Details
-
Bug
-
Resolution: Done
-
P1: Critical
-
5.0.1
-
None
-
OSX Mountain Lion
-
macOS
-
204eaf0c491a29681dad87751f93e3079e08f0b4
Description
To reproduce:
- Click on a <select> element
- Click outside the element to dismiss the popup
- Repeat... eventually it'll crash while dismissing the popup
If you want to make this 100% reproducible, add a usleep(1000000) at the end of QComboBox::hidePopup()
I've tracked this down to the fact that QComboBox::hidePopup() will flash the triggered item, and while doing that, runs an event loop. During that event loop, QtFallbackWebPopup's connection to QtWebComboBox::didHide() gets called, calling QtFallbackWebPopup::deleteComboBox(), which causes the combobox to then be deleted in the middle of hidePopup(), crashing when hidePopup() comes out of its event loop.
Here's where the QComboBox gets deleted:
#0 0x0000000100bc6242 in QComboBox::~QComboBox () #1 0x000000010348b495 in WebCore::QtWebComboBox::~QtWebComboBox () #2 0x0000000103836dc2 in QObject::event () #3 0x0000000100b14032 in QWidget::event () #4 0x0000000100bc4264 in QComboBox::event () #5 0x0000000100adbadc in QApplicationPrivate::notify_helper () #6 0x0000000100adbe0e in QApplication::notify () #7 0x000000010380bf21 in QCoreApplication::notifyInternal () #8 0x000000010380c354 in QCoreApplicationPrivate::sendPostedEvents () #9 0x0000000103bca8dd in QWindowSystemInterface::sendWindowSystemEvents () #10 0x000000010971420e in QCocoaEventDispatcherPrivate::postedEventsSourceCallback () #11 0x00007fff87c6e101 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ () #12 0x00007fff87c6da25 in __CFRunLoopDoSources0 () #13 0x00007fff87c90dc5 in __CFRunLoopRun () #14 0x00007fff87c906b2 in CFRunLoopRunSpecific () #15 0x00007fff8cc0b0a4 in RunCurrentEventLoopInMode () #16 0x00007fff8cc0ae42 in ReceiveNextEventCommon () #17 0x00007fff8cc0acd3 in BlockUntilNextEventMatchingListInMode () #18 0x00007fff855c2613 in _DPSNextEvent () #19 0x00007fff855c1ed2 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] () #20 0x00007fff855b9283 in -[NSApplication run] () #21 0x0000000109715d4d in QCocoaEventDispatcher::processEvents () #22 0x000000010380932d in QEventLoop::exec () #23 0x0000000100bc5d96 in QComboBox::hidePopup () #24 0x0000000100bc7885 in QComboBoxPrivateContainer::mousePressEvent () #25 0x0000000100b130b3 in QWidget::event () #26 0x0000000100bf23ec in QFrame::event () #27 0x0000000100adbadc in QApplicationPrivate::notify_helper () #28 0x0000000100adc620 in QApplication::notify () #29 0x000000010380bf21 in QCoreApplication::notifyInternal () #30 0x0000000100ae357d in QApplicationPrivate::sendMouseEvent () #31 0x0000000100d87cfd in QGraphicsProxyWidgetPrivate::sendWidgetMouseEvent () #32 0x0000000100d720a5 in QGraphicsItem::sceneEvent () #33 0x0000000100dbdb79 in non-virtual thunk to QGraphicsWidget::sceneEvent(QEvent*) () #34 0x0000000100d942de in QGraphicsScenePrivate::sendEvent () #35 0x0000000100d946e9 in QGraphicsScenePrivate::sendMouseEvent () #36 0x0000000100d9b330 in QGraphicsScenePrivate::mousePressEventHandler () #37 0x0000000100d93642 in QGraphicsScene::mousePressEvent ()
I have a workaround, which is to have QtFallbackWebPopup::deleteComboBox call
m_combo->hide(); QTimer::singleShot(1000, m_combo, SLOT(deleteLater()));
instead of
m_combo->deleteLater();
but this is obviously not the right fix.
Attachments
Issue Links
- relates to
-
-
- Closed
-