We've recently discovered a serious bug in our software that was caused by assuming that a dynamically allocated array was initialized to zero (while it wasn't). So the problem was something like this:
int* foo = new int[1];
foo[0] += 10;
I'm now trying to estimate the impact of this since we also recently had a few changes in our environment: We started using new processing units which run a different OS (Win XP before, which are still used, now in addition to that some new units running Win 8).
There appears to be no problem with the computations running on the Win XP machines, but on Win 8 the same binaries produce gibberish. So the compiler does not initialize these arrays (these were optimized builds) but it seems like Windows XP does initialize newly allocated memory to zeros (while Windows 8 does not). Is this somewhere documented? Can I trust in this so that I can assume this problem did not affect all computations previously executed on the Win XP machines?
Zero initialization of pages new to the process happens in all Windows versions. It would be a security failure to do otherwise. However, depending on address space layout, new requests may or may not be satisfied by recycled allocations. And since Vista, address space is randomized.
But it's indeed possible that due to some event outside your control, you may have gotten a recycled memory page from new int[] even on XP. That could even have been a page initially allocated to your process in reaction to some OS call you made, e.g. to convert an ANSI string to UTF-16 when you called MessageBoxA(). You really can't assume that all memory that's new to you is new to your process.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments