diff options
| author | Nikolai Kosjar <nikolai.kosjar@theqtcompany.com> | 2015-09-01 17:34:07 +0200 |
|---|---|---|
| committer | Nikolai Kosjar <nikolai.kosjar@theqtcompany.com> | 2015-09-02 12:37:23 +0000 |
| commit | 169556db2f63912b7eaa2375dbc17c52ffd57586 (patch) | |
| tree | c2a4a979dfbdabc6c2d93a24e038a15b19f8bab5 /src/plugins/cpptools/builtineditordocumentprocessor.cpp | |
| parent | c504e56d0c7fafba4f8c15997e3927b5ca02adc5 (diff) | |
| download | qt-creator-169556db2f63912b7eaa2375dbc17c52ffd57586.tar.gz | |
C++: Fix crash after triggering completion and closing editor
Fix use-after-free for the following case:
1. Open an editor
2. Trigger a long processing completion
(e.g. simulate with QThread::msleep in
CppCompletionAssistInterface::getCppSpecifics)
3. ...and immediately close the editor (e.g. with Ctrl+W)
4. Wait until it crashes.
The completion thread relied on the BuiltinEditorDocumentParser object,
which is deleted once the editor is closed. Fixed by sharing the
ownership of that object between the *EditorDocumentProcessor and the
completion assist interface.
This case came up when doing tests for the bug report below.
Task-number: QTCREATORBUG-14991
Change-Id: I0b009229e68fc6b7838740858cdc41a32403fe6f
Reviewed-by: David Schulz <david.schulz@theqtcompany.com>
Diffstat (limited to 'src/plugins/cpptools/builtineditordocumentprocessor.cpp')
| -rw-r--r-- | src/plugins/cpptools/builtineditordocumentprocessor.cpp | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/src/plugins/cpptools/builtineditordocumentprocessor.cpp b/src/plugins/cpptools/builtineditordocumentprocessor.cpp index b61f698ab4..c6213dd668 100644 --- a/src/plugins/cpptools/builtineditordocumentprocessor.cpp +++ b/src/plugins/cpptools/builtineditordocumentprocessor.cpp @@ -125,7 +125,7 @@ BuiltinEditorDocumentProcessor::BuiltinEditorDocumentProcessor( TextEditor::TextDocument *document, bool enableSemanticHighlighter) : BaseEditorDocumentProcessor(document) - , m_parser(document->filePath().toString()) + , m_parser(new BuiltinEditorDocumentParser(document->filePath().toString())) , m_codeWarningsUpdated(false) , m_semanticHighlighter(enableSemanticHighlighter ? new CppTools::SemanticHighlighter(document) @@ -135,9 +135,9 @@ BuiltinEditorDocumentProcessor::BuiltinEditorDocumentProcessor( QSharedPointer<CppCodeModelSettings> cms = CppToolsPlugin::instance()->codeModelSettings(); - BaseEditorDocumentParser::Configuration config = m_parser.configuration(); + BaseEditorDocumentParser::Configuration config = m_parser->configuration(); config.usePrecompiledHeaders = cms->pchUsage() != CppCodeModelSettings::PchUse_None; - m_parser.setConfiguration(config); + m_parser->setConfiguration(config); if (m_semanticHighlighter) { m_semanticHighlighter->setHighlightingRunner( @@ -152,7 +152,7 @@ BuiltinEditorDocumentProcessor::BuiltinEditorDocumentProcessor( }); } - connect(&m_parser, &BuiltinEditorDocumentParser::finished, + connect(m_parser.data(), &BuiltinEditorDocumentParser::finished, this, &BuiltinEditorDocumentProcessor::onParserFinished); connect(&m_semanticInfoUpdater, &SemanticInfoUpdater::updated, this, &BuiltinEditorDocumentProcessor::onSemanticInfoUpdated); @@ -171,14 +171,14 @@ void BuiltinEditorDocumentProcessor::run() BuiltinEditorDocumentParser::InMemoryInfo(false)); } -BaseEditorDocumentParser *BuiltinEditorDocumentProcessor::parser() +BaseEditorDocumentParser::Ptr BuiltinEditorDocumentProcessor::parser() { - return &m_parser; + return m_parser; } CPlusPlus::Snapshot BuiltinEditorDocumentProcessor::snapshot() { - return m_parser.snapshot(); + return m_parser->snapshot(); } void BuiltinEditorDocumentProcessor::recalculateSemanticInfoDetached(bool force) |