diff options
| author | Thiago Macieira <thiago.macieira@intel.com> | 2013-01-18 06:39:00 (GMT) |
|---|---|---|
| committer | The Qt Project <gerrit-noreply@qt-project.org> | 2013-06-16 10:38:53 (GMT) |
| commit | 96a7596a904529b1ceabf3552aab2a280c19fbd3 (patch) | |
| tree | 978252023489eb861e3b6fcdad0e7525944cf813 /src/corelib/thread | |
| parent | 14641095dbeafe155a1d1000c0f0f6ca77a70b2c (diff) | |
| download | Qt-96a7596a904529b1ceabf3552aab2a280c19fbd3.zip Qt-96a7596a904529b1ceabf3552aab2a280c19fbd3.tar.gz Qt-96a7596a904529b1ceabf3552aab2a280c19fbd3.tar.bz2 | |
Clear the current thread data for the main thread
This avoids crashes accessing deleted memory when creating a QObject
after the last QObject had been deleted, like a qDebug() in global
destructors.
==41000== Invalid read of size 4
==41000== at 0x5F01ED5: bool QBasicAtomicOps<4>::ref<int>(int&) (qatomic_x86.h:208)
==41000== by 0x5F01309: QBasicAtomicInteger<int>::ref() (qbasicatomic.h:147)
==41000== by 0x5F24051: QThreadData::ref() (qthread.cpp:100)
==41000== by 0x614A984: QObject::QObject(QObject*) (qobject.cpp:681)
==41000== Address 0x6ee73f0 is 0 bytes inside a block of size 152 free'd
==41000== at 0x4A0736C: operator delete(void*) (vg_replace_malloc.c:480)
==41000== by 0x5F240BF: QThreadData::deref() (qthread.cpp:109)
==41000== by 0x6113F6B: QCoreApplicationData::~QCoreApplicationData() (qcoreapplication.cpp:268)
The comment right above the change in qthread.cpp looks eerily similar
to the problem I'm trying to fix. However, the actual change that
introduced the change is not in the Qt public history, so we can't
know for sure what the problem was then.
Cherry-picked from qtbase/950b35cf97ad398f97883efd2a18ee97994a8a9c.
Change-Id: Ic4072c15529e2ae94ea36fbd0340cf5ee61413d2
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Diffstat (limited to 'src/corelib/thread')
| -rw-r--r-- | src/corelib/thread/qthread.cpp | 1 | ||||
| -rw-r--r-- | src/corelib/thread/qthread_p.h | 1 | ||||
| -rw-r--r-- | src/corelib/thread/qthread_unix.cpp | 5 | ||||
| -rw-r--r-- | src/corelib/thread/qthread_win.cpp | 5 |
4 files changed, 12 insertions, 0 deletions
diff --git a/src/corelib/thread/qthread.cpp b/src/corelib/thread/qthread.cpp index 74bbd4e..7ebbc83 100644 --- a/src/corelib/thread/qthread.cpp +++ b/src/corelib/thread/qthread.cpp @@ -95,6 +95,7 @@ QThreadData::~QThreadData() // the problem... if (this->thread == QCoreApplicationPrivate::theMainThread) { QCoreApplicationPrivate::theMainThread = 0; + QThreadData::clearCurrentThreadData(); } QThread *t = thread; diff --git a/src/corelib/thread/qthread_p.h b/src/corelib/thread/qthread_p.h index 49cb80e..d404b53 100644 --- a/src/corelib/thread/qthread_p.h +++ b/src/corelib/thread/qthread_p.h @@ -215,6 +215,7 @@ public: ~QThreadData(); static QThreadData *current(); + static void clearCurrentThreadData(); static QThreadData *get2(QThread *thread) { Q_ASSERT_X(thread != 0, "QThread", "internal error"); return thread->d_func()->data; } diff --git a/src/corelib/thread/qthread_unix.cpp b/src/corelib/thread/qthread_unix.cpp index d66d7ec..57127a2 100644 --- a/src/corelib/thread/qthread_unix.cpp +++ b/src/corelib/thread/qthread_unix.cpp @@ -203,6 +203,11 @@ static void clear_thread_data() pthread_setspecific(current_thread_data_key, 0); } +void QThreadData::clearCurrentThreadData() +{ + clear_thread_data(); +} + QThreadData *QThreadData::current() { QThreadData *data = get_thread_data(); diff --git a/src/corelib/thread/qthread_win.cpp b/src/corelib/thread/qthread_win.cpp index 3b78502..98a7f81 100644 --- a/src/corelib/thread/qthread_win.cpp +++ b/src/corelib/thread/qthread_win.cpp @@ -96,6 +96,11 @@ Q_DESTRUCTOR_FUNCTION(qt_free_tls) /* QThreadData */ +void QThreadData::clearCurrentThreadData() +{ + TlsSetValue(qt_current_thread_data_tls_index, 0); +} + QThreadData *QThreadData::current() { qt_create_tls(); |