Uploaded image for project: 'Qt Creator'
  1. Qt Creator
  2. QTCREATORBUG-31318

Crash (nullptr dereference) in TypeHierarchyBuilder::buildDerived

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Not Evaluated
    • Qt Creator 14.0.1
    • Qt Creator 14.0.0
    • Editors
    • None
    • 671365b0a (14.0)

    Description

      Null pointer dereference in TypeHierarchyBuilder::buildDerived. The symbol->identifier() is nullptr is some rare case. I suggest to check for nullptr.

       

      Thread 222 "Thread (pooled)" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffebfe006c0 (LWP 45747)]
CPlusPlus::Literal::chars (this=0x0) at /home/user/qt-creator/src/libs/3rdparty/cplusplus/Literals.h:46
46	    const char *chars() const { return _chars; }
(gdb) bt
#0  CPlusPlus::Literal::chars (this=0x0) at /home/user/qt-creator/src/libs/3rdparty/cplusplus/Literals.h:46
#1  0x00007fffbd5dbe9f in CppEditor::Internal::TypeHierarchyBuilder::buildDerived (this=0x7ffebfdff510, future=std::optional [no contained value], typeHierarchy=0x7ffebfdfe8f8, snapshot=..., cache=...)
    at /home/user/qt-creator/src/plugins/cppeditor/typehierarchybuilder.cpp:188
#2  0x00007fffbd5dc17e in CppEditor::Internal::TypeHierarchyBuilder::buildDerived (this=0x7ffebfdff510, future=std::optional [no contained value], typeHierarchy=0x7ffebfdfec38, snapshot=..., cache=...)
    at /home/user/qt-creator/src/plugins/cppeditor/typehierarchybuilder.cpp:199
#3  0x00007fffbd5dc17e in CppEditor::Internal::TypeHierarchyBuilder::buildDerived (this=0x7ffebfdff510, future=std::optional [no contained value], typeHierarchy=0x7ffebfdfef78, snapshot=..., cache=...)
    at /home/user/qt-creator/src/plugins/cppeditor/typehierarchybuilder.cpp:199
#4  0x00007fffbd5dc17e in CppEditor::Internal::TypeHierarchyBuilder::buildDerived (this=0x7ffebfdff510, future=std::optional [no contained value], typeHierarchy=0x7ffebfdff2b8, snapshot=..., cache=...)
    at /home/user/qt-creator/src/plugins/cppeditor/typehierarchybuilder.cpp:199
#5  0x00007fffbd5dc17e in CppEditor::Internal::TypeHierarchyBuilder::buildDerived (this=0x7ffebfdff510, future=std::optional [no contained value], typeHierarchy=0x7ffebfdff710, snapshot=..., cache=...)
    at /home/user/qt-creator/src/plugins/cppeditor/typehierarchybuilder.cpp:199
#6  0x00007fffbd5dba0a in CppEditor::Internal::TypeHierarchyBuilder::buildDerivedTypeHierarchy (symbol=0x7ffcbf6c3b90, snapshot=..., future=std::optional [no contained value]) at /home/user/qt-creator/src/plugins/cppeditor/typehierarchybuilder.cpp:118
#7  0x00007fffbd45d36d in CppEditor::Internal::FunctionUtils::overrides (function=0x7ffcbf7602c0, functionsClass=0x7ffcbf6c3b90, staticClass=0x7ffcbf6c3b90, snapshot=...) at /home/user/qt-creator/src/plugins/cppeditor/functionutils.cpp:164
#8  0x00007fffbd440d11 in CppEditor::VirtualFunctionAssistProcessor::performAsync (this=0x55555f33e9c0) at /home/user/qt-creator/src/plugins/cppeditor/cppvirtualfunctionassistprovider.cpp:117
#9  0x00007fffbed34fff in TextEditor::AsyncProcessor::perform()::$_0::operator()() const (this=0x7ffebfdff8f0) at /home/user/qt-creator/src/plugins/texteditor/codeassist/asyncprocessor.cpp:26
#10 0x00007fffbed34fc5 in std::__invoke_impl<TextEditor::IAssistProposal*, TextEditor::AsyncProcessor::perform()::$_0&>(std::__invoke_other, TextEditor::AsyncProcessor::perform()::$_0&) (__f=...)
    at /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/14.1.1/../../../../include/c++/14.1.1/bits/invoke.h:61
#11 0x00007fffbed34fa5 in std::__invoke<TextEditor::AsyncProcessor::perform()::$_0&>(TextEditor::AsyncProcessor::perform()::$_0&) (__fn=...) at /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/14.1.1/../../../../include/c++/14.1.1/bits/invoke.h:96
#12 0x00007fffbed34f85 in std::invoke<TextEditor::AsyncProcessor::perform()::$_0&>(TextEditor::AsyncProcessor::perform()::$_0&) (__fn=...) at /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/14.1.1/../../../../include/c++/14.1.1/functional:120
#13 0x00007fffbed34f46 in QtConcurrent::StoredFunctionCall<TextEditor::AsyncProcessor::perform()::$_0>::runFunctor()::{lambda(TextEditor::AsyncProcessor::perform()::$_0)#1}::operator()(TextEditor::AsyncProcessor::perform()::$_0) const (
    this=0x7ffebfdffa07, function=...) at /usr/include/qt6/QtConcurrent/qtconcurrentstoredfunctioncall.h:116
#14 0x00007fffbed34ef5 in std::__invoke_impl<TextEditor::IAssistProposal*, QtConcurrent::StoredFunctionCall<TextEditor::AsyncProcessor::perform()::$_0>::runFunctor()::{lambda(TextEditor::AsyncProcessor::perform()::$_0)#1} const&, TextEditor::AsyncProcessor::perform()::$_0>(std::__invoke_other, QtConcurrent::StoredFunctionCall<TextEditor::AsyncProcessor::perform()::$_0>::runFunctor()::{lambda(TextEditor::AsyncProcessor::perform()::$_0)#1} const&, TextEditor::AsyncProcessor::perform()::$_0&&) (__f=...,
    __args=...) at /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/14.1.1/../../../../include/c++/14.1.1/bits/invoke.h:61
#15 0x00007fffbed34e8d in std::__invoke<QtConcurrent::StoredFunctionCall<TextEditor::AsyncProcessor::perform()::$_0>::runFunctor()::{lambda(TextEditor::AsyncProcessor::perform()::$_0)#1} const&, TextEditor::AsyncProcessor::perform()::$_0>(QtConcurrent::StoredFunctionCall<TextEditor::AsyncProcessor::perform()::$_0>::runFunctor()::{lambda(TextEditor::AsyncProcessor::perform()::$_0)#1} const&, TextEditor::AsyncProcessor::perform()::$_0&&) (__fn=..., __args=...)
    at /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/14.1.1/../../../../include/c++/14.1.1/bits/invoke.h:96
#16 0x00007fffbed34e5d in std::__apply_impl<QtConcurrent::StoredFunctionCall<TextEditor::AsyncProcessor::perform()::$_0>::runFunctor()::{lambda(TextEditor::AsyncProcessor::perform()::$_0)#1} const&, std::tuple<TextEditor::AsyncProcessor::perform()::$_0>, 0ul>(QtConcurrent::StoredFunctionCall<TextEditor::AsyncProcessor::perform()::$_0>::runFunctor()::{lambda(TextEditor::AsyncProcessor::perform()::$_0)#1} const&, std::tuple<TextEditor::AsyncProcessor::perform()::$_0>&&, std::integer_sequence<unsigned long, 0ul>) (__f=..., __t=...) at /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/14.1.1/../../../../include/c++/14.1.1/tuple:2921
#17 0x00007fffbed34e1d in std::apply<QtConcurrent::StoredFunctionCall<TextEditor::AsyncProcessor::perform()::$_0>::runFunctor()::{lambda(TextEditor::AsyncProcessor::perform()::$_0)#1} const&, std::tuple<TextEditor::AsyncProcessor::perform()::$_0> >(QtConcurrent::StoredFunctionCall<TextEditor::AsyncProcessor::perform()::$_0>::runFunctor()::{lambda(TextEditor::AsyncProcessor::perform()::$_0)#1} const&, std::tuple<TextEditor::AsyncProcessor::perform()::$_0>&&) (__f=..., __t=...)
    at /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/14.1.1/../../../../include/c++/14.1.1/tuple:2936
#18 0x00007fffbed34da2 in QtConcurrent::StoredFunctionCall<TextEditor::AsyncProcessor::perform()::$_0>::runFunctor (this=0x55555f1a4420) at /usr/include/qt6/QtConcurrent/qtconcurrentstoredfunctioncall.h:122
#19 0x00007fffbed35e86 in QtConcurrent::RunFunctionTaskBase<TextEditor::IAssistProposal*>::run (this=0x55555f1a4420) at /usr/include/qt6/QtConcurrent/qtconcurrentrunbase.h:83
#20 0x00007ffff5cc7fe5 in ?? () from /usr/lib/libQt6Core.so.6
#21 0x00007ffff5cc9747 in ?? () from /usr/lib/libQt6Core.so.6
#22 0x00007ffff54a6ded in ?? () from /usr/lib/libc.so.6
#23 0x00007ffff552a0dc in ?? () from /usr/lib/libc.so.6

      Attachments

        For Gerrit Dashboard: QTCREATORBUG-31318
        # Subject Branch Project Status CR V
        579515,2 CppEditor: Avoid nullptr access 14.0 qt-creator/qt-creator Status: MERGED +2 0

        Activity

          People

            davschul David Schulz
            zaps166 Błażej Szczygieł
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes