Crash in qDrawBorderPixmap() called from QComboBox when selecting Item in QTreeView



  • Hello everyone,

    we've got a very strange crash of our software with one of our clients: when selecting an item in a QTreeView the application raises an exception in qDrawBorderPixmap(). The strange part ist the call stack: in the call stack after QTreeView::drawBranches() there appears an QComboBox::addItems() (twice!) and after the second call of QComboBox::addItems() qDrawBorderPixmap() is called and crashes.

    ntdll.dll!KiUserExceptionDispatcher+0x3a
    Qt5Widgets.dll!qDrawBorderPixmap+0x2a1
    Qt5Widgets.dll!QComboBox::addItems+0x46e9
    Qt5Widgets.dll!QComboBox::addItems+0xd958
    Qt5Widgets.dll!QTreeView::drawBranches+0x317
    Qt5Widgets.dll!QTreeView::drawRow+0x934
    Qt5Widgets.dll!QTreeView::drawTree+0x458
    Qt5Widgets.dll!QTreeViewPrivate::renderTreeToPixmapForAnimation+0x15c
    Qt5Widgets.dll!QTreeViewPrivate::prepareAnimatedOperation+0x189
    Qt5Widgets.dll!QTreeViewPrivate::expand+0xbd
    Qt5Widgets.dll!QTreeView::expand+0x118
    Qt5Widgets.dll!QTreeView::scrollTo+0xfd
    Qt5Widgets.dll!QAbstractItemView::currentChanged+0x19b
    Qt5Widgets.dll!QTreeView::currentChanged+0x1d
    Qt5Widgets.dll!QAbstractItemView::qt_static_metacall+0x2e6
    Qt5Core.dll!QMetaObject::activate+0x57d
    Qt5Core.dll!QItemSelectionModel::setCurrentIndex+0x11d
    <our application calling QItemSelectionModel::setCurrentIndex()>
    

    We don't use QComboBox inside a QTreeView. This is a "normal" QTreeView. When debugging the application on our systems, no call to any QComboBox method is done, after selecting an item in the QTreeView. So we can't reproduce this on our system.
    What strikes us most, is the call to QComboBox::addItems() from the QComboBox::addItems() method. We haven't found any QComboBox::addItems() method that is calling QComboBox::addItems(). Note, that the offset addresses of both QComboBox::addItems() methods are different too.

    The system this is running on is Windows 7 and Windows Server 2012 R2 (reproducible on both).
    The call stack has been produced by ProcessExplorer using the pdb file of our application.
    We're using VisualStudio C++ 2013.
    The Tree being displayed has got about half a million items in only a few categories.
    The call to QItemSelectionModel::setCurrentIndex() is done from another part of our application: it's purpose is to highlight the item that's been selected elsewhere (i.e. the item isn't clicked on in this tree).
    The branch where the item resides in is collapsed and before activating this particular item, other items in another branch have been actived one after another (i.e. this item isn't visible, needs scrolling towards it and decollapsing of it's parent branch).
    This is not a general problem: currently we only know of two items so far, that aren't working. The items don't differ from any other item in the tree, except that other items might be in another branch.
    We're using Qt CSS to style our application, including this tree.
    We're using Qt 5.7.0, 64bit.

    Do you have any clues why this is happending or how we could further debug this problem (ideally without altering the Qt source code)?

    We're suspecting that the QComboBox::addItems labels for the shown offset addresses are acutally wrong. Do you have any hint how we could verify that these addresses actually belong to QComboBox::addItems?

    If you need further information please tell me.

    Thank you for your help!


  • Lifetime Qt Champion

    Hi and welcome to devnet,

    What kind of model are you using ?



  • Hi,

    we're using a subclassed QStandardItemModel and a non-subclassed QItemSelectionModel.
    We're using the non-modified QStandardItemModel::indexFromItem() method to get the QModelIndex object, which we're then passing to QItemSelectionModel::setCurrentIndex().
    The QStandardItem isn't altered and we're inserting data into the model by appending it to the QStandardItem provided by QStandardItemModel::inivisibleRootItem(). So I'd say we're not altering the model and it's items themself. In our subclass to QStandardItemModel we only provide methods to fill the model from other data structures.

    Which traps could we encounter by subclassing the model? Any hints for what I should look out for?


  • Lifetime Qt Champion

    From your description, I don't see why QComboBox should be called...

    Can you provide a minimal example that reproduces that ?

    Can you test with a more recent version of Qt to see whether it still happens ?



  • Unfortunately we can't even reproduce this on your (development) systems. It is only reproducible on the client's systems.
    I'll try a recent version of Qt.


  • Lifetime Qt Champion

    Then you should get more data about the machine that makes your application crash. Things like, OS version, if there are other Qt applications on it, graphics card, driver version. You can provide them with the qtdiag application so you can grab some intel about the machine.


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.