Gcc 自定义运算符 new[] 和 delete[] 对于对齐的 class 存在错误 - 地址清理程序报告缓冲区溢出
[英]Gcc custom operator new[] and delete[] is buggy for aligned class - address sanitizer reprots buffer overflow
问题描述
Basically when class has alignment requirement and custom operators new[] and delete[] , then on gcc bad things happen and address sanitizer reports buffer overflow:
基本上当 class 有 alignment 要求和自定义运算符new[]和delete[]时,然后在 gcc 上发生坏事并且地址清理程序报告缓冲区溢出:
MCVE: MCVE:
#include <iostream>
#include <memory>
class EndlineOnDone {
std::ostream& out;
public:
EndlineOnDone(std::ostream& out) : out{out} {}
~EndlineOnDone()
{
out << std::endl;
}
std::ostream& stream() { return out; }
};
#define VAR(x) " " #x "=[" << x << "]"
#define LOG EndlineOnDone(std::cout).stream() << __PRETTY_FUNCTION__
std::ostream& operator<<(std::ostream& out, std::align_val_t a)
{
return out << static_cast<size_t>(a);
}
class alignas(32) Foo
{
public :
double x, y, z;
void * operator new (size_t s, std::align_val_t a)
{
auto p = aligned_alloc(static_cast<size_t>(a), s);
LOG << VAR(p) << VAR(s) << VAR(a);
return p;
}
void operator delete (void * p, size_t s, std::align_val_t a)
{
LOG << VAR(p) << VAR(s) << VAR(a);
if (p) free(p);
}
#if 1
void * operator new[ ] (size_t s, std::align_val_t a)
{
auto p = aligned_alloc(static_cast<size_t>(a), s);
LOG << VAR(p) << VAR(s) << VAR(a);
return p;
}
void operator delete[ ] (void *p, size_t s, std::align_val_t a)
{
LOG << VAR(p) << VAR(s) << VAR(a);
if (p) free(p);
}
#endif
};
int main()
{
{
LOG << " std::make_unique<Foo>";
auto p = std::make_unique<Foo>();
}
{
LOG << " std::make_unique<Foo[]>";
auto p = std::make_unique<Foo[]>(3);
}
}
https://godbolt.org/z/7xd8YM https://godbolt.org/z/7xd8YM
gcc logs (no address sanitizer): gcc 日志(无地址清理程序):
int main() std::make_unique<Foo>
static void* Foo::operator new(size_t, std::align_val_t) p=[0x21d6ec0] s=[32] a=[32]
static void Foo::operator delete(void*, size_t, std::align_val_t) p=[0x21d6ec0] s=[32] a=[32]
int main() std::make_unique<Foo[]>
static void* Foo::operator new [](size_t, std::align_val_t) p=[0x21d6f40] s=[96] a=[32]
static void Foo::operator delete [](void*, size_t, std::align_val_t) p=[0x21d6f40] s=[3616] a=[32]
Note that s value for Foo[] doesn't match for new[] and delete[] operations.请注意, Foo[] s值与new[]和delete[]操作不匹配。
Address sanitizer reports buffer overflow.地址清理程序报告缓冲区溢出。
clang is fine clang 没问题
Question问题
Its there a way to fix this problem?它有办法解决这个问题吗? For example add some compiler flag (there is see edit section below).例如添加一些编译器标志(参见下面的编辑部分)。
Is this a known issue?这是一个已知的问题? I do not know how to find respective bug report for that (IMO it is gcc bug).我不知道如何找到相应的错误报告(IMO 它是 gcc 错误)。
Edit/Clue编辑/线索
Ok I have a workaround.好的,我有一个解决方法。 Adding explicit destructor ~Foo() {} fixes this issue: https://godbolt.org/z/WoM91Y (use of ~Foo() = default; doesn't fix it).添加显式析构函数~Foo() {}解决了这个问题: https://godbolt.org/z/WoM91Y (使用~Foo() = default;没有解决它)。
1 个解决方案
解决方案1
1 2021-01-22 11:12:29
Interestingly enough, adding default non-inline destructor ( Foo::~Foo()=default; ) fixes the problem too.有趣的是,添加默认的非内联析构函数( Foo::~Foo()=default; )也解决了这个问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.