Review Request 126725: prevent crash-on-exit in KSelectAction::~KSelectAction

René J.V. Bertin rjvbertin at gmail.com
Wed Jan 13 01:20:16 UTC 2016 


> On Jan. 12, 2016, 10:49 p.m., David Faure wrote:
> > Can I see the backtrace, with a description of how this gets triggered? I'm not sure the issue is fully understood (as shown by the use of "might" in the description...).
> > 
> > Is the action being destroyed by clicking into a submenu of the action? Otherwise I don't get the relation with the fix.

A CrashReporter backtrace I still had logged:

```
Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: EXC_I386_GPFLT

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   org.qt-project.QtCore         	0x000000010cbac886 QObject::property(char const*) const + 150 (qlist.h:105)
1   libqcocoa.dylib               	0x000000011189e37a QCocoaMenuItem::~QCocoaMenuItem() + 58 (qcocoamenuitem.mm:109)
2   libqcocoa.dylib               	0x000000011189e52e QCocoaMenuItem::~QCocoaMenuItem() + 14 (qcocoamenuitem.mm:106)
3   org.qt-project.QtWidgets      	0x000000010b2989bd QMenu::actionEvent(QActionEvent*) + 749 (qmenu.cpp:3224)
4   org.qt-project.QtWidgets      	0x000000010b1643d0 QWidget::event(QEvent*) + 1232 (qwidget.cpp:9044)
5   org.qt-project.QtWidgets      	0x000000010b296bdc QMenu::event(QEvent*) + 1164 (qmenu.cpp:2678)
6   org.qt-project.QtWidgets      	0x000000010b12653b QApplicationPrivate::notify_helper(QObject*, QEvent*) + 251 (qapplication.cpp:3716)
7   org.qt-project.QtWidgets      	0x000000010b1298f4 QApplication::notify(QObject*, QEvent*) + 8212 (qapplication.cpp:3681)
8   org.qt-project.QtCore         	0x000000010cb7b433 QCoreApplication::notifyInternal(QObject*, QEvent*) + 115 (qthread_p.h:291)
9   org.qt-project.QtWidgets      	0x000000010b1582ed QWidget::removeAction(QAction*) + 125 (qcoreapplication.h:224)
10  org.qt-project.QtWidgets      	0x000000010b11c711 QAction::~QAction() + 97 (qaction.cpp:566)
11  org.qt-project.QtWidgets      	0x000000010b16d16c QWidgetAction::~QWidgetAction() + 444 (qwidgetaction.cpp:122)
12  libKF5WidgetsAddons.5.dylib   	0x000000010acddd80 KSelectAction::~KSelectAction() + 64 (kselectaction.cpp:99)
13  org.qt-project.QtCore         	0x000000010cba3d75 QObjectPrivate::deleteChildren() + 245 (qobject.cpp:1943)
14  org.qt-project.QtWidgets      	0x000000010b153ee1 QWidget::~QWidget() + 1441 (qwidget.cpp:1658)
15                                	0x00000001093c16bb Bin::~Bin() + 1067 (bin.cpp:456)
16                                	0x00000001093c181e Bin::~Bin() + 14 (bin.cpp:438)
17                                	0x0000000109443d3e Core::~Core() + 62 (core.cpp:43)
18                                	0x000000010940c95f MainWindow::~MainWindow() + 207 (mainwindow.cpp:549)
19                                	0x000000010940cd45 MainWindow::~MainWindow() + 21 (mainwindow.cpp:542)
20  org.qt-project.QtCore         	0x000000010cba4748 QObject::event(QEvent*) + 776 (qobject.cpp:4455)
21  org.qt-project.QtWidgets      	0x000000010b164d26 QWidget::event(QEvent*) + 3622 (qwidget.cpp:9105)
22  org.qt-project.QtWidgets      	0x000000010b26c45f QMainWindow::event(QEvent*) + 911 (qmainwindow.cpp:1495)
23  libKF5XmlGui.5.dylib          	0x000000010a81e810 KMainWindow::event(QEvent*) + 624 (kmainwindow.cpp:829)
24  libKF5XmlGui.5.dylib          	0x000000010a856398 KXmlGuiWindow::event(QEvent*) + 24 (kxmlguiwindow.cpp:118)
25  org.qt-project.QtWidgets      	0x000000010b12653b QApplicationPrivate::notify_helper(QObject*, QEvent*) + 251 (qapplication.cpp:3716)
26  org.qt-project.QtWidgets      	0x000000010b1298f4 QApplication::notify(QObject*, QEvent*) + 8212 (qapplication.cpp:3681)
27  org.qt-project.QtCore         	0x000000010cb7c0db QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) + 971 (qthread_p.h:291)
28  org.qt-project.QtCore         	0x000000010cb7ba2c QCoreApplication::exec() + 412 (qcoreapplication.cpp:1240)
29                                	0x00000001093f3761 main + 10257 (main.cpp:118)
30  libdyld.dylib                 	0x00007fff8508c5fd start + 1
```

When I say crash-on-exit, I mean that the crash occurs after selecting the Quit menu item, or closing the main window.


> On Jan. 12, 2016, 10:49 p.m., David Faure wrote:
> > src/kselectaction.cpp, line 101
> > <https://git.reviewboard.kde.org/r/126725/diff/1/?file=430463#file430463line101>
> >
> >     This seems unnecessary and wasteful (it sends an ActionChanged event). You're not deleting the menu right now anyway, you're using deleteLater. So the action will be gone before the menu is deleted, therefore the action will never have a dangling pointer to the menu.

It's almost impossible to debug this kind of situation because an interactive debugging session will alter the event flow. It does look like we're dealing only with Qt events here, no pending native events that get delivered to ObjC objects.
Doesn't the menu have its parent set to the action (KSelectAction), and if so, will that relationship be broken when the action gets deleted? Because if not, it's the menu that could have a dangling pointer to the action, no?
Also, remember that using deleteLater isn't required to prevent the systematic crash-on-exit. I suppose I could try to see if deleting the d-ptr last is the most important change here.


- René J.V.


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/126725/#review90980
-----------------------------------------------------------


On Jan. 12, 2016, 2:14 p.m., René J.V. Bertin wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/126725/
> -----------------------------------------------------------
> 
> (Updated Jan. 12, 2016, 2:14 p.m.)
> 
> 
> Review request for KDE Frameworks and Christoph Feck.
> 
> 
> Repository: kwidgetsaddons
> 
> 
> Description
> -------
> 
> I was seeing a systematic crash on exitting kdenlive5, on OS X deep under the `delete menu()` instruction in `KSelectAction::~KSelectAction`. The backtrace suggested this might be due to a pending event (or an event due to the menu deletion) being delivered post-mortem to an instance of a QMenu related class.
> 
> My fix is based on 3 principles:
> 1) release the "foreign" member instance (`menu()`) before releasing the own d-ptr
> 2) Remove the QMenu instance from ourselves before deleting it to have one less potential dangling reference to it
> 3) QMenu is a QObject descendent that corresponds to a UI element: on OS X it is safer to dispose these through `deleteLater()` rather than directly.
> 
> 
> Diffs
> -----
> 
>   src/kselectaction.cpp 1381099 
> 
> Diff: https://git.reviewboard.kde.org/r/126725/diff/
> 
> 
> Testing
> -------
> 
> On OS X 10.9.5, Qt 5.5.1 and KF5 Frameworks 5.16.0, built for installation under /opt/local .
> 
> It seems that points 1) and 2) above already solve the crash issue in kdenlive on OS X, but the general principle stands so I suggest keeping 3) in library code like this.
> 
> 
> Thanks,
> 
> René J.V. Bertin
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20160113/c753bc56/attachment.html>

More information about the Kde-frameworks-devel mailing list