[Adium-devl] g_string_free() and me (aka gaim [17165] doesn't like Adium)

Evan Schoenberg evan.s at dreskin.net
Mon Sep 11 20:49:05 UTC 2006 

Okay, found the problem and fixed it.  What a headache.

The problem was purely in Adium's adiumGaimEventloop code... but  
nothing before [17165] had ever triggered the exact situation, which  
was:
1) Non-blocking write condition triggers its socket callback
2) That socket callback triggers a prpl callback which adds a read  
condition on the same fd
3) That socket callback does a gaim_source_remove() on the write  
callback's tag
4) That socket callback then free()'s the data associated with the  
write callback (but not the read callback, obviously)


(2) means that the socket was converted from write-only to read/write  
(because the write condition hadn't yet been  removed.
(3) then removed the write part of the read/write... which in code  
that had previously never been touched (and was written when I was  
fixing our handling of nonblocking sockets in the first place),  
called CFSocketDisableCallBacks(socket, kCFSocketWriteCallBack) so  
that the socket would remain around but only trigger for the next  
read condition.

Unfortunately, CFSocketDisableCallBacks() appears to be a no-op....  
the socket callback was indeed called again, with a write callback  
signature, as soon as data was available to be written.  This  
triggered a return to (1) above... which besides wrecking havoc on  
the connect process (you could see this in Jabber's "Connected."  
message appearing twice in rapid succession) led to a double-free()  
at (4).

Disabling the auto-reenabling of callbacks with CFSocketSetFlags()  
before calling CFSocketDisableCallBacks() doesn't make a difference.

Solution: Invalidate, release, and create from scratch the socket  
when converting from read/write to read-only or write-only.  This  
mirrors how we convert a read-only or write-only socket to read/write  
in the first place.

-Evan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://adium.im/pipermail/devel_adium.im/attachments/20060911/c7411d72/attachment.sig>

More information about the devel mailing list