Hello, Some of std::vector misuses are very hard to find with internal STL checks or using external tools (such as Valgrind or AddressSanitizer [1]).
Example: std::vector<int> v(4); v.reserve(8); int *p = v.data(); p[6] = 0; // BOOM We call these bugs "container overflow" [2,6] and we've developed a method for finding them using a combination of AddressSanitizer [1] and code annotations in the STL code. We've implemented these annotations in libc++ trunk [3] and in our branch of libstdc++ [4]. These annotations have found over 30 bugs for us, and are still finding more. Would you consider a patch similar to [4] for libstdc++ trunk? If yes, any comments on the patch? The current patch has a (minor) problem that affects only code with exceptions [5]. If the libstdc++ team is generally ok with the idea I will work on the updated patch and send it for review. [1] http://code.google.com/p/address-sanitizer/ [2] https://code.google.com/p/address-sanitizer/wiki/ContainerOverflow [3] http://llvm.org/viewvc/llvm-project?view=revision&revision=208319 [4] https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=207517 [5] https://www.mail-archive.com/cfe-commits@cs.uiuc.edu/msg96615.html [6] http://llvm.org/devmtg/2014-04/PDFs/LightningTalks/EuroLLVM%202014%20--%20container%20overflow.pdf Thanks, --kcc
