Bug 470847 - Right-clicking on list items crashes Plasma in ListItemMenu::createMenu()
Summary: Right-clicking on list items crashes Plasma in ListItemMenu::createMenu()
Status: RESOLVED FIXED
Alias: None
Product: plasma-pa
Classification: Unmaintained
Component: applet (other bugs)
Version First Reported In: master
Platform: Other Linux
: NOR crash
Target Milestone: ---
Assignee: Plasma Bugs List
URL:
Keywords: qt6
Depends on:
Blocks:
 
Reported: 2023-06-09 20:31 UTC by Nate Graham
Modified: 2023-06-09 23:57 UTC (History)
3 users (show)

See Also:
Latest Commit: https://invent.kde.org/plasma/plasma-pa/-/commit/9c84c3264ae3eb47cc7e6f0c47c0e7c8cecf4075
Version Fixed/Implemented In: 5.27.6
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Nate Graham 2023-06-09 20:31:55 UTC 
100% reproducible for me in Plasma 6 with the following backtrace:


#0  __GI___pthread_sigmask (how=1, newmask=<optimized out>, oldmask=0x0) at pthread_sigmask.c:43
#1  0x00007f8bfcc5fd4d in __GI___sigprocmask
    (how=<optimized out>, set=<optimized out>, oset=<optimized out>)
    at ../sysdeps/unix/sysv/linux/sigprocmask.c:25
#2  0x00007f8c0039ed98 in KCrash::setCrashHandler(void (*)(int)) (handler=handler@entry=0x0)
    at /home/nate/kde/src/kcrash/src/kcrash.cpp:411
#3  0x00007f8c0039f90e in KCrash::defaultCrashHandler(int) (sig=11)
    at /home/nate/kde/src/kcrash/src/kcrash.cpp:615
#4  0x00007f8bfcc5fb70 in <signal handler called> () at /lib64/libc.so.6
#5  0x00007f8b82ae1a44 in ListItemMenu::createMenu() (this=this@entry=0x3a37cf0)
    at /home/nate/kde/src/plasma-pa/src/qml/listitemmenu.cpp:336
#6  0x00007f8b82b19698 in ListItemMenu::open(int, int) (this=0x3a37cf0, x=127, y=14)
    at /home/nate/kde/src/plasma-pa/src/qml/listitemmenu.cpp:259
#7  0x00007f8b82ae2ac1 in ListItemMenu::qt_static_metacall(QObject*, QMetaObject::Call, int, void**)
    (_o=_o@entry=0x3a37cf0, _c=_c@entry=QMetaObject::InvokeMetaMethod, _id=_id@entry=7, _a=_a@entry=0x7ffed6e91238)
    at /home/nate/kde/build6/plasma-pa/src/plasma-volume-declarative_autogen/CCBC4FUR7J/moc_listitemmenu.cpp:297
#8  0x00007f8b82ae77f0 in ListItemMenu::qt_metacall(QMetaObject::Call, int, void**)
    (this=0x3a37cf0, _c=QMetaObject::InvokeMetaMethod, _id=7, _a=0x7ffed6e91238)
    at /home/nate/kde/build6/plasma-pa/src/plasma-volume-declarative_autogen/CCBC4FUR7J/moc_listitemmenu.cpp:407
#9  0x00007f8bff3b910a in QQmlObjectOrGadget::metacall(QMetaObject::Call, int, void**) const
    (this=this@entry=0x7ffed6e91500, type=type@entry=QMetaObject::InvokeMetaMethod, index=<optimized out>, index@entry=12, argv=<optimized out>)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/qml/qqmlobjectorgadget.cpp:14
#10 0x00007f8bff260bfe in QV4::CallMethod
    (callType=QMetaObject::InvokeMetaMethod, callArgs=<optimized out>, engine=0xcc0a10, argTypes=0x7ffed6e911d8, argCount=<optimized out>, returnType=..., index=12, object=...)
    at /usr/include/qt6/QtCore/qvarlengtharray.h:84
#11 QV4::CallPrecise(QQmlObjectOrGadget const&, QQmlPropertyData const&, QV4::ExecutionEngine*, QV4::CallData*, QMetaObject::Call) (object=..., data=<optimized out>, engine=<optimized out>, 
    engine@entry=0xcc0a10, callArgs=<optimized out>, 
    callArgs@entry=0x7f8be03b85a0, callType=callType@entry=QMetaObject::InvokeMetaMethod)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/jsruntime/qv4qobjectwrapper.cpp:1751
#12 0x00007f8bff262975 in operator() (__closure=<optimized out>)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/jsruntime/qv4qobjectwrapper.cpp:2641
#13 operator()<QV4::QObjectMethod::callInternal(const QV4::Value*, const QV4::Value*, int) const::<lambda()> > (call=<optimized out>, __closure=<synthetic pointer>)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/jsruntime/qv4qobjectwrapper.cpp:2619
#14 QV4::QObjectMethod::callInternal(QV4::Value const*, QV4::Value const*, int) const
    (this=0x7ffed6e91618, thisObject=<optimized out>, argv=0x7f8be03b8560, argc=2)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/jsruntime/qv4qobjectwrapper.cpp:2641
#15 0x00007f8bff2bb90b in QV4::FunctionObject::call(QV4::Value const*, QV4::Value const*, int) const
    (argc=<optimized out>, argv=<optimized out>, thisObject=<optimized out>, this=<optimized out>)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/redhat-linux-build/include/QtQml/6.5.1/QtQml/private/../../../../../../src/qml/jsruntime/qv4functionobject_p.h:169
#16 QV4::Moth::VME::interpret(QV4::JSTypesStackFrame*, QV4::ExecutionEngine*, char const*)
    (frame=0x7f8b82b3eac0 <QPulseAudio::Device::staticMetaObject>, 
    frame@entry=0x7ffed6e91810, engine=0xcc0a10, code=0x7f8be03b8548 "\200Bzi\213\177")
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/jsruntime/qv4vme_moth.cpp:862
#17 0x00007f8bff2c0327 in QV4::Moth::VME::exec(QV4::JSTypesStackFrame*, QV4::ExecutionEngine*)
    (frame=frame@entry=0x7ffed6e91810, engine=engine@entry=0xcc0a10)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/jsruntime/qv4vme_moth.cpp:544
#18 0x00007f8bff20a546 in QV4::doCall(QV4::Function*, QV4::Value const*, QV4::Value const*, int, QV4::ExecutionContext*)
    (self=self@entry=0x4d43b30, thisObject=<optimized out>, argv=argv@entry=0x7f8be03b84f0, argc=argc@entry=1, context=context@entry=0x7f8b7000a9c8)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/jsruntime/qv4function.cpp:54
#19 0x00007f8bff20a93a in QV4::Function::call(QV4::Value const*, QV4::Value const*, int, QV4::ExecutionContext*)
    (this=this@entry=0x4d43b30, thisObject=<optimized out>, argv=argv@entry=0x7f8be03b84f0, argc=argc@entry=1, context=context@entry=0x7f8b7000a9c8)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/jsruntime/qv4function.cpp:79
#20 0x00007f8bff20ab4b in operator()
    (argc=1, argv=0x7f8be03b84f0, thisObject=<optimized out>, __closure=<synthetic pointer>)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/jsruntime/qv4function.cpp:30
#21 QV4::convertAndCall<QV4::Function::call(QObject*, void**, const QMetaType*, int, QV4::ExecutionContext*)::<lambda(const QV4::Value*, const QV4::Value*, int)> >
    (call=..., argc=1, types=0x7ffed6e91ab8, a=0x7ffed6e93550, thisObject=0x3877f90, engine=<optimized out>)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/redhat-linux-build/include/QtQml/6.5.1/QtQml/private/../../../../../../src/qml/jsruntime/qv4jscall_p.h:197
#22 QV4::Function::call(QObject*, void**, QMetaType const*, int, QV4::ExecutionContext*)
    (this=0x4d43b30, thisObject=0x3877f90, a=a@entry=0x7ffed6e93550, types=0x7ffed6e91ab8, argc=1, context=0x7f8b7000a9c8)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/jsruntime/qv4function.cpp:27
#23 0x00007f8bff37b727 in QQmlJavaScriptExpression::evaluate(void**, QMetaType const*, int)
    (this=this@entry=0x2bb4f90, a=a@entry=0x7ffed6e93550, types=<optimized out>, argc=argc@entry=1)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/qml/qqmljavascriptexpression_p.h:246
#24 0x00007f8bff3137de in QQmlBoundSignalExpression::evaluate(void**)
    (this=0x2bb4f90, a=a@entry=0x7ffed6e93550) at /usr/include/qt6/QtCore/qvarlengtharray.h:85
#25 0x00007f8bff314350 in QQmlBoundSignal_callback(QQmlNotifierEndpoint*, void**)
    (e=0x2bb5010, a=0x7ffed6e93550)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/redhat-linux-build/include/QtQml/6.5.1/QtQml/private/../../../../../../src/qml/qml/ftw/qqmlrefcount_p.h:62
#26 0x00007f8bff3a747c in QQmlNotifier::emitNotify(QQmlNotifierEndpoint*, void**)
    (endpoint=<optimized out>, a=0x7ffed6e93550)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/qml/qml/qqmlnotifier.cpp:70
#27 0x00007f8bfd3dd940 in doActivate<false>(QObject*, int, void**)
    (sender=0x3877f90, signal_index=45, argv=0x7ffed6e93550)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/corelib/kernel/qobject.cpp:3884
#28 0x00007f8bfd3d4757 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**)
    (sender=sender@entry=0x3877f90, m=m@entry=0x7f8bffecab60 <QQuickMouseArea::staticMetaObject>, local_signal_index=local_signal_index@entry=13, argv=argv@entry=0x7ffed6e93550)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/corelib/kernel/qobject.cpp:4052
#29 0x00007f8bffa5dc84 in QQuickMouseArea::pressed(QQuickMouseEvent*)
    (this=this@entry=0x3877f90, _t1=<optimized out>, _t1@entry=0x3878268)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/redhat-linux-build/src/quick/Quick_autogen/include/moc_qquickmousearea_p.cpp:842
#30 0x00007f8bffa5f7f4 in QQuickMouseArea::setPressed(Qt::MouseButton, bool, Qt::MouseEventSource)
    (this=this@entry=0x3877f90, button=<optimized out>, p=p@entry=true, source=<optimized out>)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/quick/items/qquickmousearea.cpp:1243
#31 0x00007f8bffa601bf in QQuickMouseArea::mousePressEvent(QMouseEvent*)
    (this=0x3877f90, event=0x7ffed6e93ff0) at /usr/include/qt6/QtGui/qevent.h:115
#32 0x00007f8bffa3a1c8 in QQuickItem::event(QEvent*) (this=0x3877f90, ev=0x7ffed6e93ff0)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/quick/items/qquickitem.cpp:8841
#33 0x00007f8bfe9c0b08 in QApplicationPrivate::notify_helper(QObject*, QEvent*)
    (this=<optimized out>, receiver=0x3877f90, e=0x7ffed6e93ff0)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/widgets/kernel/qapplication.cpp:3287
#34 0x00007f8bfd37c308 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
    (receiver=0x3877f90, event=0x7ffed6e93ff0)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/corelib/kernel/qcoreapplication.cpp:1115
#35 0x00007f8bfd37c50d in QCoreApplication::sendEvent(QObject*, QEvent*)
    (receiver=<optimized out>, event=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/corelib/kernel/qcoreapplication.cpp:1533
#36 0x00007f8bffbcf99d in QQuickDeliveryAgentPrivate::deliverMatchingPointsToItem(QQuickItem*, bool, QPointerEvent*, bool)
    (this=this@entry=0x25c77b0, item=item@entry=0x3877f90, isGrabber=isGrabber@entry=false, pointerEvent=pointerEvent@entry=0x7ffed6e93ff0, handlersOnly=handlersOnly@entry=false)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/quick/util/qquickdeliveryagent.cpp:2138
#37 0x00007f8bffbd0c9b in QQuickDeliveryAgentPrivate::deliverPressOrReleaseEvent(QPointerEvent*, bool)
    (this=this@entry=0x25c77b0, event=event@entry=0x7ffed6e93ff0, handlersOnly=<optimized out>, 
    handlersOnly@entry=false)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/quick/util/qquickdeliveryagent.cpp:2087
#38 0x00007f8bffbd1510 in QQuickDeliveryAgentPrivate::deliverPointerEvent(QPointerEvent*)
    (this=this@entry=0x25c77b0, event=event@entry=0x7ffed6e93ff0)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/quick/util/qquickdeliveryagent.cpp:1847
#39 0x00007f8bffbd2622 in QQuickDeliveryAgentPrivate::handleMouseEvent(QMouseEvent*)
    (this=this@entry=0x25c77b0, event=event@entry=0x7ffed6e93ff0)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/quick/util/qquickdeliveryagent.cpp:1622
#40 0x00007f8bffbd44a8 in QQuickDeliveryAgent::event(QEvent*)
    (this=<optimized out>, ev=0x7ffed6e93ff0)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/quick/util/qquickdeliveryagent.cpp:705
#41 0x00007f8bffae7642 in QQuickWindow::event(QEvent*) (this=<optimized out>, event=0x7ffed6e93ff0)
    at /usr/src/debug/qt6-qtdeclarative-6.5.1-1.fc38.x86_64/src/quick/items/qquickwindow.cpp:1481
#42 0x00007f8bfe9c0b08 in QApplicationPrivate::notify_helper(QObject*, QEvent*)
    (this=<optimized out>, receiver=0x25c1690, e=0x7ffed6e93ff0)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/widgets/kernel/qapplication.cpp:3287
#43 0x00007f8bfd37c308 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
    (receiver=0x25c1690, event=0x7ffed6e93ff0)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/corelib/kernel/qcoreapplication.cpp:1115
#44 0x00007f8bfd37c51d in QCoreApplication::sendSpontaneousEvent(QObject*, QEvent*)
    (receiver=<optimized out>, event=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/corelib/kernel/qcoreapplication.cpp:1547
#45 0x00007f8bfdc09017 in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) (e=0x7f8be4021ef0)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/gui/kernel/qguiapplication.cpp:2285
#46 0x00007f8bfdc6339c in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) (flags=flags@entry=...)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/gui/kernel/qwindowsysteminterface.cpp:1094
#47 0x00007f8bebda2416 in xcbSourceDispatch(GSource*, GSourceFunc, gpointer) (source=<optimized out>)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/plugins/platforms/xcb/qxcbeventdispatcher.cpp:57
#48 0x00007f8bfc66639c in g_main_dispatch (context=0x7f8be4000f10) at ../glib/gmain.c:3460
#49 g_main_context_dispatch (context=0x7f8be4000f10) at ../glib/gmain.c:4200
#50 0x00007f8bfc6c4438 in g_main_context_iterate.isra.0
    (context=0x7f8be4000f10, block=1, dispatch=1, self=<optimized out>) at ../glib/gmain.c:4276
#51 0x00007f8bfc663a23 in g_main_context_iteration (context=0x7f8be4000f10, may_block=1)
    at ../glib/gmain.c:4343
#52 0x00007f8bfd61ff7f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
    (this=0x60e460, flags=...)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/corelib/kernel/qeventdispatcher_glib.cpp:393
#53 0x00007f8bfd388e93 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>)
    (this=this@entry=0x7ffed6e94420, flags=..., flags@entry=...)
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/corelib/global/qflags.h:34
#54 0x00007f8bfd384b3d in QCoreApplication::exec() ()
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/corelib/global/qflags.h:74
#55 0x00007f8bfdbf85cd in QGuiApplication::exec() ()
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/gui/kernel/qguiapplication.cpp:1894
#56 0x00007f8bfe9c0a79 in QApplication::exec() ()
    at /usr/src/debug/qt6-qtbase-6.5.1-1.fc38.x86_64/src/widgets/kernel/qapplication.cpp:2566
#57 0x0000000000424fe8 in main(int, char**) (argc=<optimized out>, argv=<optimized out>)
    at /home/nate/kde/src/plasma-workspace/shell/main.cpp:253
Comment 1 Bug Janitor Service 2023-06-09 21:52:55 UTC 
A possibly relevant merge request was started @ https://invent.kde.org/plasma/plasma-pa/-/merge_requests/180
Comment 2 Ismael Asensio 2023-06-09 23:48:28 UTC 
Git commit 65936f7a078f9cd83ef4c702e677b69db150f6cd by Ismael Asensio.
Committed on 09/06/2023 at 21:43.
Pushed by iasensio into branch 'master'.

applet: Fix crash when opening context menu with no contents

Do not try to open the context menu via the right mouse button
or the Menu key press when it has no contents, because that
leads to a crash.

The menu button was already guarded against this because it
gets hidden in that case.
FIXED-IN: 6

M  +2    -2    applet/contents/ui/ListItemBase.qml

https://invent.kde.org/plasma/plasma-pa/-/commit/65936f7a078f9cd83ef4c702e677b69db150f6cd
Comment 3 Ismael Asensio 2023-06-09 23:57:10 UTC 
Git commit 9c84c3264ae3eb47cc7e6f0c47c0e7c8cecf4075 by Ismael Asensio.
Committed on 09/06/2023 at 23:56.
Pushed by iasensio into branch 'Plasma/5.27'.

applet: Fix crash when opening context menu with no contents

Do not try to open the context menu via the right mouse button
or the Menu key press when it has no contents, because that
leads to a crash.

The menu button was already guarded against this because it
gets hidden in that case.
FIXED-IN: 5.27.6

(cherry picked from commit 65936f7a078f9cd83ef4c702e677b69db150f6cd)

M  +2    -2    applet/contents/ui/ListItemBase.qml

https://invent.kde.org/plasma/plasma-pa/-/commit/9c84c3264ae3eb47cc7e6f0c47c0e7c8cecf4075