address-book-service

QContactManagerEngine crashes if requests are deleted before finished

Bug #1204265 reported by Gustavo Pichorim Boiko on 2013-07-23

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	address-book-service	Fix Released	High	Unassigned
	address-book-service (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Both in dialer-app and in messaging-app we have a ContactWatcher per delegate instance that places a QContactFetchRequest to match the phone number.

If the list is scrolled up and down fast enough, the application crashes (as the QContactFetchRequests are destroyed before they are finished. According to the QtPim documentation on that, it is the QContactManagerEngine's responsibility to make sure it is not trying to fulfill requests that are already deleted.

Here is the backtrace:
#0 0x00007ffff7848547 in testAndSetRelaxed<QMutexData*> (newValue=<optimized out>, expectedValue=<optimized out>, _q_value=<optimized out>)
    at ../../include/QtCore/../../src/corelib/arch/qatomic_x86.h:256
#1 testAndSetAcquire<QMutexData*, QMutexData*> (newValue=<optimized out>, expectedValue=<optimized out>, _q_value=<optimized out>)
    at ../../include/QtCore/../../src/corelib/thread/qgenericatomic.h:150
#2 testAndSetAcquire (newValue=<optimized out>, expectedValue=<optimized out>, this=<optimized out>) at ../../include/QtCore/../../src/corelib/thread/qbasicatomic.h:229
#3 fastTryLock (this=<optimized out>) at thread/qmutex.h:86
#4 QMutex::lock (this=0x1ad388) at thread/qmutex.cpp:212
#5 0x00007fffddbf0432 in QtContacts::QContactAbstractRequest::type() const () from /usr/lib/x86_64-linux-gnu/libQt5Contacts.so.5
#6 0x00007fffd44c57b1 in galera::RequestData::update(QtContacts::QContactAbstractRequest::State, QtContacts::QContactManager::Error, QMap<int, QtContacts::QContactManager::Error>) () from /usr/lib/x86_64-linux-gnu/qt5/plugins/contacts/libqtcontacts_galera.so
#7 0x00007fffd44c5cb3 in galera::RequestData::update(QList<QtContacts::QContact>, QtContacts::QContactAbstractRequest::State, QtContacts::QContactManager::Error, QMap<int, QtContacts::QContactManager::Error>) () from /usr/lib/x86_64-linux-gnu/qt5/plugins/contacts/libqtcontacts_galera.so
#8 0x00007fffd44beaad in galera::GaleraContactsService::fetchContactsDone(galera::RequestData*, QDBusPendingCallWatcher*) ()
   from /usr/lib/x86_64-linux-gnu/qt5/plugins/contacts/libqtcontacts_galera.so
#9 0x00007ffff79efb23 in call (a=0x7fffffffd630, r=0x648820, this=0xa5b5b0) at ../../include/QtCore/../../src/corelib/kernel/qobject_impl.h:127
#10 QMetaObject::activate (sender=0x648820, signalOffset=<optimized out>, local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffd630)
    at kernel/qobject.cpp:3437
#11 0x00007ffff79f0597 in QMetaObject::activate (sender=<optimized out>, m=m@entry=0x7ffff77c5620 <QDBusPendingCallWatcher::staticMetaObject>,
    local_signal_index=local_signal_index@entry=0, argv=argv@entry=0x7fffffffd630) at kernel/qobject.cpp:3320
#12 0x00007ffff75aca2f in QDBusPendingCallWatcher::finished (this=<optimized out>, _t1=0x648820) at .moc/release-shared/moc_qdbuspendingcall.cpp:146
#13 0x00007ffff75ae0eb in _q_finished (this=<optimized out>) at qdbuspendingcall.cpp:489
#14 QDBusPendingCallWatcher::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>)
    at .moc/release-shared/moc_qdbuspendingcall.cpp:78
#15 0x00007ffff79f106e in QObject::event (this=0x648820, e=<optimized out>) at kernel/qobject.cpp:1070
#16 0x00007ffff79cbe5d in QCoreApplication::notify (this=<optimized out>, receiver=<optimized out>, event=<optimized out>) at kernel/qcoreapplication.cpp:829
#17 0x00007ffff79cbb8d in QCoreApplication::notifyInternal (this=0x7fffffffdb60, receiver=0x648820, event=event@entry=0xa57ee0) at kernel/qcoreapplication.cpp:767
#18 0x00007ffff79cd367 in sendEvent (event=0xa57ee0, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:203
#19 QCoreApplicationPrivate::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=0x61b060) at kernel/qcoreapplication.cpp:1368
#20 0x00007ffff79cd993 in QCoreApplication::sendPostedEvents (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1228
#21 0x00007ffff7037b0c in QWindowSystemInterface::sendWindowSystemEvents (flags=...) at kernel/qwindowsysteminterface.cpp:516
#22 0x00007ffff00a2d30 in userEventSourceDispatch (source=source@entry=0x626750) at eventdispatchers/qeventdispatcher_glib.cpp:78
#23 0x00007ffff4ce80a6 in g_main_dispatch (context=0x626500) at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3058
#24 g_main_context_dispatch (context=context@entry=0x626500) at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3634
#25 0x00007ffff4ce83f8 in g_main_context_iterate (context=context@entry=0x626500, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>)
    at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3705
#26 0x00007ffff4ce849c in g_main_context_iteration (context=0x626500, may_block=1) at /build/buildd/glib2.0-2.37.3/./glib/gmain.c:3766
#27 0x00007ffff7a109dc in QEventDispatcherGlib::processEvents (this=0x61ed70, flags=...) at kernel/qeventdispatcher_glib.cpp:423
#28 0x00007ffff79caa3b in QEventLoop::exec (this=this@entry=0x7fffffffdaf0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212
#29 0x00007ffff79d01d1 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1020
#30 0x000000000040a437 in main ()

Related branches

lp:~renatofilho/address-book-service/fix-1204265

Merged into lp:address-book-service at revision 57

Gustavo Pichorim Boiko (community): Approve on 2013-07-25

PS Jenkins bot: Approve (continuous-integration) on 2013-07-25

lp:ubuntu/saucy-proposed/address-book-service

Renato Araujo Oliveira Filho (renatofilho) on 2013-07-24

Changed in address-book-service:
status:	New → In Progress

Revision history for this message

PS Jenkins bot (ps-jenkins) wrote on 2013-07-25:

Fix committed into lp:address-book-service at revision 57, scheduled for release in address-book-service, milestone Unknown

Changed in address-book-service:
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2013-07-29:

This bug was fixed in the package address-book-service - 0.1.0+13.10.20130729-0ubuntu1

---------------
address-book-service (0.1.0+13.10.20130729-0ubuntu1) saucy; urgency=low

  [ Renato Araujo Oliveira Filho ]
  * Favorite and PreferredAction support implementation.
  * Avoid QContactEngine crash when the request is deleted during a
    query. (LP: #1204265)
  * Removed missing return call.
  * Only notify about the new contacts on FetchRequest. (LP: #1193200)

[ Ubuntu daily release ]
* Automatic snapshot from revision 59
-- Ubuntu daily release <email address hidden> Mon, 29 Jul 2013 07:45:52 +0000

Changed in address-book-service (Ubuntu):
status:	New → Fix Released

Renato Araujo Oliveira Filho (renatofilho) on 2013-09-16

Changed in address-book-service:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.