From 2808f633ec3bf617dbeb8f67d54bc4896f26443f Mon Sep 17 00:00:00 2001
From: Ulf Hermann <ulf.hermann@qt.io>
Date: Mon, 2 Dec 2019 11:10:45 +0100
Subject: [PATCH] Debugger: Further robustify QmlInspectorAgent

When (re-)querying the root contexts, make sure we clear the old queries
first. One of the QML engines in the target may have created an object,
causing the contexts to be re-queried while queries for other engines
are still running. This would cause mismatches between the m_engines and
m_rootContextQueryIds arrays. In turn, in onResult() we would access an
invalid index in the m_engines array. Furthermore, make the assert that
guards against such an invalid access a QTC_GUARD and log the pending
queries before they are cleared.

When the target replies to the now-invalid root context queries we will
end up in the default branch of onResult,
m_qmlEngine->expressionEvaluated(), and that one silently ignores
unknown query IDs.

Task-number: QTCREATORBUG-22654
Change-Id: I1fe4751ea3592eb26c494696bea3d84fa3e62617
Reviewed-by: Eike Ziller <eike.ziller@qt.io>
Reviewed-by: hjk <hjk@qt.io>
---
 src/plugins/debugger/qml/qmlinspectoragent.cpp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/plugins/debugger/qml/qmlinspectoragent.cpp b/src/plugins/debugger/qml/qmlinspectoragent.cpp
index 3f4599c49bf..4057e0aecaf 100644
--- a/src/plugins/debugger/qml/qmlinspectoragent.cpp
+++ b/src/plugins/debugger/qml/qmlinspectoragent.cpp
@@ -262,8 +262,7 @@ void QmlInspectorAgent::onResult(quint32 queryId, const QVariant &value,
         if (index < 0) {
             if (QTC_GUARD(m_qmlEngine))
                 m_qmlEngine->expressionEvaluated(queryId, value);
-        } else {
-            Q_ASSERT(index < m_engines.length());
+        } else if (QTC_GUARD(index < m_engines.length())) {
             const int engineId = m_engines.at(index).debugId();
             m_rootContexts.insert(engineId, qvariant_cast<ContextReference>(value));
             if (m_rootContexts.size() == m_engines.size()) {
@@ -373,7 +372,7 @@ void QmlInspectorAgent::reloadEngines()
 
 void QmlInspectorAgent::queryEngineContext()
 {
-    qCDebug(qmlInspectorLog) << __FUNCTION__;
+    qCDebug(qmlInspectorLog) << __FUNCTION__ << "pending queries:" << m_rootContextQueryIds;
 
     if (!isConnected() || !boolSetting(ShowQmlObjectTree))
         return;
@@ -381,6 +380,7 @@ void QmlInspectorAgent::queryEngineContext()
     log(LogSend, "LIST_OBJECTS");
 
     m_rootContexts.clear();
+    m_rootContextQueryIds.clear();
     for (const auto &engine : qAsConst(m_engines))
         m_rootContextQueryIds.append(m_engineClient->queryRootContexts(engine));
 }