Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: P2: Important
Fix Version/s: 5.15.3, 6.0.0
Affects Version/s: 5.15.2
Component/s: Wayland Compositor
Labels:
None

Platform/s:

All
Commits:
735164b5c2a2637a8d53a8803a2401e4ef477ff0

Description

In autogenerated code, I see next implementation:

qwayland-server-wayland.cpp:

void wl_region::destroy_func(struct ::wl_resource *client_resource)
    {
        Resource *resource = Resource::fromResource(client_resource);
        Q_ASSERT(resource);
        wl_region *that = resource->region_object;
        if (Q_LIKELY(that)) {
            that->m_resource_map.remove(resource->client(), resource);
            that->region_destroy_resource(resource);
            if (that->m_resource == resource)\n");
                that->m_resource = nullptr;\n");
        }
        delete resource;
    }

this->region_destroy_resource(resource) is defined in
qtwayland/src/compositor/wayland_wrapper/qwlregion.cpp:

void Region::region_destroy_resource(Resource *)
{
    delete this;
}

The problem is in access to
that->m_resource

Actually after call region_destroy_resource(), this is access to released memory.

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Qt Graphics Team

Reporter:: Vasily Dybala

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 29 Jul '21 12:08

Updated:: 13 Sep '21 05:39

Resolved:: 13 Sep '21 05:39

Gerrit Reviews

There are no open Gerrit changes