227428 – [steps] Crash on dragging link over region of inactive flash plugin [qt_xdnd_send_leave, checkEmbedded, handle_xdnd_position, QX11Data::xdndHandlePosition]

Bug 227428 - [steps] Crash on dragging link over region of inactive flash plugin [qt_xdnd_send_leave, checkEmbedded, handle_xdnd_position, QX11Data::xdndHandlePosition]

Summary: [steps] Crash on dragging link over region of inactive flash plugin [qt_xdnd_...

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	konqueror
Classification:	Applications
Component:	khtml (show other bugs)
Version:	4.4.0
Platform:	openSUSE Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Konqueror Developers

URL:
Keywords:

Depends on:
Blocks:

Reported:	2010-02-17 21:33 UTC by squan
Modified:	2021-01-08 04:33 UTC (History)
CC List:	4 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
New crash information added by DrKonqi (9.72 KB, text/plain) 2011-12-15 12:30 UTC, Alex Frolov	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description squan 2010-02-17 21:33:41 UTC

Version:            (using KDE 4.4.0)
OS:                Linux
Installed from:    openSUSE RPMs

I'm running konqueror with the 'load plugins on demand' configuration option.

Now if I visit a page with flash and do not start the plugin then by dragging a link from another application (e.g. akregator or dolphin) to the konqueror window one can crash _both_ applications (given by drag source and targed).

The crash happens if the mouse cursor hovers over the rectangle reserved for the plugin (100% reproducable).

This bug is new in the final release of KDE-4.4.

Comment 1 Maksim Orlovich 2010-02-17 21:37:55 UTC

backtrace?

Comment 2 Tommi Tervo 2010-02-17 22:29:44 UTC

Application: Konqueror (konqueror), signal: Segmentation fault
[Current thread is 1 (Thread 0xb4fde700 (LWP 17228))]

Thread 3 (Thread 0xb02c7b70 (LWP 17283)):
#0  0xffffe430 in __kernel_vsyscall ()
#1  0xb65df0c2 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb665601c in wait (time=<value optimized out>, this=<value optimized out>) at thread/qwaitcondition_unix.cpp:85
#3  QWaitCondition::wait (time=<value optimized out>, this=<value optimized out>) at thread/qwaitcondition_unix.cpp:159
#4  0xb664a7ce in QThreadPoolThread::run (this=0x8e33988) at concurrent/qthreadpool.cpp:140
#5  0xb665503f in QThreadPrivate::start (arg=0x8e33988) at thread/qthread_unix.cpp:248
#6  0xb65da6e5 in start_thread () from /lib/libpthread.so.0
#7  0xb65da600 in ?? () from /lib/libpthread.so.0

Thread 2 (Thread 0xaeffeb70 (LWP 17331)):
#0  0xffffe430 in __kernel_vsyscall ()
#1  0xb65df0c2 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb665601c in wait (time=<value optimized out>, this=<value optimized out>) at thread/qwaitcondition_unix.cpp:85
#3  QWaitCondition::wait (time=<value optimized out>, this=<value optimized out>) at thread/qwaitcondition_unix.cpp:159
#4  0xb664a7ce in QThreadPoolThread::run (this=0xaf803980) at concurrent/qthreadpool.cpp:140
#5  0xb665503f in QThreadPrivate::start (arg=0xaf803980) at thread/qthread_unix.cpp:248
#6  0xb65da6e5 in start_thread () from /lib/libpthread.so.0
#7  0xb65da600 in ?? () from /lib/libpthread.so.0

Thread 1 (Thread 0xb4fde700 (LWP 17228)):
[KCrash Handler]
#6  0xb5c95b18 in ?? () from /usr/lib/libQtGui.so.4
#7  0xb5c95cb4 in ?? () from /usr/lib/libQtGui.so.4
#8  0xb5c969c2 in ?? () from /usr/lib/libQtGui.so.4
#9  0xb5c771e0 in QApplication::x11ClientMessage(QWidget*, _XEvent*, bool) () from /usr/lib/libQtGui.so.4
#10 0xb5c869cb in QApplication::x11ProcessEvent(_XEvent*) () from /usr/lib/libQtGui.so.4
#11 0xb5cb4b78 in ?? () from /usr/lib/libQtGui.so.4
#12 0xb535c4c2 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#13 0xb535fd98 in ?? () from /usr/lib/libglib-2.0.so.0
#14 0xb535febe in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#15 0xb678ab31 in QEventDispatcherGlib::processEvents (this=0x8051e08, flags=...) at kernel/qeventdispatcher_glib.cpp:412
#16 0xb5cb46ca in ?? () from /usr/lib/libQtGui.so.4
#17 0xb675c62d in QEventLoop::processEvents (this=0xbfe6d784, flags=) at kernel/qeventloop.cpp:149
#18 0xb675ca79 in QEventLoop::exec (this=0xbfe6d784, flags=...) at kernel/qeventloop.cpp:201
#19 0xb6760bf0 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:981
#20 0xb5bf4354 in QApplication::exec() () from /usr/lib/libQtGui.so.4
#21 0xb76af4c3 in kdemain (argc=1, argv=0xbfe6db44) at /home/teve/kde/kdebase/apps/konqueror/src/konqmain.cpp:232
#22 0x080487a9 in main (argc=1, argv=0xbfe6db44) at /home/teve/kde/kbb/apps/konqueror/src/konqueror_dummy.cpp:3

Comment 3 Tommi Tervo 2010-02-17 22:41:26 UTC

==17657== Invalid read of size 4
==17657==    at 0x539BB18: qt_xdnd_send_leave() (qdnd_x11.cpp:1085)
==17657==    by 0x539BCB3: checkEmbedded(QWidget*, _XEvent const*) (qdnd_x11.cpp:769)
==17657==    by 0x91BA: ???
==17657==  Address 0x50 is not stack'd, malloc'd or (recently) free'd

Comment 4 Dario Andres 2010-02-22 02:01:42 UTC

I can reproduce it here using:

Qt: 4.6.2 (kde-qt master commit 62cda737405d0f2163094c44189cfd71ca3c576a
        Date:   Mon Feb 15 14:37:02 2010 +0100)
KDE Development Platform: 4.4.63 (KDE 4.4.63 (KDE 4.5 >= 20100209))
kdelibs svn rev. 1092352 / kdebase svn rev. 1092352
on ArchLinux i686 - Kernel 2.6.32.8
Desktop Effects disabled

This could probably be forwarded to NokiaQt

-- Backtrace:

Application: Konqueror (konqueror), signal: Segmentation fault
[Current thread is 1 (Thread 0xb5017700 (LWP 938))]

Thread 2 (Thread 0xafb91b70 (LWP 943)):
#0  0xb7787424 in __kernel_vsyscall ()
#1  0xb6733182 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb67e21e1 in QWaitConditionPrivate::wait (this=0x8d5e1d8, time=30000) at thread/qwaitcondition_unix.cpp:85
#3  0xb67e1fff in QWaitCondition::wait (this=0x8d81994, mutex=0x8d81990, time=30000) at thread/qwaitcondition_unix.cpp:159
#4  0xb67d25db in QThreadPoolThread::run (this=0x8b44f58) at concurrent/qthreadpool.cpp:140
#5  0xb67e0dbc in QThreadPrivate::start (arg=0x8b44f58) at thread/qthread_unix.cpp:248
#6  0xb672e8ac in start_thread () from /lib/libpthread.so.0
#7  0xb56fe01e in clone () from /lib/libc.so.6

Thread 1 (Thread 0xb5017700 (LWP 938)):
[KCrash Handler]
#6  0xb5c5c05b in qt_xdnd_send_leave () at kernel/qdnd_x11.cpp:1085
#7  0xb5c5ae1f in checkEmbedded (w=0x8e5af38, xe=0xbfad66f0) at kernel/qdnd_x11.cpp:769
#8  0xb5c5b1c4 in handle_xdnd_position (w=0x8e5af38, xe=0xbfad66f0, passive=false) at kernel/qdnd_x11.cpp:843
#9  0xb5c5bc42 in QX11Data::xdndHandlePosition (this=0x8209b10, w=0x8e5af38, xe=0xbfad66f0, passive=false) at kernel/qdnd_x11.cpp:991
#10 0xb5c44cc7 in QApplication::x11ClientMessage (this=0xbfad6ad0, w=0x8e5af38, event=0xbfad66f0, passive_only=false) at kernel/qapplication_x11.cpp:3080
#11 0xb5c46b82 in QApplication::x11ProcessEvent (this=0xbfad6ad0, event=0xbfad66f0) at kernel/qapplication_x11.cpp:3633
#12 0xb5c7c291 in x11EventSourceDispatch (s=0x82089f8, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#13 0xb530b378 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#14 0xb530ebf0 in g_main_context_iterate () from /usr/lib/libglib-2.0.so.0
#15 0xb530ed23 in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#16 0xb692f338 in QEventDispatcherGlib::processEvents (this=0x81d5440, flags=...) at kernel/qeventdispatcher_glib.cpp:412
#17 0xb5c7c8c6 in QGuiEventDispatcherGlib::processEvents (this=0x81d5440, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#18 0xb68f4d0f in QEventLoop::processEvents (this=0xbfad69cc, flags=...) at kernel/qeventloop.cpp:149
#19 0xb68f4e54 in QEventLoop::exec (this=0xbfad69cc, flags=...) at kernel/qeventloop.cpp:201
#20 0xb68f8011 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:981
#21 0xb5ba4026 in QApplication::exec () at kernel/qapplication.cpp:3579
#22 0xb776146b in kdemain (argc=2, argv=0xbfad6da4) at /home/kde-devel/kde/src/KDE/kdebase/apps/konqueror/src/konqmain.cpp:232
#23 0x08048769 in main (argc=2, argv=0xbfad6da4) at /home/kde-devel/kde/build/KDE/kdebase/apps/konqueror/src/konqueror_dummy.cpp:3

Comment 5 squan 2011-06-15 13:02:53 UTC

Problem persists in SC 4.6.3. Konquerer session recovery does not take effect (all tabs/windows lost).
Here the backtrace of the akregator side.
Bug 243100 may be related (suggested by Dr. Konqui).

Application: Akregator (akregator), signal: Segmentation fault
[KCrash Handler]
#7  0xb62c730d in QWidget::testAttribute_helper (this=0x82d4898, attribute=Qt::WA_Hover) at kernel/qwidget.cpp:10870
#8  0xb6286076 in testAttribute (this=0xbfb4d9d4, receiver=0x82d4898, e=0xbfb4dc34) at ../../src/gui/kernel/qwidget.h:1031
#9  QApplication::notify (this=0xbfb4d9d4, receiver=0x82d4898, e=0xbfb4dc34) at kernel/qapplication.cpp:4045
#10 0xb72f3901 in KApplication::notify (this=0xbfb4f778, receiver=0x82d4898, event=0xbfb4dc34) at /usr/src/debug/kdelibs-4.6.3/kdeui/kernel/kapplication.cpp:311
#11 0xb6dd478e in QCoreApplication::notifyInternal (this=0xbfb4f778, receiver=0x82d4898, event=0xbfb4dc34) at kernel/qcoreapplication.cpp:731
#12 0xb627d72c in sendSpontaneousEvent (receiver=0x82d4898, event=0xbfb4dc34, alienWidget=0x0, nativeWidget=0x82d4898, buttonDown=0xb6bf1c00, lastMouseReceiver=..., spontaneous=true) at ../../src/corelib/kernel/qcoreapplication.h:218
#13 QApplicationPrivate::sendMouseEvent (receiver=0x82d4898, event=0xbfb4dc34, alienWidget=0x0, nativeWidget=0x82d4898, buttonDown=0xb6bf1c00, lastMouseReceiver=..., spontaneous=true) at kernel/qapplication.cpp:3120
#14 0xb6309bb0 in QETWidget::translateMouseEvent (this=0x82d4898, event=0xbfb4e14c) at kernel/qapplication_x11.cpp:4461
#15 0xb6308cbe in QApplication::x11ProcessEvent (this=0xbfb4f778, event=0xbfb4e14c) at kernel/qapplication_x11.cpp:3465
#16 0xb63335e0 in x11EventSourceDispatch (s=0x8080b78, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#17 0xb4680509 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#18 0xb4680d10 in ?? () from /lib/libglib-2.0.so.0
#19 0xb4680fce in g_main_context_iteration () from /lib/libglib-2.0.so.0
#20 0xb6e02f7b in QEventDispatcherGlib::processEvents (this=0x805ebe0, flags=...) at kernel/qeventdispatcher_glib.cpp:422
#21 0xb63331da in QGuiEventDispatcherGlib::processEvents (this=0x805ebe0, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#22 0xb6dd3a6d in QEventLoop::processEvents (this=0x831a320, flags=...) at kernel/qeventloop.cpp:149
#23 0xb6dd3c99 in QEventLoop::exec (this=0x831a320, flags=...) at kernel/qeventloop.cpp:201
#24 0xb6318857 in QDragManager::drag (this=0x8cda168, o=0x8d770a0) at kernel/qdnd_x11.cpp:1981
#25 0xb6290661 in QDrag::exec (this=0x8d770a0, supportedActions=..., defaultDropAction=Qt::CopyAction) at kernel/qdrag.cpp:284
#26 0xb6827850 in QAbstractItemView::startDrag (this=0x8201348, supportedActions=...) at itemviews/qabstractitemview.cpp:3448
#27 0xb6825e19 in QAbstractItemView::mouseMoveEvent (this=0x8201348, event=0xbfb4e61c) at itemviews/qabstractitemview.cpp:1709
#28 0xb686672c in QTreeView::mouseMoveEvent (this=0x8201348, event=0xbfb4ef24) at itemviews/qtreeview.cpp:1902
#29 0xb62d7b2c in QWidget::event (this=0x8201348, event=0xbfb4ef24) at kernel/qwidget.cpp:8244
#30 0xb66e70f5 in QFrame::event (this=0x8201348, e=0xbfb4ef24) at widgets/qframe.cpp:557
#31 0xb6778b91 in QAbstractScrollArea::viewportEvent (this=0x8201348, e=0xbfb4ef24) at widgets/qabstractscrollarea.cpp:1043
#32 0xb681ce74 in QAbstractItemView::viewportEvent (this=0x8201348, event=0xbfb4ef24) at itemviews/qabstractitemview.cpp:1628
#33 0xb6868546 in QTreeView::viewportEvent (this=0x8201348, event=0xbfb4ef24) at itemviews/qtreeview.cpp:1256
#34 0xb677b486 in viewportEvent (this=0x8265868, o=0x825fb38, e=0xbfb4ef24) at widgets/qabstractscrollarea_p.h:100
#35 QAbstractScrollAreaFilter::eventFilter (this=0x8265868, o=0x825fb38, e=0xbfb4ef24) at widgets/qabstractscrollarea_p.h:116
#36 0xb6dd4926 in QCoreApplicationPrivate::sendThroughObjectEventFilters (this=0x8085af0, receiver=0x825fb38, event=0xbfb4ef24) at kernel/qcoreapplication.cpp:846
#37 0xb627c654 in QApplicationPrivate::notify_helper (this=0x8085af0, receiver=0x825fb38, e=0xbfb4ef24) at kernel/qapplication.cpp:4458
#38 0xb6285f80 in QApplication::notify (this=0xbfb4ec3c, receiver=0x825fb38, e=0xbfb4ef24) at kernel/qapplication.cpp:4023
#39 0xb72f3901 in KApplication::notify (this=0xbfb4f778, receiver=0x825fb38, event=0xbfb4ef24) at /usr/src/debug/kdelibs-4.6.3/kdeui/kernel/kapplication.cpp:311
#40 0xb6dd478e in QCoreApplication::notifyInternal (this=0xbfb4f778, receiver=0x825fb38, event=0xbfb4ef24) at kernel/qcoreapplication.cpp:731
#41 0xb627d72c in sendSpontaneousEvent (receiver=0x825fb38, event=0xbfb4ef24, alienWidget=0x825fb38, nativeWidget=0x8075490, buttonDown=0xb6bf1c00, lastMouseReceiver=..., spontaneous=true) at ../../src/corelib/kernel/qcoreapplication.h:218
#42 QApplicationPrivate::sendMouseEvent (receiver=0x825fb38, event=0xbfb4ef24, alienWidget=0x825fb38, nativeWidget=0x8075490, buttonDown=0xb6bf1c00, lastMouseReceiver=..., spontaneous=true) at kernel/qapplication.cpp:3120
#43 0xb6309bb0 in QETWidget::translateMouseEvent (this=0x8075490, event=0xbfb4f43c) at kernel/qapplication_x11.cpp:4461
#44 0xb6308cbe in QApplication::x11ProcessEvent (this=0xbfb4f778, event=0xbfb4f43c) at kernel/qapplication_x11.cpp:3465
#45 0xb63335e0 in x11EventSourceDispatch (s=0x8080b78, callback=0, user_data=0x0) at kernel/qguieventdispatcher_glib.cpp:146
#46 0xb4680509 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#47 0xb4680d10 in ?? () from /lib/libglib-2.0.so.0
#48 0xb4680fce in g_main_context_iteration () from /lib/libglib-2.0.so.0
#49 0xb6e02f7b in QEventDispatcherGlib::processEvents (this=0x805ebe0, flags=...) at kernel/qeventdispatcher_glib.cpp:422
#50 0xb63331da in QGuiEventDispatcherGlib::processEvents (this=0x805ebe0, flags=...) at kernel/qguieventdispatcher_glib.cpp:204
#51 0xb6dd3a6d in QEventLoop::processEvents (this=0xbfb4f6f4, flags=...) at kernel/qeventloop.cpp:149
#52 0xb6dd3c99 in QEventLoop::exec (this=0xbfb4f6f4, flags=...) at kernel/qeventloop.cpp:201
#53 0xb6dd8740 in QCoreApplication::exec () at kernel/qcoreapplication.cpp:1008
#54 0xb627a3d4 in QApplication::exec () at kernel/qapplication.cpp:3736
#55 0x0804fad1 in main (argc=) at /usr/src/debug/kdepim-4.4.11.1/akregator/src/main.cpp:103

Comment 6 Alex Frolov 2011-12-15 12:30:44 UTC

Created attachment 66778 [details]
New crash information added by DrKonqi

konqueror (4.7.3 (4.7.3)) on KDE Platform 4.7.3 (4.7.3) using Qt 4.8.0

- What I was doing when the application crashed:

I was dragging a link from Kopete to Koqueror window

-- Backtrace (Reduced):
#6  qt_xdnd_send_leave () at kernel/qdnd_x11.cpp:1086
#7  qt_xdnd_send_leave () at kernel/qdnd_x11.cpp:1074
#8  0x0000003a6504fd7c in checkEmbedded (w=0x1d7a3c0, xe=0x7fff2a6ec910) at kernel/qdnd_x11.cpp:770
#9  0x0000003a65052fce in handle_xdnd_position (w=0x1bed030, xe=0x7fff2a6ec910, passive=false) at kernel/qdnd_x11.cpp:844
#10 0x0000003a65046bb6 in QApplication::x11ClientMessage (this=<optimized out>, w=0x1bed030, event=<optimized out>, passive_only=<optimized out>) at kernel/qapplication_x11.cpp:3200

Comment 7 Justin Zobel 2020-12-09 02:10:41 UTC

Thank you for the crash report.

As it has been a while since this was reported, can you please test and confirm if this issue is still occurring or if this bug report can be marked as resolved.

I have set the bug status to "needsinfo" pending your response, please change back to "reported" or "resolved/worksforme" when you respond, thank you.

Comment 8 Bug Janitor Service 2020-12-24 04:34:28 UTC

Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!

Comment 9 Bug Janitor Service 2021-01-08 04:33:59 UTC

This bug has been in NEEDSINFO status with no change for at least
30 days. The bug is now closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!