Bug 14128
Summary: | Webkit crashes in HIWebView.m Line 772 when moving window | ||
---|---|---|---|
Product: | WebKit | Reporter: | geoff kruse <gkruse> |
Component: | WebKit Misc. | Assignee: | Nobody <webkit-unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | Major | CC: | dev+webkit, mrowe |
Priority: | P1 | Keywords: | InRadar, Regression |
Version: | 523.x (Safari 3) | ||
Hardware: | Mac | ||
OS: | OS X 10.4 |
geoff kruse
Running a QT app that uses carbon webkit. The webview is not visible and the application window is moved, this causes a crash. The view returned by HIViewGetViewForMouseEvent() is null. See the thread stack trace attached.
Thread 0 Crashed:
0 com.apple.HIToolbox 0x92e097fd HIObjectIsOfClass + 13
1 com.apple.WebKit 0x006b0da3 WindowHandler + 482
2 com.apple.HIToolbox 0x92df0537 DispatchEventToHandlers(EventTargetRec*, OpaqueEventRef*, HandlerCallRec*) + 1093
3 com.apple.HIToolbox 0x92defbdc SendEventToEventTargetInternal(OpaqueEventRef*, OpaqueEventTargetRef*, HandlerCallRec*) + 304
4 com.apple.HIToolbox 0x92df6fbc SendEventToEventTarget + 56
5 com.apple.HIToolbox 0x92df744f ToolboxEventDispatcherHandler(OpaqueEventHandlerCallRef*, OpaqueEventRef*, void*) + 1169
6 com.apple.HIToolbox 0x92df08ee DispatchEventToHandlers(EventTargetRec*, OpaqueEventRef*, HandlerCallRec*) + 2044
7 com.apple.HIToolbox 0x92defbdc SendEventToEventTargetInternal(OpaqueEventRef*, OpaqueEventTargetRef*, HandlerCallRec*) + 304
8 com.apple.HIToolbox 0x92df6fbc SendEventToEventTarget + 56
9 QtGui 0x0142c5ae qt_mac_send_event(QFlags<QEventLoop::ProcessEventsFlag>, OpaqueEventRef*, OpaqueWindowPtr*) + 86
10 QtGui 0x014397f6 QEventDispatcherMac::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 624
11 QtCore 0x01ef4fdf QCoreApplication::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 49
12 Whisher 0x00197953 connection::utils::AbstractPacketsIOHandler::waitForResponse(QString const&, bool const&, bool const&) + 107
13 Whisher 0x00197fc5 connection::utils::AbstractPacketsIOHandler::sendPacketAndWaitForResponse(connection::utils::WPacket&, bool const&) + 81
14 Whisher 0x0018f2fb connection::server::ServerSession::sendPacketAndWaitForResponse(connection::utils::WPacket&, bool const&, bool const&, bool const&) + 337
15 Whisher 0x00167e82 connection::server::AccessPointsConnector::logVisibleAccessPoints(QList<data::WiFiAccessPoint> const&) const + 382
16 Whisher 0x00096ffa business::AccessPointsManager::logVisibleAccessPoints(QList<data::WiFiAccessPoint> const&) const + 36
17 Whisher 0x000a110d MainWindow::processEvent(utils::Event const&) + 5205
18 Whisher 0x00131821 MainWindow::qt_metacall(QMetaObject::Call, int, void**) + 273
19 QtCore 0x01f0483b QMetaObject::activate(QObject*, int, int, void**) + 941
20 Whisher 0x0016bd85 utils::EventProducer::fireEvent(utils::Event const&) const + 61
21 Whisher 0x00142b94 business::GeneralServicesManager::processEvent(utils::Event const&) + 1092
22 Whisher 0x0016f3f6 business::GeneralServicesManager::qt_metacall(QMetaObject::Call, int, void**) + 82
23 QtCore 0x01f0483b QMetaObject::activate(QObject*, int, int, void**) + 941
24 Whisher 0x0016bd85 utils::EventProducer::fireEvent(utils::Event const&) const + 61
25 Whisher 0x0016f0fc connection::server::GeneralServicesConnector::processEvent(utils::Event const&) + 112
26 Whisher 0x0019177d connection::server::GeneralServicesConnector::qt_metacall(QMetaObject::Call, int, void**) + 75
27 QtCore 0x01f00f51 QMetaCallEvent::placeMetaCall(QObject*) + 43
28 QtCore 0x01f02638 QObject::event(QEvent*) + 700
29 QtGui 0x013e7006 QApplicationPrivate::notify_helper(QObject*, QEvent*) + 438
30 QtGui 0x013e943d QApplication::notify(QObject*, QEvent*) + 255
31 QtCore 0x01ef4f7b QCoreApplication::notifyInternal(QObject*, QEvent*) + 83
32 QtCore 0x01ef6976 QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) + 672
33 QtCore 0x01ef6ba1 QCoreApplication::sendPostedEvents(QObject*, int) + 33
34 QtGui 0x014395e7 QEventDispatcherMac::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 97
35 QtCore 0x01ef4b9c QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) + 54
36 QtCore 0x01ef4cbb QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) + 109
37 QtCore 0x01ef6c37 QCoreApplication::exec() + 147
38 Whisher 0x000904e2 main + 2114
39 Whisher 0x000084d2 _start + 216
40 Whisher 0x000083f9 start + 41
Attachments | ||
---|---|---|
Add attachment proposed patch, testcase, etc. |
geoff kruse
Here is a crashing build of the app in question. Note, not for public release.
http://wireless.kicks-ass.org/Whisher.app.zip
Mark Rowe (bdash)
What steps need to be taken when using the application to reproduce the crash?
geoff kruse
Launch the application and move the main window across the screen. If that doesn't do it, "jiggle" the window a little. The crash didn't occur before installing safari 3, however it does occur when with tot as well.
Matt Lilek
Confirmed on Tiger (10.4.9 8P135) with Safari 3.0 Beta and r23484.
Mark Rowe (bdash)
The code in question fails to check the return value of the call HIViewGetViewForMouseEvent, which leads to NULL being passed on to another API. The fact HIViewGetViewForMouseEvent is returning an error indicates that the arguments it is being passed are in some way incorrect as the conditions in which it will fail are very limited.
geoff kruse
This is similar to the setup I do in Qt taken from http://doc.trolltech.com/qq/qq20-hiviews.html
WebWidget::WebWidget(QWidget *parent)
: QWidget(parent)
{
HIViewRef webView;
WebInitForCarbon();
HIWebViewCreate(&webView);
create(WId(webView));
}
For some reason, it seems to cause problems?
Mark Rowe (bdash)
<rdar://problem/5276271>
Mark Rowe (bdash)
Kevin landed a fix for this in r23574.