Bugzilla – Bug 1141883
pinentry-qt crashes with QtCurve
Last modified: 2020-07-08 13:12:56 UTC
Created attachment 810756 [details] pinentry backtrace I upgraded from Tumbleweed 20190708 to 20190713 and now pinentry-qt (displayed right after login to unlock KWallet) crashes. The crash happens right after hitting Enter. The crash does not happen after switching away from QtCurve to the Breeze application style. Backtrace attached.
Judging from the backtrace, this upstream commit might help here: https://cgit.kde.org/qtcurve.git/commit/?id=b7da5ec7e2965332e3922dfb03a3d100aa203b94 Please try the packages from here (once it is published): https://download.opensuse.org/repositories/home:/wolfi323:/boo1141883/openSUSE_Tumbleweed (I think qtcurve-qt5 should be enough, but better update the other packages as well if you have them installed)
Created attachment 811197 [details] pinentry backtrace 2
I installed the packages from your repo, logged out and back in, entered the password in pinentry-qt but it crashed again. I attached the new backtrace.
Well, it doesn't crash here on Leap 15.1 with the latest KDE packages from additional repos. I was able to reproduce the crash on a Tumbleweed LiveCD though, by just running pinentry-qt and entering "BYE". Installing Leap 15.1's pinentry-qt(5) makes the crash disappear, so the problem actually seems to be there. But there has been absolutely no change to it... :-/ So maybe it's caused by the switch to LTO. I'll try to build it without, but that's just a guess.
(In reply to Wolfgang Bauer from comment #4) > So maybe it's caused by the switch to LTO. > I'll try to build it without, but that's just a guess. Indeed, that does fix the crash here. Can you please try the new pinentry-qt5 package as well? https://download.opensuse.org/repositories/home:/wolfi323:/boo1141883/openSUSE_Tumbleweed (same repo as before) You can switch back qtcurve-qt5 to the standard Tumbleweed version.
pinentry-qt5 without LTO from your repo works fine here as well.
Ok, great! I'll submit it to the devel project (pinentry is not part of KDE), let's see what the maintainers say. https://build.opensuse.org/request/show/718158
Can you please provide me more information how to reproduce it. Note that we should not disable LTO without knowing what's root cause of the segfault.
(In reply to Martin Liška from comment #8) > Can you please provide me more information how to reproduce it. Install qtcurve-qt5, and configure it as application style in Plasma's settings. Then run pinentry-qt, and enter "BYE". It should crash. If you are not using Plasma, I suppose you could use qt5ct to configure the style, but I haven't tried that.
(In reply to Wolfgang Bauer from comment #9) > (In reply to Martin Liška from comment #8) > > Can you please provide me more information how to reproduce it. > Install qtcurve-qt5, and configure it as application style in Plasma's > settings. > Then run pinentry-qt, and enter "BYE". > It should crash. > > If you are not using Plasma, I suppose you could use qt5ct to configure the > style, but I haven't tried that. Yes, I don't use. Can you please help me where to set it up in qt5ct?
(In reply to Martin Liška from comment #10) > Yes, I don't use. Can you please help me where to set it up in qt5ct? I never used it either, as I use Plasma. AFAIK, it should be used as platform plugin by Qt5 applications automatically when you install it (after logging out/in). Then you should be able to configure the appearance of Qt5 applications with the included tool "qt5ct". The crash occurs with the QtCurve style at least. I don't know whether it is actually reproducible with qt5ct though, or only with the Plasma platform plugin. (I may try that later, I actually don't even use Tumbleweed)
Ok, I was able to reproduce the crash in IceWM like this: - install qtcurve-qt5 and qt5ct - run qt5ct, set Style to "QtCurve" (on the Appearance tab that should be open on start) and click OK - logout/login to "activate" qt5ct (or run "export QT_QPA_PLATFORMTHEME='qt5ct'" manually) - run pinentry-qt and enter "BYE" Should work like this on any other desktop as well, because the "export QT_QPA_PLATFORMTHEME='qt5ct'" should force Qt5 to use qt5ct regardless of the desktop session.
(In reply to Wolfgang Bauer from comment #12) > Ok, I was able to reproduce the crash in IceWM like this: > - install qtcurve-qt5 and qt5ct > - run qt5ct, set Style to "QtCurve" (on the Appearance tab that should be > open on start) and click OK > - logout/login to "activate" qt5ct (or run "export > QT_QPA_PLATFORMTHEME='qt5ct'" manually) > - run pinentry-qt and enter "BYE" > > Should work like this on any other desktop as well, because the "export > QT_QPA_PLATFORMTHEME='qt5ct'" should force Qt5 to use qt5ct regardless of > the desktop session. Great, now I can reproduce it in a VM.
Fabian: Any guess what can be broken based on the back-trace?
(In reply to Martin Liška from comment #14) > Fabian: Any guess what can be broken based on the back-trace? I made a patch: https://phabricator.kde.org/D22719 I don't know why it only breaks with LTO though.
Ok, I revoked my SR for pinentry now. Thanks.
(In reply to Fabian Vogt from comment #15) > (In reply to Martin Liška from comment #14) > > Fabian: Any guess what can be broken based on the back-trace? > > I made a patch: https://phabricator.kde.org/D22719 > > I don't know why it only breaks with LTO though. While the patch is correct (it's possible to have argc == 0), I think the root cause for pinentry-qt is something else though. As during QApplication construction, argc = 1 and stored inside QCoreApplicationPrivate, it shouldn't suddenly change to 0 during teardown. I'll have a closer look tomorrow.
Created attachment 811546 [details] 0001-qt-Fix-use-of-dangling-pointer.patch Ok, root cause found. pinentry's qt/main.cpp has a dangling pointer. Patch attached, please send to upstream and apply downstream.
Reassigning
(In reply to Fabian Vogt from comment #18) > Created attachment 811546 [details] > 0001-qt-Fix-use-of-dangling-pointer.patch > > Ok, root cause found. pinentry's qt/main.cpp has a dangling pointer. > > Patch attached, please send to upstream and apply downstream. Nice catch Fabian!
Just reported upstream here: https://dev.gnupg.org/T4658
Created attachment 811595 [details] 0001-qt-Fix-use-of-dangling-pointer.patch Hi, Thank you very much for your work analyzing this and providing a patch. Good catch. Due to: Note: argc and argv might be changed as Qt removes command line arguments that it recognizes. I've changed the patch a bit so that it still uses a copy of argc but that variable is now in the main scope, because we do not want Qt to remove options that it recognizes. E.g. Display. before we do our own option parsing in pinentry_parse_opts. That was the reason behind the "i = argc". Patch applied as rev. 0e2e53c8987d6f236aaef515eb005e8e86397fbc
(In reply to Andre Heinecke from comment #22) > Created attachment 811595 [details] > 0001-qt-Fix-use-of-dangling-pointer.patch > > Hi, > > Thank you very much for your work analyzing this and providing a patch. Good > catch. > > Due to: > > Note: argc and argv might be changed as Qt removes command line arguments > that it recognizes. > > I've changed the patch a bit so that it still uses a copy of argc but that > variable is now in the main scope, because we do not want Qt to remove > options that it recognizes. E.g. Display. before we do our own option > parsing in pinentry_parse_opts. That was the reason behind the "i = argc". > > Patch applied as rev. 0e2e53c8987d6f236aaef515eb005e8e86397fbc LGTM, thanks!
(In reply to Andre Heinecke from comment #22) > Created attachment 811595 [details] > 0001-qt-Fix-use-of-dangling-pointer.patch > > Patch applied as rev. 0e2e53c8987d6f236aaef515eb005e8e86397fbc Thanks Andre! I have just built the package [0] and I'll test it now. [0] https://download.opensuse.org/repositories/home:/pmonrealgonzalez:/branches:/Base:/System/openSUSE_Factory/
I just tried the upstream commit and can confirm that the crash is gone.
(In reply to Wolfgang Bauer from comment #25) > I just tried the upstream commit and can confirm that the crash is gone. Yes, tests fine here also. Just for reference, here is the upstream commit: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=pinentry.git;a=commit;h=0e2e53c8987d6f236aaef515eb005e8e86397fbc
Submitted to TW: https://build.opensuse.org/request/show/718565
SUSE-RU-2019:2218-1: An update that has one recommended fix can now be installed. Category: recommended (moderate) Bug References: 1141883 CVE References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP1 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Workstation Extension 15 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Desktop Applications 15 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Basesystem 15 (src): pinentry-1.1.0-4.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
An update workflow for this issue was started. This issue was rated as low. Please submit fixed packages until 2019-10-01. https://swamp.suse.de/webswamp/wf/64342
openSUSE-RU-2019:2113-1: An update that has one recommended fix can now be installed. Category: recommended (moderate) Bug References: 1141883 CVE References: Sources used: openSUSE Leap 15.1 (src): pinentry-1.1.0-lp151.4.3.1 openSUSE Leap 15.0 (src): pinentry-1.1.0-lp150.3.3.1
Wow your automated systems are spammy.
Forgot to close this bug; as per above messages it is fixed.
SUSE-RU-2019:2218-2: An update that has one recommended fix can now be installed. Category: recommended (moderate) Bug References: 1141883 CVE References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP2 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (src): pinentry-1.1.0-4.3.1 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): pinentry-1.1.0-4.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.