[evolution-data-server/gnome-3-26] Crash under e-data-cal-view.c:pending_flush_timeout_cb()
- From: Milan Crha <mcrha src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [evolution-data-server/gnome-3-26] Crash under e-data-cal-view.c:pending_flush_timeout_cb()
- Date: Fri, 6 Oct 2017 06:25:32 +0000 (UTC)
commit ebc99af0529bdc334f826e0f0b4d1c58156d8f59
Author: Milan Crha <mcrha redhat com>
Date: Fri Oct 6 08:20:56 2017 +0200
Crash under e-data-cal-view.c:pending_flush_timeout_cb()
There could happen (with proper thread interleaving) a crash under
pending_flush_timeout_cb() when one thread had been inside this function
while another thread had been freeing the 'view' object. This change
reorders the calls to avoid freeing objects while they can be used.
It had been reported downstream at:
https://bugzilla.redhat.com/show_bug.cgi?id=1498853
src/addressbook/libedata-book/e-data-book-view.c | 18 ++++++++++--------
src/calendar/libedata-cal/e-data-cal-view.c | 18 ++++++++++--------
2 files changed, 20 insertions(+), 16 deletions(-)
---
diff --git a/src/addressbook/libedata-book/e-data-book-view.c
b/src/addressbook/libedata-book/e-data-book-view.c
index 14731d1..36157ad 100644
--- a/src/addressbook/libedata-book/e-data-book-view.c
+++ b/src/addressbook/libedata-book/e-data-book-view.c
@@ -197,9 +197,11 @@ pending_flush_timeout_cb (gpointer data)
view->priv->flush_id = 0;
- send_pending_adds (view);
- send_pending_changes (view);
- send_pending_removes (view);
+ if (!g_source_is_destroyed (g_main_current_source ())) {
+ send_pending_adds (view);
+ send_pending_changes (view);
+ send_pending_removes (view);
+ }
g_mutex_unlock (&view->priv->pending_mutex);
@@ -473,11 +475,6 @@ data_book_view_dispose (GObject *object)
priv = E_DATA_BOOK_VIEW_GET_PRIVATE (object);
- g_clear_object (&priv->connection);
- g_clear_object (&priv->gdbus_object);
- g_clear_object (&priv->backend);
- g_clear_object (&priv->sexp);
-
g_mutex_lock (&priv->pending_mutex);
if (priv->flush_id > 0) {
@@ -487,6 +484,11 @@ data_book_view_dispose (GObject *object)
g_mutex_unlock (&priv->pending_mutex);
+ g_clear_object (&priv->connection);
+ g_clear_object (&priv->gdbus_object);
+ g_clear_object (&priv->backend);
+ g_clear_object (&priv->sexp);
+
/* Chain up to parent's dispose() method. */
G_OBJECT_CLASS (e_data_book_view_parent_class)->dispose (object);
}
diff --git a/src/calendar/libedata-cal/e-data-cal-view.c b/src/calendar/libedata-cal/e-data-cal-view.c
index e590b92..6180baa 100644
--- a/src/calendar/libedata-cal/e-data-cal-view.c
+++ b/src/calendar/libedata-cal/e-data-cal-view.c
@@ -428,11 +428,6 @@ data_cal_view_dispose (GObject *object)
priv = E_DATA_CAL_VIEW_GET_PRIVATE (object);
- g_clear_object (&priv->connection);
- g_clear_object (&priv->gdbus_object);
- g_clear_object (&priv->backend);
- g_clear_object (&priv->sexp);
-
g_mutex_lock (&priv->pending_mutex);
if (priv->flush_id > 0) {
@@ -442,6 +437,11 @@ data_cal_view_dispose (GObject *object)
g_mutex_unlock (&priv->pending_mutex);
+ g_clear_object (&priv->connection);
+ g_clear_object (&priv->gdbus_object);
+ g_clear_object (&priv->backend);
+ g_clear_object (&priv->sexp);
+
/* Chain up to parent's dispose() method. */
G_OBJECT_CLASS (e_data_cal_view_parent_class)->dispose (object);
}
@@ -689,9 +689,11 @@ pending_flush_timeout_cb (gpointer data)
view->priv->flush_id = 0;
- send_pending_adds (view);
- send_pending_changes (view);
- send_pending_removes (view);
+ if (!g_source_is_destroyed (g_main_current_source ())) {
+ send_pending_adds (view);
+ send_pending_changes (view);
+ send_pending_removes (view);
+ }
g_mutex_unlock (&view->priv->pending_mutex);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
