Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
4.7.4
-
None
-
6997b836f445908cf53c1c96a69e3eb7ba535706 88dd8a25d8a15c92ae7aae391734dc7bcaade39d (qt/qtbase/wip/cmake)
Description
Crash stack:
Signal 11 (SIGSEGV)
1 QVariant::toUInt (this=0x2f686375, ok=0x0) at
kernel/qvariant.cpp:2463
2 0x3d8d4728 QIcdEngine::connectionStateSignalsSlot (this=0x5a59a0) at
qicdengine.cpp:886
3 0x3d8fb454 QIcdEngine::qt_metacall (this=0x5a59a0, _id=3,
_a=0x3d8c6698) at .moc/release-shared/moc_qicdengine.cpp:92
4 0x418fa3bc QDBusConnectionPrivate::deliverCall (slotIdx=11) at
qdbusintegrator.cpp:942
5 0x419048b8 QDBusCallDeliveryEvent::placeMetaCall (object=0x0) at
qdbusintegrator_p.h:103
6 0x4177c530 QObject::event (this=0x5a59a0) at kernel/qobject.cpp:1219
7 0x41f03cec QApplicationPrivate::notify_helper (receiver=0x5a59a0,
e=0x5f3b18) at kernel/qapplication.cpp:4482
8 0x41f0ded8 QApplication::notify (this=0xae997b68, receiver=0x5a59a0,
e=0x5f3b18) at kernel/qapplication.cpp:4361
9 0x43f81130 MApplication::notify (this=0x2f686375, receiver=0x0,
event=0x42768868) at
/home/bifh9/cs2009q3-armel/work/libmeegotouch-0.23.13/src/corelib/core/mapplication.cpp:243
10 0x41767598 QCoreApplication::notifyInternal (this=0xae997b68,
event=0x5f3b18) at kernel/qcoreapplication.cpp:787
11 0x4176baf0 sendEvent (receiver=0x0, event_type=0, data=0x5b74d8) at
kernel/qcoreapplication.h:215
12 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0,
event_type=0, data=0x5b74d8) at kernel/qcoreapplication.cpp:1428
13 0x4179a530 sendPostedEvents (s=0x16a3b8) at
kernel/qcoreapplication.h:220
14 postEventSourceDispatch (s=0x16a3b8) at
kernel/qeventdispatcher_glib.cpp:277
Crash is happening because of arguments count is not checked before "arguments[1].toUInt() != 0", line 886. So it can be that there is no arguments[1] in
881 void QIcdEngine::connectionStateSignalsSlot(QDBusMessage msg)
882 {
883 QMutexLocker locker(&mutex);
884
885 QList<QVariant> arguments = msg.arguments();
886 if (arguments[1].toUInt() != 0 || arguments.count() < 8)