1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix possible double free when hiding a window

Browse Source 
There was a race condition between the gui and the wayland event thread
which could lead to double freeing the QWaylandShmBackingStore's frame
callback. Protect the wl_callback_destroy calls using a mutex.

Change-Id: Ia70ebac208a6d4450328ba5254a850be26d84d6d
Reviewed-by: Laszlo Agocs <laszlo.agocs@theqtcompany.com>
This commit is contained in:
Giulio Camuffo 2014-12-06 19:57:39 +02:00
parent c9909b7ce9
commit d2e278e4e2
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/plugins/platforms/wayland/qwaylandshmbackingstore.cpp
View File

@ -46,6 +46,7 @@
#include <QtCore/qdebug.h> #include <QtCore/qdebug.h>
#include <QtGui/QPainter> #include <QtGui/QPainter>
#include <QMutexLocker>
#include <wayland-client.h> #include <wayland-client.h>
#include <unistd.h> #include <unistd.h>
@ -180,6 +181,7 @@ void QWaylandShmBackingStore::endPaint()
void QWaylandShmBackingStore::hidden() void QWaylandShmBackingStore::hidden()
{ {
QMutexLocker lock(&mMutex);
if (mFrameCallback) { if (mFrameCallback) {
wl_callback_destroy(mFrameCallback); wl_callback_destroy(mFrameCallback);
mFrameCallback = Q_NULLPTR; mFrameCallback = Q_NULLPTR;
@ -341,6 +343,7 @@ void QWaylandShmBackingStore::done(void *data, wl_callback *callback, uint32_t t
static_cast<QWaylandShmBackingStore *>(data); static_cast<QWaylandShmBackingStore *>(data);
if (callback != self->mFrameCallback) // others, like QWaylandWindow, may trigger callbacks too if (callback != self->mFrameCallback) // others, like QWaylandWindow, may trigger callbacks too
return; return;
QMutexLocker lock(&self->mMutex);
QWaylandWindow *window = self->waylandWindow(); QWaylandWindow *window = self->waylandWindow();
wl_callback_destroy(self->mFrameCallback); wl_callback_destroy(self->mFrameCallback);
self->mFrameCallback = 0; self->mFrameCallback = 0;

2
src/plugins/platforms/wayland/qwaylandshmbackingstore_p.h
View File

@ -47,6 +47,7 @@
#include <qpa/qplatformbackingstore.h> #include <qpa/qplatformbackingstore.h>
#include <QtGui/QImage> #include <QtGui/QImage>
#include <qpa/qplatformwindow.h> #include <qpa/qplatformwindow.h>
#include <QMutex>
QT_BEGIN_NAMESPACE QT_BEGIN_NAMESPACE
@ -106,6 +107,7 @@ private:
QWaylandShmBuffer *mBackBuffer; QWaylandShmBuffer *mBackBuffer;
bool mFrontBufferIsDirty; bool mFrontBufferIsDirty;
bool mPainting; bool mPainting;
QMutex mMutex;
QSize mRequestedSize; QSize mRequestedSize;
Qt::WindowFlags mCurrentWindowFlags; Qt::WindowFlags mCurrentWindowFlags;