[Webkit-unassigned] [Bug 217482] [GTK] Crash in WebKit::DropTarget::drop
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Nov 6 01:40:12 PST 2020
https://bugs.webkit.org/show_bug.cgi?id=217482
--- Comment #5 from Carlos Garcia Campos <cgarcia at igalia.com> ---
(In reply to Michael Catanzaro from comment #1)
> OK here's a guess: maybe (1) user starts drag, (2) user leaves window,
> m_leaveTimer starts running, (3) user starts a new drag, m_leaveTimer still
> running, (4) m_leaveTimer fires, unsets m_selectionData etc., (5) user
> releases button, triggering drop, (6) crash.
>
> It seems a little unlikely, because m_leaveTimer is stopped in
> DropTarget::accept, so the user would have to finish the drop before the
> source application sends its drag data offer. But that's actually possible,
> right?
>
> I see we have, in DropTarget::accept:
>
> if (m_leaveTimer.isActive()) {
> m_leaveTimer.stop();
> leaveTimerFired();
> }
>
> But that's not soon enough, right? It belongs in DropTarget::enter?
I've noticed a problem with this code, though. It resets the drop context and position set in drag-motion callback
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20201106/4a093e35/attachment.htm>
More information about the webkit-unassigned
mailing list