Ubuntu

compiz crashed with SIGSEGV in unity::dash::ResultRendererTile::LoadIcon() from unity::dash::ResultRendererTile::Preload() from unity::dash::ResultViewGrid::DoLazyLoad()

Reported by David Planella on 2012-02-04
190
This bug affects 31 people
Affects Status Importance Assigned to Milestone
Unity
5.0
High
Marco Trevisan (Treviño)
unity (Ubuntu)
High
Marco Trevisan (Treviño)
Precise
High
Marco Trevisan (Treviño)

Bug Description

[Impact]

A crasher.

[Test Case]

No clear test case other than ensuring no crashes are observed.

[Regression Potential]

Some results could possibly not be added to dash in some very rare (or non-existent) cases.

---

I was simply typing on the dash when compiz crashed.

ProblemType: Crash
DistroRelease: Ubuntu 12.04
Package: unity 5.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-12.21-generic 3.2.2
Uname: Linux 3.2.0-12-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 1.91-0ubuntu1
Architecture: amd64
CrashCounter: 1
Date: Sat Feb 4 14:32:12 2012
EcryptfsInUse: Yes
ExecutablePath: /usr/bin/compiz
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Alpha amd64 (20110319)
ProcCmdline: compiz
SegvAnalysis:
 Segfault happened at: 0x7f5e504041a5 <_ZN5unity4dash18ResultRendererTile8LoadIconERNS0_6ResultE+1765>: mov %eax,0x18(%r15)
 PC (0x7f5e504041a5) ok
 source "%eax" ok
 destination "0x18(%r15)" (0x00000018) not located in a known VMA region (needed writable region)!
SegvReason: writing NULL VMA
Signal: 11
SourcePackage: unity
StacktraceTop:
 unity::dash::ResultRendererTile::LoadIcon(unity::dash::Result&) () from /usr/lib/compiz/libunityshell.so
 unity::dash::ResultRendererTile::Preload(unity::dash::Result&) () from /usr/lib/compiz/libunityshell.so
 unity::dash::ResultViewGrid::DoLazyLoad() () from /usr/lib/compiz/libunityshell.so
 unity::dash::ResultViewGrid::OnLazyLoad(void*) () from /usr/lib/compiz/libunityshell.so
 g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
Title: compiz crashed with SIGSEGV in unity::dash::ResultRendererTile::LoadIcon()
UpgradeStatus: Upgraded to precise on 2012-01-09 (25 days ago)
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare

Related branches

lp:~3v1n0/unity/fix-load-icon-crash-926658
Rejected for merging into lp:unity
Michal Hruby: Needs Fixing on 2012-08-06
Francis Ginther: Abstain on 2012-08-01
jenkins (community): Needs Fixing (continuous-integration) on 2012-08-01
lp:~3v1n0/unity/fix-load-icon-crash-926658-5.0
Merged into lp:unity/5.0 at revision 2413
Andrea Azzarone: Approve on 2013-01-30
Michal Hruby: Needs Fixing on 2012-07-23
lp:~mhr3/unity/icon-loader-width-and-height
Merged into lp:unity at revision 2690
Omer Akram: Approve on 2012-09-14
John Lea: Approve (design) on 2012-09-13
Nick Dedekind: Approve on 2012-09-13
David Planella (dpm) wrote :

StacktraceTop:
 unity::dash::ResultRendererTile::LoadIcon (this=0x7f5e340cddb0, row=<optimized out>) at /build/buildd/unity-5.2.0/plugins/unityshell/src/ResultRendererTile.cpp:272
 Preload (row=..., this=0x252c090) at /build/buildd/unity-5.2.0/plugins/unityshell/src/ResultRendererTile.cpp:226
 unity::dash::ResultRendererTile::Preload (this=0x252c090, row=...) at /build/buildd/unity-5.2.0/plugins/unityshell/src/ResultRendererTile.cpp:221
 unity::dash::ResultViewGrid::DoLazyLoad (this=0x2531750) at /build/buildd/unity-5.2.0/plugins/unityshell/src/ResultViewGrid.cpp:161
 unity::dash::ResultViewGrid::OnLazyLoad (data=<optimized out>) at /build/buildd/unity-5.2.0/plugins/unityshell/src/ResultViewGrid.cpp:115

Changed in unity (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in unity (Ubuntu):
status: New → Confirmed
Michal Hruby (mhr3) on 2012-04-10
visibility: private → public
summary: compiz crashed with SIGSEGV in
- unity::dash::ResultRendererTile::LoadIcon()
+ unity::dash::ResultRendererTile::LoadIcon() from
+ unity::dash::ResultRendererTile::Preload() from
+ unity::dash::ResultViewGrid::DoLazyLoad()
Changed in unity:
status: New → Confirmed
milestone: none → 5.12.0
Changed in unity:
importance: Undecided → High
Didier Roche (didrocks) on 2012-04-27
Changed in unity:
milestone: 5.12.0 → 5.14.0

This could have been fixed by lp:~3v1n0/unity/icon-loader-cleanup

Sebastien Bacher (seb128) wrote :

That's the second most reported issue on errors.ubuntu.com for unity this month with close from 1000 reports, that should be addressed in a SRU if possible for the lts point release

Changed in unity (Ubuntu Precise):
milestone: none → ubuntu-12.04.1
importance: Undecided → High
status: New → Triaged
Changed in unity (Ubuntu):
status: Confirmed → Triaged
Changed in unity:
status: Confirmed → Triaged
Daniel van Vugt (vanvugt) wrote :

I am worried by that number because it completely disagrees with what this bug shows (2 duplicates, affects 5 people).
I have logged a bug against Launchpad: bug 1018688

This is the stacktrace I got today for this issue... It looks like an inconsistency in dee_model, since in ResultRenderer::Preload we set the renderer, but that value is null few lines below when we get it trough row.renderer<TextureContainer*>()

The crash happens since container is NULL and it can be worked around by checking that value.

Changed in unity:
assignee: nobody → Marco Trevisan (Treviño) (3v1n0)
status: Triaged → In Progress
Changed in unity (Ubuntu):
status: Triaged → In Progress
Changed in unity (Ubuntu Precise):
status: Triaged → In Progress
Changed in unity (Ubuntu):
assignee: nobody → Marco Trevisan (Treviño) (3v1n0)
Changed in unity (Ubuntu Precise):
assignee: nobody → Marco Trevisan (Treviño) (3v1n0)
Changed in unity:
milestone: 5.14.0 → 5.16.0
tags: added: quantal
Omer Akram (om26er) on 2012-08-14
Changed in unity (Ubuntu Precise):
milestone: ubuntu-12.04.1 → ubuntu-12.04.2
Omer Akram (om26er) on 2012-09-14
Changed in unity (Ubuntu):
importance: Medium → High
Changed in unity:
milestone: 5.16.0 → 7.0
no longer affects: unity/6.0
Changed in unity:
milestone: 7.0 → 5.6.0
milestone: 5.6.0 → 5.18.0
no longer affects: unity/5.0
Changed in unity:
milestone: 5.18.0 → 7.0.0
Changed in unity:
milestone: 7.0.0 → 5.18.0
no longer affects: unity/5.0
no longer affects: unity/6.0
Changed in unity:
milestone: 5.18.0 → 7.0.0
Changed in unity (Ubuntu Precise):
status: In Progress → Fix Committed
no longer affects: unity
Changed in unity (Ubuntu):
status: In Progress → Fix Committed
Colin Watson (cjwatson) on 2013-02-13
Changed in unity (Ubuntu Precise):
milestone: ubuntu-12.04.2 → ubuntu-12.04.3
description: updated
description: updated

Hello David, or anyone else affected,

Accepted unity into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/unity/5.20.0-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-needed
Shuduo Sang (sangshuduo) on 2013-07-03
tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity - 5.20.0-0ubuntu2

---------------
unity (5.20.0-0ubuntu2) precise; urgency=low

  * Check to see if the window is supposed to have decorations instead
    of the window actually being decorated when Undecorate() is called.
    This fixes a regression from the previous SRU where windows opened
    maximized upon login could have extra decorations (LP: #1195730)

unity (5.20.0-0ubuntu1) precise; urgency=low

  * New upstream release.
    - ResultRendererTile: fix a crash if row.renderer<TextureContainer*>()
      is null (LP: #926658)
    - Fix unity launcher vanishes when switching to mirrored displays
      (LP: #991637)
    - Fix window decorations being drawn when they should not be.
      This fixes icaclient window "dancing" (LP: #1083186) and
      hides decoration in a test case with Steam (LP: #1122478)
    - [multimonitor] Dash - Opening dash or HUD on one screen removes panel
      shadow on the other (LP: #892718)
    - Press Alt+F1, panel’s shadow dissapear (LP: #942965)
  * Cherry-pick a manual test for decorations fix
 -- Christopher Townsend <email address hidden> Mon, 08 Jul 2013 09:37:30 -0600

Changed in unity (Ubuntu Precise):
status: Fix Committed → Fix Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers