LibreOffice KDE4 backend crashes in Qt4 recursive paint events

Bug #1290514 reported by Jan-Marek Glogowski
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
qt4-x11 (Ubuntu)
Fix Released
High
Unassigned
Precise
Won't Fix
High
Unassigned
Quantal
Won't Fix
High
Unassigned
Saucy
Won't Fix
High
Unassigned
Trusty
Fix Released
High
Unassigned

Bug Description

Distribution: Kubuntu 12.04
Package: qt4-x11 4:4.8.1-0ubuntu4.6
Program: LibreOffice 4.3 (current master build).

This bugs origin is a crash when using KDE4 native file picker dialogs from within LibreOffice [1].

There are several similar ones in all distributions.

In the backtrace you can see, that LO calls the Qt event dispatcher, which processes a draw event, which - at some point - waits for the clipboard using the Qt / LO event loop, which processes another (now nested) draw event -> crash.

This happens, because LO sets
  qApp->clipboard()->setProperty( "useEventLoopWhenWaiting", true );
because the X11 event processing in clipboardWaitForEvents would interfere with the LO X11 handling / locking.

QX11Data::clipboardWaitForEvents (gui/kernel/qclipboard_x11.cpp:520) actually installs the correct clipboard event filter in the qapp, which should just handle Clipboard events.

But actually the Qt internal glib event loop doesn't honor the QEventLoop::ExcludeSocketNotifiers (see src/corelib/kernel/qeventdispatcher_glib.cpp).

Originally I opened [2], because I didn't want to deep dive into the Qt codebase. Since I didn't get any usable replies and all my implemented workarounds in LibreOffice didn't work I tried to understand the backtrace from [2] and realized the missing QEventLoop::ExcludeSocketNotifiers handling in the Qt glib code. I opened [3] and pushed a patch for Qt review as [4].

[1] https://bugs.freedesktop.org/show_bug.cgi?id=69002
[2] https://bugreports.qt-project.org/browse/QTBUG-34614
[3] https://bugreports.qt-project.org/browse/QTBUG-37380
[4] https://codereview.qt-project.org/#change,80528

[IMPACT]
The patch fixes the glib event loop to pass a currently failing testcase in the Qt4 library (processEventsExcludeSocket in tests/auto/qeventloop/tst_qeventloop.cpp). The flag was never handled in the glib eventloop.

[TEST CASE]
LibreOffice uses a very rarely used Qt codepath to poll the X11 clipboard (using the event loop), which needs this patch. Otherwise it crashes very often with the KDE 4 backend when polling the clipboard. There is no other codepath.
Test by using LibreOffice with the KDE theme until it crashes. After the patch is applied it will no longer crash.

[REGRESSION POTENTIAL]
I can't imagine a program out there which relies on this brokeness.
If the patch was really broken to invert the behaviour, the impact would be immediately visible, as no socket events would be processed, including X11 events.

Revision history for this message
Jan-Marek Glogowski (jmglogow) wrote :
Rohan Garg (rohangarg)
Changed in qt4-x11 (Ubuntu):
status: New → Triaged
tags: added: kubuntu
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in qt4-x11 (Ubuntu Precise):
status: New → Confirmed
Changed in qt4-x11 (Ubuntu Saucy):
status: New → Confirmed
Jonathan Riddell (jr)
Changed in qt4-x11 (Ubuntu Trusty):
milestone: none → ubuntu-14.04
Revision history for this message
Rohan Garg (rohangarg) wrote :

Debdiff for Saucy

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package qt4-x11 - 4:4.8.5+git192-g085f851+dfsg-2ubuntu4

---------------
qt4-x11 (4:4.8.5+git192-g085f851+dfsg-2ubuntu4) trusty; urgency=medium

  [ Jonathan Riddell ]
  * Add kubuntu_glib-honor-ExcludeSocketNotifiers-flag.diff from LiMux
    fix crash in LibreOffice with KDE theme LP: #1290514

  [ Rohan Garg ]
  * Add kubuntu_98_a11y_fix_crash.diff to fix plasma crashing due to
    ubuntu-specific accessibility patch LP: #1289600
 -- Jonathan Riddell <email address hidden> Tue, 11 Mar 2014 13:29:27 +0000

Changed in qt4-x11 (Ubuntu Trusty):
status: Triaged → Fix Released
Revision history for this message
Brian Murray (brian-murray) wrote : Missing SRU information

Thanks for uploading the fix for this bug report to -proposed. However, when reviewing the package in -proposed and the details of this bug report I noticed that the bug description is missing information required for the SRU process. You can find full details at http://wiki.ubuntu.com/StableReleaseUpdates#Procedure but essentially this bug is missing some of the following: a statement of impact, a test case and details regarding the regression potential. Thanks in advance!

Revision history for this message
Jonathan Riddell (jr) wrote :
Revision history for this message
Jonathan Riddell (jr) wrote :
Changed in qt4-x11 (Ubuntu Quantal):
status: New → Confirmed
Revision history for this message
Jonathan Riddell (jr) wrote :

Packages uploaded to precise-proposed, quantal-proposed and saucy-proposed awaiting approved by ~ubuntu-sru. Package updated in trusty.

Revision history for this message
Jonathan Riddell (jr) wrote :

These uploads also fix bug 1289600 which has image and test cases on that bug.

Jonathan Riddell (jr)
description: updated
Revision history for this message
Scott Kitterman (kitterman) wrote : Please test proposed package

Hello Jan-Marek, or anyone else affected,

Accepted qt4-x11 into saucy-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/qt4-x11/4:4.8.4+dfsg-0ubuntu18.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in qt4-x11 (Ubuntu Saucy):
status: Confirmed → Fix Committed
tags: added: verification-needed
Revision history for this message
Scott Kitterman (kitterman) wrote :

Hello Jan-Marek, or anyone else affected,

Accepted qt4-x11 into saucy-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/qt4-x11/4:4.8.3+dfsg-0ubuntu3.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
Scott Kitterman (kitterman) wrote :

Hello Jan-Marek, or anyone else affected,

Accepted qt4-x11 into saucy-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/qt4-x11/4:4.8.1-0ubuntu4.7 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in qt4-x11 (Ubuntu Precise):
status: Confirmed → Fix Committed
Changed in qt4-x11 (Ubuntu Quantal):
status: Confirmed → Fix Committed
Revision history for this message
Jonathan Riddell (jr) wrote :

I tried playing around with Libreoffice for a few hours in precise and quantal yesterday but could not recreate the crash.

tags: added: verification-done-precise verification-done-quantal
Revision history for this message
Jonathan Riddell (jr) wrote :

I deleted the packages in -proposed and uploaded without this patch to let the other SRU progress until we can work out how to recreate this issue

tags: removed: verification-done-precise verification-done-quantal
tags: removed: verification-needed
Revision history for this message
Rolf Leggewie (r0lf) wrote :

quantal has seen the end of its life and is no longer receiving any updates. Marking the quantal task for this ticket as "Won't Fix".

Changed in qt4-x11 (Ubuntu Quantal):
status: Fix Committed → Won't Fix
Revision history for this message
Rolf Leggewie (r0lf) wrote :

saucy has seen the end of its life and is no longer receiving any updates. Marking the saucy task for this ticket as "Won't Fix".

Changed in qt4-x11 (Ubuntu Saucy):
status: Fix Committed → Won't Fix
Mathew Hodson (mhodson)
Changed in qt4-x11 (Ubuntu Precise):
status: Fix Committed → Confirmed
Changed in qt4-x11 (Ubuntu):
milestone: ubuntu-14.04 → none
importance: Undecided → High
Changed in qt4-x11 (Ubuntu Precise):
importance: Undecided → High
Changed in qt4-x11 (Ubuntu Quantal):
importance: Undecided → High
Changed in qt4-x11 (Ubuntu Trusty):
importance: Undecided → High
Changed in qt4-x11 (Ubuntu Saucy):
importance: Undecided → High
tags: added: precise
Revision history for this message
Steve Langasek (vorlon) wrote :

The Precise Pangolin has reached end of life, so this bug will not be fixed for that release

Changed in qt4-x11 (Ubuntu Precise):
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.