From 955ce882f7c94f6085e26ef3f987fbfa72a1a8d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A5rten=20Nordheim?= <marten.nordheim@qt.io>
Date: Fri, 5 Mar 2021 14:33:01 +0100
Subject: QEventDispatcher(Win): Always honor interrupted status to avoid races

There may be a race where e.g. thread 'B' is woken up by a queued invoke.
At the same time thread 'A' asks 'B' to quit, which will set various
atomics (some important ones are 'interrupt' in the dispatcher and
'exit' in the event loop), but it does _not_ try to send another wake
since there is already an unhandled wake triggered by 'B' itself.
Sadly 'B' reads the 'exit' atomic before 'A' updates it.
Then, slightly before, 'B' sets 'interrupt' back to 0, 'A' write 1 to
it, meaning 'A's interrupt is ignored. Then, since there is no
interrupt, 'B' goes back to waiting for events, leaving the thread alive
and running instead of quitting.

Maybe this has unforeseen consequences (one consequence is that it will
return and re-enter the event dispatcher once more, possible
unnecessarily)

Fixes: QTBUG-91539
Change-Id: Ie6f861f42ffddf4817d5c8af2d764abe9d9103c2
Reviewed-by: Alex Trotsenko <alex1973tr@gmail.com>
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
(cherry picked from commit f274f91cebb0a4fd2ebe37bb3a605c47d6acd404)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
---
 .../qeventdispatcher/tst_qeventdispatcher.cpp      | 27 ++++++++++++++++++++++
 1 file changed, 27 insertions(+)

(limited to 'tests')

diff --git a/tests/auto/corelib/kernel/qeventdispatcher/tst_qeventdispatcher.cpp b/tests/auto/corelib/kernel/qeventdispatcher/tst_qeventdispatcher.cpp
index fa5c78bceb..ac71e6b08c 100644
--- a/tests/auto/corelib/kernel/qeventdispatcher/tst_qeventdispatcher.cpp
+++ b/tests/auto/corelib/kernel/qeventdispatcher/tst_qeventdispatcher.cpp
@@ -69,6 +69,7 @@ private slots:
     void processEventsOnlySendsQueuedEvents();
     void postedEventsPingPong();
     void eventLoopExit();
+    void interruptTrampling();
 };
 
 bool tst_QEventDispatcher::event(QEvent *e)
@@ -419,5 +420,31 @@ void tst_QEventDispatcher::eventLoopExit()
     QVERIFY(!timeoutObserved);
 }
 
+// Based on QTBUG-91539: In the event dispatcher on Windows we overwrite the
+// interrupt once we start processing events (this pattern is also in the 'unix' dispatcher)
+// which would lead the dispatcher to accidentally ignore certain interrupts and,
+// as in the bug report, would not quit, leaving the thread alive and running.
+void tst_QEventDispatcher::interruptTrampling()
+{
+    class WorkerThread : public QThread
+    {
+        void run() override {
+            auto dispatcher = eventDispatcher();
+            QVERIFY(dispatcher);
+            dispatcher->processEvents(QEventLoop::AllEvents);
+            QTimer::singleShot(0, [dispatcher]() {
+                dispatcher->wakeUp();
+            });
+            dispatcher->processEvents(QEventLoop::WaitForMoreEvents);
+            dispatcher->interrupt();
+            dispatcher->processEvents(QEventLoop::WaitForMoreEvents);
+        }
+    };
+    WorkerThread thread;
+    thread.start();
+    QVERIFY(thread.wait(1000));
+    QVERIFY(thread.isFinished());
+}
+
 QTEST_MAIN(tst_QEventDispatcher)
 #include "tst_qeventdispatcher.moc"
-- 
cgit v1.2.3