Details
-
Bug
-
Resolution: Fixed
-
Not Evaluated
-
Qt Creator 16.0.0
-
None
-
80157d164 (16.0)
Description
We store the position for later use as follows:
position = editor:cursor():mainCursor():selectionRange().to
selectionRange() creates a temporary object, and "to" is a reference to a position within this temporary object. This becomes problematic when the garbage collector triggers, as the temporary object is destroyed while we still hold a reference to it. Later, when the position is passed to addEmbeddedWidget(), it leads to access through a dangling reference.
Currently, we've solved this issue on the plugin side by storing the range as a global variable to prevent the garbage collector from cleaning it up.
However, I think the Qt Creator API should handle this scenario better since users of the API might not be aware of the underlying Qt Creator implementation details. We should consider returning a copy of the object instead of a reference, although my initial attempt at returning a copy didn't resolve the issue. Perhaps explicitly defining a constructor could help—this is something we should investigate further.
I have created a script to reproduce the issue by modifying tst_texteditor.lua:
Steps to reproduce:
1) open Text Editor
2) Select text
3) Trigger the modified test
Crash details with Asan instrumentation compiled in: