Why do I get access violations when a control's class name is very, very long?

Question

I subclassed a control in order so I can add a few fields that I need, but now when I create it at runtime I get an Access Violation. Unfortunately this Access Violation doesn't happen at the place where I'm creating the control, and even those I'm building with all debug options enabled (including "Build with debug DCU's") the stack trace doesn't help me at all!

In my attempt to reproduce the error I tried creating a console application, but apparently this error only shows up in a Forms application, and only if my control is actually shown on a form!

Here are the steps to reproduce the error. Create a new VCL Forms application, drop a single button, double-click to create the OnClick handler and write this:

type TWinControl<T,K,W> = class(TWinControl);  procedure TForm3.Button1Click(Sender: TObject); begin   with TWinControl<TWinControl, TWinControl, TWinControl>.Create(Self) do   begin     Parent := Self;   end; end; 

This successively generates the Access Violation, every time I tried. Only tested this on Delphi 2010 as that's the only version I've got on this computer.

The questions would be:

• Is this a known bug in Delphi's Generics?
• Is there a workaround for this?

Edit

Here's the link to the QC report: http://qc.embarcadero.com/wc/qcmain.aspx?d=112101

Answer 1

First of all, this has nothing to do with generics, but is a lot more likely to manifest when generics are being used. It turns out there's a buffer overflow bug in TControl.CreateParams. If you look at the code, you'll notice it fills a TCreateParams structure, and especially important, it fills the TCreateParams.WinClassName with the name of the current class (the ClassName). Unfortunately WinClassName is a fixed length buffer of only 64 char's, but that needs to include the NULL-terminator; so effectively a 64 char long ClassName will overflow that buffer!

It can be tested with this code:

TLongWinControlClassName4567890123456789012345678901234567891234 = class(TWinControl) end;  procedure TForm3.Button1Click(Sender: TObject); begin   with TLongWinControlClassName4567890123456789012345678901234567891234.Create(Self) do   begin     Parent := Self;   end; end; 

That class name is exactly 64 characters long. Make it one character shorter and the error goes away!

This is a lot more likely to happen when using generics because of the way Delphi constructs the ClassName: it includes the unit name where the parameter type is declared, plus a dot, then the name of the parameter type. For example, the TWinControl<TWinControl, TWinControl, TWinControl> class has the following ClassName:

TWinControl<Controls.TWinControl,Controls.TWinControl,Controls.TWinControl> 

That's 75 characters long, over the 63 limit.

Workaround

I adopted a simple error message from the potentially-error-generating class. Something like this, from the constructor:

constructor TWinControl<T, K, W>.Create(aOwner: TComponent); begin   {$IFOPT D+}   if Length(ClassName) > 63 then raise Exception.Create('The resulting ClassName is too    long: ' + ClassName);   {$ENDIF}   inherited; end; 

At least this shows a decent error message that one can immediately act upon.

Later Edit, True Workaround

The previous solution (raising an error) works fine for a non-generic class that has a realy-realy long name; One would very likely be able to shorten it, make it 63 chars or less. That's not the case with generic types: I ran into this problem with a TWinControl descendant that took 2 type parameters, so it was of the form:

TMyControlName<Type1, Type2> 

The gnerate ClassName for a concrete type based on this generic type takes the form:

TMyControlName<UnitName1.Type1,UnitName2.Type2> 

so it includes 5 identifiers (2x unit identifier + 3x type identifier) + 5 symbols (<.,.>); The average length of those 5 identifiers need to be less then 12 chars each, or else the total length is over 63: 5x12+5 = 65. Using only 11-12 characters per identifier is very little and goes against best practices (ie: use long descriptive names because keystrokes are free!). Again, in my case, I simply couldn't make my identifiers that short.

Considering how shortening the ClassName is not always possible, I figured I'd attempt removing the cause of the problem (the buffer overflow). Unfortunately that's very difficult because the error originates from TWinControl.CreateParams, at the bottom of the CreateParams hierarchy. We can't NOT call inherited because CreateParams is used all along the inheritance chain to build the window creation parameters. Not calling it would require duplicating all the code in the base TWinControl.CreateParams PLUS all the code in intermediary classes; It would also not be very portable, since any of that code might change with future versions of the VCL (or future version of 3rd party controls we might be subclassing).

The following solution doesn't stop TWinControl.CreateParams from overflowing the buffer, but makes it harmless and then (when the inherited call returns) fixes the problem. I'm using a new record (so I have control over the layout) that includes the original TCreateParams but pads it with lots of space for TWinControl.CreateParams to overflow into. TWinControl.CreateParams overflows all it wants, I then read the complete text and make it so it fits the original bounds of the record also making sure the resulting shortened name is reasonably likely to be unique. I'm including the a HASH of the original ClassName in the WndName to help with the uniqueness issue:

type   TWrappedCreateParamsRecord = record     Orignial: TCreateParams;     SpaceForCreateParamsToSafelyOverflow: array[0..2047] of Char;   end;  procedure TExtraExtraLongWinControlDescendantClassName_0123456789_0123456789_0123456789_0123456789.CreateParams(var Params: TCreateParams); var Wrapp: TWrappedCreateParamsRecord;     Hashcode: Integer;     HashStr: string; begin   // Do I need to take special care?   if Length(ClassName) >= Length(Params.WinClassName) then     begin       // Letting the code go through will cause an Access Violation because of the       // Buffer Overflow in TWinControl.CreateParams; Yet we do need to let the       // inherited call go through, or else parent classes don't get the chance       // to manipulate the Params structure. Since we can't fix the root cause (we       // can't stop TWinControl.CreateParams from overflowing), let's make sure the       // overflow will be harmless.       ZeroMemory(@Wrapp, SizeOf(Wrapp));       Move(Params, Wrapp.Orignial, SizeOf(TCreateParams));       // Call the original CreateParams; It'll still overflow, but it'll probably be hurmless since we just       // padded the orginal data structure with a substantial ammount of space.       inherited CreateParams(Wrapp.Orignial);       // The data needs to move back into the "Params" structure, but before we can do that       // we should FIX the overflown buffer. We can't simply trunc it to 64, and we don't want       // the overhead of keeping track of all the variants of this class we might encounter.       // Note: Think of GENERIC classes, where you write this code once, but there might       // be many-many different ClassNames at runtime!       //       // My idea is to FIX this by keeping as much of the original name as possible, but       // including the HASH value of the full name into the window name; If the HASH function       // is any good then the resulting name as a very high probability of being Unique. We'll       // use the default Hash function used for Delphi's generics.       HashCode := TEqualityComparer<string>.Default.GetHashCode(PChar(@Wrapp.Orignial.WinClassName));       HashStr := IntToHex(HashCode, 8);       Move(HashStr[1], Wrapp.Orignial.WinClassName[High(Wrapp.Orignial.WinClassName)-8], 8*SizeOf(Char));       Wrapp.Orignial.WinClassName[High(Wrapp.Orignial.WinClassName)] := #0;       // Move the TCreateParams record back were we've got it from       Move(Wrapp.Orignial, Params, SizeOf(TCreateParams));     end   else     inherited; end;