ASan alloc-dealloc-mismatch and placement new

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

ASan alloc-dealloc-mismatch and placement new

Alex Denisov via cfe-dev
For a C++ program like

> #include <new>
> int main() {
>     char * p1 = new char[sizeof (int)];
>     int * p2 = new(p1) int;
>     delete p2;
> }

compiling it with -fsanitize=address will somewhat unhelpfully report an
"AddressSanitizer: alloc-dealloc-mismatch (operator new [] vs operator
delete)" failure.

Is there a good way to work around that (in the program's source code),
short of using the generic ASan facilities of suppressing or
blacklisting code, or using ASAN_OPTIONS=alloc_dealloc_mismatch=0 to
disable the check completely?
_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: ASan alloc-dealloc-mismatch and placement new

Alex Denisov via cfe-dev


On Mon, Nov 13, 2017 at 7:55 AM, Stephan Bergmann via cfe-dev <[hidden email]> wrote:
For a C++ program like

#include <new>
int main() {
    char * p1 = new char[sizeof (int)];
    int * p2 = new(p1) int;
    delete p2;
}

compiling it with -fsanitize=address will somewhat unhelpfully report an "AddressSanitizer: alloc-dealloc-mismatch (operator new [] vs operator delete)" failure.

Is there a good way to work around that

Why not use "delete [] p1"? 
 
(in the program's source code), short of using the generic ASan facilities of suppressing or blacklisting code, or using ASAN_OPTIONS=alloc_dealloc_mismatch=0 to disable the check completely?
_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev


_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: ASan alloc-dealloc-mismatch and placement new

Alex Denisov via cfe-dev
On 11/14/2017 12:41 AM, Kostya Serebryany wrote:

> On Mon, Nov 13, 2017 at 7:55 AM, Stephan Bergmann via cfe-dev
> <[hidden email] <mailto:[hidden email]>> wrote:
>
>     For a C++ program like
>
>         #include <new>
>         int main() {
>              char * p1 = new char[sizeof (int)];
>              int * p2 = new(p1) int;
>              delete p2;
>         }
>
>
>     compiling it with -fsanitize=address will somewhat unhelpfully
>     report an "AddressSanitizer: alloc-dealloc-mismatch (operator new []
>     vs operator delete)" failure.
>
>     Is there a good way to work around that
>
> Why not use "delete [] p1"?

Because in the real program, p2 is then passed off to some API that
takes ownership, and internally calls delete.  And both real and fake
int* are handed off to that API, and I don't even control that API's
implementation, so it can't be changed to a delete[] of the char array
there.  Also, the real program uses a class type with non-trivial
destructor instead of int.  (I probably should have been more careful
when crafting this stripped-down example.)

(But the more I think about it, the less I'm sure the code is even legal...)

>     (in the program's source code), short of using the generic ASan
>     facilities of suppressing or blacklisting code, or using
>     ASAN_OPTIONS=alloc_dealloc_mismatch=0 to disable the check completely?
_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: ASan alloc-dealloc-mismatch and placement new

Alex Denisov via cfe-dev
On Mon, Nov 13, 2017 at 11:10 PM, Stephan Bergmann via cfe-dev <[hidden email]> wrote:
On 11/14/2017 12:41 AM, Kostya Serebryany wrote:
On Mon, Nov 13, 2017 at 7:55 AM, Stephan Bergmann via cfe-dev <[hidden email] <mailto:[hidden email]>> wrote:

    For a C++ program like

        #include <new>
        int main() {
             char * p1 = new char[sizeof (int)];
             int * p2 = new(p1) int;
             delete p2;
        }


    compiling it with -fsanitize=address will somewhat unhelpfully
    report an "AddressSanitizer: alloc-dealloc-mismatch (operator new []
    vs operator delete)" failure.

    Is there a good way to work around that

Why not use "delete [] p1"?

Because in the real program, p2 is then passed off to some API that takes ownership, and internally calls delete.  And both real and fake int* are handed off to that API, and I don't even control that API's implementation, so it can't be changed to a delete[] of the char array there.  Also, the real program uses a class type with non-trivial destructor instead of int.  (I probably should have been more careful when crafting this stripped-down example.)

(But the more I think about it, the less I'm sure the code is even legal...)


It's not legal.  This is not an AddressSanitizer false positive.  The form and type of the allocation must match the deallocation.

-- James

_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev