From 589e691ba8503dd247aaeab76c1113f87c2ff980 Mon Sep 17 00:00:00 2001 From: Mike Buland Date: Thu, 7 Nov 2024 15:34:39 -0800 Subject: Fixed long standing double-free bug in the cache. I guess we don't delete stuff very often. --- src/tests/cachedel.cpp | 24 +++++++++++++++++++++++- src/unstable/cachebase.h | 10 +++++++--- 2 files changed, 30 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/tests/cachedel.cpp b/src/tests/cachedel.cpp index 3fa3e86..f4cb1b5 100644 --- a/src/tests/cachedel.cpp +++ b/src/tests/cachedel.cpp @@ -21,6 +21,12 @@ public: virtual ~Something() { + //Bu::println("Deleting %1").arg( this->toString() ); + } + + void sayHi() + { + Bu::println("Hello %1").arg( toString() ); } virtual Bu::Uuid getKey() const @@ -39,7 +45,7 @@ public: changed(); } - virtual Bu::String toString() const=0; + virtual Bu::String toString() const=0;// { return Bu::String("ERROR"); }; private: Bu::Uuid uId; @@ -60,6 +66,11 @@ public: iNumber( iNumber ) { } + + virtual ~SubSomethingA() + { + Bu::println("Deleting-A %1").arg( this->toString() ); + } virtual Bu::String toString() const { @@ -84,6 +95,10 @@ public: sString( sString ) { } + + virtual ~SubSomethingB() + { + } virtual Bu::String toString() const { @@ -187,6 +202,11 @@ int main( int, char *[] ) Bu::MemBuf mbStore; SomethingCache c( mbStore ); + { + SubSomethingA a("Test", 1); + a.sayHi(); + } + SomethingPtr ptr; if( time(NULL)%2 ) ptr = c.insert( new SubSomethingA("Hello", 55) ).cast(); @@ -211,6 +231,8 @@ int main( int, char *[] ) c.erase( id ); Bu::println("p2 %1: %2").arg( id ).arg( c.has( id ) ); + Bu::println("Program listing over, leaving main scope."); + return 0; } diff --git a/src/unstable/cachebase.h b/src/unstable/cachebase.h index ec73ede..9ac1b8c 100644 --- a/src/unstable/cachebase.h +++ b/src/unstable/cachebase.h @@ -32,11 +32,15 @@ namespace Bu bDeleted( false ), pObject( pObject ) { + Bu::println("CacheEntry::CacheEntry: registering pObject (0x%1)"). + arg( reinterpret_cast(pObject), Bu::Fmt::hex() ); } virtual ~CacheEntry() { mEntry.lock(); + Bu::println("CacheEntry::~CacheEntry: deleting pObject (0x%1)"). + arg( reinterpret_cast(pObject), Bu::Fmt::hex() ); delete pObject; mEntry.unlock(); } @@ -497,7 +501,7 @@ namespace Bu if( pEnt->iRefCount == 0 ) { pEnt->mEntry.unlock(); - delete pEnt->pObject; + //delete pEnt->pObject; delete pEnt; } else @@ -529,7 +533,7 @@ namespace Bu pEnt->mEntry.unlock(); throw Bu::ExceptionBase( Bu::String("Cache entry %1 cannot be erased, there are %2 active references.").arg( key ).arg( iCount ).end().getStr() ); } - delete pEnt->pObject; + //delete pEnt->pObject; delete pEnt; hCacheEntry.erase( key ); } @@ -559,7 +563,7 @@ namespace Bu { if( pEnt->isReadyForCleanup() ) { - delete pEnt->pObject; + //delete pEnt->pObject; delete pEnt; } } -- cgit v1.2.3