Remove DeleteItemOnIdlex

There are some CrashReports in 7.6 which have DeleteItemOnIdle on the stack, but there is nothing reproducable. So I took a look... I first thought it's a MCGR regression, due to classes on the stack. But the Item involved is just random, can happen with any Item. Then I thought it may have to do with ITEM refactorings, but it happens with DeleteItemOnIdle involved, so also not the case. I already saw DeleteItemOnIdle when doing these and qualified as 'hack' in the way. already It is only on Windows and DeleteItemOnIdle is involved. This again (took a deeper look now) is an old hack to keep an SfxPoolItem 'alive' for some 'time'. For that, it triggers an async reschedule which then deletes the Item when being called. If the Item will be used after that is pure coincidence - seems to work in most cases. It seems as if for Windows the timing slightly changed for some scenarios, so a reschedule is too early. This can happen with this hack anytime. DeleteItemOnIdle is used in scenarios where SfxPoolItem* is e.g. returned, but is *not* anchored, so e.g. not member of an SfxItemSet. Or in short: Lifetime is not safe. DeleteItemOnIdle exists since 1st import, but was changed to AsyncEvent ca. 4 months ago (see 57145acf9ec47c23e307b7a5c0029d21d937cc35), so that may have caused it. It is possible that these errors happen on Windows since then. Before something more complicated was used to delete it late, but surely also not really safe. Due to ITEM refactor I have the knowledge/tooling to solve this. It will not be a 1-5 lines fix, but it is a hack and in the way for further ITEM refactor anyways. What we have nowadays is a SfxPoolItemHolder -> it's like an SfxItemSet for a single Item. It safely holds/ controls the lifetime of an SfxPoolItem. It is already used in quite some places. It helps to solve many hacks, also the ones putting Items directly to the Pool - due to there never was an alternative for that. In principle the ItemPool/ItemSet/Item paradigm was never complete without SfxPoolItemHolder. Thus I started to fix that (and remove that hack for good, sooo many changes over the years, sigh), but as said is not straightforward. Will have to change retvals of involved stuff to SfxPoolItemHolder - it's just two pointers and designed to be copied (one is a Pool, needed to cleanup when destructing). CopyConstruct/destroy just counts the RefCnt up/down, so cheap. 1st version compiling, let's check on gerrit... Corrected one error in QueryState for securitypage, also added some security features/asserts. Change-Id: Ida49fd35ca88ead84b11d93e18b978cb9e395090 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161083 Tested-by: Jenkins Reviewed-by: Armin Le Grand <Armin.Le.Grand@me.com>
author: Armin Le Grand (allotropia) <armin.le.grand.extern@allotropia.de> 2023-12-20 19:42:28 +0100
committer: Armin Le Grand <Armin.Le.Grand@me.com> 2023-12-21 21:13:55 +0100
commit: 789a737ac92c4f2b0eb9820b99c43cc8253c8b29 (patch)
tree: bc167ec04de29e63168844be973f59980fa36ac2 /svl
parent: 3430a2c639a9f714259f9d319515464a653d21ab (diff)
2 files changed, 40 insertions, 7 deletions
diff --git a/svl/source/items/itemset.cxx b/svl/source/items/itemset.cxx
index 0648a63da8f2..12b97ba39d91 100644
--- a/svl/source/items/itemset.cxx
+++ b/svl/source/items/itemset.cxx
@@ -52,23 +52,49 @@ size_t getUsedSfxPoolItemHolderCount() { return nUsedSfxPoolItemHolderCount; }
 // fallback flag 'ITEM_CLASSIC_MODE'
 static bool g_bItemClassicMode(getenv("ITEM_CLASSIC_MODE"));
 
-SfxPoolItemHolder::SfxPoolItemHolder(SfxItemPool& rPool, const SfxPoolItem* pItem)
-: m_pPool(&rPool),
-  m_pItem(pItem)
+// I thought about this constructor a while, but when there is no
+// Item we need no cleanup at destruction (what we would need the
+// Pool for), so it is OK and makes default construction easier
+// when no Pool is needed. The other constructors guanantee that
+// there *cannot* be a state with Item set and Pool not set. IF
+// you change this class, ALWAYS ensure that this can not happen (!)
+SfxPoolItemHolder::SfxPoolItemHolder()
+: m_pPool(nullptr)
+, m_pItem(nullptr)
+#ifdef DBG_UTIL
+, m_bDeleted(false)
+#endif
+{
+#ifdef DBG_UTIL
+    nAllocatedSfxPoolItemHolderCount++;
+    nUsedSfxPoolItemHolderCount++;
+#endif
+}
+
+SfxPoolItemHolder::SfxPoolItemHolder(SfxItemPool& rPool, const SfxPoolItem* pItem, bool bPassingOwnership)
+: m_pPool(&rPool)
+, m_pItem(pItem)
+#ifdef DBG_UTIL
+, m_bDeleted(false)
+#endif
 {
 #ifdef DBG_UTIL
     nAllocatedSfxPoolItemHolderCount++;
     nUsedSfxPoolItemHolderCount++;
 #endif
     if (nullptr != m_pItem)
-        m_pItem = implCreateItemEntry(*m_pPool, m_pItem, m_pItem->Which(), false);
+        m_pItem = implCreateItemEntry(*m_pPool, m_pItem, m_pItem->Which(), bPassingOwnership);
 }
 
 SfxPoolItemHolder::SfxPoolItemHolder(const SfxPoolItemHolder& rHolder)
-: m_pPool(rHolder.m_pPool),
-  m_pItem(rHolder.m_pItem)
+: m_pPool(rHolder.m_pPool)
+, m_pItem(rHolder.m_pItem)
+#ifdef DBG_UTIL
+, m_bDeleted(false)
+#endif
 {
 #ifdef DBG_UTIL
+    assert(!rHolder.isDeleted() && "Destructed instance used (!)");
     nAllocatedSfxPoolItemHolderCount++;
     nUsedSfxPoolItemHolderCount++;
 #endif
@@ -79,14 +105,20 @@ SfxPoolItemHolder::SfxPoolItemHolder(const SfxPoolItemHolder& rHolder)
 SfxPoolItemHolder::~SfxPoolItemHolder()
 {
 #ifdef DBG_UTIL
+    assert(!isDeleted() && "Destructed instance used (!)");
     nAllocatedSfxPoolItemHolderCount--;
 #endif
     if (nullptr != m_pItem)
         implCleanupItemEntry(*m_pPool, m_pItem);
+#ifdef DBG_UTIL
+    m_bDeleted = true;
+#endif
 }
 
 const SfxPoolItemHolder& SfxPoolItemHolder::operator=(const SfxPoolItemHolder& rHolder)
 {
+    assert(!isDeleted() && "Destructed instance used (!)");
+    assert(!rHolder.isDeleted() && "Destructed instance used (!)");
     if (this == &rHolder || *this == rHolder)
         return *this;
 
@@ -104,6 +136,8 @@ const SfxPoolItemHolder& SfxPoolItemHolder::operator=(const SfxPoolItemHolder& r
 
 bool SfxPoolItemHolder::operator==(const SfxPoolItemHolder &rHolder) const
 {
+    assert(!isDeleted() && "Destructed instance used (!)");
+    assert(!rHolder.isDeleted() && "Destructed instance used (!)");
     return m_pPool == rHolder.m_pPool && areSfxPoolItemPtrsEqual(m_pItem, rHolder.m_pItem);
 }
 
diff --git a/svl/source/items/poolitem.cxx b/svl/source/items/poolitem.cxx
index bf86b4ab740e..ae7c97136c48 100644
--- a/svl/source/items/poolitem.cxx
+++ b/svl/source/items/poolitem.cxx
@@ -495,7 +495,6 @@ SfxPoolItem::SfxPoolItem(sal_uInt16 const nWhich)
     , m_nSerialNumber(nUsedSfxPoolItemCount)
 #endif
     , m_bIsVoidItem(false)
-    , m_bDeleteOnIdle(false)
     , m_bStaticDefault(false)
     , m_bPoolDefault(false)
     , m_bRegisteredAtPool(false)
author	Armin Le Grand (allotropia) <armin.le.grand.extern@allotropia.de>	2023-12-20 19:42:28 +0100
committer	Armin Le Grand <Armin.Le.Grand@me.com>	2023-12-21 21:13:55 +0100
commit	789a737ac92c4f2b0eb9820b99c43cc8253c8b29 (patch)
tree	bc167ec04de29e63168844be973f59980fa36ac2 /svl
parent	3430a2c639a9f714259f9d319515464a653d21ab (diff)