This is the mail archive of the
mailing list for the libstdc++ project.
detecting "container overflow" bugs in std::vector
- From: Konstantin Serebryany <konstantin dot s dot serebryany at gmail dot com>
- To: libstdc++ at gcc dot gnu dot org
- Cc: GCC Patches <gcc-patches at gcc dot gnu dot org>, Jakub Jelinek <jakub at redhat dot com>, Paul Pluzhnikov <ppluzhnikov at google dot com>
- Date: Mon, 26 May 2014 17:40:28 +0400
- Subject: detecting "container overflow" bugs in std::vector
- Authentication-results: sourceware.org; auth=none
Some of std::vector misuses are very hard to find with internal STL checks
or using external tools (such as Valgrind or AddressSanitizer ).
int *p = v.data();
p = 0; // BOOM
We call these bugs "container overflow" [2,6] and we've developed a
method for finding them
using a combination of AddressSanitizer  and code annotations in
the STL code.
We've implemented these annotations in libc++ trunk  and in our
branch of libstdc++ .
These annotations have found over 30 bugs for us, and are still finding more.
Would you consider a patch similar to  for libstdc++ trunk?
If yes, any comments on the patch?
The current patch has a (minor) problem that affects only code with
If the libstdc++ team is generally ok with the idea I will work on the
and send it for review.