On Monday, 20 July 2020 08:40:06 PDT Oswald Buddenhagen wrote:
> anyway, this can be trivially bypassed by just using an arbitrary
> address and subtracting the offset. or using offsetof, indeed. in any
> case it's 3 minutes of work.
Sorry, an arbitrary address won't work either because it's still a
dereference.
Suppose:
const auto dummy = static_cast<Object *>(0x4000);
const auto member = &dummy->member;
qptrdiff offset = quintptr(member) - quintptr(dummy)
return static_cast<Object *>(quintptr(this) - offset);
The problem is that the first line is creating a pointer to a memory location
that does not have a valid Object object. So when the second line does
dummy->member
this expression is UB. It doesn't matter that the compiler usually implements
the full expression &dummy->member as arithmetic on the pointers without
dereferencing them; from the language's point of view, a dereference did
happen and therefore it's UB. This is no different than:
Object *ptr = nullptr;
ptr->staticFunction();
See commit 88cf9402e336fddeb673c92f3c14da47a9f8450b[1].
Also note how both ASan and UBSan are likely to complain. Whatever our
implementation is, it must pass both sanitisers.
[1] https://code.qt.io/cgit/qt/qtbase.git/commit/?
id=88cf9402e336fddeb673c92f3c14da47a9f8450b
--
Thiago Macieira - thiago.macieira (AT) intel.com
Software Architect - Intel DPG Cloud Engineering
_______________________________________________
Development mailing list
Development@qt-project.org
https://lists.qt-project.org/listinfo/development
