diff options
| author | Andrzej Hunt <andrzej@ahunt.org> | 2021-07-11 17:17:27 +0200 |
|---|---|---|
| committer | Michael Stahl <michael.stahl@allotropia.de> | 2021-07-20 11:22:42 +0200 |
| commit | a4360b155bef02cf3da41e3f05c56d42feef7926 (patch) | |
| tree | 5db2e11c3ffbd0f3ae0bea0e29e6e2e44a272bdd /include | |
| parent | 751053e8c998960fbe53f498eb06965b48ea7885 (diff) | |
sdremote: fix race condition in Transmitter shutdown to plug leak
We need to acquire the mutex in notifyFinished() to avoid a race between
notifyFinished() and the loop in run(). And we also need to check
mFinishRequested) while holding the mutex to avoid the same race
condition. While we're here, rename the mutex to make it more obvious
that it's not only protecting the queues.
The race can happen because the loop in run() blocks until
mQueuesNotEmpty is set. It also resets mQueuesNotEmpty at the end of
each iteration if the queues are empty. So if someone sets
mQueuesNotEmpty in the middle of an iteration, and the loop later resets
it, the loop won't continue iterating. But we're actually using
mQueuesNotEmpty to indicate either that the queues have data OR that we
might want to finish transmission.
And the problem is that notifyFinished() sets mFinishRequested, followed
by setting mQueuesNotEmpty in an attempt to get the loop to process
mFinishRequested (at which point the loop should finish and return).
But as described above, we can easily get into a situation where the
loop resets mQueuesNotEmpty again (at least if there's no more pending
data in the queues). In this scenario, the loop blocks forever
(we won't receive any new messages after notifyFinished()), causing a
leak of both Transmitter and any resources it's using - e.g. the
StreamSocket.
The easiest way to fix this is to make it clear that the mutex protects
all internal state, followed by using it to protect all internal state.
This issue is not a big deal in normal usage - it's a tiny leak, and
users won't connect enough clients for accumulated leaks to pose
any issues. But it's ugly, and potentially problematic for long-running
tests which could run out of filedescriptors because of the socket leak.
I will rename mQueuesNotEmpty to something more obvious (possibly
mProcessingRequired) in a separate commit.
Change-Id: I2e22087054f3f6a02e05c568b1832ccc5a8b47a3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/118751
Reviewed-by: Andrzej Hunt <andrzej@ahunt.org>
Tested-by: Jenkins
(cherry picked from commit 8e6cdb02450a876b5c684eb621e1c9383fb1c428)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/118917
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions