On 12.05.14 13:13, Kostya Serebryany wrote:
Do you have a test that demonstrates that? That would be very helpful.
In push_back for example, you annotate that the length increases by 1, but then you don't undo that annotation if the copy constructor of the element throws an exception. Afterwards the sanitizer can't properly check accesses to the end of the vector and the next time the vector calls __sanitizer_annotate_contiguous_container it will pass a wrong old_mid pointer.
And an unrelated issue: the documentation for __sanitizer_annotate_contiguous_container states that the complete buffer should be unpoisened before it is deallocated. This doesn't seem to be happening in the destructor or in the deallocate function.
- Stephan _______________________________________________ cfe-commits mailing list cfe-commits@cs.uiuc.edu http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
