Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-45836

Segmentation fault with sendEvent()

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Not Evaluated
    • Resolution: Duplicate
    • Affects Version/s: 5.4.1
    • Fix Version/s: None
    • Component/s: Core: Object Model
    • Labels:
      None
    • Environment:
      Ubuntu 15.04 64-bit, Qt 5.4.1, GCC 5.1, Clang 3.6

      Description

      I'm using Qt 5.4.1 on Ubuntu 15.04 with GCC 5.1 (from PPA) and Clang 3.6.
      I found a segmentation fault problem when compiling my code with GCC 5 or Clang with LTO. The problem is persists with GCC (but not with previous versions), whatever the compiler or linker flags (and whatever the linker type). But Clang is only affected when I set -flto flag. The root cause is the same in all cases, and Qt is compiled with GCC 4.9.2 (by Canonical).

      So, I create a "Qt Widgets Application", and the untouched code is compiled fine and the window is opened perfectly. But if I put this example code:

      QEvent ev(QEvent::KeyPress);
      qApp->sendEvent(this, &ev);

      to a function (for example, but if the function is not used, the LTO will be ignored), the segfault will happen when call QApplication a(argc, argv).
      If I run GDB, I get this:

      QMetaObject::activate (sender=0x0, signalOffset=8, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7fffffffdde0) at kernel/qobject.cpp:3592

      I cheked the qtbase/src/corelib/kernel/qobject.cpp file, and found this code:

      void QMetaObject::activate(QObject *sender, int signalOffset, int local_signal_index, void **argv)
      {
          int signal_index = signalOffset + local_signal_index;
      
          if (!sender->d_func()->isSignalConnected(signal_index)
              && !qt_signal_spy_callback_set.signal_begin_callback
              && !qt_signal_spy_callback_set.signal_end_callback) {
              return; // nothing connected to these signals, and no spy
          }
      ...

      So if the sender is a nullptr (0x0), this function results is a segfault, because no if(sender) check. But I think the problem should be treated with elsewhere.

        Attachments

          Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Activity

              People

              • Assignee:
                thiago Thiago Macieira
                Reporter:
                Kendek KrisztiƔn Kende
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Gerrit Reviews

                  There are no open Gerrit changes