diff options
| author | Michael Weghorn <m.weghorn@posteo.de> | 2025-02-14 13:37:23 +0100 |
|---|---|---|
| committer | Michael Weghorn <m.weghorn@posteo.de> | 2025-02-14 16:43:42 +0100 |
| commit | 38024bc9559d75696eb8c91ac5b0b41be0baa55f (patch) | |
| tree | 717fcdec8b516e965dcd1936c714de6d26c386d0 /extensions/source/propctrlr/stringrepresentation.cxx | |
| parent | ec95d529b51e95b074adaafb9f113904fed636c7 (diff) | |
gtk4: Own the string when freeing it
As the GVariant format string doc says [1] about
pointers:
> The `&` character is used to indicate that serialised data should be
> directly exchanged via a pointer.
>
> Currently, the only use for this character is when it is applied to a
> string (ie: `&s`, `&o` or `&g`). For `g_variant_new()` this has absolutely no
> effect. The string is collected and duplicated normally. For
> `g_variant_get()` it means that instead of creating a newly allocated copy
> of the string, a pointer to the serialised data is returned. This
> pointer should not be freed. Validity checks are performed to ensure
> that the string data will always be properly nul-terminated.
Therefore, freeing the string with
g_free(pLabel);
is incorrect and resulted in a crash when starting Writer with
the gtk4 VCL plugin, s. backtrace below.
Use just "s" instead of "&s" for the format string to get a
string copy that is owned and can be freed.
(Dropping the `g_free` might be an alternative and avoid
a string copy, but it's not instantly clear to me whether
using "a pointer to the serialised data" is safe without
digging any deeper what exactly that means.)
Backtrace:
free(): invalid pointer
[New Thread 125500.125502]
[New Thread 125500.125503]
[New Thread 125500.125504]
[New Thread 125500.125505]
[New Thread 125500.125506]
[New Thread 125500.125507]
[New Thread 125500.125508]
[New Thread 125500.125510]
[New Thread 125500.125511]
[New Thread 125500.125525]
Thread 1 received signal SIGABRT, Aborted.
__pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
warning: 44 ./nptl/pthread_kill.c: No such file or directory
(rr) bt
#0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
#1 0x00007f0bb969de2f in __pthread_kill_internal (threadid=<optimized out>, signo=6) at ./nptl/pthread_kill.c:78
#2 0x00007f0bb9649d02 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#3 0x00007f0bb96324f0 in __GI_abort () at ./stdlib/abort.c:79
#4 0x00007f0bb963332d in __libc_message_impl (fmt=fmt@entry=0x7f0bb97b5303 "%s\n") at ../sysdeps/posix/libc_fatal.c:134
#5 0x00007f0bb96a7965 in malloc_printerr (str=str@entry=0x7f0bb97b3082 "free(): invalid pointer") at ./malloc/malloc.c:5772
#6 0x00007f0bb96a9bf4 in _int_free (av=0x7f0bb97f1ac0 <main_arena>, p=<optimized out>, have_lock=have_lock@entry=0) at ./malloc/malloc.c:4507
#7 0x00007f0bb96ac43f in __GI___libc_free (mem=<optimized out>) at ./malloc/malloc.c:3398
#8 0x00007f0ba62b908a in (anonymous namespace)::MenuHelper::get_item_label (this=0x55b0c8dcd360, rIdent="standard") at vcl/unx/gtk4/../gtk3/gtkinst.cxx:5684
#9 0x00007f0ba63013d8 in (anonymous namespace)::GtkInstanceMenu::get_label (this=0x55b0c8dcd360, rIdent="standard") at vcl/unx/gtk4/../gtk3/gtkinst.cxx:11694
#10 0x00007f0ba6301b2f in virtual thunk to (anonymous namespace)::GtkInstanceMenu::get_label(rtl::OUString const&) const () at vcl/unx/gtk4/../gtk3/gtkinst.cxx:11823
#11 0x00007f0bb482d026 in (anonymous namespace)::SelectionTypePopup::GetItemTextForState (this=0x7ffed304ad80, nState=0) at /home/michi/development/git/libreoffice/svx/source/stbctrls/selctrl.cxx:56
#12 0x00007f0bb482cc59 in SvxSelectionModeControl::StateChangedAtStatusBarControl (this=0x55b0c8d2d6e0, eState=SfxItemState::DEFAULT, pState=0x55b0c8f331c0) at /home/michi/development/git/libreoffice/svx/source/stbctrls/selctrl.cxx:128
#13 0x00007f0bb5f9af1e in SfxStatusBarControl::statusChanged (this=0x55b0c8d2d6e0, rEvent=...) at /home/michi/development/git/libreoffice/sfx2/source/statbar/stbitem.cxx:263
#14 0x00007f0bb5a9d4c8 in SfxDispatchController_Impl::addStatusListener (this=0x55b0c8ed6380, aListener=uno::Reference to (SvxSelectionModeControl *) 0x55b0c8d2d6f0, aURL=...)
at /home/michi/development/git/libreoffice/sfx2/source/control/unoctitm.cxx:841
#15 0x00007f0bb5a9d174 in SfxOfficeDispatch::addStatusListener (this=0x55b0c8f280e0, aListener=uno::Reference to (SvxSelectionModeControl *) 0x55b0c8d2d6f0, aURL=...)
at /home/michi/development/git/libreoffice/sfx2/source/control/unoctitm.cxx:283
#16 0x00007f0bb28a8577 in svt::StatusbarController::bindListener (this=0x55b0c8d2d6e0) at /home/michi/development/git/libreoffice/svtools/source/uno/statusbarcontroller.cxx:462
#17 0x00007f0bb28a7f09 in svt::StatusbarController::update (this=0x55b0c8d2d6e0) at /home/michi/development/git/libreoffice/svtools/source/uno/statusbarcontroller.cxx:169
#18 0x00007f0bb6d41a6b in framework::(anonymous namespace)::lcl_UpdateController<std::__debug::map<unsigned short, com::sun::star::uno::Reference<com::sun::star::frame::XStatusbarController>, std::less<unsigned short>, std::allocator<std::pair<unsigned short const, com::sun::star::uno::Reference<com::sun::star::frame::XStatusbarController> > > > >::operator() (this=0x7ffed304b547, rElement={...})
at /home/michi/development/git/libreoffice/framework/source/uielement/statusbarmanager.cxx:69
#19 0x00007f0bb6d3e5ef in std::for_each<__gnu_debug::_Safe_iterator<std::_Rb_tree_iterator<std::pair<unsigned short const, com::sun::star::uno::Reference<com::sun::star::frame::XStatusbarController> > >, std::__debug::map<unsigned short, com::sun::star::uno::Reference<com::sun::star::frame::XStatusbarController>, std::less<unsigned short>, std::allocator<std::pair<unsigned short const, com::sun::star::uno::Reference<com::sun::star::frame::XStatusbarController> > > >, std::bidirectional_iterator_tag>, framework::(anonymous namespace)::lcl_UpdateController<std::__debug::map<unsigned short, com::sun::star::uno::Reference<com::sun::star::frame::XStatusbarController>, std::less<unsigned short>, std::allocator<std::pair<unsigned short const, com::sun::star::uno::Reference<com::sun::star::frame::XStatusbarController> > > > > > (__first={...}, __last={...}, __f=...)
at /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/c++/14/bits/stl_algo.h:3786
#20 0x00007f0bb6d3d9a5 in framework::StatusBarManager::UpdateControllers (this=0x55b0c8cefc90) at /home/michi/development/git/libreoffice/framework/source/uielement/statusbarmanager.cxx:269
#21 0x00007f0bb6d4028b in framework::StatusBarManager::FillStatusBar (this=0x55b0c8cefc90, rItemContainer=uno::Reference to (framework::ConstItemContainer *) 0x55b0c8e017e8)
at /home/michi/development/git/libreoffice/framework/source/uielement/statusbarmanager.cxx:479
#22 0x00007f0bb6d4ae38 in framework::StatusBarWrapper::initialize (this=0x55b0c8d0f060, aArguments=uno::Sequence of length 4 = {...}) at /home/michi/development/git/libreoffice/framework/source/uielement/statusbarwrapper.cxx:117
#23 0x00007f0bb6df9104 in framework::MenuBarFactory::CreateUIElement
(ResourceURL="private:resource/statusbar/statusbar", Args=uno::Sequence of length 2 = {...}, ResourceType=u"private:resource/statusbar/", _xMenuBar=uno::Reference to (framework::StatusBarWrapper *) 0x55b0c8d0f0f8, _rxContext=uno::Reference to (cppu::(anonymous namespace)::ComponentContext *) 0x55b0ba8b8308) at /home/michi/development/git/libreoffice/framework/source/uifactory/menubarfactory.cxx:158
#24 0x00007f0bb6df9c0a in (anonymous namespace)::StatusBarFactory::createUIElement (this=0x55b0c8e03800, ResourceURL="private:resource/statusbar/statusbar", Args=uno::Sequence of length 2 = {...})
at /home/michi/development/git/libreoffice/framework/source/uifactory/statusbarfactory.cxx:68
#25 0x00007f0bb6df9d74 in non-virtual thunk to (anonymous namespace)::StatusBarFactory::createUIElement(rtl::OUString const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) ()
at /home/michi/development/git/libreoffice/instdir/program/libfwklo.so
#26 0x00007f0bb6e01290 in (anonymous namespace)::UIElementFactoryManager::createUIElement (this=0x55b0bf803260, ResourceURL="private:resource/statusbar/statusbar", Args=uno::Sequence of length 2 = {...})
at /home/michi/development/git/libreoffice/framework/source/uifactory/uielementfactorymanager.cxx:440
#27 0x00007f0bb6e024f4 in non-virtual thunk to (anonymous namespace)::UIElementFactoryManager::createUIElement(rtl::OUString const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) ()
at /home/michi/development/git/libreoffice/instdir/program/libfwklo.so
#28 0x00007f0bb6b6d427 in framework::LayoutManager::implts_createElement (this=0x55b0c1e3a170, aName="private:resource/statusbar/statusbar")
at /home/michi/development/git/libreoffice/framework/source/layoutmanager/layoutmanager.cxx:730
#29 0x00007f0bb6b71852 in framework::LayoutManager::implts_createStatusBar (this=0x55b0c1e3a170, aStatusBarName="private:resource/statusbar/statusbar")
at /home/michi/development/git/libreoffice/framework/source/layoutmanager/layoutmanager.cxx:849
#30 0x00007f0bb6b75bcc in framework::LayoutManager::createElement (this=0x55b0c1e3a170, aName="private:resource/statusbar/statusbar") at /home/michi/development/git/libreoffice/framework/source/layoutmanager/layoutmanager.cxx:1443
#31 0x00007f0bb6b76b57 in framework::LayoutManager::requestElement (this=0x55b0c1e3a170, rResourceURL="private:resource/statusbar/statusbar")
at /home/michi/development/git/libreoffice/framework/source/layoutmanager/layoutmanager.cxx:1570
#32 0x00007f0bb595f0b5 in SfxWorkWindow::UpdateStatusBar_Impl (this=0x55b0bf82f570) at /home/michi/development/git/libreoffice/sfx2/source/appl/workwin.cxx:1471
#33 0x00007f0bb595e9a0 in SfxWorkWindow::UpdateObjectBars_Impl2 (this=0x55b0bf82f570) at /home/michi/development/git/libreoffice/sfx2/source/appl/workwin.cxx:1242
#34 0x00007f0bb595e001 in SfxWorkWindow::UpdateObjectBars_Impl (this=0x55b0bf82f570) at /home/michi/development/git/libreoffice/sfx2/source/appl/workwin.cxx:1095
#35 0x00007f0bb59ca573 in SfxDispatcher::Update_Impl (this=0x55b0c742b5b0, bForce=false) at /home/michi/development/git/libreoffice/sfx2/source/control/dispatch.cxx:1123
#36 0x00007f0bb6003921 in SfxBaseController::ConnectSfxFrame_Impl (this=0x55b0c7469930, i_eConnect=SfxBaseController::E_CONNECT) at /home/michi/development/git/libreoffice/sfx2/source/view/sfxbasecontroller.cxx:1207
#37 0x00007f0bb6002ade in SfxBaseController::attachFrame (this=0x55b0c7469930, xFrame=uno::Reference to ((anonymous namespace)::XFrameImpl *) 0x55b0bfb36e40)
at /home/michi/development/git/libreoffice/sfx2/source/view/sfxbasecontroller.cxx:531
#38 0x00007f0bb5fd38b9 in utl::ConnectFrameControllerModel
(xFrame=uno::Reference to ((anonymous namespace)::XFrameImpl *) 0x55b0bfb36e40, xController=uno::Reference to (SwXTextView *) 0x55b0c7469958, xModel=uno::Reference to (SwXTextDocument *) 0x55b0c71c0670)
at include/unotools/fcm.hxx:57
#39 0x00007f0bb5fcfec1 in (anonymous namespace)::SfxFrameLoader_Impl::impl_createDocumentView
(i_rModel=uno::Reference to (SwXTextDocument *) 0x55b0c71c0670, i_rFrame=uno::Reference to ((anonymous namespace)::XFrameImpl *) 0x55b0bfb36e40, i_rViewFactoryArgs=..., i_rViewName="Default")
at /home/michi/development/git/libreoffice/sfx2/source/view/frmload.cxx:585
#40 0x00007f0bb5fcd45c in (anonymous namespace)::SfxFrameLoader_Impl::load (this=0x55b0c22dc9f0, rArgs=uno::Sequence of length 9 = {...}, _rTargetFrame=uno::Reference to ((anonymous namespace)::XFrameImpl *) 0x55b0bfb36e40)
at /home/michi/development/git/libreoffice/sfx2/source/view/frmload.cxx:764
#41 0x00007f0bb6bc2644 in framework::LoadEnv::impl_loadContent (this=0x55b0c1271ec8) at /home/michi/development/git/libreoffice/framework/source/loadenv/loadenv.cxx:1180
#42 0x00007f0bb6bbf7a5 in framework::LoadEnv::start (this=0x55b0c1271ec8) at /home/michi/development/git/libreoffice/framework/source/loadenv/loadenv.cxx:415
#43 0x00007f0bb6bbd452 in framework::LoadEnv::startLoading
(this=0x55b0c1271ec8, sURL="private:factory/swriter", lMediaDescriptor=uno::Sequence of length 4 = {...}, xBaseFrame=uno::Reference to (framework::Desktop *) 0x55b0bbbee8c8, sTarget="_default", nSearchFlags=0, eFeature=(LoadEnvFeatu--Type <RET> for more, q to quit, c to continue without paging--
res::WorkWithUI | LoadEnvFeatures::AllowContentHandler)) at /home/michi/development/git/libreoffice/framework/source/loadenv/loadenv.cxx:311
#44 0x00007f0bb6a56311 in framework::LoadDispatcher::impl_dispatch (this=0x55b0c1271e70, rURL=..., lArguments=uno::Sequence of length 4 = {...}, xListener=empty uno::Reference)
at /home/michi/development/git/libreoffice/framework/source/dispatch/loaddispatcher.cxx:107
#45 0x00007f0bb6a57071 in framework::LoadDispatcher::dispatchWithReturnValue (this=0x55b0c1271e70, rURL=..., lArguments=uno::Sequence of length 4 = {...})
at /home/michi/development/git/libreoffice/framework/source/dispatch/loaddispatcher.cxx:60
#46 0x00007f0bb6a57114 in non-virtual thunk to framework::LoadDispatcher::dispatchWithReturnValue(com::sun::star::util::URL const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) ()
at /home/michi/development/git/libreoffice/framework/source/dispatch/loaddispatcher.cxx:60
#47 0x00007f0bb80110b0 in comphelper::SynchronousDispatch::dispatch (xStartPoint=uno::Reference to (framework::Desktop *) 0x55b0bbbee8b8, sURL="private:factory/swriter", sTarget="_default", lArguments=uno::Sequence of length 4 = {...})
at /home/michi/development/git/libreoffice/comphelper/source/misc/synchronousdispatch.cxx:62
#48 0x00007f0bb99757fd in desktop::DispatchWatcher::executeDispatchRequests (this=0x55b0c16043b0, aDispatchRequestsList=std::__debug::vector of length 1, capacity 1 = {...}, bNoTerminate=false)
at /home/michi/development/git/libreoffice/desktop/source/app/dispatchwatcher.cxx:529
#49 0x00007f0bb9993b5a in desktop::RequestHandler::ExecuteCmdLineRequests (aRequest=..., noTerminate=false) at /home/michi/development/git/libreoffice/desktop/source/app/officeipcthread.cxx:1347
#50 0x00007f0bb992f196 in desktop::Desktop::OpenDefault () at /home/michi/development/git/libreoffice/desktop/source/app/app.cxx:2276
#51 0x00007f0bb992e5cd in desktop::Desktop::OpenClients () at /home/michi/development/git/libreoffice/desktop/source/app/app.cxx:2220
#52 0x00007f0bb992c3a3 in desktop::Desktop::OpenClients_Impl (this=0x7ffed3055280) at /home/michi/development/git/libreoffice/desktop/source/app/app.cxx:1979
#53 0x00007f0bb992aa3d in desktop::Desktop::LinkStubOpenClients_Impl (instance=0x7ffed3055280, data=0x0) at /home/michi/development/git/libreoffice/desktop/source/app/app.cxx:1963
#54 0x00007f0bb02ac091 in Link<void*, void>::Call (this=0x55b0bffb6ba8, data=0x0) at include/tools/link.hxx:105
#55 0x00007f0bb02a8291 in ImplHandleUserEvent (pSVEvent=0x55b0bffb6ba0) at /home/michi/development/git/libreoffice/vcl/source/window/winproc.cxx:2285
#56 0x00007f0bb02a51ba in ImplWindowFrameProc (_pWindow=0x55b0bfc9e9b0, nEvent=SalEvent::UserEvent, pEvent=0x55b0bffb6ba0) at /home/michi/development/git/libreoffice/vcl/source/window/winproc.cxx:2849
#57 0x00007f0bb0e665bc in SalFrame::CallCallback (this=0x55b0bf7eaa50, nEvent=SalEvent::UserEvent, pEvent=0x55b0bffb6ba0) at vcl/inc/salframe.hxx:311
#58 0x00007f0bb0e8ef5f in SalGenericDisplay::ProcessEvent (this=0x55b0baa61510, aEvent=...) at /home/michi/development/git/libreoffice/vcl/unx/generic/app/gendisp.cxx:66
#59 0x00007f0bb09aaddd in SalUserEventList::DispatchUserEvents(bool)::$_0::operator()() const (this=0x7ffed3053530) at /home/michi/development/git/libreoffice/vcl/source/app/salusereventlist.cxx:119
#60 0x00007f0bb09aacb6 in SalUserEventList::DispatchUserEvents (this=0x55b0baa61510, bHandleAllCurrentEvents=false) at /home/michi/development/git/libreoffice/vcl/source/app/salusereventlist.cxx:120
#61 0x00007f0bb0e8eeb5 in SalGenericDisplay::DispatchInternalEvent (this=0x55b0baa61510, bHandleAllCurrentEvent=false) at /home/michi/development/git/libreoffice/vcl/unx/generic/app/gendisp.cxx:51
#62 0x00007f0ba628536f in call_userEventFn (data=0x55b0ba8d13e0) at vcl/unx/gtk4/../gtk3/gtkdata.cxx:827
#63 0x00007f0babd03d5f in ??? () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#64 0x00007f0babd05fd7 in ??? () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#65 0x00007f0babd06740 in g_main_context_iteration () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#66 0x00007f0ba62840ac in GtkSalData::Yield (this=0x55b0ba8d13e0, bWait=true, bHandleAllCurrentEvents=false) at vcl/unx/gtk4/../gtk3/gtkdata.cxx:405
#67 0x00007f0ba6289863 in GtkInstance::DoYield (this=0x55b0ba8d1290, bWait=true, bHandleAllCurrentEvents=false) at vcl/unx/gtk4/../gtk3/gtkinst.cxx:439
#68 0x00007f0bb0a75c06 in ImplYield (i_bWait=true, i_bAllEvents=false) at /home/michi/development/git/libreoffice/vcl/source/app/svapp.cxx:385
#69 0x00007f0bb0a7551f in Application::Yield () at /home/michi/development/git/libreoffice/vcl/source/app/svapp.cxx:488
#70 0x00007f0bb0a75300 in Application::Execute () at /home/michi/development/git/libreoffice/vcl/source/app/svapp.cxx:360
#71 0x00007f0bb9928a19 in desktop::Desktop::Main (this=0x7ffed3055280) at /home/michi/development/git/libreoffice/desktop/source/app/app.cxx:1679
#72 0x00007f0bb0a970d6 in ImplSVMain () at /home/michi/development/git/libreoffice/vcl/source/app/svmain.cxx:230
#73 0x00007f0bb0a98cc9 in SVMain () at /home/michi/development/git/libreoffice/vcl/source/app/svmain.cxx:248
#74 0x00007f0bb99a22fa in soffice_main () at /home/michi/development/git/libreoffice/desktop/source/app/sofficemain.cxx:122
#75 0x000055b09e4b3a6d in sal_main () at /home/michi/development/git/libreoffice/desktop/source/app/main.c:51
#76 0x000055b09e4b3a47 in main (argc=2, argv=0x7ffed3055488) at /home/michi/development/git/libreoffice/desktop/source/app/main.c:49
[1] https://docs.gtk.org/glib/gvariant-format-strings.html#pointers
Change-Id: I87bd2840ac573426264d1dff2fd40ab292f09fc1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/181666
Tested-by: Jenkins
Reviewed-by: Michael Weghorn <m.weghorn@posteo.de>
Diffstat (limited to 'extensions/source/propctrlr/stringrepresentation.cxx')
0 files changed, 0 insertions, 0 deletions