Bug 450813

Summary: "Dolphin" crashes when dragging a file to the top of the Places-Panel
Product: [Applications] dolphin Reporter: Behzad A <behzad.a_ir>
Component: generalAssignee: Dolphin Bug Assignee <dolphin-bugs-null>
Status: RESOLVED FIXED    
Severity: normal CC: kfm-devel
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: openSUSE   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: Screen record

Description Behzad A 2022-02-24 21:56:34 UTC
Created attachment 147106 [details]
Screen record

Application: Dolphin (dolphin), signal: Segmentation fault

[KCrash Handler]
#4  0x00007f97e554b263 in ?? () from /lib64/libKF5KIOFileWidgets.so.5
#5  0x00007f97e5551ec7 in KFilePlacesView::paintEvent(QPaintEvent*) () from /lib64/libKF5KIOFileWidgets.so.5
#6  0x00007f97e43538de in QWidget::event(QEvent*) () from /lib64/libQt5Widgets.so.5
#7  0x00007f97e440045e in QFrame::event(QEvent*) () from /lib64/libQt5Widgets.so.5
#8  0x00007f97e3699b82 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
#9  0x00007f97e4311a6e in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
#10 0x00007f97e3699e1a in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
#11 0x00007f97e434b8e6 in QWidgetPrivate::sendPaintEvent(QRegion const&) () from /lib64/libQt5Widgets.so.5
#12 0x00007f97e434c112 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, QFlags<QWidgetPrivate::DrawWidgetFlag>, QPainter*, QWidgetRepaintManager*) () from /lib64/libQt5Widgets.so.5
#13 0x00007f97e434d550 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, QFlags<QWidgetPrivate::DrawWidgetFlag>, QPainter*, QWidgetRepaintManager*) () from /lib64/libQt5Widgets.so.5
#14 0x00007f97e434be2c in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, QFlags<QWidgetPrivate::DrawWidgetFlag>, QPainter*, QWidgetRepaintManager*) () from /lib64/libQt5Widgets.so.5
#15 0x00007f97e434d550 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, QFlags<QWidgetPrivate::DrawWidgetFlag>, QPainter*, QWidgetRepaintManager*) () from /lib64/libQt5Widgets.so.5
#16 0x00007f97e434be2c in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, QFlags<QWidgetPrivate::DrawWidgetFlag>, QPainter*, QWidgetRepaintManager*) () from /lib64/libQt5Widgets.so.5
#17 0x00007f97e434d550 in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, QFlags<QWidgetPrivate::DrawWidgetFlag>, QPainter*, QWidgetRepaintManager*) () from /lib64/libQt5Widgets.so.5
#18 0x00007f97e434be2c in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, QFlags<QWidgetPrivate::DrawWidgetFlag>, QPainter*, QWidgetRepaintManager*) () from /lib64/libQt5Widgets.so.5
#19 0x00007f97e4322ac5 in ?? () from /lib64/libQt5Widgets.so.5
#20 0x00007f97e435402d in QWidget::event(QEvent*) () from /lib64/libQt5Widgets.so.5
#21 0x00007f97e4e2e4d9 in KXmlGuiWindow::event(QEvent*) () from /lib64/libKF5XmlGui.so.5
#22 0x00007f97e4311a7f in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
#23 0x00007f97e3699e1a in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
#24 0x00007f97e369ce57 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /lib64/libQt5Core.so.5
#25 0x00007f97e36f1cd3 in ?? () from /lib64/libQt5Core.so.5
#26 0x00007f97e1209d5f in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#27 0x00007f97e120a0e8 in ?? () from /lib64/libglib-2.0.so.0
#28 0x00007f97e120a19f in g_main_context_iteration () from /lib64/libglib-2.0.so.0
#29 0x00007f97e36f1354 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Core.so.5
#30 0x00007f97e369881b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Core.so.5
#31 0x00007f97e3bfe523 in QBasicDrag::drag(QDrag*) () from /lib64/libQt5Gui.so.5
#32 0x00007f97e3bfb9c5 in QDragManager::drag(QDrag*) () from /lib64/libQt5Gui.so.5
#33 0x00007f97e3bfbceb in QDrag::exec(QFlags<Qt::DropAction>, Qt::DropAction) () from /lib64/libQt5Gui.so.5
#34 0x00007f97e56574c9 in KItemListController::startDragging() () from /lib64/libdolphinprivate.so.5
#35 0x00007f97e5659568 in KItemListController::mouseMoveEvent(QGraphicsSceneMouseEvent*, QTransform const&) () from /lib64/libdolphinprivate.so.5
#36 0x00007f97e565cd89 in KItemListController::processEvent(QEvent*, QTransform const&) () from /lib64/libdolphinprivate.so.5
#37 0x00007f97e565fbbd in KItemListView::event(QEvent*) () from /lib64/libdolphinprivate.so.5
#38 0x00007f97e4311a7f in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
#39 0x00007f97e3699e1a in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
#40 0x00007f97e4645f35 in ?? () from /lib64/libQt5Widgets.so.5
#41 0x00007f97e46462d1 in ?? () from /lib64/libQt5Widgets.so.5
#42 0x00007f97e464bd96 in QGraphicsScene::mouseMoveEvent(QGraphicsSceneMouseEvent*) () from /lib64/libQt5Widgets.so.5
#43 0x00007f97e4658a05 in QGraphicsScene::event(QEvent*) () from /lib64/libQt5Widgets.so.5
#44 0x00007f97e4311a7f in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
#45 0x00007f97e3699e1a in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
#46 0x00007f97e46744da in QGraphicsViewPrivate::mouseMoveEventHandler(QMouseEvent*) () from /lib64/libQt5Widgets.so.5
#47 0x00007f97e43538de in QWidget::event(QEvent*) () from /lib64/libQt5Widgets.so.5
#48 0x00007f97e440045e in QFrame::event(QEvent*) () from /lib64/libQt5Widgets.so.5
#49 0x00007f97e3699b82 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
#50 0x00007f97e4311a6e in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
#51 0x00007f97e4319584 in QApplication::notify(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
#52 0x00007f97e3699e1a in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
#53 0x00007f97e4318093 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) () from /lib64/libQt5Widgets.so.5
#54 0x00007f97e436c9dc in ?? () from /lib64/libQt5Widgets.so.5
#55 0x00007f97e436fdf5 in ?? () from /lib64/libQt5Widgets.so.5
#56 0x00007f97e4311a7f in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /lib64/libQt5Widgets.so.5
#57 0x00007f97e3699e1a in QCoreApplication::notifyInternal2(QObject*, QEvent*) () from /lib64/libQt5Core.so.5
#58 0x00007f97e3bbf627 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) () from /lib64/libQt5Gui.so.5
#59 0x00007f97e3b9585c in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Gui.so.5
#60 0x00007f97e0c6ec60 in ?? () from /lib64/libQt5WaylandClient.so.5
#61 0x00007f97e1209d5f in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#62 0x00007f97e120a0e8 in ?? () from /lib64/libglib-2.0.so.0
#63 0x00007f97e120a19f in g_main_context_iteration () from /lib64/libglib-2.0.so.0
#64 0x00007f97e36f1354 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Core.so.5
#65 0x00007f97e369881b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /lib64/libQt5Core.so.5
#66 0x00007f97e36a0af0 in QCoreApplication::exec() () from /lib64/libQt5Core.so.5
#67 0x0000564dab31ffcf in ?? ()
#68 0x00007f97e2fb7630 in __libc_start_call_main () from /lib64/libc.so.6
#69 0x00007f97e2fb76f0 in __libc_start_main_impl () from /lib64/libc.so.6
#70 0x0000564dab320795 in ?? ()
[Inferior 1 (process 17595) detached]
//--------------------------------------------------------------------------------
Dolphin Git-master
System:    Host: localhost.localdomain Kernel: 5.16.8-1-default x86_64 bits: 64 compiler: gcc v: 11.2.1
           Desktop: KDE Plasma 5.24.80 tk: Qt 5.15.2 wm: kwin_wayland dm: SDDM Distro: openSUSE Tumbleweed 20220218
CPU:       Info: Dual Core model: Intel Core2 Duo T6670 bits: 64 type: MCP arch: Penryn rev: A cache: L2: 2 MiB
           flags: lm nx pae sse sse2 sse3 sse4_1 ssse3 vmx bogomips: 8772
           Speed: 1288 MHz min/max: 1200/2201 MHz boost: enabled Core speeds (MHz): 1: 1288 2: 1230
Graphics:  Device-1: Intel Mobile 4 Series Integrated Graphics vendor: Sony driver: i915 v: kernel bus-ID: 00:02.0
           chip-ID: 8086:2a42
           Device-2: Ricoh Sony Vaio Integrated Webcam type: USB driver: uvcvideo bus-ID: 6-2:2 chip-ID: 05ca:18b3
           Display: wayland server: SUSE LINUX 1.21.1.3 compositor: kwin_wayland driver: loaded: modesetting
           unloaded: fbdev,vesa alternate: intel resolution: 1280x800~60Hz s-dpi: 96
           OpenGL: renderer: Mesa Mobile Intel GM45 Express (CTG) v: 2.1 Mesa 22.1.0-devel-git-a814a4f9 direct render: Yes
Comment 1 Bug Janitor Service 2022-03-04 20:13:18 UTC
A possibly relevant merge request was started @ https://invent.kde.org/frameworks/kio/-/merge_requests/779
Comment 2 Bug Janitor Service 2022-03-04 20:13:21 UTC
A possibly relevant merge request was started @ https://invent.kde.org/frameworks/kio/-/merge_requests/779
Comment 3 snx 2022-03-04 22:27:59 UTC
Git commit fc95fed526f59b70ea93c5e81680ffd0dec05c61 by snooxx 💤.
Committed on 03/03/2022 at 09:06.
Pushed by broulik into branch 'master'.

KFilePlacesView: Fix potential crash in `previousVisibleIndex`

The previous commit fixed a crash in
`KFilePlacesViewDelegate::previousVisibleIndex`, where access to `model`
failed due to an invalid index.

In addition to the previous commit already fixing the crash, unrelated
potential crashes in the future can be avoided by checking for an
invalid `index` in `previousVisibleIndex`. The existing logic of
`indexIsSectionHeader` is kept intact, since now an invalid `index` will
lead to comparing two empty strings, i.e. it will not be considered a
section header as required by the rest of the code.

This fix alone would already solve the crash without any side effects,
still introducing `m_dropIndex` seemed less brittle.
Related: bug 450966

Test Plan:

Functionality related to dragging places around (including existing
bugs) is unaffected.

M  +1    -1    src/filewidgets/kfileplacesview.cpp

https://invent.kde.org/frameworks/kio/commit/fc95fed526f59b70ea93c5e81680ffd0dec05c61
Comment 4 snx 2022-03-04 22:28:15 UTC
Git commit 3866295794d9201c4b4269e0cd5006ed01d6b8af by snooxx 💤.
Committed on 02/03/2022 at 17:21.
Pushed by broulik into branch 'master'.

KFilePlacesView: Fix crash when dragging over topmost section header

b5de820a78 fixed incorrect highlighting of the section header label
during drag operations over the first place of a section in clients
setting `m_dropOnPlace`, e.g. Dolphin. This was effective for all except
the topmost section header, where it would cause a crash (independent of
the state of `m_dropOnPlace`).

In `KFilePlacesViewDelegate::previousVisibleIndex` access to `model`
fails, because the `index` determined via `indexAt` of `m_dropRect` in
`KFilePlacesView::paintEvent` is invalid when dragging towards the
topmost section header label. This is because `m_dropRect.topLeft()` can
extend above the entry's `visualRect`, i.e. it covers the places items
below as well as above the separator, of which the latter does not exist
for the first entry.

By remembering the index belonging to `m_dropRect` in `m_dropIndex`
instead of reconstructing it, we can guarantee it to be valid.
Related: bug 450966

Test Plan:

No more crash when dragging places or folders over topmost section
header label in places view in `kdialog --getsaveurl` as well as
`dolphin`. Other functionality related to dragging places around
(including existing bugs) is unaffected and the behavior of the original
fix remains.

M  +7    -5    src/filewidgets/kfileplacesview.cpp

https://invent.kde.org/frameworks/kio/commit/3866295794d9201c4b4269e0cd5006ed01d6b8af