Skip to main content

Passing CComPtr By Value !!!

This is about a killer bug identified by our chief software engineer in our software. What was devised for ease of use and write smart code ended up in this killer defect due to improper perception. Ok, let us go!

CComPtr is a template class in ATL designed to wrap the discrete functionality of COM object management - AddRef and Release. Technically it is a smart pointer for a COM object.

void SomeMethod()
{
   CComPtr siPtr;
   HRESULT hr = siPtr.CoCreateInstance(CLSID_SomeComponent);
   siPtr->MethodOne(20, L"Hello");
}

Without CComPtr, the code wouldn't be as elegant as above. The code would be spilled with AddRef and Release. Besides, writing code to Release after use under any circumstance is either hard or ugly. CComPtr automatically takes care of releasing in its destructor just like std::auto_ptr. As a C++ programmer, we must be able to appreciate the inevitability of the destructor and its immense use in writing smart code. However there is a difference between pointers to normal C++ objects and pointers to COM objects; CComPtr and std::auto_ptr. When you assign one auto_ptr to another, the source is no more the owner of the object pointing to. The ownership is transferred to the destination. Whereas when a CComPtr is assigned to another, the reference count of the target COM object increases by one. And the two CComPtrs point to the same COM object. Changes made via one CComPtr object can be realized when the object is accessed via the other CComPtr. Release must be called on each CComPtr instance (to completely release the COM object). All fine, lets us see some code.

void SomeOtherMethod()
{
   CComPtr aPtr;
   InitAndPopulateObject(aPtr);

   int itemCount = 0;
   HRESULT hr = aPtr->GetCount(&itemCount);
   _ASSERTE(SUCCEEDED(hr));

   for (int i = 0; i < itemCount; ++i)
   {
      TCHAR szBuffer[128] = { 0 };
      sprintf_s(szBuffer, sizeof(szBuffer), "Key%ld", i);
      CComBSTR bstrKey(szBuffer);

      int iValue = 0;
      hr = aPtr->GetItem(bstrKey, &iValue);
      _ASSERTE(SUCCEEDED(hr));

      std::cout << bstrKey << " - " << iValue;
   }
}

void InitAndPopulateObject(CComPtr bPtr)
{
   HRESULT hr = bPtr.CoCreateInstance(CLSID_Hashtable);
   
   _ASSERTE(SUCCEEDED(hr));

   for (int i = 0; i < 100; ++i)
   {
      TCHAR szBuffer[128] = { 0 };
      sprintf_s(szBuffer, sizeof(szBuffer), "Key%ld", i);
      bPtr->Add(szBuffer, i);
   }
}

CComPtr saved a whole of code as explained above. But my application was always crashing in SomeOtherMethod when GetCount method is called on the COM object initialized one line above. So I am passing a CComPtr to InitAndPopulateObject, which is supposed to create me my COM object and fill it with some information I expect. Since I am passing a CComPtr, a return value is not needed. Looks fine, but the application crashed.

People are often misled with many things in programming mostly because they stick to the prime way of its use. CComPtr, in most cases, is used for creating a COM object, passed around across various sections in the code where AddRef and Release is done under the covers until the COM object dies a pleasant death. People tend to forget that the member in CComPtr (named poorly as p) is the one that is actually pointing to the COM object. So aPtr.p, whose value is 0x0000 (NULL), is passed by value and copied to bPtr.p. When the COM object is created using bPtr, it is bPtr.p ,which is assigned the COM object's address, say 0x23456789; whereas aPtr.p remains NULL even after InitAndPopulateObject returns. Hence the application was crashing because of null pointer access.

The problem might be obvious in the above few lines of clear code. It sure was very tough to locate and reason it in our huge code base.

Post a Comment

Popular posts from this blog

out, ref and InvokeMember !!!

When I was working on the .NET reflection extravaganza thing that I explained in my previous column, i learnt one another interesting thing, that is about the Type.InvokeMember. How will pass out or ref parameters for the method invoked using Type.InvokeMember ? If you are going to invoke a method with the prototypeint DoSomething(string someString, int someInt);then you would use InvokeMember like this:-object obj = someType.InvokeMember("DoSomething",
BindingFlags.Public | BindingFlags.NonPublic | BindingFlags.Instance,
null,
this,
new object[] {"Largest Integer", 1});or use some variables in the new object[] {...}. But what do you with the args if DoSomething takes out or ref parameters ?int DoSomething(out string someString, ref int someInt);Something like this will not work string someText = string.Empty;
int someInt = 0;
object obj = someType.InvokeMember("DoSomething",
BindingFlags.Public | BindingFlags.NonPublic …

jqGrid: Handling array data !!!

This post is primarily a personal reference. I also consider this a tribute to Oleg, who was fundamental in improving my understanding of the jqGrid internals - the way it handles source data types, which if I may say led him in discovering a bug in jqGrid.

If you are working with local array data as the source for jqGrid, meaning you will get the data from the server but want the jqGrid not to talk to the server anymore, and want to have custom handling of the edit functionality/form and delete functionality, it is not going to be straightforward - you need to have a decent understanding of how jqGrid works, and you should be aware of the bug Oleg pointed in our discussion. I repeat this is all about using jqGrid to manage array data locally, no posting to server when you edit or delete, which is where the bug is.

$('#grid').jqGrid('navGrid', '#pager', { recreateForm: true, add: false, search: false, refresh: false, …