There are a large number of files in the tree that define _GNU_SOURCE
despite not actually using features hidden behind this flag. This patch
removes all these definitions in one fell swoop...
If an operation is in progress and an operation is canceled, we don't
actually destroy it, but simply clear out the callback. In the case of
a context being destroyed, the operation is left on the simfs op_q with
a dangling pointer to the already freed context. So the current logic
in sim_fs_op_free tries to access invalid memory.
Fix this by performing the watch operations in sim_fs_end_current
instead and setting the context pointer appropriately.
0 0x00007ffff7b20517 in g_queue_is_empty () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
1 0x00005555556adcdd in sim_fs_op_free (pointer=0x5555559cb990) at src/simfs.c:101
2 0x00007ffff7b205fc in g_queue_foreach () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
3 0x00007ffff7b2065b in g_queue_free_full () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
4 0x00005555556add81 in sim_fs_free (fs=0x5555559c0780) at src/simfs.c:125
5 0x00005555556828f3 in sim_remove (atom=0x5555559cb000) at src/sim.c:3175
6 0x000055555564f16f in flush_atoms (modem=0x555555a8fb00, new_state=MODEM_STATE_POWER_OFF) at src/modem.c:432
7 0x000055555564f3bd in modem_change_state (modem=0x555555a8fb00, new_state=MODEM_STATE_POWER_OFF)
at src/modem.c:510
8 0x000055555564ff99 in set_powered (modem=0x555555a8fb00, powered=0) at src/modem.c:896
9 0x000055555565074c in modem_set_property (conn=0x55555596c8d0, msg=0x55555596e460, data=0x555555a8fb00)
at src/modem.c:1120
The simfs atom could not read EF's that did not exist on the
'default' ADF directory. This implements a new way to read EF's
that exist on a given AID. A new fs object/context can be
initialized for a given AID. Using this fs context with
the existing read file API will read from that AID rather than
the default ADF.
==20365== Invalid read of size 8
==20365== at 0x4B3501: sim_fs_free (simfs.c:114)
==20365== by 0x493CEC: sim_remove (sim.c:2485)
==20365== by 0x4703D7: modem_change_state (modem.c:410)
==20365== by 0x470664: set_powered (modem.c:848)
==20365== by 0x4706BA: __ofono_modem_shutdown (modem.c:2137)
==20365== by 0x46F2C5: signal_cb (main.c:76)
==20365== by 0x52F555E: g_io_unix_dispatch (giounix.c:166)
==20365== by 0x52A0AAB: g_main_dispatch (gmain.c:2440)
==20365== by 0x52A203B: g_main_context_dispatch (gmain.c:3013)
==20365== by 0x52A2501: g_main_context_iterate (gmain.c:3091)
==20365== by 0x52A2C98: g_main_loop_run (gmain.c:3299)
==20365== by 0x46F0D3: main (main.c:243)
==20365== Address 0x63ff998 is 8 bytes inside a block of size 16 free'd
==20365== at 0x4C2612D: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==20365== by 0x52AA4A1: g_free (gmem.c:263)
==20365== by 0x52C433D: g_slice_free1 (gslice.c:907)
==20365== by 0x52C58D0: g_slist_free_1 (gslist.c:192)
==20365== by 0x52C5C5F: g_slist_remove (gslist.c:465)
==20365== by 0x4B342A: sim_fs_context_free (simfs.c:192)
==20365== by 0x4B3500: sim_fs_free (simfs.c:117)
==20365== by 0x493CEC: sim_remove (sim.c:2485)
==20365== by 0x4703D7: modem_change_state (modem.c:410)
==20365== by 0x470664: set_powered (modem.c:848)
==20365== by 0x4706BA: __ofono_modem_shutdown (modem.c:2137)
==20365== by 0x46F2C5: signal_cb (main.c:76)
==20287== Invalid read of size 4
==20287== at 0x52B5C6B: g_queue_peek_nth_link (gqueue.c:704)
==20287== by 0x52B5F57: g_queue_peek_nth (gqueue.c:848)
==20287== by 0x4B33ED: sim_fs_context_free (simfs.c:170)
==20287== by 0x4B34F8: sim_fs_free (simfs.c:116)
==20287== by 0x493CEC: sim_remove (sim.c:2485)
==20287== by 0x4703D7: modem_change_state (modem.c:410)
==20287== by 0x470664: set_powered (modem.c:848)
==20287== by 0x4706BA: __ofono_modem_shutdown (modem.c:2137)
==20287== by 0x46F2C5: signal_cb (main.c:76)
==20287== by 0x52F555E: g_io_unix_dispatch (giounix.c:166)
==20287== by 0x52A0AAB: g_main_dispatch (gmain.c:2440)
==20287== by 0x52A203B: g_main_context_dispatch (gmain.c:3013)
==20287== Address 0x63fae70 is 16 bytes inside a block of size 24
free'd
==20287== at 0x4C2612D: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==20287== by 0x52AA4A1: g_free (gmem.c:263)
==20287== by 0x52C433D: g_slice_free1 (gslice.c:907)
==20287== by 0x52B4E96: g_queue_free (gqueue.c:60)
==20287== by 0x4B34E0: sim_fs_free (simfs.c:107)
==20287== by 0x493CEC: sim_remove (sim.c:2485)
==20287== by 0x4703D7: modem_change_state (modem.c:410)
==20287== by 0x470664: set_powered (modem.c:848)
==20287== by 0x4706BA: __ofono_modem_shutdown (modem.c:2137)
==20287== by 0x46F2C5: signal_cb (main.c:76)
==20287== by 0x52F555E: g_io_unix_dispatch (giounix.c:166)
==20287== by 0x52A0AAB: g_main_dispatch (gmain.c:2440)
There seems to be no reason that the fileinfo is cached for file
read or block read requests but not info_only requests, so move
code around to fix this. O_RDWR is changed to O_WRONLY for the
cache file because the file is not being read in case of cache miss.
This patch was generated by the following semantic patch
(http://coccinelle.lip6.fr/)
// <smpl>
@fix disable is_null,isnt_null1@
expression *E;
@@
- !E
+ E == NULL
// </smpl>