[llvm-bugs] [Bug 129701] [ASAN] `new-delete-type-mismatch` with allocation bigger than the object

Tue, 04 Mar 2025 05:01:59 -0800

Issue 129701
Summary [ASAN] `new-delete-type-mismatch` with allocation bigger than the object
Labels compiler-rt:asan, false-positive
Assignees
Reporter firewave 
    This has been reduced from code in https://github.com/mamedev/mame/blob/master/src/osd/modules/file/posixfile.cpp.

```cpp
#include <memory>

struct entry
{
    const char * name;
};

static std::unique_ptr<entry> osd_stat()
{
    entry *result = reinterpret_cast<entry *>(::operator new(sizeof(*result) + 1));

    return std::unique_ptr<entry>(result);
}

int main()
{
    auto f = osd_stat();
}
```
https://godbolt.org/z/G8Kfz945c

```
==1==ERROR: AddressSanitizer: new-delete-type-mismatch on 0x502000000010 in thread T0:
 object passed to delete has wrong type:
  size of the allocated type:   9 bytes;
  size of the deallocated type: 8 bytes.
    #0 0x5b65dbf6a542 in operator delete(void*, unsigned long) /root/llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:155:3
    #1 0x5b65dbf6c19b in std::default_delete<entry>::operator()(entry*) const /opt/compiler-explorer/gcc-14.2.0/lib/gcc/x86_64-linux-gnu/14.2.0/../../../../include/c++/14.2.0/bits/unique_ptr.h:93:2
 #2 0x5b65dbf6bebf in std::unique_ptr<entry, std::default_delete<entry>>::~unique_ptr() /opt/compiler-explorer/gcc-14.2.0/lib/gcc/x86_64-linux-gnu/14.2.0/../../../../include/c++/14.2.0/bits/unique_ptr.h:398:4
 #3 0x5b65dbf6bda3 in main /app/example.cpp:18:1
    #4 0x7750ada29d8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 490fef8403240c91833978d494d39e537409b92e)
    #5 0x7750ada29e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f) (BuildId: 490fef8403240c91833978d494d39e537409b92e)
    #6 0x5b65dbe8b354 in _start (/app/output.s+0x2c354)

0x502000000010 is located 0 bytes inside of 9-byte region [0x502000000010,0x502000000019)
allocated by thread T0 here:
    #0 0x5b65dbf698dd in operator new(unsigned long) /root/llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:86:3
    #1 0x5b65dbf6be20 in osd_stat() /app/example.cpp:10:47
    #2 0x5b65dbf6bd9a in main /app/example.cpp:17:14
    #3 0x7750ada29d8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 490fef8403240c91833978d494d39e537409b92e)

SUMMARY: AddressSanitizer: new-delete-type-mismatch /app/example.cpp:18:1 in main
```

_______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs

Reply via email to