...
Each bullet point links to an example (in C++) of what it looks like when ASan detects an error. They all start similar (ERROR: AddressSanitizer
...) except for Memory leaks (ERROR: LeakSanitizer...).
Two examples are provided below.:
Code Block |
---|
language | bash |
---|
theme | Emacs |
---|
title | Address Sanitizer: heap use after free |
---|
|
==162==ERROR: AddressSanitizer: heap-use-after-free on address 0x607000000025 at pc 0x0000004c317b bp 0x7ffccaf1d220 sp 0x7ffccaf1d218
READ of size 1 at 0x607000000025 thread T0
#0 0x4c317a in main (/mnt/c/Users/Pascal/netdef/a.out+0x4c317a)
#1 0x7f60f59e00b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
#2 0x41b2dd in _start (/mnt/c/Users/Pascal/netdef/a.out+0x41b2dd)
0x607000000025 is located 5 bytes inside of 80-byte region [0x607000000020,0x607000000070)
freed by thread T0 here:
#0 0x49379d in free (/mnt/c/Users/Pascal/netdef/a.out+0x49379d)
#1 0x4c3135 in main (/mnt/c/Users/Pascal/netdef/a.out+0x4c3135)
#2 0x7f60f59e00b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
previously allocated by thread T0 here:
#0 0x493a1d in malloc (/mnt/c/Users/Pascal/netdef/a.out+0x493a1d)
#1 0x4c3128 in main (/mnt/c/Users/Pascal/netdef/a.out+0x4c3128)
#2 0x7f60f59e00b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
SUMMARY: AddressSanitizer: heap-use-after-free (/mnt/c/Users/Pascal/netdef/a.out+0x4c317a) in main |
Code Block |
---|
language | bash |
---|
theme | Emacs |
---|
title | Address Sanitizer: memory leaks |
---|
|
==172==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 7 byte(s) in 1 object(s) allocated from:
#0 0x493a1d in malloc (/mnt/c/Users/Pascal/netdef/a.out+0x493a1d)
#1 0x4c3128 in main (/mnt/c/Users/Pascal/netdef/a.out+0x4c3128)
#2 0x7f61f03c50b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
SUMMARY: AddressSanitizer: 7 byte(s) leaked in 1 allocation(s). |
UndefinedBehavior Sanitizer
...
Code Block |
---|
language | bash |
---|
theme | Emacs |
---|
title | UndefinedBehavior: signed integer overflow |
---|
|
test.c:3:5: runtime error: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior test.c:3:5 in |
Thread Sanitizer
ThreadSanitizer
(aka TSan) is a data race detector for C/C++. Data races are one of the most common and hardest to debug types of bugs in concurrent systems. A data race occurs when two threads access the same variable concurrently and at least one of the accesses is write. An example is provided below:
Code Block |
---|
language | bash |
---|
theme | Emacs |
---|
title | Thread Sanitizer: data race |
---|
|
ThreadSanitizer:DEADLYSIGNAL
==204==ERROR: ThreadSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0000004883e8 bp 0x7f697bfbf2f0 sp 0x7f697bfbf2d8 T205)
==204==The signal is caused by a WRITE memory access.
==204==Hint: address points to the zero page.
ThreadSanitizer:DEADLYSIGNAL
ThreadSanitizer: nested bug in the same thread, aborting. |