From 935e241fa6ea095493ade5d5403c9ac55c18d5ef Mon Sep 17 00:00:00 2001 From: Bastien Montagne Date: Tue, 23 Feb 2016 16:19:59 +0100 Subject: Fix (unreported) crash when opening a file from splash screen when 'load UI' option is disabled. Took me some time to figure out what was going on here... Was again that delayed button callback stuff (`ui_apply_but_funcs_after()`), first calling button op, and then its callback func. Issue was that 'open file' op (through call to `WM_file_read()`) would clear the splash screen (as more or less the entire 'dynamic' UI), but callback func of that splash (`wm_block_splash_refreshmenu()`) would still try to access that freed menu's region. So, root of the issue seems to be that setting context's wm/win/etc. would not clear context's menu pointer (while clearing all other 'sub' pointers). I could not find nor imagine any case where this behavior could be desired, so simply added nullification of that pointer when setting context's wm/win/etc. Note that crash was due to read-after-free, infuriating debug builds with asan, but seems like release builds never actually crashed on it. --- source/blender/blenkernel/intern/context.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/source/blender/blenkernel/intern/context.c b/source/blender/blenkernel/intern/context.c index 5b7698544e0..7567033ad4b 100644 --- a/source/blender/blenkernel/intern/context.c +++ b/source/blender/blenkernel/intern/context.c @@ -820,6 +820,7 @@ void CTX_wm_manager_set(bContext *C, wmWindowManager *wm) C->wm.screen = NULL; C->wm.area = NULL; C->wm.region = NULL; + C->wm.menu = NULL; } void CTX_wm_window_set(bContext *C, wmWindow *win) @@ -830,6 +831,7 @@ void CTX_wm_window_set(bContext *C, wmWindow *win) C->data.scene = C->wm.screen->scene; C->wm.area = NULL; C->wm.region = NULL; + C->wm.menu = NULL; } void CTX_wm_screen_set(bContext *C, bScreen *screen) @@ -839,17 +841,20 @@ void CTX_wm_screen_set(bContext *C, bScreen *screen) C->data.scene = C->wm.screen->scene; C->wm.area = NULL; C->wm.region = NULL; + C->wm.menu = NULL; } void CTX_wm_area_set(bContext *C, ScrArea *area) { C->wm.area = area; C->wm.region = NULL; + C->wm.menu = NULL; } void CTX_wm_region_set(bContext *C, ARegion *region) { C->wm.region = region; + C->wm.menu = NULL; } void CTX_wm_menu_set(bContext *C, ARegion *menu) -- cgit v1.2.3