Review Request: Prevent crash in KJob::emitResult() if job is deleted

Albert Astals Cid aacid at kde.org
Wed Dec 1 22:14:31 GMT 2010



> On 2010-12-01 17:23:11, Kevin Ottens wrote:
> > Well, if the job is explicitely isAutoDelete() then I'd say it's a bug in the caller to try to delete it in the first place...
> 
> Aurélien Gâteau wrote:
>     I see your point, but on the other hand if the job is not *autodelete* and the slot connected to result() deletes the job, then the code will crash because the call to isAutoDelete() will access freed memory.
> 
> Andras Mantia wrote:
>     This code shows to problems: 
>     1) code after emit is dangerous
>     2) nobody should delete the sender in a slot, or if it does at least is should use deleteLater
>     
>     Because of 1) and that this is in a library I agree with the extra guard, but the caller should also be fixed.

I suggest adding a kWarning in case autodelete was set and the user deleted the job himself informing him he's doing the wrong thing.


- Albert


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://svn.reviewboard.kde.org/r/6022/#review9080
-----------------------------------------------------------


On 2010-12-01 17:01:44, Aurélien Gâteau wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://svn.reviewboard.kde.org/r/6022/
> -----------------------------------------------------------
> 
> (Updated 2010-12-01 17:01:44)
> 
> 
> Review request for kdelibs and Kevin Ottens.
> 
> 
> Summary
> -------
> 
> If a someone calls "delete job" on a slot connected to the KJob::result() signal, KJob crashes because the job does not exist anymore when execution comes back to KJob::emitResult(). I added a guard to prevent that. An alternative would be to call deleteLater() before emitting the signals but I was afraid it would cause trouble if slots connected to the emitted signals used event loops.
> 
> 
> This addresses bug 241562.
>     https://bugs.kde.org/show_bug.cgi?id=241562
> 
> 
> Diffs
> -----
> 
>   trunk/KDE/kdelibs/kdecore/jobs/kjob.cpp 1202165 
>   trunk/KDE/kdelibs/kdecore/tests/kjobtest.h 1202165 
>   trunk/KDE/kdelibs/kdecore/tests/kjobtest.cpp 1202165 
> 
> Diff: http://svn.reviewboard.kde.org/r/6022/diff
> 
> 
> Testing
> -------
> 
> Wrote a unit-test to demonstrate the problem. This also helps with bug #241562 although I have another request prepared to hopefully definitely nail it down.
> 
> 
> Thanks,
> 
> Aurélien
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20101201/8ab26e9a/attachment.htm>


More information about the kde-core-devel mailing list