AuroraMiddleware/gtk2
1
0
Fork 0
forked from AuroraMiddleware/gtk
Code Issues Pull Requests Projects Releases Wiki Activity
23ce44c9fe
gtk2/gdk/x11
History
Colin Walters 806c04411d gdk: Fix GdkWindowFilter internal refcounting 
Running gnome-shell under valgrind, I saw the attached invalid write.
Basically we can destroy a window during event processing, and the old
window_remove_filters simply called g_free() on the filter, ignoring
the refcount.  Then later in event processing we call filter->refcount--,
which is writing to free()d memory.

Fix this by centralizing list mutation and refcount handling inside
a new shared _gdk_window_filter_unref() function, and using that
everywhere.

==13876== Invalid write of size 4
==13876==    at 0x446B181: gdk_event_apply_filters (gdkeventsource.c:86)
==13876==    by 0x446B411: _gdk_events_queue (gdkeventsource.c:188)
==13876==    by 0x44437EF: gdk_display_get_event (gdkdisplay.c:410)
==13876==    by 0x446B009: gdk_event_source_dispatch (gdkeventsource.c:317)
==13876==    by 0x4AB7159: g_main_context_dispatch (gmain.c:2436)
==13876==    by 0x4AB7957: g_main_context_iterate.clone.5 (gmain.c:3087)
==13876==    by 0x4AB806A: g_main_loop_run (gmain.c:3295)
==13876==    by 0x8084D6B: main (main.c:722)
==13876==  Address 0x1658bcac is 12 bytes inside a block of size 16 free'd
==13876==    at 0x4005EAD: free (vg_replace_malloc.c:366)
==13876==    by 0x4ABE515: g_free (gmem.c:263)
==13876==    by 0x444BCC9: window_remove_filters (gdkwindow.c:1873)
==13876==    by 0x4454BA3: _gdk_window_destroy_hierarchy (gdkwindow.c:2043)
==13876==    by 0x447BF6E: gdk_window_destroy_notify (gdkwindow-x11.c:1115)
==13876==    by 0x43588E2: _gtk_socket_windowing_filter_func (gtksocket-x11.c:518)
==13876==    by 0x446B170: gdk_event_apply_filters (gdkeventsource.c:79)
==13876==    by 0x446B411: _gdk_events_queue (gdkeventsource.c:188)
==13876==    by 0x44437EF: gdk_display_get_event (gdkdisplay.c:410)
==13876==    by 0x446B009: gdk_event_source_dispatch (gdkeventsource.c:317)
==13876==    by 0x4AB7159: g_main_context_dispatch (gmain.c:2436)
==13876==    by 0x4AB7957: g_main_context_iterate.clone.5 (gmain.c:3087)

https://bugzilla.gnome.org/show_bug.cgi?id=637464
2010-12-17 12:07:37 -05:00
..
checksettings.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdkapplaunchcontext-x11.c Avoid delays in starting applications 2010-11-27 23:12:09 -05:00
gdkasync.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdkasync.h Inclusion cleanups in headers 2010-10-14 22:08:53 -04:00
gdkcursor-x11.c API: Remove GDK_WINDOW_XWINDOW() macro 2010-12-02 20:20:56 +01:00
gdkdevice-core.c x11: Fix in_rectangle computation 2010-12-02 20:21:03 +01:00
gdkdevice-core.h Merge the xi2-for-master branch 2010-05-25 18:38:44 -04:00
gdkdevice-xi2.c API: Remove GDK_WINDOW_XWINDOW() macro 2010-12-02 20:20:56 +01:00
gdkdevice-xi2.h Inclusion cleanups in headers 2010-10-14 22:08:53 -04:00
gdkdevice-xi.c API: Remove GDK_WINDOW_XWINDOW() macro 2010-12-02 20:20:56 +01:00
gdkdevice-xi.h Merge the xi2-for-master branch 2010-05-25 18:38:44 -04:00
gdkdevicemanager-core.c gdk: Rename GdkWindowObject to GdkWindow 2010-12-02 20:21:03 +01:00
gdkdevicemanager-core.h Merge the xi2-for-master branch 2010-05-25 18:38:44 -04:00
gdkdevicemanager-x11.c Enable XI2 by default 2010-12-15 03:17:58 +01:00
gdkdevicemanager-xi2.c xi2: Improve device hierarchy handling 2010-12-15 03:17:59 +01:00
gdkdevicemanager-xi2.h xi2: Improve device hierarchy handling 2010-12-15 03:17:59 +01:00
gdkdevicemanager-xi.c Move all GdkDevice members to private and add one missing accessor 2010-11-23 20:25:13 +01:00
gdkdevicemanager-xi.h Fix up abi checking 2010-06-07 06:16:21 -04:00
gdkdisplay-x11.c Add gdk_event_[gs]et_source_device(). 2010-12-15 03:17:58 +01:00
gdkdisplay-x11.h Inclusion cleanups in headers 2010-10-14 22:08:53 -04:00
gdkdnd-x11.c API: gdk: Remove depth argument from gdk_window_get_geometry() 2010-12-06 01:02:52 +01:00
gdkeventsource.c gdk: Fix GdkWindowFilter internal refcounting 2010-12-17 12:07:37 -05:00
gdkeventsource.h Merge the xi2-for-master branch 2010-05-25 18:38:44 -04:00
gdkeventtranslator.c gdk/x11/gdkeventtranslator.c: use G_DEFINE_INTERFACE macro 2010-08-26 14:57:56 +02:00
gdkeventtranslator.h Merge the xi2-for-master branch 2010-05-25 18:38:44 -04:00
gdkgeometry-x11.c gdk: Rename GdkWindowObject to GdkWindow 2010-12-02 20:21:03 +01:00
gdkglobals-x11.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdkim-x11.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdkkeys-x11.c Fix up parameter mismatches in the docs 2010-12-03 09:07:06 -05:00
gdkmain-x11.c Add gdk_event_[gs]et_source_device(). 2010-12-15 03:17:58 +01:00
gdkprivate-x11.h x11: Remove unused GDK_DRAWABLE_XROOTWIN macro 2010-12-02 20:21:03 +01:00
gdkproperty-x11.c API: Remove GDK_WINDOW_XWINDOW() macro 2010-12-02 20:20:56 +01:00
gdkscreen-x11.c introspection: Fix (out) for gdk_screen_get_monitor_geometry 2010-12-06 11:42:47 -05:00
gdkscreen-x11.h Inclusion cleanups in headers 2010-10-14 22:08:53 -04:00
gdkselection-x11.c x11: Use window macros instead of drawable macros 2010-12-02 20:17:27 +01:00
gdksettings.c gdk: Add big fat warning about updating XSettings 2010-11-15 17:15:19 +00:00
gdkspawn-x11.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdktestutils-x11.c gdk: Rename GdkWindowObject to GdkWindow 2010-12-02 20:21:03 +01:00
gdkvisual-x11.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdkwindow-x11.c gdk: Remove depth argument from GdkWindowImpl->get_geometry() 2010-12-06 01:02:52 +01:00
gdkwindow-x11.h Add missing include 2010-12-08 11:49:48 -05:00
gdkx.h Fix up parameter mismatches in the docs 2010-12-03 09:07:06 -05:00
gdkxftdefaults.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdkxid.c Fix missing (transfer) annotations in GDK 2010-11-24 21:37:20 +01:00
Makefile.am Remove *_set_extension_events() and old API to query devices. 2010-12-17 16:25:14 +01:00
MwmUtil.h Cleanup. (#169648, Fabricio Barros Cabral) 2005-06-12 05:32:25 +00:00
xsettings-client.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
xsettings-client.h Change the XSettingsWatchFunc to return a Bool to indicate success. Update 2007-04-10 23:16:30 +00:00
xsettings-common.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
xsettings-common.h Inclusion cleanups in headers 2010-10-14 22:08:53 -04:00