c++crash libraries new-operator delete-operator

new / delete mismatch

In my library (which replace global new/delete operators), I use another external library (casablanca pplx). This external library doesn't include the replaced new/delete operators (I checked by using the show includes option of Visual studio).

Some objects of this external library (like streams or exceptions) are created by using the default new[] operator (which calls my replaced new operator), and are destroyed by using the default delete[] operator (which doesn't call my replaced delete operator). This results in a general protection fault.

What can explain that behavior?

I use Visual Studio 2012.

Example source code (get google.fr by using the casablanca http client):

web::http::client::http_client_config config;
config.set_timeout(std::chrono::seconds(10));
utility::string_t uri = L"http://www.google.fr";
web::http::client::http_client client(uri, config);
web::http::http_request request(web::http::methods::GET);

client.request(request).then([uri](web::http::http_response response ) {
    unsigned short statusCode = response.status_code();
    if (statusCode == 200)
    {
        concurrency::streams::stringstreambuf stream;
        return response.body().read_to_end(stream).then([stream](size_t) {
            std::string responseText = stream.collection();
        }); // crash here (stream destructor)
    }
});

New callstack :

Application64_d.dll!operator new(unsigned __int64 iSize) Line 262   C++ // My replaced new operator
Application64_d.dll!operator new[](unsigned __int64 count) Line 7   C++ // C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\crt\src\newaop.cpp
Application64_d.dll!Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block::_block(unsigned __int64 size) Line 437    C++
Application64_d.dll!std::_Ref_count_obj<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block>::_Ref_count_obj<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block><unsigned __int64 & __ptr64>(unsigned __int64 & _V0) Line 873    C++
Application64_d.dll!std::make_shared<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block,unsigned __int64 & __ptr64>(unsigned __int64 & _V0) Line 972  C++
Application64_d.dll!Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_alloc(unsigned __int64 count) Line 165   C++
Application64_d.dll!Concurrency::streams::details::streambuf_state_manager<unsigned char>::alloc(unsigned __int64 count) Line 651   C++
Application64_d.dll!Concurrency::streams::streambuf<unsigned char>::alloc(unsigned __int64 count) Line 993  C++
Application64_d.dll!web::http::client::details::winhttp_client::completion_callback(void * hRequestHandle, unsigned __int64 context, unsigned long statusCode, void * statusInfo, unsigned long statusInfoLength) Line 1167 C++
winhttp.dll!00007ff83259db67()  Unknown
winhttp.dll!00007ff83259d87a()  Unknown
winhttp.dll!00007ff832599fe5()  Unknown
Application64_d.dll!web::http::client::details::winhttp_client::read_next_response_chunk(web::http::client::details::winhttp_request_context * pContext, unsigned long bytesRead, bool firstRead) Line 693  C++
Application64_d.dll!web::http::client::details::winhttp_client::completion_callback(void * hRequestHandle, unsigned __int64 context, unsigned long statusCode, void * statusInfo, unsigned long statusInfoLength) Line 1156 C++
winhttp.dll!00007ff83259db67()  Unknown
winhttp.dll!00007ff8325c653d()  Unknown
Application64_d.dll!web::http::client::details::winhttp_client::completion_callback(void * hRequestHandle, unsigned __int64 context, unsigned long statusCode, void * statusInfo, unsigned long statusInfoLength) Line 1051 C++
winhttp.dll!00007ff83259db67()  Unknown
winhttp.dll!00007ff8325a20b7()  Unknown
winhttp.dll!00007ff8325958a0()  Unknown
winhttp.dll!00007ff832594699()  Unknown
ntdll.dll!00007ff839723021()    Unknown
ntdll.dll!00007ff839721989()    Unknown
kernel32.dll!00007ff8392c2774() Unknown
ntdll.dll!00007ff839750d51()    Unknown

Delete callstack :

msvcr110d.dll!operator delete(void * pUserData) Line 52 C++ // C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\crt\src\dbgdel.cpp
msvcr110d.dll!operator delete[](void * p) Line 22   C++ // C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\crt\src\delete2.cpp
Application64_d.dll!Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block::~_block() Line 443    C++
Application64_d.dll!Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block::`scalar deleting destructor'(unsigned int)    C++
Application64_d.dll!std::_Ref_count_obj<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block>::_Destroy() Line 885  C++
Application64_d.dll!std::_Ref_count_base::_Decref() Line 121    C++
Application64_d.dll!std::_Ptr_base<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block>::_Decref() Line 347    C++
Application64_d.dll!std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block>::~shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block>() Line 624 C++
Application64_d.dll!std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block>::`scalar deleting destructor'(unsigned int)   C++
Application64_d.dll!std::allocator<std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> >::destroy<std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> >(std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> * _Ptr) Line 624  C++
Application64_d.dll!std::allocator_traits<std::allocator<std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> > >::destroy<std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> >(std::allocator<std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> > & _Al, std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> * _Ptr) Line 758    C++
Application64_d.dll!std::_Wrap_alloc<std::allocator<std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> > >::destroy<std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> >(std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> * _Ptr) Line 910   C++
Application64_d.dll!std::deque<std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block>,std::allocator<std::shared_ptr<Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_block> > >::pop_front() Line 1476    C++
Application64_d.dll!Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::update_read_head(unsigned __int64 count) Line 644 C++
Application64_d.dll!Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::read(unsigned char * ptr, unsigned __int64 count, bool advance) Line 620  C++
Application64_d.dll!<lambda_1f1656160f66eb3ff369c30cc6352caf>::operator()() Line 279    C++
Application64_d.dll!std::_Callable_obj<<lambda_1f1656160f66eb3ff369c30cc6352caf>,0>::_ApplyX<void>() Line 431   C++
Application64_d.dll!std::_Func_impl<std::_Callable_obj<<lambda_1f1656160f66eb3ff369c30cc6352caf>,0>,std::allocator<std::_Func_class<void,std::_Nil,std::_Nil,std::_Nil,std::_Nil,std::_Nil,std::_Nil,std::_Nil> >,void,std::_Nil,std::_Nil,std::_Nil,std::_Nil,std::_Nil,std::_Nil,std::_Nil>::_Do_call() Line 239  C++
Application64_d.dll!std::_Func_class<void,std::_Nil,std::_Nil,std::_Nil,std::_Nil,std::_Nil,std::_Nil,std::_Nil>::operator()() Line 514 C++
Application64_d.dll!Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_request::complete() Line 543 C++
Application64_d.dll!Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::fulfill_outstanding() Line 424    C++
Application64_d.dll!Concurrency::streams::details::basic_producer_consumer_buffer<unsigned char>::_close_write() Line 360   C++
Application64_d.dll!Concurrency::streams::details::streambuf_state_manager<unsigned char>::close(int mode) Line 413 C++
Application64_d.dll!Concurrency::streams::streambuf<unsigned char>::close(int mode) Line 960    C++
Application64_d.dll!Concurrency::streams::basic_ostream<unsigned char>::close() Line 151    C++
Application64_d.dll!web::http::details::http_msg_base::_complete(unsigned __int64 body_size, const std::exception_ptr & exceptionPtr) Line 181  C++
Application64_d.dll!web::http::client::details::request_context::complete_request(unsigned __int64 body_size) Line 119  C++
Application64_d.dll!web::http::client::details::winhttp_client::completion_callback(void * hRequestHandle, unsigned __int64 context, unsigned long statusCode, void * statusInfo, unsigned long statusInfoLength) Line 1194 C++
winhttp.dll!00007ff83259db67()  Unknown
winhttp.dll!00007ff83259d87a()  Unknown
winhttp.dll!00007ff832599fe5()  Unknown
Application64_d.dll!web::http::client::details::winhttp_client::read_next_response_chunk(web::http::client::details::winhttp_request_context * pContext, unsigned long bytesRead, bool firstRead) Line 693  C++
Application64_d.dll!web::http::client::details::winhttp_client::completion_callback(void * hRequestHandle, unsigned __int64 context, unsigned long statusCode, void * statusInfo, unsigned long statusInfoLength) Line 1231 C++
winhttp.dll!00007ff83259b6aa()  Unknown
Application64_d.dll!web::http::client::details::winhttp_client::completion_callback(void * hRequestHandle, unsigned __int64 context, unsigned long statusCode, void * statusInfo, unsigned long statusInfoLength) Line 1174 C++
winhttp.dll!00007ff83259db67()  Unknown
winhttp.dll!00007ff8325955e7()  Unknown
winhttp.dll!00007ff832594699()  Unknown
ntdll.dll!00007ff839723021()    Unknown
ntdll.dll!00007ff839721989()    Unknown
kernel32.dll!00007ff8392c2774() Unknown
ntdll.dll!00007ff839750d51()    Unknown

new and delete operators :

inline void* operator new (::size_t size);
inline void operator delete (void* ptr);
inline void* operator new[] (::size_t size);
inline void operator delete[] (void* ptr);

Solution

In Visual Studio 2013 (and older), the default delete[] operator is not built in the binary of the application (as opposed to the default new, new[] and delete operators). It is called directly from msvcr110d.dll.

When the inline keyword is used, the replaced new[] and delete[] operators are not used as default in the whole application (as opposed to the new and delete operators) unless we explicitly include the header.
So the default new[] operator (built in the binary of the application) calls the replaced new operator.
But the default delete[] operator (called directly from msvcr110d.dll) doesn't find the replaced delete operator and use the default delete operator (from msvcr110d.dll).

For my solution, I removed the inline keyword and put the operators in a source file.
This bug has been fixed and should not appear in Visual Studio 2015 (and newer).