Bug 271336

Summary: Background parser crashed (nullptr deref in Cpp::ADLTypeVisitor::endVisit)
Product: [Applications] kdevelop Reporter: Bastian <bastian.leyer>
Component: Language Support: CPP (old)Assignee: kdevelop-bugs-null
Status: RESOLVED FIXED    
Severity: normal    
Priority: VHI    
Version: 4.2.60   
Target Milestone: 4.2.0   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Attachments: kcrash log
sources which crashes kdevelop + cli output

Description Bastian 2011-04-20 09:19:49 UTC
Created attachment 59149 [details]
kcrash log

Version:           4.2.60 (using KDE 4.6.2) 
OS:                Linux

if i open a project the background parser crashed. this happens always. the only way to work with kdevelop is to disable the background parser. i reduce the number of threads from 6 to 1 but this has no effect.

Reproducible: Always
Comment 1 Milian Wolff 2011-04-20 14:03:58 UTC
definitely a nullptr deref in Cpp::ADLTypeVisitor::endVisit - can you provide us with the project that triggers the crash? Or at least try this: kdebugdialog -> enable cpp and language areas of kdevelop/kdevplatform. Then trigger the bug again, take a look at the cli output. If you have threads = 1 the last message about which file it parses should tell us the culprit. Try opening that in a plain kdev session. If that also triggers the bug, please attach that file and/or try to remove code until you find a snippet that is as short as possible to trigger the bug.
Comment 2 Bastian 2011-04-20 15:24:11 UTC
Created attachment 59157 [details]
sources which crashes kdevelop + cli output

this zip archive contains five small sources and the cli output.
kdevelop crashed every time I opened this sources.
steps to reproduce the crash:
- remove ~/.kdevduchain
- remove all .kdev_include_paths files
- activate background parsing (1 thread)
- open all sources

these steps are enough to crash kdevelop every time.
Comment 3 Bastian 2011-04-28 21:53:36 UTC
After executing KDevelop with KDevelop, the background parser crashs always in file declaration.cpp:340. The macro ENSURE_CAN_READ is the point of failure.
Comment 4 Bastian 2011-04-28 22:38:21 UTC
Please ignore my previous comment. the nullptr is in 
kdevelop/languages/cpp/cppduchain/adlhelper.cpp in function ADLTypeVisitor::endVisit(const FunctionType * /*type*/)

the problematic code is the missing nullptr check in line 119:

118:        while (context) {
119:            Declaration* decl = context->owner();
120:            if (context->type() == DUContext::Namespace) {
121:                m_helper.addAssociatedNamespace(decl->qualifiedIdentifier());
122:                break;
123:            } else if (context->type() == DUContext::Class) {
124:                m_helper.addAssociatedClass(decl);
125:                break;
126:            }
127:            context = context->parentContext();
128:        }

in my projects the "decl" pointer is extremly often null, so KDevelop isn's usable for me. i don't know exactly what this code does, but if I "fix" the nullptr deref like this


118:        while (context) {
119:            Declaration* decl = context->owner();
120:            if(decl != 0) {
121:                if (context->type() == DUContext::Namespace) {
122:                    m_helper.addAssociatedNamespace(decl->qualifiedIdentifier());
123:                    break;
124:                } else if (context->type() == DUContext::Class) {
125:                    m_helper.addAssociatedClass(decl);
126:                    break;
127:                }
128:            }
129:            context = context->parentContext();
130:        }

everything works fine again.
I hope this infos are usable for you.

Bastian
Comment 5 Milian Wolff 2011-04-29 20:49:31 UTC
Git commit 8cbf328a504b016592043d23f867684cd4b0d62b by Milian Wolff.
Committed on 29/04/2011 at 20:59.
Pushed by mwolff into branch '4.2'.

fix crash in ADL helper

BUG: 271336

M  +9    -8    languages/cpp/cppduchain/adlhelper.cpp     

http://commits.kde.org/kdevelop/8cbf328a504b016592043d23f867684cd4b0d62b
Comment 6 Aleix Pol 2013-03-31 00:54:00 UTC
Moving all the bugs from the CPP Parser. It was not well defined the difference between it and C++ Language Support and people kept reporting in both places indistinctively