<html>
<head>
<base href="http://llvm.org/bugs/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW --- - initializaing allocated multirank arrays causes heap corruption"
href="http://llvm.org/bugs/show_bug.cgi?id=15593">15593</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>initializaing allocated multirank arrays causes heap corruption
</td>
</tr>
<tr>
<th>Product</th>
<td>clang
</td>
</tr>
<tr>
<th>Version</th>
<td>trunk
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>C++11
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedclangbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>phernost@yahoo.com
</td>
</tr>
<tr>
<th>CC</th>
<td>dgregor@apple.com, llvmbugs@cs.uiuc.edu
</td>
</tr>
<tr>
<th>Classification</th>
<td>Unclassified
</td>
</tr></table>
<p>
<div>
<pre>first an example, build and run with or without optimizations:
int main(int argc, char *argv[])
{
auto a = new int[3][2]; // ok
int s = 3; // odd numbers of s greater than 1 cause corruption
auto b = new int[s][2]{}; // corrupted
auto c = new int[4]; // crash
delete[] c; // never gets here
delete[] b; // never gets here
delete[] a; // never gets here
return 0;
}
It's is possible to "delete[] b" and delay the crash. I assume it's because the
next allocation that fits into the "b" space is ok, but the heap after "b" is
corrupt. Any "malloc" will crash if that allocation will occur after "b".
Built using gcc(4.7.2-1) and the same standard library, libstdc++6 (4.7.2-22),
doesn't crash.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>