luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-09-21 09:46:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
ca0add4b8a
glib/gio/tests/network-monitor-race.c
Milan Crha ca0add4b8a gnetworkmonitor: Fix use-after-free when using from another thread 
When using g_network_monitor_get_default() from another thread, it’s
possible for network-changed events to be processed after an instance of
GNetworkMonitor has been disposed, causing use-after-free problems.

Fix that by moving some of the initialisation into the GInitable.init()
chain, rather than in a main context idle callback.

This includes a unit test which probabilistically reproduces the bug
(but can’t do so deterministically due to it being a race condition).

Commit amended by Philip Withnall <withnall@endlessm.com> before
pushing.

https://bugzilla.gnome.org/show_bug.cgi?id=793727
2018-04-11 15:03:43 +01:00

93 lines
2.2 KiB
C
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*
* Copyright (C) 2018 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of the
* licence, or (at your option) any later version.
*
* This is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
#include <glib/glib.h>
#include <gio/gio.h>
#define MAX_RUNS 333
static gboolean
quit_loop (gpointer user_data)
{
g_main_loop_quit (user_data);
return FALSE;
}
static gpointer
thread_func (gpointer user_data)
{
g_network_monitor_get_default ();
g_timeout_add (100, quit_loop, user_data);
return NULL;
}
static gboolean
call_func (gpointer user_data)
{
GThread *thread;
thread = g_thread_new (NULL, thread_func, user_data);
g_thread_unref (thread);
return FALSE;
}
/* Test that calling g_network_monitor_get_default() in a thread doesnt cause
* a crash. This is a probabilistic test; since its testing a race condition,
* it cant deterministically reproduce the problem. The threading has to
* happen in subprocesses, since the result of g_network_monitor_get_default()
* is unavoidably cached once created. */
static void
test_network_monitor (void)
{
guint ii;
g_test_bug ("793727");
if (g_test_subprocess ())
{
GMainLoop *main_loop;
main_loop = g_main_loop_new (NULL, FALSE);
g_timeout_add (1, call_func, main_loop);
g_main_loop_run (main_loop);
g_main_loop_unref (main_loop);
return;
}
for (ii = 0; ii < MAX_RUNS; ii++)
{
g_test_trap_subprocess (NULL, 0, 0);
g_test_trap_assert_passed ();
}
}
int
main (int argc, char *argv[])
{
g_test_init (&argc, &argv, NULL);
g_test_bug_base ("https://bugzilla.gnome.org/show_bug.cgi?id=");
g_test_add_func ("/network-monitor/create-in-thread",
test_network_monitor);
return g_test_run ();
}
Reference in New Issue View Git Blame Copy Permalink