https://bugs.kde.org/show_bug.cgi?id=511932
Bug ID: 511932
Summary: bogus "Mismatched new/delete size" for delete of
pointer to base class
Classification: Developer tools
Product: valgrind
Version First 3.25.1
Reported In:
Platform: Debian unstable
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: memcheck
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
SUMMARY
Deleting a C++ object via a pointer to its base class is a valid operation -
https://en.cppreference.com/w/cpp/language/delete.html says:
ptr must be one of [...] a pointer to a base subobject of a non-array
object created by a new-expression.
However recent versions of valgrind complain about the size being mismatched.
STEPS TO REPRODUCE
$ cat del.cc
struct B {
int x;
};
struct C : public B {
int y;
};
int main() {
B* x = new C();
delete x;
}
$ g++ del.cc
$ valgrind --tool=memcheck ./a.out
==1002990== Memcheck, a memory error detector
==1002990== Copyright (C) 2002-2024, and GNU GPL'd, by Julian Seward et al.
==1002990== Using Valgrind-3.25.1 and LibVEX; rerun with -h for copyright info
==1002990== Command: ./a.out
==1002990==
==1002990== Mismatched new/delete size value: 4
==1002990== at 0x484D809: operator delete(void*, unsigned long)
(vg_replace_malloc.c:1181)
==1002990== by 0x4001197: main (in /home/olly/a.out)
==1002990== Address 0x4e43080 is 0 bytes inside a block of size 8 alloc'd
==1002990== at 0x4849F93: operator new(unsigned long)
(vg_replace_malloc.c:487)
==1002990== by 0x400115A: main (in /home/olly/a.out)
==1002990==
==1002990==
==1002990== HEAP SUMMARY:
==1002990== in use at exit: 0 bytes in 0 blocks
==1002990== total heap usage: 2 allocs, 2 frees, 73,736 bytes allocated
==1002990==
==1002990== All heap blocks were freed -- no leaks are possible
==1002990==
==1002990== For lists of detected and suppressed errors, rerun with: -s
==1002990== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
OBSERVED RESULT
==1002990== Mismatched new/delete size value: 4
EXPECTED RESULT
No valgrind errors.
SOFTWARE/OS VERSIONS
This is using the Debian unstable using valgrind package 3.25.1-3.
ADDITIONAL INFORMATION
I can also reproduce with 3.24.0-3 but not 3.20.0-2.1 (that's as tightly as I
can narrow it down using package versions in the Debian snapshot service).
Looking at the changelog, it seems these checks were added in 3.22.0, but that
was over 2 years ago and even 3.24.0 was over a year ago so I'm not sure why
I've only just started to notice this as my non-reduced code that triggers this
is much older than that and regularly testing with valgrind. Maybe GCC or
libstdc++ has changed to calling the sized delete?
--
You are receiving this mail because:
You are watching all bug changes.
