Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
5.7.1
-
None
-
cb83d3059112b6176b9602ec84acb31ad664860b
Description
I just got into some weird state dragging a picture where it was dragged despite my mouse button not being clicked.
When clicking outside the window, I got a segfault here:
#0 0x00007f03c212df5f in raise () at /usr/lib/libpthread.so.0 #1 0x00007f03c212e080 in <signal handler called> () at /usr/lib/libpthread.so.0 #2 0x00007f03ae02c79f in QtWebEngineCore::WebContentsAdapter::startDragging(QObject*, content::DropData const&, QFlags<Qt::DropAction>, QPixmap const&, QPoint const&) (this=<optimized out>, dragSource=<optimized out>, dropData=..., allowedActions=..., pixmap=..., offset=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/core/web_contents_adapter.cpp:1101 #3 0x00007f03ae030631 in QtWebEngineCore::WebContentsViewQt::StartDragging(content::DropData const&, blink::WebDragOperation, gfx::ImageSkia const&, gfx::Vector2d const&, content::DragEventSourceInfo const&) (this=0x10ca6de0, drop_data=..., allowed_ops=<optimized out>, image=..., image_offset=..., event_info=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/core/web_contents_view_qt.cpp:230 #4 0x00007f03aec3d1a5 in content::RenderViewHostImpl::OnStartDragging(content::DropData const&, blink::WebDragOperation, SkBitmap const&, gfx::Vector2d const&, content::DragEventSourceInfo const&) (this=this@entry=0x10ca4e40, drop_data=..., drag_operations_mask=blink::WebDragOperationEvery, bitmap=..., bitmap_offset_in_dip=..., event_info=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/content/browser/renderer_host/render_view_host_impl.cc:1151 #5 0x00007f03aec3d9ce in base::DispatchToMethodImpl<content::RenderViewHostImpl, void (content::RenderViewHostImpl::*)(content::DropData const&, blink::WebDragOperation, SkBitmap const&, gfx::Vector2d const&, content::DragEventSourceInfo const&), content::DropData, blink::WebDragOperation, SkBitmap, gfx::Vector2d, content::DragEventSourceInfo, 0ul, 1ul, 2ul, 3ul, 4ul>(content::RenderViewHostImpl*, void (content::RenderViewHostImpl::*)(content::DropData const&, blink::WebDragOperation, SkBitmap const&, gfx::Vector2d const&, content::DragEventSourceInfo const&), base::Tuple<content::DropData, blink::WebDragOperation, SkBitmap, gfx::Vector2d, content::DragEventSourceInfo> const&, base::IndexSequence<0ul, 1ul, 2ul, 3ul, 4ul>) (arg=..., method=<optimized out>, obj=0x10ca4e40) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/base/tuple.h:252 #6 0x00007f03aec3d9ce in base::DispatchToMethod<content::RenderViewHostImpl, void (content::RenderViewHostImpl::*)(content::DropData const&, blink::WebDragOperation, SkBitmap const&, gfx::Vector2d const&, content::DragEventSourceInfo const&), content::DropData, blink::WebDragOperation, SkBitmap, gfx::Vector2d, content::DragEventSourceInfo>(content::RenderViewHostImpl*, void (content::RenderViewHostImpl::*)(content::DropData const&, blink::WebDragOperation, SkBitmap const&, gfx::Vector2d const&, content::DragEventSourceInfo const&), base::Tuple<content::DropData, blink::WebDragOperation, SkBitmap, gfx::Vector2d, content::DragEventSourceInfo> const&) (arg=..., method= (void (content::RenderViewHostImpl::*)(content::RenderViewHostImpl * const, const content::DropData &, blink::WebDragOperation, const SkBitmap &, const gfx::Vector2d &, const content::DragEventSourceInfo &)) 0x7f03aec3c910 <content::RenderViewHostImpl::OnStartDragging(content::DropData const&, blink::WebDragOperation, SkBitmap const&, gfx::Vector2d const&, content::DragEventSourceInfo const&)>, obj=0x10ca4e40) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/base/tuple.h:259 #7 0x00007f03aec3d9ce in DragHostMsg_StartDragging::Dispatch<content::RenderViewHostImpl, content::RenderViewHostImpl, void, void (content::RenderViewHostImpl::*)(content::DropData const&, blink::WebDragOperation, SkBitmap const&, gfx::Vector2d const&, content::DragEventSourceInfo const&)>(IPC::Message const*, content::RenderViewHostImpl*, content::RenderViewHostImpl*, void*, void (content::RenderViewHostImpl::*)(content::DropData const&, blink::WebDragOperation, SkBitmap const&, gfx::Vector2d const&, content::DragEventSourceInfo const&)) (sender=0x10ca4e40, parameter=0x0, func=<optimized out>, obj=0x10ca4e40, msg=0x7f0368475f20) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/content/common/drag_messages.h:56 #8 0x00007f03aec3d9ce in content::RenderViewHostImpl::OnMessageReceived(IPC::Message const&) (this=0x10ca4e40, msg=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/content/browser/renderer_host/render_view_host_impl.cc:929 #9 0x00007f03aec4ac2a in content::RenderWidgetHostImpl::OnMessageReceived(IPC::Message const&) (this=0x10ca2580, msg=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/content/browser/renderer_host/render_widget_host_impl.cc:440 #10 0x00007f03aec30796 in content::RenderProcessHostImpl::OnMessageReceived(IPC::Message const&) (this=0x10ca0560, msg=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/content/browser/renderer_host/render_process_host_impl.cc:1723 #11 0x00007f03af543424 in IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const&) (this=0x10caa4b0, message=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/ipc/ipc_channel_proxy.cc:293 #12 0x00007f03af90de39 in base::Callback<void ()>::Run() const (this=0x7fffdde39fc8) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/base/callback.h:394 #13 0x00007f03af90de39 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) (this=this@entry=0x29af848, queue_function=queue_function@entry=0x7f03b178e54d "MessageLoop::PostTask", pending_task=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/base/debug/task_annotator.cc:51 #14 0x00007f03af8b7208 in base::MessageLoop::RunTask(base::PendingTask const&) (this=this@entry=0x29af6d0, pending_task=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/base/message_loop/message_loop.cc:486 #15 0x00007f03af8b7e79 in base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) (this=this@entry=0x29af6d0, pending_task=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/base/message_loop/message_loop.cc:495 #16 0x00007f03af8b8342 in base::MessageLoop::DoWork() (this=0x29af6d0) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/base/message_loop/message_loop.cc:607 #17 0x00007f03adfe2d65 in QtWebEngineCore::(anonymous namespace)::MessagePumpForUIQt::handleScheduledWork (this=<optimized out>) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/core/content_browser_client_qt.cpp:194 #18 0x00007f03adfe2d65 in QtWebEngineCore::(anonymous namespace)::MessagePumpForUIQt::customEvent(QEvent*) (this=0x29b0030, ev=<optimized out>) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/core/content_browser_client_qt.cpp:176 #19 0x00007f03c0254ee3 in QObject::event(QEvent*) (this=0x29b0030, e=<optimized out>) at kernel/qobject.cpp:1285 #20 0x00007f03b571a35c in QApplicationPrivate::notify_helper(QObject*, QEvent*) (this=<optimized out>, receiver=0x29b0030, e=0x7f0368614c50) at kernel/qapplication.cpp:3799 #21 0x00007f03b5721ad1 in QApplication::notify(QObject*, QEvent*) (this=0x1f03260, receiver=0x29b0030, e=0x7f0368614c50) at kernel/qapplication.cpp:3556 #22 0x00007f03b5f9a55c in sipQApplication::notify(QObject*, QEvent*) (this=0x1f03260, a0=0x29b0030, a1=0x7f0368614c50) at sipQtWidgetsQApplication.cpp:352 #23 0x00007f03c02288e0 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (receiver=0x29b0030, event=event@entry=0x7f0368614c50) at kernel/qcoreapplication.cpp:988 #24 0x00007f03c022b06d in QCoreApplication::sendEvent(QObject*, QEvent*) (event=0x7f0368614c50, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231 #25 0x00007f03c022b06d in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) (receiver=receiver@entry=0x0, event_type=event_type@entry=0, data=0x1f47040) at kernel/qcoreapplication.cpp:1649 #26 0x00007f03c022b4d8 in QCoreApplication::sendPostedEvents(QObject*, int) (receiver=receiver@entry=0x0, event_type=event_type@entry=0) at kernel/qcoreapplication.cpp:1503 #27 0x00007f03c027ceb3 in postEventSourceDispatch(GSource*, GSourceFunc, gpointer) (s=0x23f1910) at kernel/qeventdispatcher_glib.cpp:276 #28 0x00007f03bea94587 in g_main_context_dispatch () at /usr/lib/libglib-2.0.so.0 #29 0x00007f03bea947f0 in () at /usr/lib/libglib-2.0.so.0 #30 0x00007f03bea9489c in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0 #31 0x00007f03c027d2bf in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x23f1800, flags=...) at kernel/qeventdispatcher_glib.cpp:423 #32 0x00007f03c0226d3a in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=this@entry=0x7fffdde3a690, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212 #33 0x00007f03c022f23c in QCoreApplication::exec() () at kernel/qcoreapplication.cpp:1261 [...]
Relevant parts of a bt full:
#2 0x00007f03ae02c79f in QtWebEngineCore::WebContentsAdapter::startDragging(QObject*, content::DropData const&, QFlags<Qt::DropAction>, QPixmap const&, QPoint const&) (this=<optimized out>, dragSource=<optimized out>, dropData=..., allowedActions=..., pixmap=..., offset=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/core/web_contents_adapter.cpp:1101 fixedDropData = {did_originate_from_renderer = false, url = {spec_ = "https://pbs.twimg.com/media/C0B1Mx7W8AAHop4.jpg", is_valid_ = true, parsed_ = {scheme = {begin = 0, len = 5}, username = {begin = 0, len = -1}, password = {begin = 0, len = -1}, host = {begin = 8, len = 13}, port = {begin = 0, len = -1}, path = {begin = 21, len = 26}, query = {begin = 0, len = -1}, ref = {begin = 0, len = -1}, inner_parsed_ = 0x0}, inner_url_ = {impl_ = {data_ = {<std::default_delete<GURL>> = {<No data fields>}, ptr = 0x0}}}}, url_title = "", download_metadata = "", referrer_policy = blink::WebReferrerPolicyDefault, filenames = std::vector of length 0, capacity 0, filesystem_id = "", file_system_files = std::vector of length 0, capacity 0, text = {string_ = "", is_null_ = true}, html = {string_ = "<\000i\000m\000g\000 \000d\000a\000t\000a\000-\000a\000r\000i\000a\000-\000l\000a\000b\000e\000l\000-\000p\000a\000r\000t\000=\000\"\000\"\000 \000s\000r\000c\000=\000\"\000h\000t\000t\000p\000s\000:\000/\000/\000p\000b\000s\000.\000t\000w\000i\000m\000g\000.\000c\000o\000m\000/\000m\000e\000d\000i\000a\000/\000C\000\060\000B\000\061\000M\000x\000\067\000W\000\070\000A\000A\000H\000o\000p\000\064\000.\000j\000p\000g\000\"\000 \000a\000l\000t\000=\000\"\000\"\000 \000s\000t\000y\000l\000e\000=\000\"\000w\000i\000d\000"..., is_null_ = false}, html_base_url = {spec_ = "about:blank", is_valid_ = true, parsed_ = {scheme = {begin = 0, len = 5}, username = {begin = 0, len = -1}, password = {begin = 0, len = -1}, host = {begin = 0, len = -1}, port = {begin = 0, len = -1}, path = {begin = 6, len = 5}, query = {begin = 0, len = -1}, ref = {begin = 0, len = -1}, inner_parsed_ = 0x0}, inner_url_ = {impl_ = {data_ = {<std::default_delete<GURL>> = {<No data fields>}, ptr = 0x0}}}}, file_description_filename = "", file_contents = "", custom_data = std::map with 0 elements} drag = 0x10b5d900 rvh = <optimized out> #3 0x00007f03ae030631 in QtWebEngineCore::WebContentsViewQt::StartDragging(content::DropData const&, blink::WebDragOperation, gfx::ImageSkia const&, gfx::Vector2d const&, content::DragEventSourceInfo const&) (this=0x10ca6de0, drop_data=..., allowed_ops=<optimized out>, image=..., image_offset=..., event_info=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/core/web_contents_view_qt.cpp:230 pixmap = {<QPaintDevice> = {_vptr.QPaintDevice = 0x7f03b55b2ad8 <vtable for QPixmap+16>, painters = 0, reserved = 0x0}, data = {d = 0xab20f60}} hotspot = {xp = 142, yp = 33} #4 0x00007f03aec3d1a5 in content::RenderViewHostImpl::OnStartDragging(content::DropData const&, blink::WebDragOperation, SkBitmap const&, gfx::Vector2d const&, content::DragEventSourceInfo const&) (this=this@entry=0x10ca4e40, drop_data=..., drag_operations_mask=blink::WebDragOperationEvery, bitmap=..., bitmap_offset_in_dip=..., event_info=...) at /tmp/makepkg/qt5-webengine-debug/src/qtwebengine-opensource-src-5.7.1/src/3rdparty/chromium/content/browser/renderer_host/render_view_host_impl.cc:1151 view = 0x10ca6de8 filtered_data = {did_originate_from_renderer = false, url = {spec_ = "https://pbs.twimg.com/media/C0B1Mx7W8AAHop4.jpg", is_valid_ = true, parsed_ = {scheme = {begin = 0, len = 5}, username = {begin = 0, len = -1}, password = {begin = 0, len = -1}, host = {begin = 8, len = 13}, port = {begin = 0, len = -1}, path = {begin = 21, len = 26}, query = {begin = 0, len = -1}, ref = {begin = 0, len = -1}, inner_parsed_ = 0x0}, inner_url_ = {impl_ = {data_ = {<std::default_delete<GURL>> = {<No data fields>}, ptr = 0x0}}}}, url_title = "", download_metadata = "", referrer_policy = blink::WebReferrerPolicyDefault, filenames = std::vector of length 0, capacity 0, filesystem_id = "", file_system_files = std::vector of length 0, capacity 0, text = {string_ = "", is_null_ = true}, html = {string_ = "<\000i\000m\000g\000 \000d\000a\000t\000a\000-\000a\000r\000i\000a\000-\000l\000a\000b\000e\000l\000-\000p\000a\000r\000t\000=\000\"\000\"\000 \000s\000r\000c\000=\000\"\000h\000t\000t\000p\000s\000:\000/\000/\000p\000b\000s\000.\000t\000w\000i\000m\000g\000.\000c\000o\000m\000/\000m\000e\000d\000i\000a\000/\000C\000\060\000B\000\061\000M\000x\000\067\000W\000\070\000A\000A\000H\000o\000p\000\064\000.\000j\000p\000g\000\"\000 \000a\000l\000t\000=\000\"\000\"\000 \000s\000t\000y\000l\000e\000=\000\"\000w\000i\000d\000"..., is_null_ = false}, html_base_url = {spec_ = "about:blank", is_valid_ = true, parsed_ = {scheme = {begin = 0, len = 5}, username = {begin = 0, len = -1}, password = {begin = 0, len = -1}, host = {begin = 0, len = -1}, port = {begin = 0, len = -1}, path = {begin = 6, len = 5}, query = {begin = 0, len = -1}, ref = {begin = 0, len = -1}, inner_parsed_ = 0x0}, inner_url_ = {impl_ = {data_ = {<std::default_delete<GURL>> = {<No data fields>}, ptr = 0x0}}}}, file_description_filename = "C\000\060\000B\000\061\000M\000x\000\067\000W\000\070\000A\000A\000H\000o\000p\000\064\000.\000j\000p\000g\000", file_contents = "\377\330\377\340\000\020JFIF\000\001\001\000\000H\000H\000\000\377\333\000C\000\004\004\004\004\004\004\a\004\004\a\n\a\a\a\n\r\n\n\n\n\r\020\r\r\r\r\r\020\024\020\020\020\020\020\020\024\024\024\024\024\024\024\024\030\030\030\030\030\030\034\034\034\034\034\037\037\037\037\037\037\037\037\037\037\377\333\000C\001\005\005\005\b\a\b\016\a\a\016 \026\022\026", ' ' <repeats 50 times>, "\377\302\000\021\b\003\204\004\260\003\001\"\000\002\021\001\003\021\001\377\304\000\034\000\000\001\005\001\001\001\000\000\000\000\000\000\000\000\000\000\002\001"..., custom_data = std::map with 0 elements} process = <optimized out> policy = 0x2d6b2f0 file_system_context = 0x2d69910 scale = <optimized out> image = {storage_ = {ptr_ = 0xbb65920}}
Attachments
For Gerrit Dashboard: QTBUG-57713 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
180457,1 | Check pointers before dereferencing them | 5.8 | qt/qtwebengine | Status: ABANDONED | +1 | 0 |
180631,5 | Prevent accessing d when view closed during DnD operation | 5.8 | qt/qtwebengine | Status: MERGED | +2 | 0 |
182155,2 | Prevent accessing d when view closed during DnD operation | 5.7 | qt/qtwebengine | Status: ABANDONED | +2 | 0 |