Return by reference causes crash while return by value works fine

[Quuxplusone]

Bugzilla Link	PR26986
Status	NEW
Importance	P normal
Reported by	Bhupendra Thosare (bhupendra_thosare@persistent.co.in)
Reported on	2016-03-18 03:33:25 -0700
Last modified on	2016-03-19 00:01:34 -0700
Version	3.4
Hardware	PC Linux
CC	dblaikie@gmail.com, dgregor@apple.com, llvm-bugs@lists.llvm.org
Fixed by commit(s)
Attachments
Blocks
Blocked by
See also

Hi All,

We are using following configuration:
OS: RHEL 7
Kernal: 3.10.0-123.8.1.el7.x86_64
gcc compiler: gcc version 4.8.2
clang compiler: clang version 3.4.2
Component implemented using https://www.openoffice.org/udk/common/man/uno.html
technology.

In our code, we are default constructing a structure "XXXX" that contains some
member variables, two enums and a structure.
While default constructing the code, UNO uses following method internally.

==== CODE:

inline ::com::sun::star::uno::Type const & cppu_detail_getUnoType(XXXX const *)
{
    //TODO: On certain platforms with weak memory models, the following code can result in some threads observing that the_type points to garbage
    static ::typelib_TypeDescriptionReference * the_type = 0;
    if (the_type == 0) {
        ::typelib_TypeDescriptionReference * the_members[] = {
            ::cppu::UnoType< ::rtl::OUString >::get().getTypeLibType(),
            ::cppu::UnoType< ::rtl::OUString >::get().getTypeLibType(),
            ::cppu::UnoType< SomeEnum >::get().getTypeLibType(),
            ::cppu::UnoType< SomeEnum >::get().getTypeLibType(),
            ::cppu::UnoType< ::sal_Int64 >::get().getTypeLibType(),
            ::cppu::UnoType< ::sal_Int64 >::get().getTypeLibType(),
            ::cppu::UnoType< SomeStructure >::get().getTypeLibType(),
            ::cppu::UnoType< ::com::sun::star::uno::Any >::get().getTypeLibType() };
        ::typelib_static_struct_type_init(&the_type, "XXXX", 0, 8, the_members, 0);
    }
    ::std::cerr << ::std::endl << "Before reinterpret_cast";
    static ::com::sun::star::uno::Type returnValue = *reinterpret_cast< ::com::sun::star::uno::Type * >(&the_type);
    ::std::cerr << ::std::endl << "returnValue Type = " << returnValue.getTypeName();
    return returnValue;
}

When we are release building (without -g) the component (that default construct
XXXX) using clang then cppu_detail_getUnoType()returns NULL when it return by
reference and therefore further it crashes with SIGSEGV.
Please note that "returnValue" is always valid object and we have confirmed it
using "returnValue.getTypeName()" but returned value at caller is NULL when it
return by reference.

However, when we use return by value as follows:
inline ::com::sun::star::uno::Type const
cppu_detail_getUnoType(::xoc::svc::event::ZEventObject const *)

Then, cppu_detail_getUnoType()returns valid object and everything works fine.

We do not have any clue why return by reference causes crash and return by
value works fine with clang.

With gcc, return by reference everything works fine.

Please let us know your suggestion.

[Quuxplusone]

One more point, when we are removing enums and structure from "XXXX" structure
then return by reference is also working fine with release build using clang.

P.S. :
In my last comment,
inline ::com::sun::star::uno::Type const
cppu_detail_getUnoType(::xoc::svc::event::ZEventObject const *)
means
inline ::com::sun::star::uno::Type const cppu_detail_getUnoType(XXXX const *)

[Quuxplusone]

a standalone test case would be helpful

[Quuxplusone]

(In reply to comment #2)
> a standalone test case would be helpful

We have not tried to reproduce the issue but we have one observation to share.

Default construction (i.e. return by reference) works fine when it get called
from cpp process but return by reference returns NULL when it get called from
java process i.e. via JNI method.