Summary: | plasmashell crashes in SystemClipboard::checkClipData with possible nullptr on data or data->formats() | ||
---|---|---|---|
Product: | [Plasma] plasmashell | Reporter: | kolorafa <kde_org> |
Component: | Clipboard | Assignee: | Plasma Bugs List <plasma-bugs> |
Status: | RESOLVED FIXED | ||
Severity: | crash | CC: | dikey0ficial, jaxad0127, kde_org, kiril, matt.fagnani, nate, nikolakocicbz, notmart, postix, qydwhotmail |
Priority: | NOR | Keywords: | drkonqi, wayland |
Version: | 6.1.0 | ||
Target Milestone: | 1.0 | ||
Platform: | Arch Linux | ||
OS: | Linux | ||
Latest Commit: | https://invent.kde.org/plasma/plasma-workspace/-/commit/ec617701e49b29422d246f23d1515670f1a9efa5 | Version Fixed In: | 6.1.3 |
Sentry Crash Report: | https://crash-reports.kde.org/organizations/kde/issues/18441/ | ||
Attachments: | New crash information added by DrKonqi |
Description
kolorafa
2024-06-24 10:33:45 UTC
Created attachment 170904 [details]
New crash information added by DrKonqi
DrKonqi auto-attaching complete backtrace.
Thread 1 (Thread 0x7dbce27f1200 (LWP 9083)): [KCrash Handler] #5 SystemClipboard::checkClipData (this=0x61e8e0517e20, mode=QClipboard::Selection) at /usr/src/debug/plasma-workspace/plasma-workspace-6.1.0/klipper/systemclipboard.cpp:157 #6 0x00007dbce8ba17e7 in QtPrivate::QSlotObjectBase::call (this=<optimized out>, r=<optimized out>, a=<optimized out>, this=<optimized out>, r=<optimized out>, a=<optimized out>) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qobjectdefs_impl.h:469 #7 doActivate<false> (sender=<optimized out>, signal_index=<optimized out>, argv=<optimized out>) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qobject.cpp:4086 #8 0x00007dbce898db01 in KSystemClipboard::changed (this=<optimized out>, _t1=<optimized out>) at /usr/src/debug/kguiaddons/build/src/KF6GuiAddons_autogen/include/moc_ksystemclipboard.cpp:142 #9 0x00007dbce8ba17e7 in QtPrivate::QSlotObjectBase::call (this=<optimized out>, r=<optimized out>, a=<optimized out>, this=<optimized out>, r=<optimized out>, a=<optimized out>) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qobjectdefs_impl.h:469 #10 doActivate<false> (sender=<optimized out>, signal_index=<optimized out>, argv=<optimized out>) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qobject.cpp:4086 #11 0x00007dbce9858596 in ffi_call_unix64 () at ../src/x86/unix64.S:104 #12 0x00007dbce985500e in ffi_call_int (cif=cif@entry=0x7ffccc87cd00, fn=<optimized out>, rvalue=<optimized out>, avalue=<optimized out>, closure=closure@entry=0x0) at ../src/x86/ffi64.c:673 #13 0x00007dbce9857bd3 in ffi_call (cif=cif@entry=0x7ffccc87cd00, fn=<optimized out>, rvalue=rvalue@entry=0x0, avalue=avalue@entry=0x7ffccc87cdd0) at ../src/x86/ffi64.c:710 #14 0x00007dbceb3ca860 in wl_closure_invoke (closure=closure@entry=0x7dbcd400c0a0, target=<optimized out>, target@entry=0x61e8e0529ae0, opcode=opcode@entry=3, data=<optimized out>, flags=1) at ../wayland-1.23.0/src/connection.c:1228 #15 0x00007dbceb3cb0d9 in dispatch_event (display=display@entry=0x61e8dc799e10, queue=queue@entry=0x61e8dc799f08) at ../wayland-1.23.0/src/wayland-client.c:1670 #16 0x00007dbceb3cb4f3 in dispatch_queue (display=0x61e8dc799e10, queue=0x61e8dc799f08) at ../wayland-1.23.0/src/wayland-client.c:1816 #17 wl_display_dispatch_queue_pending (display=0x61e8dc799e10, queue=0x61e8dc799f08) at ../wayland-1.23.0/src/wayland-client.c:2058 #18 0x00007dbce99740c6 in QtWaylandClient::QWaylandDisplay::flushRequests (this=<optimized out>) at /usr/src/debug/qt6-wayland/qtwayland/src/client/qwaylanddisplay.cpp:227 #19 0x00007dbce8b8c0ff in QObject::event (this=0x61e8dc799be0, e=0x7dbcd4044010) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qobject.cpp:1452 #20 0x00007dbceaafc55c in QApplicationPrivate::notify_helper (this=<optimized out>, receiver=0x61e8dc799be0, e=0x7dbcd4044010) at /usr/src/debug/qt6-base/qtbase/src/widgets/kernel/qapplication.cpp:3287 #21 0x00007dbce8b44e38 in QCoreApplication::notifyInternal2 (receiver=0x61e8dc799be0, event=event@entry=0x7dbcd4044010) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1142 #22 0x00007dbce8b451fb in QCoreApplication::sendEvent (receiver=<optimized out>, event=0x7dbcd4044010) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1583 #23 QCoreApplicationPrivate::sendPostedEvents (receiver=0x0, event_type=0, data=0x61e8dc768ba0) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1940 #24 0x00007dbce8da460c in QCoreApplication::sendPostedEvents (receiver=0x0, event_type=0) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qcoreapplication.cpp:1797 #25 postEventSourceDispatch (s=0x61e8dc796c50) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:244 #26 0x00007dbce768ba89 in g_main_dispatch (context=0x7dbcdc000f00) at ../glib/glib/gmain.c:3344 #27 0x00007dbce76ed9b7 in g_main_context_dispatch_unlocked (context=0x7dbcdc000f00) at ../glib/glib/gmain.c:4152 #28 g_main_context_iterate_unlocked.isra.0 (context=context@entry=0x7dbcdc000f00, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/glib/gmain.c:4217 #29 0x00007dbce768af95 in g_main_context_iteration (context=0x7dbcdc000f00, may_block=1) at ../glib/glib/gmain.c:4282 #30 0x00007dbce8da28dd in QEventDispatcherGlib::processEvents (this=0x61e8dc7ae480, flags=...) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:394 #31 0x00007dbce8b4f10e in QEventLoop::processEvents (this=0x7ffccc87d400, flags=...) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qeventloop.cpp:100 #32 QEventLoop::exec (this=0x7ffccc87d400, flags=...) at /usr/src/debug/qt6-base/qtbase/src/corelib/kernel/qeventloop.cpp:182 #33 0x00007dbce8b4945d in QCoreApplication::exec () at /usr/src/debug/qt6-base/qtbase/src/corelib/global/qflags.h:74 #34 0x00007dbceaaf83fa in QApplication::exec () at /usr/src/debug/qt6-base/qtbase/src/widgets/kernel/qapplication.cpp:2555 #35 0x000061e8a2073d66 in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/plasma-workspace/plasma-workspace-6.1.0/shell/main.cpp:188 Crashing here:
> if (!data) {
> Q_EMIT receivedEmptyClipboard(mode);
> return;
> } else if (data->formats().isEmpty()) {
> // Might be a timeout. Try again
> roundtrip();
> data = m_clip->mimeData(mode);
> if (data->formats().isEmpty()) { <<<<<<<<<<<<<< Here
> qCDebug(KLIPPER_LOG) << "was empty. Retried, now still empty";
> Q_EMIT receivedEmptyClipboard(mode);
> return;
> }
> }
Maybe data or data->formats() are nullptr.
I can consistently recreate this by copying a file, moving or deleting it, then clearing the clipboard. Copying something else before the clear does not crash. Still happening. Qt 6.7.2 Plasma 6.1.2 Frameworks 6.3.0 Kernel 6.9.8-arch1-1 Arch Linux Wayland Matching backtrace, though I've seen one with a different middle section before (didn't save it). A possibly relevant merge request was started @ https://invent.kde.org/plasma/plasma-workspace/-/merge_requests/4522 A possibly relevant merge request was started @ https://invent.kde.org/plasma/plasma-workspace/-/merge_requests/4523 *** Bug 488074 has been marked as a duplicate of this bug. *** Git commit 1cdf4dc24a9b9d565d6163557375690ba6701673 by Vlad Zahorodnii. Committed on 16/07/2024 at 06:56. Pushed by vladz into branch 'master'. klipper: Fix a potential null dereferencing Prior to da06b136f645e57b79e319e34bba4f88bee54616, klipper used to make a roundtrip. In meanwhile, anything could happen to the selection, including getting destroyed. In either case, let's handle mimeData() returning null to harden this clipboard code. M +1 -1 klipper/systemclipboard.cpp https://invent.kde.org/plasma/plasma-workspace/-/commit/1cdf4dc24a9b9d565d6163557375690ba6701673 Git commit 02d852d163ef98f42d341f4cdcf9a9c10d29115f by Vlad Zahorodnii. Committed on 16/07/2024 at 07:48. Pushed by vladz into branch 'Plasma/6.1'. klipper: Fix a potential null dereferencing Prior to da06b136f645e57b79e319e34bba4f88bee54616, klipper used to make a roundtrip. In meanwhile, anything could happen to the selection, including getting destroyed. In either case, let's handle mimeData() returning null to harden this clipboard code. (cherry picked from commit 1cdf4dc24a9b9d565d6163557375690ba6701673) Co-authored-by: Vlad Zahorodnii <vlad.zahorodnii@kde.org> M +1 -1 klipper/systemclipboard.cpp https://invent.kde.org/plasma/plasma-workspace/-/commit/02d852d163ef98f42d341f4cdcf9a9c10d29115f Git commit ec617701e49b29422d246f23d1515670f1a9efa5 by Vlad Zahorodnii, on behalf of David Edmundson. Committed on 16/07/2024 at 09:12. Pushed by vladz into branch 'Plasma/6.1'. klipper: Avoid incorrect wayland roundtrips Klipper code is full of existing X11 hacks, as clipboard is a complicated problem. In 923e9bc9f20028d5eaa07828ced02ddaf31eba63 these X11 workarounds were split into another file, but also in that change the existing roundtrip function gained a wayland backend. This doens't help as the reasons we need to roundtrip are platform specific. Trying to generalise makes things harder rather than easier. (cherry picked from commit da06b136f645e57b79e319e34bba4f88bee54616) M +5 -9 klipper/systemclipboard.cpp https://invent.kde.org/plasma/plasma-workspace/-/commit/ec617701e49b29422d246f23d1515670f1a9efa5 *** Bug 486286 has been marked as a duplicate of this bug. *** *** Bug 488838 has been marked as a duplicate of this bug. *** |