Details
-
Bug
-
Resolution: Out of scope
-
Not Evaluated
-
None
-
4.7.2, 5.1.1
-
None
-
Qt 4.7.2
Mac OS X 10.5, 10.6, 10.7
Qt 5.1.1
Mac OS X 10.8.4
-
macOS
Description
I can consistently cause a crash by rapidly opening/dismissing a "select" (combo box) element.
I have only seen this on Mac OS X.
Steps:
1. launch "fancybrowser.app" (one of the examples that ships with Qt – /Developer/Examples/Qt/webkit/fancybrowser)
2. go to http://www.tizag.com/htmlT/htmlselect.php (or basically any webpage that has a "select")
3. rapidly open and dismiss one of the select's (I do this by clicking to open it, and then hitting esc to dismiss it, over and over as quick as possible)
4. Crash!!
I do believe the crash happens if you dismiss the popup before it is done rendering. So it's a timing issue and can be difficult to reproduce. You have to go real fast. The more items in the select the better – you have a longer timeframe to cause the problem. I also suspect that if you got fancy CSS styling going on, it may give you a longer timeframe in which to cause the problem.
Anyhow, here are two crash reports. The middle bits are a little different, but it always filters back down into WebCore::QtFallbackWebPopupCombo::hidePopup.
-------- 8< ---------
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000040422f58
VM Regions Near 0x40422f58:
JS garbage collector 000000000cb40000-000000000cbc0000 [ 512K] rw-/rw- SM=PRV
-->
__TEXT 000000008febd000-000000008fef0000 [ 204K] r-x/rwx SM=COW /usr/lib/dyld
Application Specific Information:
objc[18026]: garbage collection is OFF
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 QtGui 0x019562b9 QWidget::style() const + 9
1 QtGui 0x01cc822b QComboBox::hidePopup() + 267
2 QtWebKit 0x00960e7e WebCore::QtFallbackWebPopupCombo::hidePopup() + 46
3 QtGui 0x01cc3225 QComboBoxPrivateContainer::eventFilter(QObject*, QEvent*) + 501
4 QtCore 0x0252434f QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) + 143
5 QtGui 0x01910463 QApplicationPrivate::notify_helper(QObject*, QEvent*) + 147
6 QtGui 0x01919006 QApplication::notify(QObject*, QEvent*) + 7638
7 QtCore 0x02435b5c QCoreApplication::notifyInternal(QObject*, QEvent*) + 108
8 QtGui 0x01949c9c QShortcutMap::tryShortcutEvent(QObject*, QKeyEvent*) + 108
9 QtGui 0x019190b0 QApplication::notify(QObject*, QEvent*) + 7808
10 QtCore 0x02435b5c QCoreApplication::notifyInternal(QObject*, QEvent*) + 108
11 QtGui 0x019111fc qt_sendSpontaneousEvent(QObject*, QEvent*) + 60
12 QtGui 0x0198a377 QKeyMapper::sendKeyEvent(QWidget*, bool, QEvent::Type, int, QFlags<Qt::KeyboardModifier>, QString const&, bool, int, unsigned int, unsigned int, unsigned int, bool*) + 167
13 QtGui 0x0198b1c6 QKeyMapperPrivate::translateKeyEvent(QWidget*, OpaqueEventHandlerCallRef*, OpaqueEventRef*, void*, bool) + 742
14 QtGui 0x018c35fc qt_dispatchKeyEvent(void*, QWidget*) + 236
15 QtGui 0x018b664f -[QCocoaView keyDown:] + 335
16 com.apple.AppKit 0x926e54cf -[NSWindow sendEvent:] + 10891
17 QtGui 0x018bc22b -[QCocoaWindow sendEvent:] + 267
18 com.apple.AppKit 0x9267c6ff -[NSApplication sendEvent:] + 4788
19 QtGui 0x018bf9dd -[QNSApplication sendEvent:] + 93
20 com.apple.AppKit 0x9260dc82 -[NSApplication run] + 1007
21 QtGui 0x018c9a51 QEventDispatcherMac::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 1505
22 QtCore 0x025239c1 QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 65
23 QtCore 0x02523d0a QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 170
24 QtCore 0x02525166 QCoreApplication::exec() + 182
25 com.yourcompany.fancybrowser 0x00004a41 main + 435 (main.cpp:54)
26 com.yourcompany.fancybrowser 0x000045f1 _start + 208
27 com.yourcompany.fancybrowser 0x00004520 start + 40
-------- 8< ---------
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000030b9b7fc
VM Regions Near 0x30b9b7fc:
MALLOC_TINY 000000000d500000-000000000d600000 [ 1024K] rw-/rwx SM=PRV
-->
__TEXT 000000008fe53000-000000008fe86000 [ 204K] r-x/rwx SM=COW /usr/lib/dyld
Application Specific Information:
objc[18122]: garbage collection is OFF
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 QtGui 0x019562b9 QWidget::style() const + 9
1 QtGui 0x01cc822b QComboBox::hidePopup() + 267
2 QtWebKit 0x00960e7e WebCore::QtFallbackWebPopupCombo::hidePopup() + 46
3 QtGui 0x01ccb40f QComboBoxPrivateContainer::mousePressEvent(QMouseEvent*) + 191
4 QtGui 0x0196509f QWidget::event(QEvent*) + 2351
5 QtGui 0x01cf3c28 QFrame::event(QEvent*) + 40
6 QtGui 0x0191048c QApplicationPrivate::notify_helper(QObject*, QEvent*) + 188
7 QtGui 0x019194bd QApplication::notify(QObject*, QEvent*) + 8845
8 QtCore 0x02435b5c QCoreApplication::notifyInternal(QObject*, QEvent*) + 108
9 QtGui 0x019111fc qt_sendSpontaneousEvent(QObject*, QEvent*) + 60
10 QtGui 0x018c5623 qt_mac_handleMouseEvent(void*, void*, QEvent::Type, Qt::MouseButton) + 2019
11 QtGui 0x018b55a0 -[QCocoaView mouseDown:] + 64
12 com.apple.AppKit 0x926e47b1 -[NSWindow sendEvent:] + 7533
13 QtGui 0x018b353b -[QCocoaPanel sendEvent:] + 267
14 com.apple.AppKit 0x9267c6ff -[NSApplication sendEvent:] + 4788
15 QtGui 0x018bf9dd -[QNSApplication sendEvent:] + 93
16 com.apple.AppKit 0x9260dc82 -[NSApplication run] + 1007
17 QtGui 0x018c9a51 QEventDispatcherMac::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 1505
18 QtCore 0x025239c1 QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 65
19 QtCore 0x02523d0a QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 170
20 QtCore 0x02525166 QCoreApplication::exec() + 182
21 com.yourcompany.fancybrowser 0x00004a41 main + 435 (main.cpp:54)
22 com.yourcompany.fancybrowser 0x000045f1 _start + 208
23 com.yourcompany.fancybrowser 0x00004520 start + 40
-------- 8< ---------