1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

QFuture: immediately delete watcher after the context is destroyed

Browse Source 
We used deleteLater(), which was triggering ASAN use-after-free error.
Apparently, what could happen is that after the context was destroyed,
we called deleteLater(), but if at this point the previous future got
finished, we still tried to emit watcher->run() to execute the
continuation. And then the watcher got deleted.

This patch replaces deleteLater() with a plain delete call. This looks
safe, because the watcher is only accessed while holding the lock.

Amends 59e21a536f7f81625216dc7a621e7be59919da33.

Fixes: QTBUG-120302
Pick-to: 6.7 6.6
Change-Id: Ia32f20bfe8daea2e2346f3d446c978ae305d2f68
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This commit is contained in:
Ivan Solovev 2023-12-21 11:46:00 +01:00
parent 84588c0721
commit 11333a0972
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/corelib/thread/qfutureinterface.cpp
View File

@ -76,7 +76,7 @@ void QtPrivate::watchContinuationImpl(const QObject *context, QSlotObjectBase *s
auto watcherMutex = std::make_shared<QRecursiveMutex>();
const auto destroyWatcher = [watcherMutex, watcher]() mutable {
QMutexLocker lock(watcherMutex.get());
watcher->deleteLater();
delete watcher;
};
// ### we're missing a convenient way to `QObject::connect()` to a `QSlotObjectBase`...