[Nepomuk] Review Request: Fix crash due to dangling pointers by zeroing them.

Simeon Bird bladud at gmail.com
Tue Nov 27 22:00:17 UTC 2012 


> On Nov. 22, 2012, 10:32 a.m., Vishesh Handa wrote:
> > I've really tried to figure out this issue. But I'm giving up for now. Since it is not doing any harm, ship it.

Yup. If the stack trace is not lying, I'm reasonably confident this should fix the crash. But it puzzles me how it happens in the first place...


> On Nov. 22, 2012, 10:32 a.m., Vishesh Handa wrote:
> > services/storage/query/folder.cpp, line 153
> > <http://git.reviewboard.kde.org/r/107339/diff/1/?file=94866#file94866line153>
> >
> >     I would prefer if you set m_currentSearchRunnable = 0 in the if block, but I leave it to you.
> >     
> >     Both have the same effect.

Sure, if you like.


- Simeon


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/107339/#review22368
-----------------------------------------------------------


On Nov. 16, 2012, 12:56 a.m., Simeon Bird wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/107339/
> -----------------------------------------------------------
> 
> (Updated Nov. 16, 2012, 12:56 a.m.)
> 
> 
> Review request for Nepomuk.
> 
> 
> Description
> -------
> 
>     Fix convoluted crash on deletion of Query::Folder.
>     
>     Sequence of events could be:
>     
>     1. Folder::~Folder called.
>     2. SearchRunnable->cancel called => SearchRunnable->m_folder = 0.
>     3. Deletes all connections.
>     4. deleteLater called again, during destructor (is this ever safe?)
>     5. SearchRunnable::run called => since m_folder is zero, returns and
>     deletes SearchRunnable without setting m_folder -> SearchRunnable to
>     zero.
>     6. mutex unlocked at end of destructor
>     7. Folder::~Folder called again by queued deleteLater (?)
>     8. SearchRunnable already deleted after step 5. Crash.
>     
>     Fixed by setting m_currentSearchRunnable = 0 after cancelling the folder
>     listing.
>     
> This is slightly guess-work, but it's the best I can come up with. I'd appreciate if someone who knows more Qt could tell me if my story above is possible or not.
> 
> 
> This addresses bug 308773.
>     http://bugs.kde.org/show_bug.cgi?id=308773
> 
> 
> Diffs
> -----
> 
>   services/storage/query/folder.cpp 18e8ff7140eb03e12fcab7bead2b0d4bd6fa7474 
> 
> Diff: http://git.reviewboard.kde.org/r/107339/diff/
> 
> 
> Testing
> -------
> 
> Compiled, ran. Can't reproduce crash, so not certain that it fixes it.
> 
> 
> Thanks,
> 
> Simeon Bird
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/nepomuk/attachments/20121127/57c2e14a/attachment.html>

More information about the Nepomuk mailing list