Fix ASAN warnings about new-delete-size-mismatch

The optimization of allocating memory for a QML type along with its
declarative data in one shot works well and has worked well for many
years. However ASAN complains about it, because when the delete
expression is called from _anywhere_ on for example a QQuickItem, the
size returned by the virtual destructor and then passed to operator
delete is less than what was allocated earlier (to include the
declarative data structure).

Fix this by providing an operator delete for the final QQmlElement class
that we _do_ allocate, which is passed along by the virtual destructor.
That operator ignores the size and thus silences ASAN.

Task-number: QTBUG-58524
Change-Id: Ibb6120e7e07301bb4602130064c5157b21ec2202
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>

1 files changed, 9 insertions, 1 deletions

diff --git a/src/qml/qml/qqmlprivate.h b/src/qml/qml/qqmlprivate.h
index fabdcacc36..22e46fd7ed 100644
--- a/src/qml/qml/qqmlprivate.h
+++ b/src/qml/qml/qqmlprivate.h
@@ -95,12 +95,20 @@ namespace QQmlPrivate
 {
     void Q_QML_EXPORT qdeclarativeelement_destructor(QObject *);
     template<typename T>
-    class QQmlElement : public T
+    class QQmlElement final : public T
     {
     public:
         ~QQmlElement() override {
             QQmlPrivate::qdeclarativeelement_destructor(this);
         }
+        static void operator delete(void *ptr) {
+            // We allocate memory from this class in QQmlType::create
+            // along with some additional memory.
+            // So we override the operator delete in order to avoid the
+            // sized operator delete to be called with a different size than
+            // the size that was allocated.
+            ::operator delete (ptr);
+        }
     };
 
     template<typename T>