Bug 35115

Summary: crash when switching to a new main loop context
Product: dbus Reporter: Mike Gorse <mgorse>
Component: GLibAssignee: Rob Taylor <rob.taylor>
Status: RESOLVED FIXED QA Contact: John (J5) Palmieri <johnp>
Severity: normal    
Priority: medium Keywords: patch
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: Patch.
patch; same as before but with --format-patch

Description Mike Gorse 2011-03-08 05:39:08 UTC 
Created attachment 44228 [details] [review]
Patch.

When dbus_*_setup_with_g_main gets called to move a connection to a new main loop context, connection_setup_new_from_old is called.  It tries to iterate through ios and timeouts on the old context.  However, it calls dbus_watch_set_data, which ias the side-effect of freeing the old data, which has the side-effect of removing the handler from the old context, so we set tmp to tmp->next where tmp now points to an element which has just been freed.
Comment 1 Mike Gorse 2011-03-11 07:33:42 UTC 
Created attachment 44359 [details] [review]
patch; same as before but with --format-patch
Comment 2 Simon McVittie 2011-05-12 04:31:14 UTC 
The regression test for Bug #30574 seems to exhibit this when run under valgrind.
Comment 3 Simon McVittie 2011-05-12 04:34:43 UTC 
Thanks, fixed in git for 0.94.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.