Nux

compiz crashed with SIGSEGV in nux::WindowCompositor::DndEventCycle()

Bug #1363959 reported by David on 2014-09-01

This bug affects 2 people

	Status	Importance	Assigned to	Milestone
Nux	Fix Released	High	Marco Trevisan (Treviño)	Nux 4.0.8
Trusty	Fix Committed	High	Marco Trevisan (Treviño)	Nux 4.0.6.1
nux (Ubuntu)	Fix Released	Undecided	Unassigned
Trusty	Fix Released	Undecided	Unassigned

Bug Description

[Impact]

An occasional unpredictable crash in the Unity shell occurs during a drag-and-drop operation.

[Test Case]

Unfortunately it is not possible to reproduce this bug at will. Apparently is is caused by an uninitialized pointer dereference that only occurs in a timing-dependent manner.

Running a full autopilot test suite against the Unity desktop shell reveals no new regressions.

[Regression Potential]

The code change effectively adds a test for a null pointer. It is possible that this might introduce a regression in drag-and-drop functionality that previously relied on undefined behaviour to work when it didn't crash.

[Other Info]

Fix was released with Ubuntu 14.10 and no new regressions have been reported.

See original description

Tags:

Related branches

lp:~3v1n0/nux/check-dnd_area

Merged into lp:nux at revision 855

Brandon Schaefer (community): Approve on 2014-10-03

lp:~3v1n0/nux/check-dnd_area-trusty

Merged into lp:nux/trusty at revision 849

Brandon Schaefer (community): Approve on 2014-10-03

Revision history for this message

David (davidluksenburg) wrote on 2014-09-01:

BootDmesg.txt Edit (52.3 KiB, text/plain; charset="utf-8")
CurrentDmesg.txt Edit (23.2 KiB, text/plain; charset="utf-8")
Dependencies.txt Edit (4.2 KiB, text/plain; charset="utf-8")
Disassembly.txt Edit (1.5 KiB, text/plain; charset="utf-8")
DpkgLog.txt Edit (121.2 KiB, text/plain; charset="utf-8")
GconfCompiz.txt Edit (45.7 KiB, text/plain; charset="utf-8")
LightdmDisplayLog.txt Edit (2.8 KiB, text/plain; charset="utf-8")
LightdmGreeterLog.txt Edit (13.7 KiB, text/plain; charset="utf-8")
LightdmGreeterLogOld.txt Edit (9.2 KiB, text/plain; charset="utf-8")
LightdmLog.txt Edit (5.5 KiB, text/plain; charset="utf-8")
Lspci.txt Edit (10.7 KiB, text/plain; charset="utf-8")
Lsusb.txt Edit (474 bytes, text/plain; charset="utf-8")
MonitorsUser.xml.txt Edit (602 bytes, text/plain; charset="utf-8")
ProcCpuinfo.txt Edit (1.5 KiB, text/plain; charset="utf-8")
ProcInterrupts.txt Edit (1.5 KiB, text/plain; charset="utf-8")
ProcMaps.txt Edit (65.1 KiB, text/plain; charset="utf-8")
ProcModules.txt Edit (3.0 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (817 bytes, text/plain; charset="utf-8")
Registers.txt Edit (518 bytes, text/plain; charset="utf-8")
Stacktrace.txt Edit (1.6 KiB, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (8.4 KiB, text/plain; charset="utf-8")
UdevDb.txt Edit (115.1 KiB, text/plain; charset="utf-8")
UdevLog.txt Edit (267.3 KiB, text/plain; charset="utf-8")
UnitySupportTest.txt Edit (611 bytes, text/plain; charset="utf-8")
XorgLog.txt Edit (28.5 KiB, text/plain; charset="utf-8")
XorgLogOld.txt Edit (30.5 KiB, text/plain; charset="utf-8")
Xrandr.txt Edit (2.4 KiB, text/plain; charset="utf-8")
xdpyinfo.txt Edit (5.0 KiB, text/plain; charset="utf-8")
xserver.devices.txt Edit (513 bytes, text/plain; charset="utf-8")

Revision history for this message

Apport retracing service (apport) wrote on 2014-09-01:

StacktraceTop:
nux::WindowCompositor::DndEventCycle (this=0x85131b0, event=...) at ./WindowCompositor.cpp:287
nux::WindowCompositor::ProcessEvent (this=0x85131b0, event=...) at ./WindowCompositor.cpp:1164
nux::WindowThread::DoProcessEvent (this=0x84b6b40, event=...) at ./WindowThread.cpp:730
nux::WindowThread::ProcessEvent (this=0x84b6b40, event=...) at ./WindowThread.cpp:665
nux::nux_event_dispatch (user_data=0x84b6b40) at ./MainLoopGLib.cpp:133

Revision history for this message

Apport retracing service (apport) wrote on 2014-09-01: Stacktrace.txt

Stacktrace.txt Edit (3.1 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2014-09-01: StacktraceSource.txt

StacktraceSource.txt Edit (2.6 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2014-09-01: ThreadStacktrace.txt

ThreadStacktrace.txt Edit (12.6 KiB, text/plain)

Changed in compiz (Ubuntu):
importance:	Undecided → Medium
tags:	removed: need-i386-retrace

Apport retracing service (apport) on 2014-09-10

tags:

added: trusty

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-09-10:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in compiz (Ubuntu):
status:	New → Confirmed

Marco Trevisan (Treviño) (3v1n0) on 2014-10-03

Changed in nux:
status:	New → Confirmed
no longer affects:	compiz (Ubuntu)
Changed in nux:
assignee:	nobody → Marco Trevisan (Treviño) (3v1n0)
importance:	Undecided → High
milestone:	none → 4.0.7
status:	Confirmed → In Progress
information type:	Private → Public

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-10-16:

This bug was fixed in the package nux - 4.0.7+14.10.20141007-0ubuntu1

---------------
nux (4.0.7+14.10.20141007-0ubuntu1) utopic; urgency=low

  [ Marco Trevisan (Treviño) ]
  * WindowCompositor: don't try to use an null dnd_area pointer (LP:
    #1363959)
-- Ubuntu daily release <email address hidden> Tue, 07 Oct 2014 14:14:14 +0000

Changed in nux (Ubuntu):
status:	New → Fix Released

Marco Trevisan (Treviño) (3v1n0) on 2014-10-31

Changed in nux:
status:	In Progress → Fix Committed

Stephen M. Webb (bregma) on 2014-11-10

Changed in nux (Ubuntu Trusty):
status:	New → In Progress

Stephen M. Webb (bregma) on 2014-11-18

description:

updated

Revision history for this message

Stephen M. Webb (bregma) wrote on 2014-11-18:

debdiff between nux_4.0.6%2B14.04.20140930-0ubuntu1 and nux_4.0.6%2B14.04.20141107-0ubuntu1 Edit (1.8 KiB, text/plain)

debdiff between the version in trusty-updates and the proposed SRU containing the fix

Revision history for this message

Chris J Arges (arges) wrote on 2014-11-25: Please test proposed package

Hello David, or anyone else affected,

Accepted nux into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/nux/4.0.6+14.04.20141107-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in nux (Ubuntu Trusty):
status:	In Progress → Fix Committed
tags:	added: verification-needed

Mathew Hodson (mhodson) on 2014-11-29

tags:

removed: ubuntu

Christopher Townsend (townsend) on 2014-12-03

tags:

added: verification-done
removed: verification-needed

Revision history for this message

Christopher Townsend (townsend) wrote on 2014-12-04:

#10

This crash has no real reproduction case, so marked this verification-done since:

1. It's been in Utopic for a couple of months now (and Vivid too) with no new crashes reported or regressions.
2. I've been running this package since it's been in the ci-train PPA (and -proposed after that) with no new regressions seen.

Revision history for this message

Brian Murray (brian-murray) wrote on 2014-12-04: Update Released

#11

The verification of the Stable Release Update for nux has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-12-04:

#12

This bug was fixed in the package nux - 4.0.6+14.04.20141107-0ubuntu1

---------------
nux (4.0.6+14.04.20141107-0ubuntu1) trusty; urgency=low

  [ Marco Trevisan (Treviño) ]
  * WindowCompositor: don't try to use an null dnd_area pointer (LP:
    #1363959)
-- Ubuntu daily release <email address hidden> Fri, 07 Nov 2014 15:52:02 +0000