discarded. But it seems that we also discard the current frontbuffer, which would lead to GetSharedBitmapFromId() failing

Changed in ubuntu-system-settings-online-accounts:
status: New → Invalid
Changed in oxide:
status: New → Triaged
importance: Undecided → High
assignee: nobody → Chris Coulson (chrisccoulson)
milestone: none → branch-1.4
Chris Coulson (chrisccoulson)
Changed in oxide:
milestone: branch-1.4 → branch-1.5
Chris Coulson (chrisccoulson)
Changed in oxide:
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.