miral-kiosk crashes on ldiv0 only on raspi3 with webkit

Bug #1717061 reported by Brandon Schaefer
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mir
Fix Released
Critical
Alan Griffiths
MirAL
Fix Committed
Critical
Alan Griffiths

Bug Description

miral-kiosk crashing specificity with a mir-kiosk-apps fancybrowser (or any webkit example)

How to reproduce:
1) Install a ubuntu core image for the raspi3 http://cdimage.ubuntu.com/ubuntu-core/16/edge/current/
2) snap install mir-libs --edge
3) snap install mir-kiosk --edge
4) install this snap https://code.launchpad.net/~brandontschaefer/+snap/webkit-demo/+build/73869/+files/mir-kiosk-apps_0.2_armhf.snap
5) snap install mir-kiosk-apps_0.2_armhf.snap --devmode
6) with the mir-kiosk running and the clocks kiosk-app running type:
   snap set mir-kiosk-apps app=fancybrowser

Stacktrace:
http://paste.ubuntu.com/25523431/

miral logging:
http://paste.ubuntu.com/25530436/

qt logging:
http://paste.ubuntu.com/25530449/

It seems for unknown reasons in miral::WindowInfo::constrain_resize the ar.width == 0 (pretty sure due to default value). Is getting past the error bit which seems from my read can only happen is the new_size.width < 0. So its pretty much doing 0 - -width * max_uint which will get past the error check.

From the logs them selfs I dont see *any* crazy numbers that would cause the width to become negative.

A fix is up, and a test that confirms that negative width bit but unsure how it got to be in that state.

https://code.launchpad.net/~brandontschaefer/mir/dont-divide-by-zero-miral/+merge/330702

Related branches

description: updated
description: updated
Michał Sawicz (saviq)
description: updated
Changed in miral:
status: New → In Progress
importance: Undecided → Critical
assignee: nobody → Brandon Schaefer (brandontschaefer)
Changed in mir:
status: New → In Progress
importance: Undecided → Critical
assignee: nobody → Alan Griffiths (alan-griffiths)
milestone: none → 1.0.0
Changed in miral:
assignee: Brandon Schaefer (brandontschaefer) → nobody
assignee: nobody → Alan Griffiths (alan-griffiths)
Changed in mir:
status: In Progress → Fix Committed
Revision history for this message
Mir CI Bot (mir-ci-bot) wrote :

Fix committed into lp:miral at revision 580, scheduled for release in miral, milestone Unknown

Changed in miral:
status: In Progress → Fix Committed
Changed in mir:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.