Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-135623

[REG 6.8.2->6.8.3] g++ array-bounds warning using QVariant with large structs registered as metatypes

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Invalid
    • Icon: P1: Critical P1: Critical
    • None
    • 6.8.3, 6.9.0
    • Core: Containers and Algorithms
    • None
    • Arch Linux, g++ 14.2.1, Qt 6.8.3
    • Linux/Wayland

      Changes in QVariant from https://codereview.qt-project.org/c/qt/qtbase/+/624525 cause an array bounds warning (that becomes an error with -Wall, which sets -Werror=array-bounds=1) when compiling with Qt 6.8.3 and gcc 14.2: array subscript ‘timeline_span[0]’ is partly outside array bounds of ‘QVariant [1][-Werror=array-bounds=]

      This is possibly because a constexpr is no longer used after the change, so it can't be determined at compile time. Quite possible that at runtime this can't happen.

      Noticed in the Wireshark Arch Linux CI build after it updated to Qt 6.8.3 (e.g., https://gitlab.com/wireshark/wireshark/-/jobs/9551889416) I don't have a minimal example extracted out yet, because I'm not personally running 6.8.3 or 6.9.0 yet.

      Create a struct (of sufficiently large size) and register it as a metatype in a header:

      struct timeline_span {
    int start;
    int width;

    double startTime;
    double stopTime;
    double minRelTime;
    double maxRelTime;

    int colStart;
    int colDuration;
};

Q_DECLARE_METATYPE(timeline_span)

      And when using it in code:

      struct timeline_span span_px = index.data(_dataRole).value<struct timeline_span>();

      gcc 14.2.1 produces a warning:

      In file included from /usr/include/qt6/QtCore/qlocale.h:7,
                 from /usr/include/qt6/QtWidgets/qstyleoption.h:8,
                 from /usr/include/qt6/QtWidgets/qabstractitemdelegate.h:9,
                 from /usr/include/qt6/QtWidgets/qstyleditemdelegate.h:8,
                 from /usr/include/qt6/QtWidgets/QStyledItemDelegate:1,
                 from /builds/wireshark/wireshark/ui/qt/models/timeline_delegate.h:33,
                 from /builds/wireshark/wireshark/ui/qt/models/timeline_delegate.cpp:10:
In function ‘T qvariant_cast(QVariant&&) [with T = timeline_span]’,
    inlined from ‘T QVariant::value() && [with T = timeline_span]’ at /usr/include/qt6/QtCore/qvariant.h:529:30,
    inlined from ‘virtual void TimelineDelegate::paint(QPainter*, const QStyleOptionViewItem&, const QModelIndex&) const’ at /builds/wireshark/wireshark/ui/qt/models/timeline_delegate.cpp:45:85:
/usr/include/qt6/QtCore/qvariant.h:774:67: error: array subscript ‘timeline_span[0]’ is partly outside array bounds of ‘QVariant [1]’ [-Werror=array-bounds=]
  774 |             return std::move(*reinterpret_cast<T *>(v.d.data.data));
      |                                                                   ^
/builds/wireshark/wireshark/ui/qt/models/timeline_delegate.cpp: In member function ‘virtual void TimelineDelegate::paint(QPainter*, const QStyleOptionViewItem&, const QModelIndex&) const’:
/builds/wireshark/wireshark/ui/qt/models/timeline_delegate.cpp:45:46: note: object ‘<anonymous>’ of size 32
   45 |     struct timeline_span span_px = index.data(_dataRole).value<struct timeline_span>();
      |                                    ~~~~~~~~~~^~~~~~~~~~~

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            thiago Thiago Macieira
            johnthacker John Thacker
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes