u/0x6461726B

When I try to run with -fsanitize=address it is infinitely looping and when I do debugging using lldb. This is what I got.

* thread #1, stop reason = signal SIGSTOP   * frame #0: 0x0000000182194c88 libsystem_kernel.dylib`swtch_pri + 8     frame #1: 0x00000001821d5c28 libsystem_pthread.dylib`cthread_yield + 36     frame #2: 0x000000010062de1c libclang_rt.asan_osx_dynamic.dylib`__sanitizer::internal_sched_yield() + 16     frame #3: 0x0000000100630d24 libclang_rt.asan_osx_dynamic.dylib`__sanitizer::StaticSpinMutex::LockSlow() + 64     frame #4: 0x000000010065e9cc libclang_rt.asan_osx_dynamic.dylib`__asan_init.cold.1 + 68     frame #5: 0x000000010061efa8 libclang_rt.asan_osx_dynamic.dylib`__asan::AsanInitFromRtl() + 40     frame #6: 0x0000000100615a70 libclang_rt.asan_osx_dynamic.dylib`__sanitizer_mz_malloc + 36     frame #7: 0x0000000182005178 libsystem_malloc.dylib`_malloc_zone_malloc_instrumented_or_legacy + 152     frame #8: 0x0000000181fe9678 libsystem_malloc.dylib`_malloc_type_malloc_outlined + 96     frame #9: 0x0000000181ea3d94 libsystem_blocks.dylib`_Block_copy + 84     frame #10: 0x0000000242a128c8 Dyld`dyld_shared_cache_iterate_text_swift + 28     frame #11: 0x0000000100632d60 libclang_rt.asan_osx_dynamic.dylib`__sanitizer::get_dyld_hdr() + 236     frame #12: 0x0000000100633110 libclang_rt.asan_osx_dynamic.dylib`__sanitizer::MemoryMappingLayout::Next(__sanitizer::MemoryMappedSegment*) + 148     frame #13: 0x0000000100631a38 libclang_rt.asan_osx_dynamic.dylib`__sanitizer::MemoryRangeIsAvailable(unsigned long, unsigned long) + 172     frame #14: 0x000000010061f9b8 libclang_rt.asan_osx_dynamic.dylib`__asan::InitializeShadowMemory() + 104     frame #15: 0x000000010065ead4 libclang_rt.asan_osx_dynamic.dylib`__asan::AsanInitInternal() (.cold.1) + 260     frame #16: 0x000000010061efe8 libclang_rt.asan_osx_dynamic.dylib`__asan::AsanInitInternal() + 52     frame #17: 0x000000010065e9b0 libclang_rt.asan_osx_dynamic.dylib`__asan_init.cold.1 + 40     frame #18: 0x000000010061efa8 libclang_rt.asan_osx_dynamic.dylib`__asan::AsanInitFromRtl() + 40     frame #19: 0x00000001006151d0 libclang_rt.asan_osx_dynamic.dylib`wrap_malloc_default_zone + 16     frame #20: 0x0000000181fd94ac libsystem_malloc.dylib`__malloc_init + 1524     frame #21: 0x0000000191ff5328 libSystem.B.dylib`libSystem_initializer + 204     frame #22: 0x0000000181e48e30 dyld`invocation function for block in dyld4::Loader::findAndRunAllInitializers(dyld4::RuntimeState&) const::$_0::operator()() const + 180     frame #23: 0x0000000181e54114 dyld`invocation function for block in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const + 320     frame #24: 0x0000000181e8a860 dyld`invocation function for block in mach_o::UnsafeHeader::forEachSection(void (mach_o::UnsafeHeader::SectionInfo const&, bool&) block_pointer) const + 312     frame #25: 0x0000000181e87394 dyld`mach_o::UnsafeHeader::forEachLoadCommand(void (load_command const*, bool&) block_pointer) const + 208     frame #26: 0x0000000181e88c3c dyld`mach_o::UnsafeHeader::forEachSection(void (mach_o::UnsafeHeader::SectionInfo const&, bool&) block_pointer) const + 124     frame #27: 0x0000000181e53c08 dyld`dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const + 516     frame #28: 0x0000000181e437d4 dyld`dyld4::Loader::findAndRunAllInitializers(dyld4::RuntimeState&) const + 528     frame #29: 0x0000000181e6cfb8 dyld`dyld4::PrebuiltLoader::runInitializers(dyld4::RuntimeState&) const + 44     frame #30: 0x0000000181e10850 dyld`dyld4::APIs::runAllInitializersForMain() + 100     frame #31: 0x0000000181e1d390 dyld`dyld4::prepare(dyld4::APIs&, mach_o::UnsafeHeader const*) + 3880     frame #32: 0x0000000181e1c44c dyld`dyld4::start(dyld4::KernelArgs*, void*, void*, unsigned long long)::$_1::operator()() const + 320     frame #33: 0x0000000181e1bda8 dyld`start + 6904

Hi guys I have written a double free code in my main.cpp

int main() {
    int* p = (int*)malloc(sizeof(int));
    free(p);
    free(p);
    return 0;
}

And compiling it with

clang++ -std=c++20 -O0 -I./vega -I/opt/homebrew/include -fsanitize=address -fno-omit-frame-pointer -c main.cpp -o build/main.o 

                                                                                                                       clang++ build/bechmarks.o build/main.o build/tests.o -L/opt/homebrew/lib -lpthread -fsanitize=address -o program

And running ./program. I am seeing nothing in the output.

I got to know about onesec app. But I am scared about my data. I have banking apps on my mobile and it continuously monitors my screen.

#ifndef VECTOR_H
#define VECTOR_H
#include <iostream>
#include <memory>
#include <new>
#include <type_traits>
#include <utility/exception_guard.h>
#include <utility>
template <class T, class Allocator>
class vector
{

    using iterator       = T*;
    using const_iterator = T const*;
    using traits         = std::allocator_traits<Allocator>;

public:
    vector()
        : _size(0)
        , _capacity(16)
        , _allocator(Allocator{})
    {
        _data = traits::allocate(_allocator, _capacity);
    }
    vector(size_t capacity)
        : _size(0)
        , _capacity(capacity)
        , _allocator(Allocator{})
    {
        try
        {
            _data = traits::allocate(_allocator, _capacity);
        }
        catch (std::bad_alloc const& err)
        {
            std::cout << err.what() << '\n';
        }
    }
    ~vector()
    {
        for (size_t i = 0; i < _size; i++)
        {
            traits::destroy(_allocator, _data + i);
        }
        traits::deallocate(_allocator, _data, _capacity);
    }
    void push_back(T&& element)
    {
        push_back_impl(std::move(element));
    }
    void push_back(T const& element)
    {
        push_back_impl(element);
    }
    void pop_back()
    {
        if (_size == 0)
            return;
        traits::destroy(_allocator, _data + _size - 1);
        _size--;
    }
    size_t size() const
    {
        return _size;
    }
    T& operator[](size_t idx)
    {
        return _data[idx];
    }
    T const& operator[](size_t idx) const
    {
        return _data[idx];
    }

    iterator begin()
    {
        return _data;
    }
    iterator end()
    {
        return _data + _size;
    }

private:
    T*        _data;
    size_t    _size;
    size_t    _capacity;
    Allocator _allocator;

    void reallocate(size_t new_capacity)
    {
        T* new_data = traits::allocate(_allocator, new_capacity);
        if constexpr (std::is_trivially_copyable_v<T>)
        {
            std::memcpy(new_data, _data, sizeof(T) * _size);
        }
        else
        {
            size_t i = 0;

            auto guard = ExceptionGuard(
                [&]()
                {
                    for (size_t j = 0; j < i; j++)
                    {
                        traits::destroy(_allocator, new_data + j);
                    }
                    traits::deallocate(_allocator, new_data, new_capacity);
                });

            for (i = 0; i < _size; i++)
            {
                traits::construct(_allocator, new_data + i, std::move_if_noexcept(_data[i]));
            }
            guard.release();
            for (size_t j = 0; j < _size; j++)
            {
                traits::destroy(_allocator, _data + j);
            }
            traits::deallocate(_allocator, _data, _capacity);
            _data = new_data;
        }
    }
    template <class U>
    void push_back_impl(U&& element)
    {
        if (_size >= _capacity)
        {
            reallocate(_capacity * 2);
            _capacity = _capacity * 2;
        }
        traits::construct(_allocator, _data + _size, std::forward<U>(element));
        _size++;
    }
};
#endif

int main()
{
    vector<int, std::allocator<int>> v;
    for (int i = 1; i < 9; i++)
    {
        v.push_back(i);
    }
    v.pop_back();
    std::cout << v[v.size()] << '\n';
}

I can still access v.size() even after destroying. How?

void pop_back()
{
    traits::destroy(_allocator, _data + _size);
    _size--;
}

If I have this pop_back function. When I push_back 4 elements and remove the last element using pop_back then again push_back it should give undefined behaviour right since it destroyed the constructed object and it is now uninitialized memory. But it is working fine when I push_back. How is this possible???

Hi everyone, I’ve recently started building my own high performnce data structures for my game. I attempted to mimic std::vector, but the implementation became messy fairly quickly. Should I aim to match all of std::vector’s features?