GNOME Bugzilla – Bug 789862
dh-sidebar: Crashes when interacting with the GCompletion
Last modified: 2018-01-06 17:54:57 UTC
See: https://bugzilla.redhat.com/show_bug.cgi?id=1276784 https://bugzilla.redhat.com/show_bug.cgi?id=1507665 Even though the backtraces are slightly different, I think they are indicative of the same problem.
Thanks for the bug report. For the second link, I have Access Denied.
(In reply to Sébastien Wilmet from comment #1) > Thanks for the bug report. > > For the second link, I have Access Denied. Fixed. ABRT is often too conservative about marking crash reports "Fedora contributors only".
I have implemented DhCompletion, a basic replacement for GCompletion based on a better data structure (GSequence, not a simple GList). DhSidebar now uses DhCompletion, so the above crashes are fixed (hopefully not replaced by other crashes). commit 803eea7e43652a8f84d31a5329856825ce214a0e commit bacbd8563199347ba0088a4f19b7da0b49c82431 To know why the crashes occurred with GCompletion, I haven't looked in detail at the GCompletion implementation, but in DhSidebar GCompletion was not used correctly. dh_book_get_completions() returned NULL when the DhBook was disabled, so when the DhBookManager::book-disabled signal was emitted, DhSidebar didn't remove the items from the GCompletion object. Then if that DhBook is destroyed (e.g. when the package is uninstalled from the filesystem), the GCompletion can access freed memory (use-after-free), since GCompletion doesn't copy the data (see the implementation of g_completion_add_items()). So that was probably something along those lines: the book becomes disabled, then removed, use-after-free etc. Anyway, it's now much better with DhCompletion, and it's unit-tested.
Thanks Sébastien!