On Wednesday, 22 January 2020 00:47:17 PST René J. V. Bertin wrote: > Thiago Macieira wrote: > > The chance that it has been overwritten is 100% at this point. > > Are you certain this is true on all platforms? I seem to recall one where > you can get at argc,argv through global variables (or where they > functions...), possibly OS X or otherwise MS Windows.
Yes. 100%. There are only to possibilities: either argc was passed in registers or it was passed on the stack. If the latter (i386), then the same slot in the stack was used to pass main's return value to exit(). That's usually 0 and wouldn't cause a crash in QCoreApplication::arguments(). But it's UB nonetheless. If the former (all other ABIs I know of), then main() spilled argc to the stack so it could give QCoreApplication an address. Since main() returned, the stack became writable. On x86-64, anything below %rsp is liable to be overwritten at any time. Moreover, exit() called more functions, so the stack pointer was moved past where argc was originally spilled. > > This was a return from main(). > > Then it must have been the last line in main(), > > return qApp->exec(); > > I don't suppose QCoreApplication can see it's being called with a > dynamically allocated `this` and do a `delete this` before returning so I > guess I have another location to report. Correct, it can't. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel System Software Products _______________________________________________ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
