this has to be one of my all-time favorite bug-finding techniques: in your widely deployed software, at very low probability, you put a new heap allocation next to a protected page. performance is unaffected and the bugs that you find are those that actually matter to users in practice.
@regehr how do you rate this verbatim quote from the paper:
GWP-ASan is neither GWP nor ASan.
@amonakov A+ in computer science we make it a point to never name things accurately (including the name of the discipline itself)