[Libreoffice-commits] online.git: wsd/LOOLWSD.cpp

Wed, 22 Jan 2020 00:19:58 -0800 

 wsd/LOOLWSD.cpp |    4 ++++
 1 file changed, 4 insertions(+)

New commits:
commit 9a92cd24153523ee71726bcf1d9bae15ff632ab6
Author:     Miklos Vajna <vmik...@collabora.com>
AuthorDate: Wed Jan 22 08:52:55 2020 +0100
Commit:     Miklos Vajna <vmik...@collabora.com>
CommitDate: Wed Jan 22 09:19:05 2020 +0100

    Fix an UB in the DocumentBroker dtor
    
    The problem is that both the DocBrokers map and the instance returned by
    Admin::instance() are static, so there it's not safe to assume that by
    the time the DocumentBroker dtor runs, the static Admin instance is
    still alive. Still, the DocumentBroker dtor calls Admin::instance().
    
    Fix this by clearing the DocBrokers map in LOOLWSD::cleanup(), which is
    used exactly to destroy statics in a controlled order.
    
    Sanitizers output was:
    
    wsd/DocumentBroker.cpp:497:23: runtime error: member call on address 
0x0000024a5ba0 which does not point to an object of type 'Admin'
    0x0000024a5ba0: note: object is of type 'SocketPoll'
     00 00 00 00  50 21 45 01 00 00 00 00  b8 5b 4a 02 00 00 00 00  05 00 00 00 
00 00 00 00  61 64 6d 69
                  ^~~~~~~~~~~~~~~~~~~~~~~
                  vptr for 'SocketPoll'
        #0 0xa10af3 in DocumentBroker::~DocumentBroker() 
wsd/DocumentBroker.cpp:497:23
    ...
        #17 0x7fa27622ddc9 in exit (/lib64/libc.so.6+0x38dc9)
        #18 0x7fa276215f90 in __libc_start_main (/lib64/libc.so.6+0x20f90)
        #19 0x670189 in _start 
/home/abuild/rpmbuild/BUILD/glibc-2.26/csu/../sysdeps/x86_64/start.S:120
    
    SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior 
wsd/DocumentBroker.cpp:497:23 in
    
    (Seen during make check CPPUNIT_TEST_NAME="unit-each-view".)
    
    Change-Id: I02ad44deb9de06d9973216428c640248ea2512ce
    Reviewed-on: https://gerrit.libreoffice.org/c/online/+/87174
    Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
    Reviewed-by: Miklos Vajna <vmik...@collabora.com>

diff --git a/wsd/LOOLWSD.cpp b/wsd/LOOLWSD.cpp
index bcb0ca141..58cd41b7d 100644
--- a/wsd/LOOLWSD.cpp
+++ b/wsd/LOOLWSD.cpp
@@ -3607,6 +3607,10 @@ void LOOLWSD::cleanup()
 #endif
     Socket::InhibitThreadChecks = true;
     SocketPoll::InhibitThreadChecks = true;
+
+    // Delete these while the static Admin instance is still alive.
+    std::lock_guard<std::mutex> docBrokersLock(DocBrokersMutex);
+    DocBrokers.clear();
 }
 
 int LOOLWSD::main(const std::vector<std::string>& /*args*/)
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to