From aff388670a41afeab0668867479f0f0e335d6fe0 Mon Sep 17 00:00:00 2001 From: Lubomir Rintel Date: Thu, 5 May 2016 19:34:19 +0200 Subject: [PATCH 1/4] mbm: clean up the context on activate_ready Otherwise the dangling pointer to the context that's being deallocated causes a crash on spontaneous E2NAP receipt: ModemManager[1567]: [1462468083.031326] [mm-iface-modem.c:1431] __iface_modem_update_state_internal(): Modem /org/freedesktop/ModemManager1/Modem/0: state changed (connecting -> registered) ModemManager[1567]: [1462468083.053745] [mm-port-serial-at.c:459] debug_log(): (ttyACM0): <-- '*E2NAP: 0,36' ModemManager[1567]: [1462468083.053857] [mbm/mm-broadband-modem-mbm.c:824] e2nap_received(): disconnected (ModemManager:1567): GLib-GIO-CRITICAL **: g_simple_async_result_set_error: assertion 'G_IS_SIMPLE_ASYNC_RESULT (simple)' failed Program received signal SIGTRAP, Trace/breakpoint trap. g_logv (log_domain=0x7ffff7086798 "GLib-GIO", log_level=G_LOG_LEVEL_CRITICAL, format=, args=args@entry=0x7fffffffcda0) at gmessages.c:1046 1046 g_private_set (&g_log_depth, GUINT_TO_POINTER (depth)); Missing separate debuginfos, use: debuginfo-install libmbim-1.12.4-2.el7.centos.x86_64 libqmi-1.14.2-1.el7.centos.x86_64 (gdb) bt #0 0x00007ffff6a508c3 in g_logv (log_domain=0x7ffff7086798 "GLib-GIO", log_level=G_LOG_LEVEL_CRITICAL, format=, args=args@entry=0x7fffffffcda0) at gmessages.c:1046 #1 0x00007ffff6a50a3f in g_log (log_domain=log_domain@entry=0x7ffff7086798 "GLib-GIO", log_level=log_level@entry=G_LOG_LEVEL_CRITICAL, format=format@entry=0x7ffff6abe73d "%s: assertion '%s' failed") at gmessages.c:1079 #2 0x00007ffff6a50a79 in g_return_if_fail_warning (log_domain=log_domain@entry=0x7ffff7086798 "GLib-GIO", pretty_function=pretty_function@entry=0x7ffff7092ce0 <__FUNCTION__.13394> "g_simple_async_result_set_error", expression=expression@entry=0x7ffff7092a40 "G_IS_SIMPLE_ASYNC_RESULT (simple)") at gmessages.c:1088 #3 0x00007ffff6ff9d3d in g_simple_async_result_set_error (simple=0x7fffe8006e40, domain=297, code=0, format=0x7ffff175b53f "Call setup failed") at gsimpleasyncresult.c:719 #4 0x00007ffff17569ea in report_connection_status (bearer=0x7fffe4008a40 [MMBroadbandBearerMbm], status=MM_BEARER_CONNECTION_STATUS_DISCONNECTED) at mbm/mm-broadband-bearer-mbm.c:174 #5 0x000055555559c9f1 in mm_base_bearer_report_connection_status (self=0x7fffe4008a40 [MMBroadbandBearerMbm], status=MM_BEARER_CONNECTION_STATUS_DISCONNECTED) at mm-base-bearer.c:1118 #6 0x00007ffff17548ed in bearer_list_report_status_foreach (bearer=0x7fffe4008a40 [MMBroadbandBearerMbm], ctx=0x7fffffffd060) at mbm/mm-broadband-modem-mbm.c:805 #7 0x00007ffff6a45f18 in g_list_foreach (list=, func=0x7ffff17548c9 , user_data=0x7fffffffd060) at glist.c:994 #8 0x00005555555a224b in mm_bearer_list_foreach (self=0x5555558e0680 [MMBearerList], func=0x7ffff17548c9 , user_data=0x7fffffffd060) at mm-bearer-list.c:146 #9 0x00007ffff1754a3d in e2nap_received (port=0x5555558e24c0 [MMPortSerialAt], info=0x555555935730, self=0x555555900330 [MMBroadbandModemMbm]) at mbm/mm-broadband-modem-mbm.c:850 #10 0x000055555563d9fd in parse_unsolicited (port=0x5555558e24c0 [MMPortSerialAt], response=0x7fffe80054f0) at mm-port-serial-at.c:280 #11 0x0000555555639915 in parse_response_buffer (self=0x5555558e24c0 [MMPortSerialAt]) at mm-port-serial.c:889 #12 0x0000555555639f0b in common_input_available (self=0x5555558e24c0 [MMPortSerialAt], condition=G_IO_IN) at mm-port-serial.c:1019 #13 0x0000555555639fc7 in iochannel_input_available (iochannel=0x555555926df0, condition=G_IO_IN, data=0x5555558e24c0) at mm-port-serial.c:1042 #14 0x00007ffff6a4979a in g_main_context_dispatch (context=0x5555558a4a00) at gmain.c:3109 #15 0x00007ffff6a4979a in g_main_context_dispatch (context=context@entry=0x5555558a4a00) at gmain.c:3708 #16 0x00007ffff6a49ae8 in g_main_context_iterate (context=0x5555558a4a00, block=block@entry=1, dispatch=dispatch@entry=1, self=) at gmain.c:3779 #17 0x00007ffff6a49dba in g_main_loop_run (loop=0x5555558acf10) at gmain.c:3973 #18 0x000055555558d068 in main (argc=2, argv=0x7fffffffdc38) at main.c:181 (gdb) https://bugzilla.redhat.com/show_bug.cgi?id=1333293 --- plugins/mbm/mm-broadband-bearer-mbm.c | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/mbm/mm-broadband-bearer-mbm.c b/plugins/mbm/mm-broadband-bearer-mbm.c index 561fcca..d6e98db 100644 --- a/plugins/mbm/mm-broadband-bearer-mbm.c +++ b/plugins/mbm/mm-broadband-bearer-mbm.c @@ -317,6 +317,7 @@ activate_ready (MMBaseModem *modem, * reset ourselves just in case */ if (!mm_base_modem_at_command_full_finish (modem, res, &error)) { + self->priv->connect_pending = NULL; g_simple_async_result_take_error (ctx->result, error); dial_3gpp_context_complete_and_free (ctx); return; -- 2.5.5