On Mon, Aug 25, 2014 at 11:21 AM, Kostya Serebryany <[email protected]> wrote:
> >>! In D4774#11, @samsonov wrote:>>! In D4774#10, @rsmith wrote:
> > Is this change correct? Suppose I do this:
> >
> > char Buffer[32];
> > // ...
> > new (Buffer) int[4];
> > // ...
> > new (Buffer) int(0);
> >
> > Won't we get a false positive on the last line?
>
> Not sure I understand this test.
> First, with arrays of PODs you don't have cookies at all.
> Second, do we have the cookie with placement new at all?
>
Good point. Here's a complete test case:
void *operator new[](unsigned long, char *);
struct S { S(); ~S(); int n; };
char Buffer[20];
S *p = new (Buffer) S[20];
int main() { return Buffer[0]; }
I think it's fine to activate the sanitizer for new-expressions that call
the usual (replaceable) global array new, since in that case the program
really can't use those bytes, and the only way to free them is with a
'delete[]' expression. But I don't think you can do this for a placement
array new.
(The good news is that placement array new's are not widely used and are
mostly useless so we don't lose much by adding this restriction.)
_______________________________________________
cfe-commits mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
