Qt 4.4 QtConcurrent and libthread_xu

Matthew Dillon dillon at apollo.backplane.com
Wed May 7 12:20:26 PDT 2008


    Something in that chain of calls is passing a NULL to
    __pthread_mutex_trylock().

    In libc_r we have this:

int
_pthread_mutex_trylock(pthread_mutex_t * mutex)
{
        struct pthread  *curthread = _get_curthread();
        int     ret = 0;

        if (mutex == NULL)
                ret = EINVAL;
	...
}

    In libthread_xu it assumes non-NULL and will crash.

    Try this patch.  It will do the same check that libc_r does.  I'm
    not convinced that Qt isn't broken, though, Qt shouldn't be passing
    NULL to the mutex functions, it should be passing the address of
    a pthread_mutex_t which itself can be NULL, but it should be passing
    NULL.

						-Matt


Index: thread/thr_mutex.c
===================================================================
RCS file: /cvs/src/lib/libthread_xu/thread/thr_mutex.c,v
retrieving revision 1.14
diff -u -p -r1.14 thr_mutex.c
--- thread/thr_mutex.c	13 Apr 2006 11:53:39 -0000	1.14
+++ thread/thr_mutex.c	7 May 2008 19:18:04 -0000
@@ -285,6 +285,8 @@ {
 	struct pthread *curthread = tls_get_curthread();
 	int ret;
 
+	if (__predict_false(m == NULL))
+		return(EINVAL);
 	/*
 	 * If the mutex is statically initialized, perform the dynamic
 	 * initialization:
@@ -372,12 +374,14 @@ 	int	ret;
 
 	_thr_check_init();
 
-	curthread = tls_get_curthread();
+	if (__predict_false(m == NULL))
+		return(EINVAL);
 
 	/*
 	 * If the mutex is statically initialized, perform the dynamic
 	 * initialization:
 	 */
+	curthread = tls_get_curthread();
 	if (__predict_false(*m == NULL)) {
 		ret = init_static(curthread, m);
 		if (__predict_false(ret))
@@ -394,12 +398,14 @@ 	int	ret;
 
 	_thr_check_init();
 
-	curthread = tls_get_curthread();
+	if (__predict_false(m == NULL))
+		return(EINVAL);
 
 	/*
 	 * If the mutex is statically initialized, perform the dynamic
 	 * initialization marking it private (delete safe):
 	 */
+	curthread = tls_get_curthread();
 	if (__predict_false(*m == NULL)) {
 		ret = init_static_private(curthread, m);
 		if (__predict_false(ret))
@@ -417,12 +423,14 @@ 	int	ret;
 
 	_thr_check_init();
 
-	curthread = tls_get_curthread();
+	if (__predict_false(m == NULL))
+		return(EINVAL);
 
 	/*
 	 * If the mutex is statically initialized, perform the dynamic
 	 * initialization:
 	 */
+	curthread = tls_get_curthread();
 	if (__predict_false(*m == NULL)) {
 		ret = init_static(curthread, m);
 		if (__predict_false(ret))
@@ -440,6 +448,9 @@ 	int	ret;
 
 	_thr_check_init();
 
+	if (__predict_false(m == NULL))
+		return(EINVAL);
+
 	curthread = tls_get_curthread();
 
 	/*
@@ -457,6 +468,8 @@ 
 int
 _pthread_mutex_unlock(pthread_mutex_t *m)
 {
+	if (__predict_false(m == NULL))
+		return(EINVAL);
 	return (mutex_unlock_common(m));
 }
 
@@ -556,7 +569,6 @@ 	struct pthread_mutex *m;
 
 	if (__predict_false((m = *mutex)== NULL))
 		return (EINVAL);
-
 	if (__predict_false(m->m_owner != curthread))
 		return (EPERM);
 
@@ -600,9 +612,10 @@ {
 	struct pthread *curthread = tls_get_curthread();
 	struct pthread_mutex *m;
 
-	if (__predict_false((m = *mutex)== NULL))
+	if (__predict_false(mutex == NULL))
+		return (EINVAL);
+	if (__predict_false((m = *mutex) == NULL))
 		return (EINVAL);
-
 	if (__predict_false(m->m_owner != curthread))
 		return (EPERM);
 





More information about the Bugs mailing list