From d967dcb155f245f0b926133474ad5d8324cdab17 Mon Sep 17 00:00:00 2001 From: Alexandre Duret-Lutz Date: Fri, 17 Nov 2017 17:22:02 +0100 Subject: [PATCH] fix ASAN reports about mismatched emplace new/delete * spot/misc/bitvect.cc, spot/misc/bitvect.hh, spot/tl/formula.cc, spot/tl/formula.hh: Here. * NEWS: Mention the bug. --- NEWS | 2 ++ spot/misc/bitvect.cc | 12 ++++++------ spot/misc/bitvect.hh | 16 ++++++++++++++-- spot/tl/formula.cc | 15 ++++++++------- spot/tl/formula.hh | 4 ++-- 5 files changed, 32 insertions(+), 17 deletions(-) diff --git a/NEWS b/NEWS index 99374ebd1..dbad3d5a9 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,8 @@ New in spot 2.4.2.dev (not yet released) - couvreur99_new() leaked memory when processing TωA that allocate states. + - Some mismatched placement-new/delete reported by ASAN were fixed. + New in spot 2.4.2 (2017-11-07) Tools: diff --git a/spot/misc/bitvect.cc b/spot/misc/bitvect.cc index 021c3eecf..fafb9c350 100644 --- a/spot/misc/bitvect.cc +++ b/spot/misc/bitvect.cc @@ -1,5 +1,5 @@ // -*- coding: utf-8 -*- -// Copyright (C) 2013, 2014 Laboratoire de Recherche et Développement +// Copyright (C) 2013, 2014, 2017 Laboratoire de Recherche et Développement // de l'Epita (LRDE). // // This file is part of Spot, a model checking library. @@ -108,8 +108,8 @@ namespace spot // Allocate some memory for the bitvect. The instance // already contains one int of local_storage_, but // we allocate n-1 more so that we store the table. - void* mem = operator new(sizeof(bitvect) - + (n - 1) * sizeof(bitvect::block_t)); + void* mem = ::operator new(sizeof(bitvect) + + (n - 1) * sizeof(bitvect::block_t)); bitvect* res = new(mem) bitvect(size_, n, true); memcpy(res->storage_, storage_, res->block_count_ * sizeof(block_t)); return res; @@ -143,8 +143,8 @@ namespace spot // Allocate some memory for the bitvect. The instance // already contains one int of local_storage_, but // we allocate n-1 more so that we store the table. - void* mem = operator new(sizeof(bitvect) - + (n - 1) * sizeof(bitvect::block_t)); + void* mem = ::operator new(sizeof(bitvect) + + (n - 1) * sizeof(bitvect::block_t)); return new(mem) bitvect(bitcount, n); } @@ -156,7 +156,7 @@ namespace spot size_t bvsize = sizeof(bitvect) + (n - 1) * sizeof(bitvect::block_t); // Allocate the bitvect_array with enough space at the end // to store all bitvect instances. - void* mem = operator new(sizeof(bitvect_array) + bvsize * vectcount); + void* mem = ::operator new(sizeof(bitvect_array) + bvsize * vectcount); bitvect_array* bva = new(mem) bitvect_array(vectcount, bvsize); // Initialize all the bitvect instances. for (size_t i = 0; i < vectcount; ++i) diff --git a/spot/misc/bitvect.hh b/spot/misc/bitvect.hh index 210486a99..721aa9956 100644 --- a/spot/misc/bitvect.hh +++ b/spot/misc/bitvect.hh @@ -1,6 +1,6 @@ // -*- coding: utf-8 -*- -// Copyright (C) 2013, 2014, 2015, 2016 Laboratoire de Recherche et -// Développement de l'Epita (LRDE). +// Copyright (C) 2013-2017 Laboratoire de Recherche et Développement +// de l'Epita (LRDE). // // This file is part of Spot, a model checking library. // @@ -76,6 +76,12 @@ namespace spot bitvect* clone() const; + void operator delete(void *ptr) + { + // This object was allocated using a placement new. + ::operator delete(ptr); + } + void make_empty() { size_ = 0; @@ -398,6 +404,12 @@ namespace spot at(i).~bitvect(); } + void operator delete(void *ptr) + { + // This object was allocated using a placement new. + ::operator delete(ptr); + } + /// The number of bitvect in the array. size_t size() const { diff --git a/spot/tl/formula.cc b/spot/tl/formula.cc index 2a5238a95..bc78e7108 100644 --- a/spot/tl/formula.cc +++ b/spot/tl/formula.cc @@ -124,7 +124,7 @@ namespace spot } } - const fnode* fnode::unique(const fnode* f) + const fnode* fnode::unique(fnode* f) { auto ires = m.uniq.emplace(f); if (!ires.second) @@ -132,7 +132,8 @@ namespace spot //(*ires.first)->dump(std::cerr << "UNI: ") << '\n'; for (auto c: *f) c->destroy(); - delete f; + f->~fnode(); + ::operator delete(f); return (*ires.first)->clone(); } //f->dump(std::cerr << "INS: ") << '\n'; @@ -158,7 +159,8 @@ namespace spot for (auto c: *this) c->destroy(); } - delete this; + this->~fnode(); + ::operator delete(const_cast(this)); } void @@ -615,9 +617,8 @@ namespace spot v.insert(v.begin(), tt()); } - - auto mem = operator new(sizeof(fnode) - + (v.size() - 1)*sizeof(*children)); + auto mem = ::operator new(sizeof(fnode) + + (v.size() - 1)*sizeof(*children)); return unique(new(mem) fnode(o, v.begin(), v.end())); } @@ -1029,7 +1030,7 @@ namespace spot SPOT_UNREACHABLE(); } - auto mem = operator new(sizeof(fnode) + sizeof(*children)); + auto mem = ::operator new(sizeof(fnode) + sizeof(*children)); return unique(new(mem) fnode(o, {first, second})); } diff --git a/spot/tl/formula.hh b/spot/tl/formula.hh index 28c04216e..ac6368255 100644 --- a/spot/tl/formula.hh +++ b/spot/tl/formula.hh @@ -1,5 +1,5 @@ // -*- coding: utf-8 -*- -// Copyright (C) 2015, 2016 Laboratoire de Recherche et Développement de +// Copyright (C) 2015, 2016, 2017 Laboratoire de Recherche et Développement de // l'Epita (LRDE). // // This file is part of Spot, a model checking library. @@ -484,7 +484,7 @@ namespace spot [[noreturn]] static void report_min_invalid_arg(); [[noreturn]] static void report_max_invalid_arg(); - static const fnode* unique(const fnode*); + static const fnode* unique(fnode*); // Destruction may only happen via destroy(). ~fnode() = default;