[cfe-dev] ASan alloc-dealloc-mismatch and placement new

James Dennett via cfe-dev cfe-dev at lists.llvm.org
Mon Nov 13 23:17:37 PST 2017


On Mon, Nov 13, 2017 at 11:10 PM, Stephan Bergmann via cfe-dev <
cfe-dev at lists.llvm.org> wrote:

> On 11/14/2017 12:41 AM, Kostya Serebryany wrote:
>
>> On Mon, Nov 13, 2017 at 7:55 AM, Stephan Bergmann via cfe-dev <
>> cfe-dev at lists.llvm.org <mailto:cfe-dev at lists.llvm.org>> wrote:
>>
>>     For a C++ program like
>>
>>         #include <new>
>>         int main() {
>>              char * p1 = new char[sizeof (int)];
>>              int * p2 = new(p1) int;
>>              delete p2;
>>         }
>>
>>
>>     compiling it with -fsanitize=address will somewhat unhelpfully
>>     report an "AddressSanitizer: alloc-dealloc-mismatch (operator new []
>>     vs operator delete)" failure.
>>
>>     Is there a good way to work around that
>>
>> Why not use "delete [] p1"?
>>
>
> Because in the real program, p2 is then passed off to some API that takes
> ownership, and internally calls delete.  And both real and fake int* are
> handed off to that API, and I don't even control that API's implementation,
> so it can't be changed to a delete[] of the char array there.  Also, the
> real program uses a class type with non-trivial destructor instead of int.
> (I probably should have been more careful when crafting this stripped-down
> example.)
>
> (But the more I think about it, the less I'm sure the code is even
> legal...)
>
>
It's not legal.  This is not an AddressSanitizer false positive.  The form
and type of the allocation must match the deallocation.

-- James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20171113/96c67d89/attachment.html>


More information about the cfe-dev mailing list