-fsanitize=undefined, and some fishy commits
Jan-Marek Glogowski
glogow at fbihome.de
Thu Mar 5 05:58:32 PST 2015
Am 05.03.2015 um 11:58 schrieb Stephan Bergmann:
> LO master now successfully passes "make check" under
> -fsanitize=undefined (which instruments the C/C++ code to do various
> runtime checks for undefined behavior; see
> <https://wiki.documentfoundation.org/Development/-fsanitize#-fsanitize.3Dundefined>
> for enabling it in LO).
>
> However, I had to commit a handful of somewhat fishy changes to make
> that work, all revolving around bad downcasts of class pointers. Most
> of them are in the context of destroying an object of derived class D,
> having reached the destructor of base class B (so "this" no longer
> points to a D, only to a B), but then the destructor of B calling out to
> some code that invalidly downcasts from B to D. What is most fishy
> about those cases is whether it makes sense at all to do any substantial
> computation from a destructor (which parts of our code base are infamous
> for, though).
>
> Therefore, I would appreciate it if others could take a look at those
> commits (all the commit messages contain backtrace excerpts):
>
> * sw:
>
> **
> <http://cgit.freedesktop.org/libreoffice/core/commit/?id=0f98299f7aa44bbb55c1bfeddca7799f727d14b0>
> "Avoid bad downcast of SwFrmFmt to SwSectionFmt" (where the SwFrmFmt
> appears to be a genuine SwFrmFmt instance, not an in-destruction
> SwSectionFmt one?)
This is correct,
... if someone really wants to search for a SwFmt base type in all
possible lists, like in SwUndoFmtAttr::Init() - at the end we're just
looking for a pointer and we can skip the complete lookup, if the
pointer is of the wrong type.
Interestingly this didn't find the above instance of
inline sal_uInt16 GetPos(const SwFmt *p) const
{ return SwVectorModifyBase<Value>::GetPos( static_cast<Value>(
const_cast<SwFmt*>( p ) ) ); }
but as it's a template it is probably not used anywhere (anymore?).
These are just workarounds to allow passing const SwFmt pointers to the
templates. Normally the interface should allow all derivated classes.
Or all others always use the correct types to do the search, which I
actually expected.
Was this really the only callee?
JMG
More information about the LibreOffice
mailing list