Bug 668675 - GtkTimeline: protect the timeline from unref
GtkTimeline: protect the timeline from unref
Status: RESOLVED FIXED
Product: gtk+
Classification: Platform
Component: .General
unspecified
Other All
: Normal normal
: ---
Assigned To: gtk-bugs
gtk-bugs
:
: 654020 (view as bug list)
Depends on:
Blocks:
  Show dependency tree
 
Reported: 2012-01-25 16:38 UTC by Allison Lortie (desrt) (extended vacation)
Modified: 2012-01-26 09:47 UTC (History)
1 user (show)

See Also:
GNOME target: ---
GNOME version: ---

Attachments
GtkTimeline: protect the timeline from unref (1.29 KB, patch)
2012-01-25 16:38 UTC, Allison Lortie (desrt) (extended vacation) 		committed Details | Diff | Review
View All Add an attachment (proposed patch, testcase, etc.)

Description Allison Lortie (desrt) (extended vacation) 2012-01-25 16:38:16 UTC 
==24215== Invalid read of size 1
==24215==    at 0x58F1507: gtk_timeline_run_frame (gtktimeline.c:340)
==24215==    by 0x5D506EE: gdk_threads_dispatch (gdk.c:745)
==24215==    by 0x7C5672A: g_timeout_dispatch (gmain.c:3857)
==24215==    by 0x7C55AE9: g_main_context_dispatch (gmain.c:2513)
==24215==    by 0x7C55EAF: g_main_context_iterate.isra.23 (gmain.c:3121)
==24215==    by 0x7C55F73: g_main_context_iteration (gmain.c:3182)
==24215==    by 0x7708773: g_application_run (gapplication.c:1496)
==24215==    by 0x42A971: main (nautilus-main.c:101)
==24215==  Address 0x266cb174 is 84 bytes inside a block of size 88 free'd
==24215==    at 0x4C2882E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==24215==    by 0x79F104A: g_type_free_instance (gtype.c:1937)
==24215==    by 0x79F5152: g_value_unset (gvalue.c:276)
==24215==    by 0x79E98DA: g_signal_emit_valist (gsignal.c:3063)
==24215==    by 0x79E9A61: g_signal_emit (gsignal.c:3090)
==24215==    by 0x58F1506: gtk_timeline_run_frame (gtktimeline.c:337)
==24215==    by 0x5D506EE: gdk_threads_dispatch (gdk.c:745)
==24215==    by 0x7C5672A: g_timeout_dispatch (gmain.c:3857)
==24215==    by 0x7C55AE9: g_main_context_dispatch (gmain.c:2513)
==24215==    by 0x7C55EAF: g_main_context_iterate.isra.23 (gmain.c:3121)
==24215==    by 0x7C55F73: g_main_context_iteration (gmain.c:3182)
==24215==    by 0x7708773: g_application_run (gapplication.c:1496)
==24215==    by 0x42A971: main (nautilus-main.c:101)
Comment 1 Allison Lortie (desrt) (extended vacation) 2012-01-25 16:38:18 UTC 
Created attachment 206104 [details] [review]
GtkTimeline: protect the timeline from unref

The timeline frame function emits several signals, assuming that the
timeline will exist after these signals return.  This assumption can be
invalid if signal handlers unref the timeline.
Comment 2 Matthias Clasen 2012-01-26 01:25:35 UTC 
Review of attachment 206104 [details] [review]:

Makes sense
Comment 3 Matthias Clasen 2012-01-26 01:28:08 UTC 
Review of attachment 206104 [details] [review]:

Makes sense
Comment 4 Matthias Clasen 2012-01-26 01:28:11 UTC 
Review of attachment 206104 [details] [review]:

Makes sense
Comment 5 Matthias Clasen 2012-01-26 01:28:58 UTC 
Review of attachment 206104 [details] [review]:

Grr splinter
Comment 6 Matthias Clasen 2012-01-26 01:29:17 UTC 
Review of attachment 206104 [details] [review]:

Grr splinter
Comment 7 Allison Lortie (desrt) (extended vacation) 2012-01-26 01:29:52 UTC 
Attachment 206104 [details] pushed as e2750a4 - GtkTimeline: protect the timeline from unref
Comment 8 Sebastien Bacher 2012-01-26 09:47:42 UTC 
*** Bug 654020 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.