[PATCH] D25516: [Object/ELF] - Check index argument in getSymbol().
Rui Ueyama via llvm-commits
llvm-commits at lists.llvm.org
Fri Oct 28 11:25:09 PDT 2016
Basically if something can fail, it shouldn't be handled in the
constructor, because we have no way to report an error. Instead, we can
define a static class member function, say ELFFile::create(StringRef
Object), which returns an Error or a new instance of ELFFile.
My concern is real. report_fatal_error() calls exit(), so it runs dtors of
global objects. If we have a global allocator for ELFFile objects, these
ELFFiles' dtors are called on reprot_fatal_error(). Here's a problem: we
create an ELFFile from our ObjectFile's ctor, so when ELFFile calls
report_fatal_error, our ObjectFile is not fully initialized. That caused
ObjectFile's dtor's behavior undefined.
On Fri, Oct 28, 2016 at 5:53 AM, Rafael EspĂndola <
rafael.espindola at gmail.com> wrote:
> On 27 October 2016 at 18:07, Rui Ueyama <ruiu at google.com> wrote:
> > On second thought, we should never use report_fatal_error in libObject to
> > report corrupted input, because it enforces a specific error handling
> policy
> > rather than defer it to an application. Could you return an error
> instead?
>
> I like it as an intermediary step.
>
> It avoids undefined behaviour, which is an improvement.
> It is obvious what it does and it let us add a test. With the test
> passing we can change the code to return an error.
>
> Cheers,
> Rafael
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20161028/c68eca51/attachment-0001.html>
More information about the llvm-commits
mailing list