Be absolutely sure to clear pncalls before leaving event_signal_closure

I thought we'd fixed the cases where this could come up, but
apparently having an event_base_break() happen while processing
signal events could get us in trouble.

Found by Remi Gacogne.  Sourceforge issue 3451433 .

diff --git a/event.c b/event.c
index 689ce298fec0130aa2fcc331b3c928d97b7ee787..868e865a974df81a2a817c6e696218bd4d755609 100644 (file)
--- a/event.c
+++ b/event.c
@@ -1038,7 +1038,8 @@ event_signal_closure(struct event_base *base, struct event *ev)
 
        /* Allows deletes to work */
        ncalls = ev->ev_ncalls;
-       ev->ev_pncalls = &ncalls;
+       if (ncalls != 0)
+               ev->ev_pncalls = &ncalls;
        EVBASE_RELEASE_LOCK(base, th_base_lock);
        while (ncalls) {
                ncalls--;
@@ -1051,8 +1052,11 @@ event_signal_closure(struct event_base *base, struct event *ev)
                should_break = base->event_break;
                EVBASE_RELEASE_LOCK(base, th_base_lock);
 
-               if (should_break)
+               if (should_break) {
+                       if (ncalls != 0)
+                               ev->ev_pncalls = NULL;
                        return;
+               }
        }
 }