I've been coding C++ for 15 years and I've never seen a use-after-free in the wild. (I've seen lots of other bugs and security problems, but not use-after-free.)
Use-after-free is a C thing, not a C++ thing. Granted, C++ makes is super easy to code in C, but that's an organization problem that is already solved in any sane project.
Can you recommend a static analyzer to Chromium developers? They appear to have problems with basic C++ programming; such a pity that Google cannot afford to hire competent developers like otabdeveloper2.
That's supposed to be a witty retort? Did you bother to read those bug reports you've linked to?
They are already tied to static analyzers, which is how they were found. What do you think the: "Sanitizer: address (ASAN)" or "Issue 938699: AutotestPrivateApiTest.AutotestPrivate getPrinterList failing on ASAN/LSAN" in the bug reports means?
The tool consists of a compiler instrumentation module
(currently, an LLVM pass) and a run-time library which
replaces the malloc function.
In order to detect bugs with sanitizers, you have to find a test input that actually moves program execution towards UB. This is best done with a fuzzing setup like clusterfuzz, and lots and lots of CPUs, which Google fortunately has no shortage of.
Use-after-free is a C thing, not a C++ thing. Granted, C++ makes is super easy to code in C, but that's an organization problem that is already solved in any sane project.