commit 3d6a7a1200a5efdeafda80bde80fa67427fa1a07
Author: Guillaume Munch <g...@lyx.org>
Date: Sat Dec 31 15:16:15 2016 +0100
Fix dangling inset pointers after buffer reload
https://www.mail-archive.com/lyx-devel@lists.lyx.org/msg198191.html
The root of the issue is in Buffer::reload() called during "Save As". After
loadLyXFile() there, all the insets have been deleted, and therefore the
Inset
pointer GuiView::documentBufferView()->cursor().inset() is dangling.
Immediately
after loadLyXFile(), reload() calls updateBuffer() which causes a segfault.
While debugging I got other segfaults caused by the same dangling Inset
pointer
in Cursor, notably: 1) a trace identical to the second one from
<http://www.lyx.org/trac/ticket/10520>, and 2) a similar segfault in the
critical path after emergency saving (call to inMathed()).
Having to "refresh" by hand the inset pointer cache in CursorSlice is very
unsatisfactory, but there does not appears to be a consistent strategy for
managing these Inset pointers in CursorSlice.
---
src/frontends/qt4/GuiView.cpp | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/src/frontends/qt4/GuiView.cpp b/src/frontends/qt4/GuiView.cpp
index 90b43eb..2c48124 100644
--- a/src/frontends/qt4/GuiView.cpp
+++ b/src/frontends/qt4/GuiView.cpp
@@ -1652,6 +1652,10 @@ void GuiView::updateTocItem(string const & type,
DocIterator const & dit)
void GuiView::structureChanged()
{
+ // This is called from the Buffer, which has no way to ensure that
cursors
+ // in BufferView remain valid.
+ if (documentBufferView())
+ documentBufferView()->cursor().sanitize();
// FIXME: This is slightly expensive, though less than the tocBackend
update
// (#9880). This also resets the view in the Toc Widget (#6675).
d.toc_models_.reset(documentBufferView());
