Bug 379344 - systemsettings segfaults when opening "Display and Monitor" with multiple monitors
Summary: systemsettings segfaults when opening "Display and Monitor" with multiple mon...
Status: RESOLVED UPSTREAM
Alias: None
Product: KScreen
Classification: Plasma
Component: kcm (show other bugs)
Version: 5.9.5
Platform: Arch Linux Linux
: NOR crash
Target Milestone: ---
Assignee: Sebastian Kügler
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-04-29 11:25 UTC by NOGISAKA Sadata
Modified: 2017-05-09 14:10 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
backtrace of systemsettings5 using gdb (101.67 KB, text/plain)
2017-05-08 14:31 UTC, NOGISAKA Sadata 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description NOGISAKA Sadata 2017-04-29 11:25:12 UTC 
Systemsettings *always* crashes by segfault when I open "Display and Monitor" with multiple monitors (my laptop monitor and VGA monitor).

My environments (on Arch Linux):
- systemsettings 5.9.5-1
- kscreen 5.9.5-1
- libkscreen 5.9.5-1
- qt5-base 5.8.0-10
- freetype2 2.7.1-1

Way to reproduce:
1. boot machine with VGA monitor
2. login with sddm
3. launch systemsettings
4. go to "Display and Monitor"
5. systemsettings crashed

Expected results:
Open display configuration window.

Logs:
(belows are the result of 'journalctl -ef' when doing "way to reproduce")
Apr 29 20:21:59 Erika systemsettings5[3222]: kscreen.kcm: LOAD
Apr 29 20:21:59 Erika systemsettings5[3222]: kscreen.kcm: Activate output 66
Apr 29 20:21:59 Erika kernel: systemsettings5[3222]: segfault at 7ffd1166dfd0 ip 00007fca815625e0 sp 00007ffd1166dfd0 error 6 in libfreetype.so.6.13.0[7fca81534000+ba000]
Apr 29 20:21:59 Erika kwin_x11[759]: QXcbConnection: XCB error: 3 (BadWindow), sequence: 31470, resource id: 104857605, major code: 15 (QueryTree), minor code: 0

$ xrandr
Screen 0: minimum 8 x 8, current 1440 x 1024, maximum 32767 x 32767
LVDS1 connected primary 1440x900+0+0 (normal left inverted right x axis y axis) 260mm x 160mm
   1440x900      50.00*+
   1280x800      50.00  
   720x450       50.00  
DP1 disconnected (normal left inverted right x axis y axis)
HDMI1 disconnected (normal left inverted right x axis y axis)
VGA1 connected 1280x1024+0+0 (normal left inverted right x axis y axis) 360mm x 290mm
   1280x1024     60.02 +  75.02* 
   1152x864      75.00  
   1024x768      75.03    60.00  
   832x624       74.55  
   800x600       75.00    60.32  
   640x480       75.00    59.94  
   720x400       70.08  
VIRTUAL1 disconnected (normal left inverted right x axis y axis

$ dmesg | grep -i error
[    4.823428] tpm tpm0: A TPM error (6) occurred attempting to read a pcr value
[ 1041.929787] systemsettings5[3132]: segfault at 7ffd93034f90 ip 00007fed9bffc5e0 sp 00007ffd93034f90 error 6 in libfreetype.so.6.13.0[7fed9bfce000+ba000]
[ 1083.512945] systemsettings5[3222]: segfault at 7ffd1166dfd0 ip 00007fca815625e0 sp 00007ffd1166dfd0 error 6 in libfreetype.so.6.13.0[7fca81534000+ba000]

$ lspci
00:00.0 Host bridge: Intel Corporation Core Processor DRAM Controller (rev 02)
00:02.0 VGA compatible controller: Intel Corporation Core Processor Integrated Graphics Controller (rev 02)
00:16.0 Communication controller: Intel Corporation 5 Series/3400 Series Chipset HECI Controller (rev 06)
00:19.0 Ethernet controller: Intel Corporation 82577LM Gigabit Network Connection (rev 06)
00:1a.0 USB controller: Intel Corporation 5 Series/3400 Series Chipset USB2 Enhanced Host Controller (rev 06)
00:1b.0 Audio device: Intel Corporation 5 Series/3400 Series Chipset High Definition Audio (rev 06)
00:1c.0 PCI bridge: Intel Corporation 5 Series/3400 Series Chipset PCI Express Root Port 1 (rev 06)
00:1c.3 PCI bridge: Intel Corporation 5 Series/3400 Series Chipset PCI Express Root Port 4 (rev 06)
00:1c.4 PCI bridge: Intel Corporation 5 Series/3400 Series Chipset PCI Express Root Port 5 (rev 06)
00:1d.0 USB controller: Intel Corporation 5 Series/3400 Series Chipset USB2 Enhanced Host Controller (rev 06)
00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev a6)
00:1f.0 ISA bridge: Intel Corporation QM57 Chipset LPC Interface Controller (rev 06)
00:1f.2 SATA controller: Intel Corporation 5 Series/3400 Series Chipset 6 port SATA AHCI Controller (rev 06)
00:1f.3 SMBus: Intel Corporation 5 Series/3400 Series Chipset SMBus Controller (rev 06)
00:1f.6 Signal processing controller: Intel Corporation 5 Series/3400 Series Chipset Thermal Subsystem (rev 06)
02:00.0 Network controller: Intel Corporation Wireless 7260 (rev bb)
05:00.0 USB controller: Renesas Technology Corp. uPD720202 USB 3.0 Host Controller (rev 02)
ff:00.0 Host bridge: Intel Corporation Core Processor QuickPath Architecture Generic Non-core Registers (rev 02)
ff:00.1 Host bridge: Intel Corporation Core Processor QuickPath Architecture System Address Decoder (rev 02)
ff:02.0 Host bridge: Intel Corporation Core Processor QPI Link 0 (rev 02)
ff:02.1 Host bridge: Intel Corporation 1st Generation Core i3/5/7 Processor QPI Physical 0 (rev 02)
ff:02.2 Host bridge: Intel Corporation 1st Generation Core i3/5/7 Processor Reserved (rev 02)
ff:02.3 Host bridge: Intel Corporation 1st Generation Core i3/5/7 Processor Reserved (rev 02)
Comment 1 Christoph Feck 2017-05-07 12:06:11 UTC 
If this is reproducible, please add the backtrace for the crash. For more information, please see https://community.kde.org/Guidelines_and_HOWTOs/Debugging/How_to_create_useful_crash_reports
Comment 2 NOGISAKA Sadata 2017-05-08 14:31:39 UTC 
Created attachment 105391 [details]
backtrace of systemsettings5 using gdb

Here is backtrace for systemsetting5 using gdb.
It seems that below would be infinite loop:

0x00007ffff5999f5f in QFontEngine::alphaMapForGlyph(unsigned int, QFixed, QTransform c
0x00007fffe7861b1d in QFontEngineFT::alphaMapForGlyph(unsigned int, QFixed, QTransform
0x00007fffe7859e4e in QFontEngineFT::alphaMapForGlyph(unsigned int, QFixed) ()
   from /usr/lib/libQt5XcbQpa.so.5
Comment 3 Christoph Feck 2017-05-09 09:33:38 UTC 
Yes, there is a recursion in QFontEngine. Please report this issue directly to Qt developers via https://bugreports.qt.io/
Comment 4 NOGISAKA Sadata 2017-05-09 14:10:23 UTC 
Thank you. I reported this issue by https://bugreports.qt.io/browse/QTBUG-60697.