On 28/03/2018 15:55, Eric Blake wrote:
> On 03/28/2018 08:48 AM, Marc-André Lureau wrote:
>
>>>> +#define QOBJECT(x) \
>>>> + container_of(&(x)->base, QObject, base)
>>>
>>>
>>> If I understand correctly, this still causes clang complaints when
>>> called as
>>> QOBJECT(NULL). As long as we are touching this, should we improve this
>>> macro to be friendly to NULL conversion?
>>
>> I don't see much need for allowing NULL (literally) to be passed to
>> QOBJECT(). If it's a null pointer, as long as it has the right type,
>> it should be fine, shouldn't it?
>
> Not with clang ubsan (okay, the failure is at runtime, not compile time):
>
> https://lists.gnu.org/archive/html/qemu-devel/2018-03/msg05143.html
> https://lists.gnu.org/archive/html/qemu-devel/2018-03/msg05148.html
>
> Even when the offset is 0, the mere fact that you are computing an
> offset relative to a NULL pointer is undefined behavior.
Are there cases where we are passing NULL to qobject_{inc,dec}ref? They
currently have an "if" in they're body, but my opinion is they ought to
crash and burn...
Paolo
