[Pidgin] #11071: Cancelling log search multiple times causes crash

Pidgin trac at pidgin.im
Thu Jan 7 18:56:00 EST 2010 

#11071: Cancelling log search multiple times causes crash
---------------------+------------------------------------------------------
 Reporter:  QuLogic  |        Owner:              
     Type:  defect   |       Status:  closed      
Milestone:  2.6.5    |    Component:  pidgin (gtk)
  Version:  2.6.4    |   Resolution:  fixed       
 Keywords:           |  
---------------------+------------------------------------------------------

Comment(by datallah at pidgin.im):

 (In [545b0231b60f11482e2b146a4f5a5e140bc06691]):[[BR]]
 *** Plucked rev b0c392df480480c0a511e96fc7b2eb7f827e6efb
 (bcc0147bab874ca52c55ad4900545e17528bf8fd):
 Save the event source ID for search_find_cb so that it's removed when the
 log dialog is closed. This fixes a double free which might be caused by
 having a large logset (and maybe pressing Close multiple times).

 It looks something like this, with a few variations:
 == Invalid read of size 8
 ==    at 0x483001: search_find_cb (gtklog.c:425)
 ==    by 0xBB91E50: g_main_context_dispatch (gmain.c:1824)
 ==    by 0xBB953E7: g_main_context_iterate (gmain.c:2455)
 ==    by 0xBB958BC: g_main_loop_run (gmain.c:2663)
 ==    by 0x63AF606: gtk_main (gtkmain.c:1205)
 ==    by 0x485ADF: main (gtkmain.c:978)
 ==  Address 0x1b469860 is 56 bytes inside a block of size 72 free'd
 ==    at 0x4C239EF: free (vg_replace_malloc.c:323)
 ==    by 0x483A6C: destroy_cb (gtklog.c:223)
 ==    by 0xAB9B12C: g_closure_invoke (gclosure.c:767)
 ==    by 0xABB02B1: signal_emit_unlocked_R (gsignal.c:3247)
 ==    by 0xABB1806: g_signal_emit_valist (gsignal.c:2980)
 ==    by 0xABB1CD2: g_signal_emit (gsignal.c:3037)
 ==    by 0xAB9B12C: g_closure_invoke (gclosure.c:767)
 ==    by 0xABB02B1: signal_emit_unlocked_R (gsignal.c:3247)
 ==    by 0xABB1806: g_signal_emit_valist (gsignal.c:2980)
 ==    by 0xABB1CD2: g_signal_emit (gsignal.c:3037)
 ==    by 0x630ECB4: gtk_real_button_released (gtkbutton.c:1707)
 ==    by 0xAB9B12C: g_closure_invoke (gclosure.c:767)
 ==

 Fixes #11071.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/11071#comment:3>
Pidgin <http://pidgin.im>
Pidgin

More information about the Tracker mailing list