Details
-
Bug
-
Resolution: Incomplete
-
P1: Critical
-
None
-
5.8.0
-
None
-
Archlinux, Qt 5.8, PyQt5 5.8
Description
Unfortunately I haven't been able to write a minimal reproducer in C++ for this yet, but here's what I know so far:
I have a QLocalServer, and save the QLocalSocket I get in nextPendingConnection when it emits newConnection.
Then I connect a slot to that QLocalSocket's disconnected signal, which calls deleteLater on the socket.
When I do this, and call QApplication::processEvents in my application, I get a segfault after the disconnection has been handled, with this stack:
#0 0x00007f97d21aff5f in raise () at /usr/lib/libpthread.so.0 #1 0x00007f97d21b0080 in <signal handler called> () at /usr/lib/libpthread.so.0 #2 0x00007f97cfd827b1 in QMetaObject::activate(QObject*, int, int, void**) (sender=0x253df08, signalOffset=3, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7ffe75715600) at kernel/qobject.cpp:3612 #3 0x00007f97cfd836d7 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (sender=<optimized out>, m=m@entry=0x7f97d01a2ec0 <QIODevice::staticMetaObject>, local_signal_index=local_signal_index@entry=1, argv=argv@entry=0x7ffe75715600) at kernel/qobject.cpp:3602 #4 0x00007f97cfdf9201 in QIODevice::channelReadyRead(int) (this=<optimized out>, _t1=<optimized out>) at .moc/moc_qiodevice.cpp:193 #5 0x00007f97c1ff1b7c in QAbstractSocketPrivate::canReadNotification() (this=0x24f25a0) at socket/qabstractsocket.cpp:733 #6 0x00007f97c1ffd131 in QReadNotifier::event(QEvent*) (this=<optimized out>, e=<optimized out>) at socket/qnativesocketengine.cpp:1241 #7 0x00007f97ba5753dc in QApplicationPrivate::notify_helper(QObject*, QEvent*) (this=<optimized out>, receiver=0x33b7780, e=0x7ffe757158d0) at kernel/qapplication.cpp:3745 #8 0x00007f97ba57cbf1 in QApplication::notify(QObject*, QEvent*) (this=0x2177180, receiver=0x33b7780, e=0x7ffe757158d0) at kernel/qapplication.cpp:3502 #9 0x00007f97badf42ce in sipQApplication::notify(QObject*, QEvent*) (this=0x2177180, a0=0x33b7780, a1=0x7ffe757158d0) at sipQtWidgetsQApplication.cpp:232 #10 0x00007f97cfd574b0 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (receiver=0x33b7780, event=event@entry=0x7ffe757158d0) at kernel/qcoreapplication.cpp:988 #11 0x00007f97cfdac56d in QCoreApplication::sendEvent(QObject*, QEvent*) (event=0x7ffe757158d0, receiver=<optimized out>) at ../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:231 #12 0x00007f97cfdac56d in socketNotifierSourceDispatch(GSource*, GSourceFunc, gpointer) (source=0x21ac420) at kernel/qeventdispatcher_glib.cpp:106 #13 0x00007f97cc62c5a7 in g_main_context_dispatch () at /usr/lib/libglib-2.0.so.0 #14 0x00007f97cc62c810 in () at /usr/lib/libglib-2.0.so.0 #15 0x00007f97cc62c8bc in g_main_context_iteration () at /usr/lib/libglib-2.0.so.0 #16 0x00007f97cfdac0bf in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (this=0x21ac2a0, flags=...) at kernel/qeventdispatcher_glib.cpp:423 #17 0x00007f97cfd5590a in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (this=this@entry=0x7ffe75715af0, flags=..., flags@entry=...) at kernel/qeventloop.cpp:212 #18 0x00007f97cfd5de54 in QCoreApplication::exec() () at kernel/qcoreapplication.cpp:1261
So it looks like Qt internally tries to handle socket notifications internally for sockets which have already been deleted, and after the client already disconnected?
I haven't seen this happen so far when the events just get handled in the mainloop though...