diff options
| author | Jüri Valdmann <juri.valdmann@qt.io> | 2020-08-12 14:30:32 +0200 |
|---|---|---|
| committer | Jüri Valdmann <juri.valdmann@qt.io> | 2020-08-14 14:39:46 +0200 |
| commit | 99a668c324218a1fab4824a9707194ff38df6dfe (patch) | |
| tree | d962434cf0b8d5b7a4fd9c8773087d6a9288ee61 /src/core | |
| parent | cc5bf0d5852d4e55abdda12061eb3908f8d84856 (diff) | |
Fix swap condition in DisplayGLOutputSurface::updatePaintNode
The buffer pointers m_middleBuffer and m_frontBuffer are swapped in
updatePaintNode on the condition that m_middleBuffer is non-null and
it's serviceId non-zero. But neither m_middleBuffer nor it's serviceId
is immediately cleared, leaving the possibility that a subsequent call
to updatePaintNode could swap the buffer pointers again if this call
occurs before m_middleBuffer is cleared in swapBuffersOnVizThread. The
m_taskRunner pointer is however cleared immediately and therefore the
subsequent call to updatePaintNode will trigger a segmentation fault.
Since m_taskRunner precisely tracks the condition when we should or
should not swap, change the swap condition to simply require that
m_taskRunner is non-null.
Fixes: QTBUG-85817
Change-Id: Iad89bb0f4de7c0c151d5c5bd63ac74ab6cdd9087
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
Diffstat (limited to 'src/core')
| -rw-r--r-- | src/core/compositor/display_gl_output_surface_qsg.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/core/compositor/display_gl_output_surface_qsg.cpp b/src/core/compositor/display_gl_output_surface_qsg.cpp index 2f7b3de84..d4b9154d1 100644 --- a/src/core/compositor/display_gl_output_surface_qsg.cpp +++ b/src/core/compositor/display_gl_output_surface_qsg.cpp @@ -88,7 +88,7 @@ QSGNode *DisplayGLOutputSurface::updatePaintNode(QSGNode *oldNode, RenderWidgetH { { QMutexLocker locker(&m_mutex); - if (m_middleBuffer && m_middleBuffer->serviceId) { + if (m_taskRunner) { std::swap(m_middleBuffer, m_frontBuffer); m_taskRunner->PostTask( FROM_HERE, |