Various small fixes identified by cppcheck #1371
Conversation
| @@ -411,7 +411,7 @@ void DebugMsg(const char* fmt, ...); | |||
|
|
|||
| #if defined(_MSC_VER) | |||
| #define DEFAULT_FATAL(var) default: FATAL("No valid case for switch variable '" #var "'"); __assume(0); break; | |||
| #elif defined(__GNUC__) | |||
| #elif defined(__GNUC__) || defined(__clang__) | |||
There was a problem hiding this comment.
For anyone else wondering: Clang also defines __GNUC__, but only on Unix platforms. On Windows, you need to explicitly check __clang__.
There was a problem hiding this comment.
Hmm, is that accurate? I would have expected this to be more of a clang vs clang-cl distinction, not a Unix vs Windows distinction...
There was a problem hiding this comment.
Yeah, that's what I would have expected too, but it seems to make no difference. I tested using the Clang 12 from VS 2019, and both clang and clang-cl define only __clang__ and not __GNUC__.
There was a problem hiding this comment.
Ok, it might be more of an SDK thing then -- Clang from MSYS2, for example, does define __GNUC__ even on Windows, but that version would be using the MinGW SDK rather than the MSVC Windows SDK. Either way, the fix is appropriate, since Clang doesn't always define __GNUC__... It just piqued my curiosity :)
| @@ -411,7 +411,7 @@ void DebugMsg(const char* fmt, ...); | |||
|
|
|||
| #if defined(_MSC_VER) | |||
| #define DEFAULT_FATAL(var) default: FATAL("No valid case for switch variable '" #var "'"); __assume(0); break; | |||
| #elif defined(__GNUC__) | |||
| #elif defined(__GNUC__) || defined(__clang__) | |||
There was a problem hiding this comment.
Hmm, is that accurate? I would have expected this to be more of a clang vs clang-cl distinction, not a Unix vs Windows distinction...
| @@ -1706,7 +1706,7 @@ class plBDFCharsParser : public plBDFSectParser | |||
| { | |||
| // If we're doing data, all lines are hex values until we hit "ENDCHAR" | |||
| if( fRowsLeft == 0 ) | |||
| throw; | |||
| throw false; | |||
There was a problem hiding this comment.
Hmm, this is suspicious... throw without any parameter will re-throw the current exception or call std::terminate if there isn't one... But what does throwing a bool accomplish? Who's catching from this call? I feel like either changing this to throw a proper exception (like std::runtime_error) or an explicit crash (like hsAssert(false)) would be better.
There was a problem hiding this comment.
There are several other throw statements in this function that were throwing bools, so this was just making it consistent, but I'll try to investigate whether anything is actually catching these errors. Maybe hsAssert is a better option.
There was a problem hiding this comment.
So it appears that calls to parse the BDF contents are wrapped in a try/catch block, and catch both std::exception and non-exceptions:
Plasma/Sources/Plasma/PubUtilLib/plGImage/plFont.cpp
Lines 2100 to 2112 in 5b47a75
It seems the only place this BDF code is actually used is in plFontConverter, and freetype2 has built-in BDF support so it's unclear to me if this code is still serving any purpose or if it should be removed.
There was a problem hiding this comment.
It looks like this should probably throw a real std::exception for logging purposes.
| break; | ||
| } | ||
| s = 1 << i; | ||
| hsAssert(i >= 0, "Invalid non-POT shadow size"); | ||
| s = 1u << i; |
There was a problem hiding this comment.
cppcheck is still warning about i potentially being uint32_t(-1), but I think that's because hsAssert doesn't guarantee end of execution when HS_DEBUGGING is set.
dpogue
force-pushed
the
cppcheck
branch
3 times, most recently
from
498f96f to
e8949ee
Compare
| @@ -859,6 +859,11 @@ void plArmatureMod::SpawnAt(int spawnNum, double time) | |||
|
|
|||
| void plArmatureMod::SetFollowerParticleSystemSO(plSceneObject *follower) | |||
| { | |||
| if (!follower) { | |||
| fFollowerParticleSystemSO = follower; | |||
There was a problem hiding this comment.
This doesn't seem to set up the key reference for the new follower (see line 873), which could cause the follower to be thrown away from under us.
There was a problem hiding this comment.
In this case, follower is null
There was a problem hiding this comment.
I'm still concerned about this. While it is true that follower is null, this seems like it's leaking the reference established on line 873. I do think it would be better to make it more obvious that fFollowerParticleSystemSO is being set to nullptr.
There was a problem hiding this comment.
It looks like there is a case (albeit perhaps unused in normal gameplay) where this method gets called with nullptr, and in theory the current code will crash.
If your preference to use the existing fFollowerParticleSystemSO to remove the reference (and maybe change SetAttachedToAvatar(false) on the particle system itself?) before setting it to null?
There was a problem hiding this comment.
I believe that's correct. We'll basically want to send another plAttachMsg with plRefMsg::kOnRemove, I think.
There was a problem hiding this comment.
I've updated this to send a detach message
There was a problem hiding this comment.
For future reference, I went through and verified that sending a plAttachMsg with the context kOnRemove will release the key reference. This happens in plCoordinateInterface::IDetachChild().
|
What is the status here? |
|
I think this was just waiting for re-review |
In theory there's no way this would ever really cause issues, but it's easy enough to resolve by shuffling ifdefs around.
Pretty sure the intention was to filter out non-attach ref messages, but the default case was allowing them through before the ref message check ever ran.
Co-Authored-By: dgelessus <[email protected]>
There's one spot that does actually appear to call this with nullptr, so I'm not sure how this hasn't been causing crashes... Co-Authored-By: Adam Johnson <[email protected]>
Co-Authored-By: dgelessus <[email protected]>
Co-Authored-By: dgelessus <[email protected]>
We're already asserting that the size of the containers will fit in a uint16_t, but this was getting flagged by CodeQL as a potential overflow.
Co-Authored-By: dgelessus <[email protected]>
Best to review this one commit at a time and I can drop any commits that people deem controversial.
This does not clear up all the issues that cppcheck found, but these were some low-hanging fruit.