From 8ce657d0279566ef327af1b88339534041ddc012 Mon Sep 17 00:00:00 2001
From: Marc Mutz <marc.mutz@kdab.com>
Date: Sun, 3 Apr 2016 12:45:40 +0200
Subject: QAbstractItemView: don't call restart() on invalid QElapsedTimer

In keyboardSearch(), QAbstractItemView unconditionally called
QElapsedTimer::restart().

Calling restart() on an invalid QElapsedTimer is undefined
behavior:

  qelapsedtimer_unix.cpp:192:9: runtime error: signed integer overflow: 3313808 - -9223372036854775808 cannot be represented in type 'long int'
  qelapsedtimer_unix.cpp:193:10: runtime error: signed integer overflow: 534150461 - -9223372036854775808 cannot be represented in type 'long int'
  qelapsedtimer_unix.cpp:194:17: runtime error: signed integer overflow: -9223372036851462000 * 1000000000 cannot be represented in type 'long long int'

The code already checked the timer for validity, and did not
use the return value of restart() in case of an invalid timer,
but the check came too late.

Fix by checking the return value of QElapsedTimer::isValid()
earlier, and calling start() instead of restart() instead.

Fix the same error in QTreeView, which has a c'n'p copy of
the buggy code.

Change-Id: I9751465394707d9348d5c05a0b1b2be147eceb2e
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
---
 src/widgets/itemviews/qabstractitemview.cpp | 6 +++++-
 src/widgets/itemviews/qtreeview.cpp         | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/widgets/itemviews/qabstractitemview.cpp b/src/widgets/itemviews/qabstractitemview.cpp
index 251b09ce7d..9dbe5c6c54 100644
--- a/src/widgets/itemviews/qabstractitemview.cpp
+++ b/src/widgets/itemviews/qabstractitemview.cpp
@@ -2932,7 +2932,11 @@ void QAbstractItemView::keyboardSearch(const QString &search)
                         : d->model->index(0, 0, d->root);
     bool skipRow = false;
     bool keyboardTimeWasValid = d->keyboardInputTime.isValid();
-    qint64 keyboardInputTimeElapsed = d->keyboardInputTime.restart();
+    qint64 keyboardInputTimeElapsed;
+    if (keyboardTimeWasValid)
+        keyboardInputTimeElapsed = d->keyboardInputTime.restart();
+    else
+        d->keyboardInputTime.start();
     if (search.isEmpty() || !keyboardTimeWasValid
         || keyboardInputTimeElapsed > QApplication::keyboardInputInterval()) {
         d->keyboardInput = search;
diff --git a/src/widgets/itemviews/qtreeview.cpp b/src/widgets/itemviews/qtreeview.cpp
index 0ccb989198..e6a6b2a447 100644
--- a/src/widgets/itemviews/qtreeview.cpp
+++ b/src/widgets/itemviews/qtreeview.cpp
@@ -1017,7 +1017,11 @@ void QTreeView::keyboardSearch(const QString &search)
 
     bool skipRow = false;
     bool keyboardTimeWasValid = d->keyboardInputTime.isValid();
-    qint64 keyboardInputTimeElapsed = d->keyboardInputTime.restart();
+    qint64 keyboardInputTimeElapsed;
+    if (keyboardTimeWasValid)
+        keyboardInputTimeElapsed = d->keyboardInputTime.restart();
+    else
+        d->keyboardInputTime.start();
     if (search.isEmpty() || !keyboardTimeWasValid
         || keyboardInputTimeElapsed > QApplication::keyboardInputInterval()) {
         d->keyboardInput = search;
-- 
cgit v1.2.3