2.78.0-3

author: dudemanguy 2023-10-14 15:02:22 -0500
committer: dudemanguy 2023-10-14 15:02:22 -0500
commit: fa561fdf4f9830fbbb3265b0d9b30b4d9a771ebc (patch)
tree: e3e3d7d92a3dfdea2cfceba4250ab5af65b244f2
parent: 0b2dcc779e8eb3ffbfa3355c019f4beb502de9d7 (diff)
download: aur-fa561fdf4f9830fbbb3265b0d9b30b4d9a771ebc.tar.gz
3 files changed, 169 insertions, 2 deletions
diff --git a/.SRCINFO b/.SRCINFO
index e30d290b5eb4..b73e39b0d875 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
 pkgbase = glib2-patched-thumbnailer
 	pkgdesc = GLib2 patched with ahodesuka's thumbnailer patch.
 	pkgver = 2.78.0
-	pkgrel = 1
+	pkgrel = 3
 	url = https://gist.github.com/Dudemanguy/d199759b46a79782cc1b301649dec8a5
 	arch = x86_64
 	license = LGPL
@@ -39,12 +39,14 @@ pkgbase = glib2-patched-thumbnailer
 	source = git+https://gitlab.gnome.org/GNOME/glib.git#commit=3c543ef69ffab7c78e29eaf383e7fe2c7df6cd49
 	source = git+https://gitlab.gnome.org/GNOME/gvdb.git
 	source = 0001-glib-compile-schemas-Remove-noisy-deprecation-warnin.patch
+	source = 0002-gthreadedresolver-Fix-race-between-source-callbacks-.patch
 	source = 0002-glocalfileinfo-add-a-dbus-thumbnail-generator.patch
 	source = gio-querymodules.hook
 	source = glib-compile-schemas.hook
 	b2sums = SKIP
 	b2sums = SKIP
 	b2sums = 94c73ca7070c239494873dd52d6ee09382bbb5b1201f7afd737cfa140b1a2fb0744b2c2831baf3943d1d072550c35888d21ce6f19f89481ff9d1a60d9a0b30e0
+	b2sums = ffa7a0f8d9dc09864a6a8083b20f634788e5929cd678f7c38ce65be7cdfdea50d0be3cf3a7e6b9a2641f21a085b90b7ac33a2a81ae62a8963992aa9eb7699f57
 	b2sums = 7f6bc830e8ccf0ef8d1afa178af5141f2ff6b9387efd6675a27627ff90548b854c68bfc928b680833352b055de316f92726391909884f89c7a042825a942c03b
 	b2sums = 14c9211c0557f6d8d9a914f1b18b7e0e23f79f4abde117cb03ab119b95bf9fa9d7a712aa0a29beb266468aeb352caa3a9e4540503cfc9fe0bbaf764371832a96
 	b2sums = d30d349b4cb4407839d9074ce08f5259b8a5f3ca46769aabc621f17d15effdb89c4bf19bd23603f6df3d59f8d1adaded0f4bacd0333afcab782f2d048c882858
diff --git a/0002-gthreadedresolver-Fix-race-between-source-callbacks-.patch b/0002-gthreadedresolver-Fix-race-between-source-callbacks-.patch
new file mode 100644
index 000000000000..17de85b15bdb
--- /dev/null
+++ b/0002-gthreadedresolver-Fix-race-between-source-callbacks-.patch
@@ -0,0 +1,158 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <philip@tecnocode.co.uk>
+Date: Mon, 11 Sep 2023 16:02:15 +0100
+Subject: [PATCH] gthreadedresolver: Fix race between source callbacks and
+ finalize
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+I had thought that because `g_source_destroy()` was called for the two
+sources (cancel and timeout) in the `GTask` finalize function for a
+threaded resolver operation, that it would be fine to use a plain
+pointer in the source callbacks to point to the `GTask`.
+
+That turns out to not be true: because the source callbacks are executed
+in the GLib worker thread, and the `GTask` can be finalized in another
+thread, it’s possible for a source callback (e.g. `cancelled_cb()`) to
+be scheduled in the worker thread, then for the `GTask` to be finalized,
+and then the source callback to continue execution and find itself
+doing a use-after-free.
+
+Fix that by using a weak ref to the `GTask` in the source callbacks,
+rather than a plain pointer.
+
+Signed-off-by: Philip Withnall <philip@tecnocode.co.uk>
+
+Fixes: #3105
+---
+ gio/gthreadedresolver.c | 43 +++++++++++++++++++++++++++++++++++------
+ 1 file changed, 37 insertions(+), 6 deletions(-)
+
+diff --git a/gio/gthreadedresolver.c b/gio/gthreadedresolver.c
+index 2d94531bfda3..c7a567549f28 100644
+--- a/gio/gthreadedresolver.c
++++ b/gio/gthreadedresolver.c
+@@ -1422,85 +1422,116 @@ lookup_records_finish (GResolver     *resolver,
+ static gboolean
+ timeout_cb (gpointer user_data)
+ {
+-  GTask *task = G_TASK (user_data);
+-  LookupData *data = g_task_get_task_data (task);
++  GWeakRef *weak_task = user_data;
++  GTask *task = NULL;  /* (owned) */
++  LookupData *data;
+   gboolean should_return;
+ 
++  task = g_weak_ref_get (weak_task);
++  if (task == NULL)
++    return G_SOURCE_REMOVE;
++
++  data = g_task_get_task_data (task);
++
+   g_mutex_lock (&data->lock);
+ 
+   should_return = g_atomic_int_compare_and_exchange (&data->will_return, NOT_YET, TIMED_OUT);
+   g_clear_pointer (&data->timeout_source, g_source_unref);
+ 
+   g_mutex_unlock (&data->lock);
+ 
+   if (should_return)
+     g_task_return_new_error (task, G_IO_ERROR, G_IO_ERROR_TIMED_OUT,
+                              _("Socket I/O timed out"));
+ 
+   /* Signal completion of the task. */
+   g_mutex_lock (&data->lock);
+   data->has_returned = TRUE;
+   g_cond_broadcast (&data->cond);
+   g_mutex_unlock (&data->lock);
+ 
++  g_object_unref (task);
++
+   return G_SOURCE_REMOVE;
+ }
+ 
+ /* Will be called in the GLib worker thread, so must lock all accesses to shared
+  * data. */
+ static gboolean
+ cancelled_cb (GCancellable *cancellable,
+               gpointer      user_data)
+ {
+-  GTask *task = G_TASK (user_data);
+-  LookupData *data = g_task_get_task_data (task);
++  GWeakRef *weak_task = user_data;
++  GTask *task = NULL;  /* (owned) */
++  LookupData *data;
+   gboolean should_return;
+ 
++  task = g_weak_ref_get (weak_task);
++  if (task == NULL)
++    return G_SOURCE_REMOVE;
++
++  data = g_task_get_task_data (task);
++
+   g_mutex_lock (&data->lock);
+ 
+   g_assert (g_cancellable_is_cancelled (cancellable));
+   should_return = g_atomic_int_compare_and_exchange (&data->will_return, NOT_YET, CANCELLED);
+   g_clear_pointer (&data->cancellable_source, g_source_unref);
+ 
+   g_mutex_unlock (&data->lock);
+ 
+   if (should_return)
+     g_task_return_error_if_cancelled (task);
+ 
+   /* Signal completion of the task. */
+   g_mutex_lock (&data->lock);
+   data->has_returned = TRUE;
+   g_cond_broadcast (&data->cond);
+   g_mutex_unlock (&data->lock);
+ 
++  g_object_unref (task);
++
+   return G_SOURCE_REMOVE;
+ }
+ 
++static void
++weak_ref_clear_and_free (GWeakRef *weak_ref)
++{
++  g_weak_ref_clear (weak_ref);
++  g_free (weak_ref);
++}
++
+ static void
+ run_task_in_thread_pool_async (GThreadedResolver *self,
+                                GTask             *task)
+ {
+   LookupData *data = g_task_get_task_data (task);
+   guint timeout_ms = g_resolver_get_timeout (G_RESOLVER (self));
+   GCancellable *cancellable = g_task_get_cancellable (task);
+ 
+   g_mutex_lock (&data->lock);
+ 
+   g_thread_pool_push (self->thread_pool, g_object_ref (task), NULL);
+ 
+   if (timeout_ms != 0)
+     {
++      GWeakRef *weak_task = g_new0 (GWeakRef, 1);
++      g_weak_ref_set (weak_task, task);
++
+       data->timeout_source = g_timeout_source_new (timeout_ms);
+       g_source_set_static_name (data->timeout_source, "[gio] threaded resolver timeout");
+-      g_source_set_callback (data->timeout_source, G_SOURCE_FUNC (timeout_cb), task, NULL);
++      g_source_set_callback (data->timeout_source, G_SOURCE_FUNC (timeout_cb), g_steal_pointer (&weak_task), (GDestroyNotify) weak_ref_clear_and_free);
+       g_source_attach (data->timeout_source, GLIB_PRIVATE_CALL (g_get_worker_context) ());
+     }
+ 
+   if (cancellable != NULL)
+     {
++      GWeakRef *weak_task = g_new0 (GWeakRef, 1);
++      g_weak_ref_set (weak_task, task);
++
+       data->cancellable_source = g_cancellable_source_new (cancellable);
+       g_source_set_static_name (data->cancellable_source, "[gio] threaded resolver cancellable");
+-      g_source_set_callback (data->cancellable_source, G_SOURCE_FUNC (cancelled_cb), task, NULL);
++      g_source_set_callback (data->cancellable_source, G_SOURCE_FUNC (cancelled_cb), g_steal_pointer (&weak_task), (GDestroyNotify) weak_ref_clear_and_free);
+       g_source_attach (data->cancellable_source, GLIB_PRIVATE_CALL (g_get_worker_context) ());
+     }
+ 
diff --git a/PKGBUILD b/PKGBUILD
index 084527e99645..31fd5640fe65 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -5,7 +5,7 @@
 
 pkgname=glib2-patched-thumbnailer
 pkgver=2.78.0
-pkgrel=1
+pkgrel=3
 pkgdesc="GLib2 patched with ahodesuka's thumbnailer patch."
 url="https://gist.github.com/Dudemanguy/d199759b46a79782cc1b301649dec8a5"
 arch=(x86_64)
@@ -26,6 +26,7 @@ source=(
   "git+https://gitlab.gnome.org/GNOME/glib.git#commit=$_commit"
   "git+https://gitlab.gnome.org/GNOME/gvdb.git"
   0001-glib-compile-schemas-Remove-noisy-deprecation-warnin.patch
+  0002-gthreadedresolver-Fix-race-between-source-callbacks-.patch
   0002-glocalfileinfo-add-a-dbus-thumbnail-generator.patch
   gio-querymodules.hook
   glib-compile-schemas.hook
@@ -33,6 +34,7 @@ source=(
 b2sums=('SKIP'
         'SKIP'
         '94c73ca7070c239494873dd52d6ee09382bbb5b1201f7afd737cfa140b1a2fb0744b2c2831baf3943d1d072550c35888d21ce6f19f89481ff9d1a60d9a0b30e0'
+        'ffa7a0f8d9dc09864a6a8083b20f634788e5929cd678f7c38ce65be7cdfdea50d0be3cf3a7e6b9a2641f21a085b90b7ac33a2a81ae62a8963992aa9eb7699f57'
         '7f6bc830e8ccf0ef8d1afa178af5141f2ff6b9387efd6675a27627ff90548b854c68bfc928b680833352b055de316f92726391909884f89c7a042825a942c03b'
         '14c9211c0557f6d8d9a914f1b18b7e0e23f79f4abde117cb03ab119b95bf9fa9d7a712aa0a29beb266468aeb352caa3a9e4540503cfc9fe0bbaf764371832a96'
         'd30d349b4cb4407839d9074ce08f5259b8a5f3ca46769aabc621f17d15effdb89c4bf19bd23603f6df3d59f8d1adaded0f4bacd0333afcab782f2d048c882858')
@@ -48,6 +50,11 @@ prepare() {
   # Suppress noise from glib-compile-schemas.hook
   git apply -3 ../0001-glib-compile-schemas-Remove-noisy-deprecation-warnin.patch
 
+  # Fix NetworkManager crashes
+  # https://bugs.archlinux.org/task/79658
+  # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3575
+  git apply -3 ../0002-gthreadedresolver-Fix-race-between-source-callbacks-.patch
+
   # Apply patch to generate thumbnails
   git apply -3 ../0002-glocalfileinfo-add-a-dbus-thumbnail-generator.patch
author	dudemanguy	2023-10-14 15:02:22 -0500
committer	dudemanguy	2023-10-14 15:02:22 -0500
commit	fa561fdf4f9830fbbb3265b0d9b30b4d9a771ebc (patch)
tree	e3e3d7d92a3dfdea2cfceba4250ab5af65b244f2
parent	0b2dcc779e8eb3ffbfa3355c019f4beb502de9d7 (diff)
download	aur-fa561fdf4f9830fbbb3265b0d9b30b4d9a771ebc.tar.gz