Crash: dbus_timeout_handle for already deleted pending calls via dbus_connection_send_with_reply_and_block()
thiago at kde.org
Thu Feb 5 23:43:01 PST 2009
Ville M. Vainio wrote:
>I have a problem. I don't understand why I have 'timeouts' for pending
>calls that don't exist anymore.
>I have (rare) crashes that look like this (no, I don't have a core for
>#0 _dbus_connection_lock (connection=0x616d6740) at
> dbus-connection.c:355 #0 _dbus_connection_lock (connection=0x616d6740)
> at dbus-connection.c:355 #1 0x41263cf8 in
> _dbus_pending_call_get_connection_and_lock (pending=0x1756c0) at
>#2 0x4125695c in reply_handler_timeout (data=0x616d6740) at
>#3 0x41268910 in dbus_timeout_handle (timeout=0x1756f0) at
> dbus-timeout.c:473 #4 0x4138e9cc in timeout_handler_dispatch
> (data=<value optimized out>) at dbus-gmain.c:343
>#5 0x4119f2a8 in g_timeout_dispatch (source=0x175718,
> callback=0x4138e9bc <timeout_handler_dispatch>, user_data=0x616d6740)
> at gmain.c:3587 #6 0x4119e9dc in IA__g_main_context_dispatch
> (context=0xb3748) at gmain.c:2142 #7 0x411a2470 in
> g_main_context_iterate (context=0xb3748, block=1, dispatch=1,
> self=<value optimized out>) at gmain.c:2776
I fixed a similar bug in QtDBus a few months ago.
dbus_connection_send_with_reply_and_block creates and deletes a
DBusTimeout object before it returns. As far as I can tell, the external
timeout object is unnecessary, but it's a side-effect of the internal
The problem is that the implementation of timeouts and watches in Qt must
be done in the proper thread, but libdbus-1 sends them from any thread.
When the callback is called in the wrong thread, it queues the timeout
addition or removal.
The problem is, there's a race condition between the wrong-thread-removal
and the right-thread handling, usually simply asking dbus what the timeout
Now, I don't know the threading internals about dbus-glib, but it could be
a similar condition. However, given the backtrace, it would seem to
indicate that the timeout object did not get removed after send_and_block
requested that it be removed.
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freedesktop.org/archives/dbus/attachments/20090206/e4639f06/attachment.pgp
More information about the dbus