Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: P1: Critical
Fix Version/s: 4.7.1
Affects Version/s: 4.6.3
Component/s: Core: Containers and Algorithms
Labels:
None

Commits:
a2f83283a64460ca26530321f8eb64f3ddfe4c8b

Description

Consider the following code:

struct Node { QList<Node> children; };
int main(int, char**)
{
    QList<Node> nodeList;
    nodeList << Node();
    nodeList = nodeList.first().children; //<< crashes
}

The application crashes in the assignment operator of QList. I've done some research and found out, that the list first destroys its content and then do the actual copy operation. But in the example above, the source (nodeList.first().children) is a part of the "old" content of the destination list (nodeList).

Sometimes the code seems to work fine (no crash and desired results) but you get always an error if you run it with a memory analysis tool like valgrind.

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Olivier Goffart (closed Nokia identity) (Inactive)

Reporter:: Thilo Ackermann

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 22 Aug '10 18:07

Updated:: 01 Sep '10 04:43

Resolved:: 23 Aug '10 17:33

Gerrit Reviews

There are no open Gerrit changes