Details
-
Bug
-
Resolution: Done
-
P2: Important
-
Qt Creator 3.3.0
-
None
-
Fedora 21 x86_64
qt-creator-3.3.0-1.fc21
-
380acb5baa375806af0a081b56d6d1dccd87264f
Description
In this downstream bug report at redhat bugzilla, a user reports the following crash:
#0 Task (this=0x7fffc42464b0) at task.h:47 #1 ProjectExplorer::Internal::TaskModel::task (this=0xd9d7a0, index=...) at taskmodel.cpp:269 #2 0x00007fc6662ca6bf in ProjectExplorer::Internal::TaskWindow::currentChanged (this=0xda44b0, index=...) at taskmodel.h:159
(see here for full trace)
The (not very detailed) description of the circumstances was "I restarted a build with -j24 after cancelling the previos -j12 build".
This looks like an out of bounds access to m_tasks in the function
Task TaskModel::task(const QModelIndex &index) const
{
if (!index.isValid())
return Task();
return m_tasks.at(index.row());
}
Looking briefly at the code, I see that in other location, the index row is also validated (as opposed to only the index), for instance
bool TaskModel::hasFile(const QModelIndex &index) const
{
int row = index.row();
if (!index.isValid() || row < 0 || row >= m_tasks.count())
return false;
return !m_tasks.at(row).file.isEmpty();
}
I guess the same checks could also be performed in TaskModel::task, see attached proposed patch.
Note that I was not able to reproduce the issue, and possibly there is a deeper issue as to why the index row is invalid in the first place.