gtk2/gdk
Colin Walters 806c04411d gdk: Fix GdkWindowFilter internal refcounting
Running gnome-shell under valgrind, I saw the attached invalid write.
Basically we can destroy a window during event processing, and the old
window_remove_filters simply called g_free() on the filter, ignoring
the refcount.  Then later in event processing we call filter->refcount--,
which is writing to free()d memory.

Fix this by centralizing list mutation and refcount handling inside
a new shared _gdk_window_filter_unref() function, and using that
everywhere.

==13876== Invalid write of size 4
==13876==    at 0x446B181: gdk_event_apply_filters (gdkeventsource.c:86)
==13876==    by 0x446B411: _gdk_events_queue (gdkeventsource.c:188)
==13876==    by 0x44437EF: gdk_display_get_event (gdkdisplay.c:410)
==13876==    by 0x446B009: gdk_event_source_dispatch (gdkeventsource.c:317)
==13876==    by 0x4AB7159: g_main_context_dispatch (gmain.c:2436)
==13876==    by 0x4AB7957: g_main_context_iterate.clone.5 (gmain.c:3087)
==13876==    by 0x4AB806A: g_main_loop_run (gmain.c:3295)
==13876==    by 0x8084D6B: main (main.c:722)
==13876==  Address 0x1658bcac is 12 bytes inside a block of size 16 free'd
==13876==    at 0x4005EAD: free (vg_replace_malloc.c:366)
==13876==    by 0x4ABE515: g_free (gmem.c:263)
==13876==    by 0x444BCC9: window_remove_filters (gdkwindow.c:1873)
==13876==    by 0x4454BA3: _gdk_window_destroy_hierarchy (gdkwindow.c:2043)
==13876==    by 0x447BF6E: gdk_window_destroy_notify (gdkwindow-x11.c:1115)
==13876==    by 0x43588E2: _gtk_socket_windowing_filter_func (gtksocket-x11.c:518)
==13876==    by 0x446B170: gdk_event_apply_filters (gdkeventsource.c:79)
==13876==    by 0x446B411: _gdk_events_queue (gdkeventsource.c:188)
==13876==    by 0x44437EF: gdk_display_get_event (gdkdisplay.c:410)
==13876==    by 0x446B009: gdk_event_source_dispatch (gdkeventsource.c:317)
==13876==    by 0x4AB7159: g_main_context_dispatch (gmain.c:2436)
==13876==    by 0x4AB7957: g_main_context_iterate.clone.5 (gmain.c:3087)

https://bugzilla.gnome.org/show_bug.cgi?id=637464
2010-12-17 12:07:37 -05:00
..
quartz Port Quartz backend to latest rendering-cleanup changes 2010-12-06 14:15:47 +01:00
tests Don't require a display for the color test 2010-12-02 16:00:15 -05:00
win32 gdk: Remove depth argument from GdkWindowImpl->get_geometry() 2010-12-06 01:02:52 +01:00
x11 gdk: Fix GdkWindowFilter internal refcounting 2010-12-17 12:07:37 -05:00
abicheck.sh gdk: Remove unused macros from build 2010-11-24 16:18:46 +01:00
COPYING [ Merges from gtk-1-2 ] 1999-09-28 20:19:13 +00:00
gdk.c Enable XI2 by default 2010-12-15 03:17:58 +01:00
gdk.h Remove *_set_extension_events() and old API to query devices. 2010-12-17 16:25:14 +01:00
gdk.symbols Remove *_set_extension_events() and old API to query devices. 2010-12-17 16:25:14 +01:00
gdkapplaunchcontext.c docs: Move documentation to inline comments: gdkapplaunchcontext 2010-11-15 03:18:45 +01:00
gdkapplaunchcontext.h fix typo in the type name so the macro becomes usable. 2008-10-15 15:50:10 +00:00
gdkcairo.c Use cairo gobject support instead of a new boxed type. 2010-12-04 15:38:20 +01:00
gdkcairo.h Use cairo gobject support instead of a new boxed type. 2010-12-04 15:38:20 +01:00
gdkcolor.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdkcolor.h docs: Move documentation to inline comments: colors 2010-10-04 03:48:05 +02:00
gdkconfig.h.win32 Define GDK_NATIVE_WINDOW_POINTER on 32-bit Windows, too. It just makes 2008-08-04 22:20:53 +00:00
gdkcursor.c docs: Move documentation to inline comments: gdkcursor 2010-11-15 18:24:31 +01:00
gdkcursor.h docs: Move documentation to inline comments: gdkcursor 2010-11-15 18:24:31 +01:00
gdkdevice.c Remove *_set_extension_events() and old API to query devices. 2010-12-17 16:25:14 +01:00
gdkdevice.h xi2: Improve device hierarchy handling 2010-12-15 03:17:59 +01:00
gdkdevicemanager.c Complete renaming of gdk_enable_multidevice() 2010-12-15 13:05:11 +01:00
gdkdevicemanager.h GdkDeviceManager: Add gdk_device_manager_get_client_pointer(). 2010-06-24 02:30:53 +02:00
gdkdeviceprivate.h Remove *_set_extension_events() and old API to query devices. 2010-12-17 16:25:14 +01:00
gdkdisplay.c Remove *_set_extension_events() and old API to query devices. 2010-12-17 16:25:14 +01:00
gdkdisplay.h Remove *_set_extension_events() and old API to query devices. 2010-12-17 16:25:14 +01:00
gdkdisplaymanager.c docs: Move documentation to inline comments: gdkdisplaymanager 2010-11-15 04:12:57 +01:00
gdkdisplaymanager.h docs: Move documentation to inline comments: gdkdisplaymanager 2010-11-15 04:12:57 +01:00
gdkdnd.c Add some forgotten accessors for GdkDragContext 2010-12-10 00:58:33 -05:00
gdkdnd.h Add some forgotten accessors for GdkDragContext 2010-12-10 00:58:33 -05:00
gdkenumtypes.c.template gdk/: fully remove gdkalias hacks 2010-07-10 02:21:31 +02:00
gdkenumtypes.h.template Remove remaining single-include guards 2010-06-04 19:40:43 -04:00
gdkevents.c Add gdk_event_[gs]et_source_device(). 2010-12-15 03:17:58 +01:00
gdkevents.h Add gdk_event_[gs]et_source_device(). 2010-12-15 03:17:58 +01:00
gdkglobals.c Enable XI2 by default 2010-12-15 03:17:58 +01:00
gdkinternals.h gdk: Fix GdkWindowFilter internal refcounting 2010-12-17 12:07:37 -05:00
gdkintl.h Fix distcheck 2010-10-01 20:02:35 -04:00
gdkkeynames.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdkkeys.c Fix missing (transfer) annotations in GDK 2010-11-24 21:37:20 +01:00
gdkkeys.h docs: Move documentation to inline comments: gdkkeys 2010-11-15 05:19:33 +01:00
gdkkeysyms-compat.h GDK: Prefix key names with KEY_ 2010-09-08 18:51:44 -04:00
gdkkeysyms-update.pl GDK: Prefix key names with KEY_ 2010-09-08 18:51:44 -04:00
gdkkeysyms.h GDK: Prefix key names with KEY_ 2010-09-08 18:51:44 -04:00
gdkkeyuni.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdkmain.h Complete renaming of gdk_enable_multidevice() 2010-12-15 13:05:11 +01:00
gdkmarshalers.list Bug 631599 - Allow to use arbitrary surfaces for offscreen windows 2010-10-14 13:25:23 +02:00
gdkoffscreenwindow.c gdk: Remove depth argument from GdkWindowImpl->get_geometry() 2010-12-06 01:02:52 +01:00
gdkpango.c Fix missing (transfer) annotations in GDK 2010-11-24 21:37:20 +01:00
gdkpango.h API: remove GdkPangoRenderer 2010-08-10 21:02:29 +02:00
gdkpixbuf-drawable.c gdk: Make _gdk_window_ref_cairo_surface() protected and use it 2010-12-02 20:21:02 +01:00
gdkpixbuf.h gdk: Make gdk_pixbuf_get_from_*() bindable 2010-10-02 03:08:24 +02:00
gdkprivate.h gdk: Remove useless macros from gdkprivate.h 2010-12-02 20:21:05 +01:00
gdkproperty.h docs: Move documentation to inline comments: properties 2010-11-15 21:06:34 +01:00
gdkrectangle.c Inclusion cleanups in sources 2010-10-14 22:09:36 -04:00
gdkrectangle.h Inclusion cleanups in headers 2010-10-14 22:08:53 -04:00
gdkrgba.c gdk: Add section docs for GdkRGBA 2010-12-06 18:57:11 +01:00
gdkrgba.h gdk: Constify argument to gdk_rgba_copy() 2010-12-06 01:02:52 +01:00
gdkscreen.c API: gdk: Remove depth argument from gdk_window_get_geometry() 2010-12-06 01:02:52 +01:00
gdkscreen.h docs: Move documentation to inline comments: gdkscreen 2010-11-15 04:12:57 +01:00
gdkselection.c Fix missing (transfer) annotations in GDK 2010-11-24 21:37:20 +01:00
gdkselection.h docs: Move documentation to inline comments: gdkselection 2010-11-15 18:24:31 +01:00
gdkspawn.h Use a GPid on gdk_spawn_on_screen[_with_pipes]. Take 2 2010-06-15 17:16:43 +02:00
gdktestutils.h docs: move documentation to inline comments: gdktesting 2010-11-15 04:12:57 +01:00
gdkthreads.h docs: Move documentation to inline comments: gdkthreads 2010-11-15 21:06:35 +01:00
gdktypes.h API: Remove gdkdrawable.h from public headers 2010-12-02 20:21:02 +01:00
gdkvisual.c docs: Move documentation to inline comments: gdkvisual 2010-11-15 18:24:31 +01:00
gdkvisual.h docs: Move documentation to inline comments: gdkvisual 2010-11-15 18:24:31 +01:00
gdkwindow.c gdk: Fix GdkWindowFilter internal refcounting 2010-12-17 12:07:37 -05:00
gdkwindow.h Add gdk_window_[gs]et_source_events() 2010-12-15 03:17:59 +01:00
gdkwindowimpl.c gdk: Move window beeps into GdkWindowImpl 2010-12-02 20:21:05 +01:00
gdkwindowimpl.h gdk: Remove depth argument from GdkWindowImpl->get_geometry() 2010-12-06 01:02:52 +01:00
gen-keyname-table.pl Generate N_() calls for translatable key names. 2005-06-10 06:41:04 +00:00
keyname-table.h fix small typo. 2008-10-28 22:55:23 +00:00
keynames.txt Mark arrow keys as translatable 2006-12-21 05:11:00 +00:00
makeenums.pl Add GdkEventSetting event for notification of changes to system settings, 2001-04-02 23:33:47 +00:00
Makefile.am Remove *_set_extension_events() and old API to query devices. 2010-12-17 16:25:14 +01:00
makefile.msc gdk: Remove unused macros from build 2010-11-24 16:18:46 +01:00