Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-55402

libqt5widgets5: wireshark crashes with SIGSEGV in QTreeModel::index ( only with a11y )

    XMLWordPrintable

    Details

      Description

      As per https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834750

      Steps to reproduce:

      1. Enable accessibility. I enabled screen zoom.
      2. Open wireshark and capture traffic on an interface ( I capture http on eth0
      )
      3. Stop the capture.
      4. Click on "Start Capturing Packets". It should display the "Unsaved packets"
      dialog.
      5. Click on "Continue without saving".
      6. Wireshark crashes.

      Crash stack trace.

      Core was generated by `wireshark'.
      Program terminated with signal SIGSEGV, Segmentation fault.
      #0  QTreeModel::index (this=this@entry=0x55e565f9aca0, item=0x55e5661d1238,
      column=column@entry=0) at itemviews/qtreewidget.cpp:236
      236    itemviews/qtreewidget.cpp: No such file or directory.
      [Current thread is 1 (Thread 0x7f980eacf940 (LWP 5639))]
      (gdb) bt
      #0  0x00007f9808bd6223 in QTreeModel::index(QTreeWidgetItem const*, int)
      const (this=this@entry=0x55e565f9aca0, item=0x55e5661d1238,
      column=column@entry=0) at itemviews/qtreewidget.cpp:236
      #1  0x00007f9808bd635b in QTreeModel::parent(QModelIndex const&) const
      (this=0x55e565f9aca0, child=...) at itemviews/qtreewidget.cpp:294
      #2  0x00007f9808ba79fb in QTreeView::isIndexHidden(QModelIndex const&)
      const (this=0x55e56c625ec8) at
      ../../include/QtCore/../../src/corelib/itemmodels/qabstractitemmodel.h:411
      #3  0x00007f9808ba79fb in QTreeView::isIndexHidden(QModelIndex const&)
      const (this=0x55e565f2ee10, index=...) at itemviews/qtreeview.cpp:3044
      #4  0x00007f9808ba9ebf in QTreeView::visualRect(QModelIndex const&) const
      (this=0x55e565f2ee10, index=...) at itemviews/qtreeview.cpp:1106
      #5  0x00007f9808b4f62a in QAccessibleTableCell::rect() const
      (this=0x55e56c625ea0) at accessible/itemviews.cpp:1057
      #6  0x00007f97f9fc2c2e in
      AtSpiAdaptor::accessibleInterfaces(QAccessibleInterface*) const
      (this=this@entry=0x55e5675ec930, interface=interface@entry=0x55e56c625ea0)
      at linuxaccessibility/atspiadaptor.cpp:1466
      #7  0x00007f97f9fc995c in
      AtSpiAdaptor::accessibleInterface(QAccessibleInterface*, QString const&,
      QDBusMessage const&, QDBusConnection const&) (this=this@entry=0x55e5675ec930,
      interface=interface@entry=0x55e56c625ea0, function=..., message=...,
      connection=...) at linuxaccessibility/atspiadaptor.cpp:1406
      #8  0x00007f97f9fc9ed9 in
      AtSpiAdaptor::accessibleInterface(QAccessibleInterface*, QString const&,
      QDBusMessage const&, QDBusConnection const&) (this=0x55e5675ec930,
      interface=0x55e56c625ea0, function=..., message=..., connection=...)
          at linuxaccessibility/atspiadaptor.cpp:1362
      #9  0x00007f97f9fce2ec in AtSpiAdaptor::handleMessage(QDBusMessage const&,
      QDBusConnection const&) (this=0x55e5675ec930, message=..., connection=...)
      at linuxaccessibility/atspiadaptor.cpp:1276
      #10 0x00007f97f8a174f8 in
      QDBusConnectionPrivate::activateObject(QDBusConnectionPrivate::ObjectTreeNode&,
      QDBusMessage const&, int) (this=0x7f97e4010100, node=..., msg=...,
      pathStartPos=27) at qdbusintegrator.cpp:1431
      #11 0x00007f97f8a19f7e in QDBusActivateObjectEvent::placeMetaCall(QObject*)
      (this=0x7f97e4014780) at qdbusintegrator.cpp:1590
      #12 0x00007f9807ff3729 in QObject::event(QEvent*) (this=0x55e5675ec930,
      e=<optimized out>) at kernel/qobject.cpp:1256
      #13 0x00007f9808901bec in QApplicationPrivate::notify_helper(QObject*,
      QEvent*) (this=<optimized out>, receiver=0x55e5675ec930, e=0x7f97e4014780)
      at kernel/qapplication.cpp:3804
      #14 0x00007f980890708f in QApplication::notify(QObject*, QEvent*)
      (this=0x7ffd967e1c30, receiver=0x55e5675ec930, e=0x7f97e4014780) at
      kernel/qapplication.cpp:3561
      #15 0x00007f9807fc5450 in QCoreApplication::notifyInternal2(QObject*,
      QEvent*) (receiver=0x55e5675ec930, event=event@entry=0x7f97e4014780) at
      kernel/qcoreapplication.cpp:1015
      #16 0x00007f9807fc73cc in
      QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*)
      (event=0x7f97e4014780, receiver=<optimized out>) at
      ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:225
      #17 0x00007f9807fc73cc in
      QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*)
      (receiver=receiver@entry=0x0, event_type=event_type@entry=0,
      data=0x55e565cc8b70) at kernel/qcoreapplication.cpp:1650
      #18 0x00007f9807fc7888 in QCoreApplication::sendPostedEvents(QObject*, int)
      (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at
      kernel/qcoreapplication.cpp:1508
      #19 0x00007f980801b0f3 in postEventSourceDispatch(GSource*, GSourceFunc,
      gpointer) (s=0x55e565cefc40) at kernel/qeventdispatcher_glib.cpp:270
      #20 0x00007f980e7baff7 in g_main_context_dispatch (context=0x7f97f00016f0)
      at ././glib/gmain.c:3154
      #21 0x00007f980e7baff7 in g_main_context_dispatch
      (context=context@entry=0x7f97f00016f0)
      at ././glib/gmain.c:3769
      #22 0x00007f980e7bb260 in g_main_context_iterate
      (context=context@entry=0x7f97f00016f0,
      block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at
      ././glib/gmain.c:3840
      #23 0x00007f980e7bb30c in g_main_context_iteration (context=0x7f97f00016f0,
      may_block=may_block@entry=1) at ././glib/gmain.c:3901
      #24 0x00007f980801b4ff in
      QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
      (this=0x55e565cf3590, flags=...) at kernel/qeventdispatcher_glib.cpp:417
      #25 0x00007f9807fc319a in
      QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>)
      (this=this@entry=0x7ffd967e1a30,
      flags=..., flags@entry=...) at kernel/qeventloop.cpp:204
      #26 0x00007f9807fcb99c in QCoreApplication::exec() () at
      kernel/qcoreapplication.cpp:1285
      #27 0x000055e565118c55 in main ()
      (gdb) Quit
      

        Attachments

          Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Activity

              People

              Assignee:
              frederik Frederik Gladhorn
              Reporter:
              lisandropm Lisandro Damián Nicanor Pérez Meyer
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Gerrit Reviews

                  There are no open Gerrit changes