diff options
author | Stephan Bergmann <sbergman@redhat.com> | 2019-09-09 11:54:04 +0200 |
---|---|---|
committer | Stephan Bergmann <sbergman@redhat.com> | 2019-09-11 19:26:09 +0200 |
commit | 833c23264b532e34e050e3b8747c02ede6bf7350 (patch) | |
tree | 3739577c07f27ed006dbf1dcf507c787303947a8 /sd | |
parent | 27808e6e3ed049dda09f552b7769a4e87a82283a (diff) |
Fix stack-use-after-return when moving a slide in the list
...very far, so that the list needs to scroll:
> ==1676==ERROR: AddressSanitizer: stack-use-after-return on address 0x7f039a1e6420 at pc 0x7f03c34e0658 bp 0x7ffede26b140 sp 0x7ffede26b138
> READ of size 8 at 0x7f039a1e6420 thread T0
> #0 in Point::X() const at include/tools/gen.hxx:78:44 (instdir/program/libvcllo.so +0x5cf6657)
> #1 in OutputDevice::PixelToLogic(Point const&) const at vcl/source/outdev/map.cxx:1191:47
> #2 in sd::slidesorter::controller::DragAndDropContext::UpdatePosition(Point const&, sd::slidesorter::controller::InsertionIndicatorHandler::Mode, bool) at sd/source/ui/slidesorter/controller/SlsDragAndDropContext.cxx:84:47
> #3 in sd::slidesorter::controller::DragAndDropContext::UpdatePosition(Point const&, sd::slidesorter::controller::InsertionIndicatorHandler::Mode, bool)::$_0::operator()() const at sd/source/ui/slidesorter/controller/SlsDragAndDropContext.cxx:92:34
> #4 in void std::__invoke_impl<void, sd::slidesorter::controller::DragAndDropContext::UpdatePosition(Point const&, sd::slidesorter::controller::InsertionIndicatorHandler::Mode, bool)::$_0&>(std::__invoke_other, sd::slidesorter::controller::DragAndDropContext::UpdatePosition(Point const&, sd::slidesorter::controller::InsertionIndicatorHandler::Mode, bool)::$_0&) at gcc/x86_64-pc-linux-gnu/10.0.0/../../../../include/c++/10.0.0/bits/invoke.h:60:14
> #5 in std::enable_if<is_invocable_r_v<void, sd::slidesorter::controller::DragAndDropContext::UpdatePosition(Point const&, sd::slidesorter::controller::InsertionIndicatorHandler::Mode, bool)::$_0&>, void>::type std::__invoke_r<void, sd::slidesorter::controller::DragAndDropContext::UpdatePosition(Point const&, sd::slidesorter::controller::InsertionIndicatorHandler::Mode, bool)::$_0&>(sd::slidesorter::controller::DragAndDropContext::UpdatePosition(Point const&, sd::slidesorter::controller::InsertionIndicatorHandler::Mode, bool)::$_0&) at gcc/x86_64-pc-linux-gnu/10.0.0/../../../../include/c++/10.0.0/bits/invoke.h:110:2
> #6 in std::_Function_handler<void (), sd::slidesorter::controller::DragAndDropContext::UpdatePosition(Point const&, sd::slidesorter::controller::InsertionIndicatorHandler::Mode, bool)::$_0>::_M_invoke(std::_Any_data const&) at gcc/x86_64-pc-linux-gnu/10.0.0/../../../../include/c++/10.0.0/bits/std_function.h:291:9
> #7 in std::function<void ()>::operator()() const at gcc/x86_64-pc-linux-gnu/10.0.0/../../../../include/c++/10.0.0/bits/std_function.h:622:14
> #8 in sd::slidesorter::controller::ScrollBarManager::RepeatAutoScroll() at sd/source/ui/slidesorter/controller/SlsScrollBarManager.cxx:518:17
> #9 in sd::slidesorter::controller::ScrollBarManager::AutoScrollTimeoutHandler(Timer*) at sd/source/ui/slidesorter/controller/SlsScrollBarManager.cxx:539:5
> #10 in sd::slidesorter::controller::ScrollBarManager::LinkStubAutoScrollTimeoutHandler(void*, Timer*) at sd/source/ui/slidesorter/controller/SlsScrollBarManager.cxx:537:1
> #11 in Link<Timer*, void>::Call(Timer*) const at include/tools/link.hxx:112:45
> #12 in Timer::Invoke() at vcl/source/app/timer.cxx:75:21
> #13 in Scheduler::ProcessTaskScheduling() at vcl/source/app/scheduler.cxx:479:20
> #14 in Scheduler::CallbackTaskScheduling() at vcl/source/app/scheduler.cxx:287:5
> #15 in SalTimer::CallCallback() at vcl/inc/saltimer.hxx:54:13
> #16 in sal_gtk_timeout_dispatch(_GSource*, int (*)(void*), void*) at vcl/unx/gtk3/gtk3gtkdata.cxx:761:45
> #17 in g_main_dispatch at ../glib/gmain.c:3189:28
> [...]
> Address 0x7f039a1e6420 is located in stack of thread T0 at offset 32 in frame
> #0 in sd::slidesorter::controller::SelectionFunction::MouseDragged(AcceptDropEvent const&, signed char) at sd/source/ui/slidesorter/controller/SlsSelectionFunction.cxx:630 (instdir/program/../program/libsdlo.so +0x5c22e1f)
> This frame has 1 object(s):
> [32, 104) 'aEventDescriptor' (line 631) <== Memory access at offset 32 is inside this variable
> HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
> (longjmp and C++ exceptions *are* supported)
Presumably a regression introduced with 26912eea7521dd2b84bfac56b322cf0f8b142450
"sd: replace boost::bind with C++11 lambdas and for loops", assuming that
boost::bind bound rMousePosition by value.
Change-Id: I4cefc5974b7377ff4918d59b51fc8cda41292702
Reviewed-on: https://gerrit.libreoffice.org/78774
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Diffstat (limited to 'sd')
-rw-r--r-- | sd/source/ui/slidesorter/controller/SlsDragAndDropContext.cxx | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sd/source/ui/slidesorter/controller/SlsDragAndDropContext.cxx b/sd/source/ui/slidesorter/controller/SlsDragAndDropContext.cxx index 342ac4599f3d..9db562c480db 100644 --- a/sd/source/ui/slidesorter/controller/SlsDragAndDropContext.cxx +++ b/sd/source/ui/slidesorter/controller/SlsDragAndDropContext.cxx @@ -88,7 +88,7 @@ void DragAndDropContext::UpdatePosition ( bool bDoAutoScroll = bAllowAutoScroll && mpTargetSlideSorter->GetController().GetScrollBarManager().AutoScroll( rMousePosition, - [this, eMode, &rMousePosition] () { + [this, eMode, rMousePosition] () { return this->UpdatePosition(rMousePosition, eMode, false); }); |