|
|
Boost-Commit : |
From: chris_at_[hidden]
Date: 2008-05-27 03:54:14
Author: chris_kohlhoff
Date: 2008-05-27 03:54:12 EDT (Tue, 27 May 2008)
New Revision: 45811
URL: http://svn.boost.org/trac/boost/changeset/45811
Log:
Fix a crash that can occur when destroying a handler object that owns its
own memory (as is the case when destroying handlers in an orphaned strand).
Text files modified:
trunk/boost/asio/detail/handler_queue.hpp | 10 ++++++++
trunk/boost/asio/detail/indirect_handler_queue.hpp | 10 ++++++++
trunk/boost/asio/detail/reactor_op_queue.hpp | 10 ++++++++
trunk/boost/asio/detail/strand_service.hpp | 10 ++++++++
trunk/boost/asio/detail/timer_queue.hpp | 10 ++++++++
trunk/boost/asio/detail/win_iocp_handle_service.hpp | 20 ++++++++++++++++
trunk/boost/asio/detail/win_iocp_io_service.hpp | 10 ++++++++
trunk/boost/asio/detail/win_iocp_socket_service.hpp | 50 ++++++++++++++++++++++++++++++++++++++++
8 files changed, 130 insertions(+), 0 deletions(-)
Modified: trunk/boost/asio/detail/handler_queue.hpp
==============================================================================
--- trunk/boost/asio/detail/handler_queue.hpp (original)
+++ trunk/boost/asio/detail/handler_queue.hpp 2008-05-27 03:54:12 EDT (Tue, 27 May 2008)
@@ -199,6 +199,16 @@
this_type* h(static_cast<this_type*>(base));
typedef handler_alloc_traits<Handler, this_type> alloc_traits;
handler_ptr<alloc_traits> ptr(h->handler_, h);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(h->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
private:
Modified: trunk/boost/asio/detail/indirect_handler_queue.hpp
==============================================================================
--- trunk/boost/asio/detail/indirect_handler_queue.hpp (original)
+++ trunk/boost/asio/detail/indirect_handler_queue.hpp 2008-05-27 03:54:12 EDT (Tue, 27 May 2008)
@@ -246,6 +246,16 @@
this_type* h(static_cast<this_type*>(base));
typedef handler_alloc_traits<Handler, this_type> alloc_traits;
handler_ptr<alloc_traits> ptr(h->handler_, h);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(h->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
private:
Modified: trunk/boost/asio/detail/reactor_op_queue.hpp
==============================================================================
--- trunk/boost/asio/detail/reactor_op_queue.hpp (original)
+++ trunk/boost/asio/detail/reactor_op_queue.hpp 2008-05-27 03:54:12 EDT (Tue, 27 May 2008)
@@ -418,6 +418,16 @@
this_type* this_op(static_cast<this_type*>(base));
typedef handler_alloc_traits<Operation, this_type> alloc_traits;
handler_ptr<alloc_traits> ptr(this_op->operation_, this_op);
+
+ // A sub-object of the operation may be the true owner of the memory
+ // associated with the operation. Consequently, a local copy of the
+ // operation is required to ensure that any owning sub-object remains
+ // valid until after we have deallocated the memory here.
+ Operation operation(this_op->operation_);
+ (void)operation;
+
+ // Free the memory associated with the operation.
+ ptr.reset();
}
private:
Modified: trunk/boost/asio/detail/strand_service.hpp
==============================================================================
--- trunk/boost/asio/detail/strand_service.hpp (original)
+++ trunk/boost/asio/detail/strand_service.hpp 2008-05-27 03:54:12 EDT (Tue, 27 May 2008)
@@ -341,6 +341,16 @@
this_type* h(static_cast<this_type*>(base));
typedef handler_alloc_traits<Handler, this_type> alloc_traits;
handler_ptr<alloc_traits> ptr(h->handler_, h);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(h->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
private:
Modified: trunk/boost/asio/detail/timer_queue.hpp
==============================================================================
--- trunk/boost/asio/detail/timer_queue.hpp (original)
+++ trunk/boost/asio/detail/timer_queue.hpp 2008-05-27 03:54:12 EDT (Tue, 27 May 2008)
@@ -307,6 +307,16 @@
this_type* this_timer(static_cast<this_type*>(base));
typedef handler_alloc_traits<Handler, this_type> alloc_traits;
handler_ptr<alloc_traits> ptr(this_timer->handler_, this_timer);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(this_timer->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
private:
Modified: trunk/boost/asio/detail/win_iocp_handle_service.hpp
==============================================================================
--- trunk/boost/asio/detail/win_iocp_handle_service.hpp (original)
+++ trunk/boost/asio/detail/win_iocp_handle_service.hpp 2008-05-27 03:54:12 EDT (Tue, 27 May 2008)
@@ -409,6 +409,16 @@
op_type* handler_op(static_cast<op_type*>(op));
typedef handler_alloc_traits<Handler, op_type> alloc_traits;
handler_ptr<alloc_traits> ptr(handler_op->handler_, handler_op);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(handler_op->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
boost::asio::io_service::work work_;
@@ -635,6 +645,16 @@
Handler, op_type> alloc_traits;
boost::asio::detail::handler_ptr<alloc_traits> ptr(
handler_op->handler_, handler_op);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(handler_op->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
boost::asio::io_service::work work_;
Modified: trunk/boost/asio/detail/win_iocp_io_service.hpp
==============================================================================
--- trunk/boost/asio/detail/win_iocp_io_service.hpp (original)
+++ trunk/boost/asio/detail/win_iocp_io_service.hpp 2008-05-27 03:54:12 EDT (Tue, 27 May 2008)
@@ -650,6 +650,16 @@
op_type* handler_op(static_cast<op_type*>(op));
typedef handler_alloc_traits<Handler, op_type> alloc_traits;
handler_ptr<alloc_traits> ptr(handler_op->handler_, handler_op);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(handler_op->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
win_iocp_io_service& io_service_;
Modified: trunk/boost/asio/detail/win_iocp_socket_service.hpp
==============================================================================
--- trunk/boost/asio/detail/win_iocp_socket_service.hpp (original)
+++ trunk/boost/asio/detail/win_iocp_socket_service.hpp 2008-05-27 03:54:12 EDT (Tue, 27 May 2008)
@@ -802,6 +802,16 @@
op_type* handler_op(static_cast<op_type*>(op));
typedef handler_alloc_traits<Handler, op_type> alloc_traits;
handler_ptr<alloc_traits> ptr(handler_op->handler_, handler_op);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(handler_op->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
boost::asio::io_service::work work_;
@@ -1071,6 +1081,16 @@
op_type* handler_op(static_cast<op_type*>(op));
typedef handler_alloc_traits<Handler, op_type> alloc_traits;
handler_ptr<alloc_traits> ptr(handler_op->handler_, handler_op);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(handler_op->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
boost::asio::io_service::work work_;
@@ -1330,6 +1350,16 @@
op_type* handler_op(static_cast<op_type*>(op));
typedef handler_alloc_traits<Handler, op_type> alloc_traits;
handler_ptr<alloc_traits> ptr(handler_op->handler_, handler_op);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(handler_op->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
boost::asio::io_service::work work_;
@@ -1648,6 +1678,16 @@
op_type* handler_op(static_cast<op_type*>(op));
typedef handler_alloc_traits<Handler, op_type> alloc_traits;
handler_ptr<alloc_traits> ptr(handler_op->handler_, handler_op);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(handler_op->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
endpoint_type& endpoint_;
@@ -2002,6 +2042,16 @@
op_type* handler_op(static_cast<op_type*>(op));
typedef handler_alloc_traits<Handler, op_type> alloc_traits;
handler_ptr<alloc_traits> ptr(handler_op->handler_, handler_op);
+
+ // A sub-object of the handler may be the true owner of the memory
+ // associated with the handler. Consequently, a local copy of the handler
+ // is required to ensure that any owning sub-object remains valid until
+ // after we have deallocated the memory here.
+ Handler handler(handler_op->handler_);
+ (void)handler;
+
+ // Free the memory associated with the handler.
+ ptr.reset();
}
win_iocp_io_service& io_service_;
Boost-Commit list run by bdawes at acm.org, david.abrahams at rcn.com, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk