[Nepomuk] Review Request: Fix crash due to dangling pointers by zeroing them.

Commit Hook null at kde.org
Tue Nov 27 22:15:43 UTC 2012 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/107339/#review22674
-----------------------------------------------------------


This review has been submitted with commit e9e907290bddcd9121e8a9e937198568699bc698 by Simeon Bird to branch master.

- Commit Hook


On Nov. 16, 2012, 12:56 a.m., Simeon Bird wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/107339/
> -----------------------------------------------------------
> 
> (Updated Nov. 16, 2012, 12:56 a.m.)
> 
> 
> Review request for Nepomuk.
> 
> 
> Description
> -------
> 
>     Fix convoluted crash on deletion of Query::Folder.
>     
>     Sequence of events could be:
>     
>     1. Folder::~Folder called.
>     2. SearchRunnable->cancel called => SearchRunnable->m_folder = 0.
>     3. Deletes all connections.
>     4. deleteLater called again, during destructor (is this ever safe?)
>     5. SearchRunnable::run called => since m_folder is zero, returns and
>     deletes SearchRunnable without setting m_folder -> SearchRunnable to
>     zero.
>     6. mutex unlocked at end of destructor
>     7. Folder::~Folder called again by queued deleteLater (?)
>     8. SearchRunnable already deleted after step 5. Crash.
>     
>     Fixed by setting m_currentSearchRunnable = 0 after cancelling the folder
>     listing.
>     
> This is slightly guess-work, but it's the best I can come up with. I'd appreciate if someone who knows more Qt could tell me if my story above is possible or not.
> 
> 
> This addresses bug 308773.
>     http://bugs.kde.org/show_bug.cgi?id=308773
> 
> 
> Diffs
> -----
> 
>   services/storage/query/folder.cpp 18e8ff7140eb03e12fcab7bead2b0d4bd6fa7474 
> 
> Diff: http://git.reviewboard.kde.org/r/107339/diff/
> 
> 
> Testing
> -------
> 
> Compiled, ran. Can't reproduce crash, so not certain that it fixes it.
> 
> 
> Thanks,
> 
> Simeon Bird
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/nepomuk/attachments/20121127/dd94b9d5/attachment.html>

More information about the Nepomuk mailing list