From 11f36a5f76c25043412b68765b57d09095173880 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Mon, 5 Dec 2011 15:02:27 -0500
Subject: [PATCH] Be absolutely sure to clear pncalls before leaving
 event_signal_closure

I thought we'd fixed the cases where this could come up, but
apparently having an event_base_break() happen while processing
signal events could get us in trouble.

Found by Remi Gacogne.  Sourceforge issue 3451433 .
---
 event.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/event.c b/event.c
index 689ce298..868e865a 100644
--- a/event.c
+++ b/event.c
@@ -1038,7 +1038,8 @@ event_signal_closure(struct event_base *base, struct event *ev)
 
 	/* Allows deletes to work */
 	ncalls = ev->ev_ncalls;
-	ev->ev_pncalls = &ncalls;
+	if (ncalls != 0)
+		ev->ev_pncalls = &ncalls;
 	EVBASE_RELEASE_LOCK(base, th_base_lock);
 	while (ncalls) {
 		ncalls--;
@@ -1051,8 +1052,11 @@ event_signal_closure(struct event_base *base, struct event *ev)
 		should_break = base->event_break;
 		EVBASE_RELEASE_LOCK(base, th_base_lock);
 
-		if (should_break)
+		if (should_break) {
+			if (ncalls != 0)
+				ev->ev_pncalls = NULL;
 			return;
+		}
 	}
 }