Running it in valgrind gives a clue:
==19941== Invalid read of size 4
==19941== at 0x6604DA4: ??? (in
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5.5.1)
==19941== by 0x1877174F: ???
==19941== by 0xFFFFFFFFFFFFFFFD: ???
==19941== by 0x2483D3FE: ??? (in
/usr/lib/x86_64-linux-gnu/libOxideQtCore.so.0)
==19941== by 0x27C117AB: ??? (in
/usr/lib/x86_64-linux-gnu/libOxideQtCore.so.0)
==19941== by 0x27C36ADC: ??? (in
/usr/lib/x86_64-linux-gnu/libOxideQtCore.so.0)
==19941== by 0x27C3DDD3: ??? (in
/usr/lib/x86_64-linux-gnu/libOxideQtCore.so.0)
==19941== by 0x27C3E1A8: ??? (in
/usr/lib/x86_64-linux-gnu/libOxideQtCore.so.0)
==19941== by 0x24861F42: ??? (in
/usr/lib/x86_64-linux-gnu/libOxideQtCore.so.0)
==19941== by 0x24861FF8: ??? (in
/usr/lib/x86_64-linux-gnu/libOxideQtCore.so.0)
==19941== by 0x2414E312:
QScopedPointerDeleter<oxide::qt::WebViewProxy>::cleanup(oxide::qt::WebViewProxy*)
(in /usr/lib/x86_64-linux-gnu/libOxideQtQuick.so.0)
==19941== by 0x2414D996: QScopedPointer<oxide::qt::WebViewProxy,
QScopedPointerDeleter<oxide::qt::WebViewProxy> >::~QScopedPointer() (in
/usr/lib/x86_64-linux-gnu/libOxideQtQuick.so.0)
==19941== by 0x241467FB:
OxideQQuickWebViewPrivate::~OxideQQuickWebViewPrivate() (in
/usr/lib/x86_64-linux-gnu/libOxideQtQuick.so.0)
==19941== by 0x24146847:
OxideQQuickWebViewPrivate::~OxideQQuickWebViewPrivate() (in
/usr/lib/x86_64-linux-gnu/libOxideQtQuick.so.0)
==19941== by 0x2414E4D6:
QScopedPointerDeleter<OxideQQuickWebViewPrivate>::cleanup(OxideQQuickWebViewPrivate*)
(in /usr/lib/x86_64-linux-gnu/libOxideQtQuick.so.0)
==19941== by 0x2414DED6: QScopedPointer<OxideQQuickWebViewPrivate,
QScopedPointerDeleter<OxideQQuickWebViewPrivate> >::~QScopedPointer() (in
/usr/lib/x86_64-linux-gnu/libOxideQtQuick.so.0)
==19941== by 0x24147E1C: OxideQQuickWebView::~OxideQQuickWebView() (in
/usr/lib/x86_64-linux-gnu/libOxideQtQuick.so.0)
==19941== by 0x240855BD:
QQmlPrivate::QQmlElement<OxideQQuickWebView>::~QQmlElement() (in
/usr/lib/x86_64-linux-gnu/qt5/qml/com/canonical/Oxide/libqmloxideplugin.so)
==19941== by 0x240855F3:
QQmlPrivate::QQmlElement<OxideQQuickWebView>::~QQmlElement() (in
/usr/lib/x86_64-linux-gnu/qt5/qml/com/canonical/Oxide/libqmloxideplugin.so)
==19941== by 0x64BE52A: QObjectPrivate::deleteChildren() (in
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5.5.1)
==19941== by 0x64C7D9F: QObject::~QObject() (in
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5.5.1)
==19941== by 0x5DBD028: QWindow::~QWindow() (in
/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5.5.1)
==19941== by 0x4FD26E8: QQuickWindow::~QQuickWindow() (in
/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5.5.1)
==19941== by 0x50AA74C:
QQmlPrivate::QQmlElement<QQuickWindowQmlImpl>::~QQmlElement() (in
/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5.5.1)
==19941== by 0x405115: main (in /usr/lib/x86_64-linux-gnu/qt5/bin/qmlscene)
==19941== Address 0x151bcd9e is 18 bytes before a block of size 664 alloc'd
==19941== at 0x4C2E0EF: operator new(unsigned long) (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19941== by 0x50A96E9: QQuickWindowQmlImpl::QQuickWindowQmlImpl(QWindow*)
(in /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5.5.1)
==19941== by 0x50AA78F: void
QQmlPrivate::createInto<QQuickWindowQmlImpl>(void*) (in
/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5.5.1)
==19941== by 0x547B71A: QQmlType::create() const (in
/usr/lib/x86_64-linux-gnu/libQt5Qml.so.5.5.1)
==19941== by 0x54DCE23: QQmlObjectCreator::createInstance(int, QObject*,
bool) (in /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5.5.1)
==19941== by 0x54DD8CE: QQmlObjectCreator::create(int, QObject*,
QQmlInstantiationInterrupt*) (in /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5.5.1)
==19941== by 0x5465B04: QQmlComponentPrivate::beginCreate(QQmlContextData*)
(in /usr/lib/x86_64-linux-gnu/libQt5Qml.so.5.5.1)
==19941== by 0x546378E: QQmlComponent::create(QQmlContext*) (in
/usr/lib/x86_64-linux-gnu/libQt5Qml.so.5.5.1)
==19941== by 0x404F0F: main (in /usr/lib/x86_64-linux-gnu/qt5/bin/qmlscene)
So we're accessing the window after it's been deleted.
Some stepping through in gdb shows that this access occurs here:
oxide::qt::InputMethodContext::FocusedNodeChanged (this=0xb426d0) at
../../oxide/qt/core/browser/input/oxide_qt_input_method_context.cc:236
236 QGuiApplication::focusWindow()->focusObject()) {
(gdb) bt
#0 0x00007fffb699d3fe in oxide::qt::InputMethodContext::FocusedNodeChanged()
(this=0xb426d0) at
../../oxide/qt/core/browser/input/oxide_qt_input_method_context.cc:236
#1 0x00007fffb8edf9fc in
oxide::ImeBridgeImpl::SetContext(oxide::InputMethodContext*) (this=0xaea948,
context=0x0) at ../../oxide/shared/browser/input/oxide_ime_bridge_impl.cc:109
#2 0x00007fffb8f04d4d in
oxide::WebContentsView::SetClient(oxide::WebContentsViewClient*)
(this=0xcbe100, client=<optimised out>) at
../../oxide/shared/browser/oxide_web_contents_view.cc:786
#3 0x00007fffb8f09790 in oxide::WebView::~WebView() (this=0xb62660,
__in_chrg=<optimised out>) at ../../oxide/shared/browser/oxide_web_view.cc:984
#4 0x00007fffb8f098f9 in oxide::WebView::~WebView() (this=0xb62660,
__in_chrg=<optimised out>) at ../../oxide/shared/browser/oxide_web_view.cc:998
#5 0x00007fffb69c126e in oxide::qt::WebView::~WebView() (this=<optimised out>,
__ptr=<optimised out>) at /usr/include/c++/5/bits/unique_ptr.h:76
#6 0x00007fffb69c126e in oxide::qt::WebView::~WebView() (this=0xb5c5a8,
__in_chrg=<optimised out>) at /usr/include/c++/5/bits/unique_ptr.h:236
#7 0x00007fffb69c126e in oxide::qt::WebView::~WebView() (this=0xb5c540,
__in_chrg=<optimised out>) at
../../oxide/qt/core/browser/oxide_qt_web_view.cc:1175
#8 0x00007fffb69c1359 in oxide::qt::WebView::~WebView() (this=0xb5c540,
__in_chrg=<optimised out>) at
../../oxide/qt/core/browser/oxide_qt_web_view.cc:1184
#9 0x00007fffcc41a50e in
OxideQQuickWebViewPrivate::~OxideQQuickWebViewPrivate() (pointer=<optimised
out>) at /usr/include/x86_64-linux-gnu/qt5/QtCore/qscopedpointer.h:54
#10 0x00007fffcc41a50e in
OxideQQuickWebViewPrivate::~OxideQQuickWebViewPrivate() (this=0xa880a8,
__in_chrg=<optimised out>) at
/usr/include/x86_64-linux-gnu/qt5/QtCore/qscopedpointer.h:101
#11 0x00007fffcc41a50e in
OxideQQuickWebViewPrivate::~OxideQQuickWebViewPrivate() (this=0xa88090,
__in_chrg=<optimised out>) at
/home/chr1s/src/oxide/master/src/oxide/qt/quick/api/oxideqquickwebview.cc:745
#12 0x00007fffcc41a589 in
OxideQQuickWebViewPrivate::~OxideQQuickWebViewPrivate() (this=0xa88090,
__in_chrg=<optimised out>) at
/home/chr1s/src/oxide/master/src/oxide/qt/quick/api/oxideqquickwebview.cc:745
#13 0x00007fffcc41585a in OxideQQuickWebView::~OxideQQuickWebView()
(pointer=<optimised out>) at
/usr/include/x86_64-linux-gnu/qt5/QtCore/qscopedpointer.h:54
#14 0x00007fffcc41585a in OxideQQuickWebView::~OxideQQuickWebView()
(this=0xa88080, __in_chrg=<optimised out>) at
/usr/include/x86_64-linux-gnu/qt5/QtCore/qscopedpointer.h:101
#15 0x00007fffcc41585a in OxideQQuickWebView::~OxideQQuickWebView()
(this=0xa88060, __in_chrg=<optimised out>) at
/home/chr1s/src/oxide/master/src/oxide/qt/quick/api/oxideqquickwebview.cc:1389
#16 0x00007fffcc45b509 in
QQmlPrivate::QQmlElement<OxideQQuickWebView>::~QQmlElement() (this=0xa88060,
__in_chrg=<optimised out>) at
/usr/include/x86_64-linux-gnu/qt5/QtQml/qqmlprivate.h:98
#17 0x00007fffcc45b509 in
QQmlPrivate::QQmlElement<OxideQQuickWebView>::~QQmlElement() (this=0xa88060,
__in_chrg=<optimised out>) at
/usr/include/x86_64-linux-gnu/qt5/QtQml/qqmlprivate.h:98
#18 0x00007ffff67e352b in QObjectPrivate::deleteChildren()
(this=this@entry=0xa8a6e0) at kernel/qobject.cpp:1946
#19 0x00007ffff67ecda0 in QObject::~QObject() (this=<optimised out>,
__in_chrg=<optimised out>) at kernel/qobject.cpp:1024
#20 0x00007ffff6b00029 in QWindow::~QWindow() (this=0xa06340,
__in_chrg=<optimised out>) at kernel/qwindow.cpp:202
#21 0x00007ffff7b9f6e9 in QQuickWindow::~QQuickWindow() (this=0xa06340,
__in_chrg=<optimised out>) at items/qquickwindow.cpp:1111
#22 0x00007ffff7c7774d in
QQmlPrivate::QQmlElement<QQuickWindowQmlImpl>::~QQmlElement() (this=0xa06340,
__in_chrg=<optimised out>) at items/qquickwindowmodule_p.h:46
#23 0x00007ffff7c7774d in
QQmlPrivate::QQmlElement<QQuickWindowQmlImpl>::~QQmlElement() (this=0xa06340,
__in_chrg=<optimised out>) at
../../include/QtQml/../../src/qml/qml/qqmlprivate.h:98
#24 0x00007ffff7c7774d in
QQmlPrivate::QQmlElement<QQuickWindowQmlImpl>::~QQmlElement() (this=0xa06340,
__in_chrg=<optimised out>) at
../../include/QtQml/../../src/qml/qml/qqmlprivate.h:98
#25 0x0000000000405116 in main(int, char**) (pointer=0xa06340) at
/usr/include/x86_64-linux-gnu/qt5/QtCore/qscopedpointer.h:54
#26 0x0000000000405116 in main(int, char**) (this=<synthetic pointer>,
__in_chrg=<optimised out>) at
/usr/include/x86_64-linux-gnu/qt5/QtCore/qscopedpointer.h:101
#27 0x0000000000405116 in main(int, char**) (argc=2, argv=<optimised out>) at
main.cpp:550
So, QGuiApplication::focusWindow() is returning an invalid pointer.
The focus window should be cleaned up in QWindow::destroy(). This
initially gets called here:
#0 0x00007ffff6affd30 in QWindow::destroy() (this=0xa04c90) at
kernel/qwindow.cpp:1601
#1 0x00007ffff6b013a8 in QWindow::event(QEvent*) (this=this@entry=0xa04c90,
ev=ev@entry=0x7fffffffd1a0) at kernel/qwindow.cpp:2030
#2 0x00007ffff7ba8871 in QQuickWindow::event(QEvent*) (this=0xa04c90,
e=0x7fffffffd1a0) at items/qquickwindow.cpp:1413
#3 0x00007ffff70a905c in QApplicationPrivate::notify_helper(QObject*, QEvent*)
(this=this@entry=0x42bb20, receiver=receiver@entry=0xa04c90,
e=e@entry=0x7fffffffd1a0) at kernel/qapplication.cpp:3716
#4 0x00007ffff70ae516 in QApplication::notify(QObject*, QEvent*)
(this=0x7fffffffd630, receiver=0xa04c90, e=0x7fffffffd1a0) at
kernel/qapplication.cpp:3499
#5 0x00007ffff67b662b in QCoreApplication::notifyInternal(QObject*, QEvent*)
(this=0x7fffffffd630, receiver=0xa04c90, event=event@entry=0x7fffffffd1a0) at
kernel/qcoreapplication.cpp:965
#6 0x00007ffff6af56be in
QGuiApplicationPrivate::processCloseEvent(QWindowSystemInterfacePrivate::CloseEvent*)
(event=0x7fffffffd1a0, receiver=<optimised out>)
at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:227
#7 0x00007ffff6af56be in
QGuiApplicationPrivate::processCloseEvent(QWindowSystemInterfacePrivate::CloseEvent*)
(e=0xcb1920) at kernel/qguiapplication.cpp:2114
#8 0x00007ffff6afa215 in
QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*)
(e=e@entry=0xcb1920) at kernel/qguiapplication.cpp:1635
#9 0x00007ffff6addf38 in
QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>)
(flags=...) at kernel/qwindowsysteminterface.cpp:625
#10 0x00007fffefd99070 in userEventSourceDispatch(GSource*, GSourceFunc,
gpointer) (source=<optimised out>) at
eventdispatchers/qeventdispatcher_glib.cpp:70
#11 0x00007ffff51941a7 in g_main_context_dispatch (context=0x7fffe40016f0) at
/build/glib2.0-7IO_Yw/glib2.0-2.48.1/./glib/gmain.c:3154
#12 0x00007ffff51941a7 in g_main_context_dispatch
(context=context@entry=0x7fffe40016f0) at
/build/glib2.0-7IO_Yw/glib2.0-2.48.1/./glib/gmain.c:3769
#13 0x00007ffff5194400 in g_main_context_iterate
(context=context@entry=0x7fffe40016f0, block=block@entry=1,
dispatch=dispatch@entry=1, self=<optimised out>)
at /build/glib2.0-7IO_Yw/glib2.0-2.48.1/./glib/gmain.c:3840
#14 0x00007ffff51944ac in g_main_context_iteration (context=0x7fffe40016f0,
may_block=may_block@entry=1) at
/build/glib2.0-7IO_Yw/glib2.0-2.48.1/./glib/gmain.c:3901
#15 0x00007ffff680ca7f in
QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
(this=0x510970, flags=...) at kernel/qeventdispatcher_glib.cpp:418
#16 0x00007ffff67b3dea in
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>)
(this=this@entry=0x7fffffffd440, flags=..., flags@entry=...) at
kernel/qeventloop.cpp:204
#17 0x00007ffff67bbe8c in QCoreApplication::exec() () at
kernel/qcoreapplication.cpp:1229
#18 0x00007ffff6aefc3c in QGuiApplication::exec() () at
kernel/qguiapplication.cpp:1542
#19 0x00007ffff70a5495 in QApplication::exec() () at
kernel/qapplication.cpp:2976
#20 0x00000000004050da in main(int, char**) (argc=2, argv=<optimised out>) at
main.cpp:598
But, the focus window is currently null:
(gdb) p QGuiApplicationPrivate::focus_window
$1 = (QWindow *) 0x0
However, when the destructor for QWindow runs here:
#0 0x00007ffff7ac0cc0 in QWindow::~QWindow()@plt () at
/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5
#1 0x00007ffff7b9f6e9 in QQuickWindow::~QQuickWindow() (this=0xa04c90,
__in_chrg=<optimised out>) at items/qquickwindow.cpp:1111
#2 0x00007ffff7c7774d in
QQmlPrivate::QQmlElement<QQuickWindowQmlImpl>::~QQmlElement() (this=0xa04c90,
__in_chrg=<optimised out>) at items/qquickwindowmodule_p.h:46
#3 0x00007ffff7c7774d in
QQmlPrivate::QQmlElement<QQuickWindowQmlImpl>::~QQmlElement() (this=0xa04c90,
__in_chrg=<optimised out>) at
../../include/QtQml/../../src/qml/qml/qqmlprivate.h:98
#4 0x00007ffff7c7774d in
QQmlPrivate::QQmlElement<QQuickWindowQmlImpl>::~QQmlElement() (this=0xa04c90,
__in_chrg=<optimised out>) at
../../include/QtQml/../../src/qml/qml/qqmlprivate.h:98
#5 0x0000000000405116 in main(int, char**) (pointer=0xa04c90) at
/usr/include/x86_64-linux-gnu/qt5/QtCore/qscopedpointer.h:54
#6 0x0000000000405116 in main(int, char**) (this=<synthetic pointer>,
__in_chrg=<optimised out>) at
/usr/include/x86_64-linux-gnu/qt5/QtCore/qscopedpointer.h:101
#7 0x0000000000405116 in main(int, char**) (argc=2, argv=<optimised out>) at
main.cpp:550
... the focus window has been set...
(gdb) p QGuiApplicationPrivate::focus_window
$2 = (QWindow *) 0xa04c90
QWindow::destroy is called a second time in its destructor, but because
it was called earlier it exits early without clearing
QGuiApplicationPrivate::focus_window, thus leaving it dangling.
This is a Qt bug
** Also affects: qtbase-opensource-src (Ubuntu)
Importance: Undecided
Status: New
** No longer affects: oxide
** No longer affects: webbrowser-app (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1435465
Title:
Alt+F4 crashes app where WebView embedded in a Window
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1435465/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
