You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Address sanitizer

AddressSanitizer (aka ASan) is a memory error detector for C/C++. It finds:

Each bullet point links to an example (in C++) of what it looks like when ASan detects an error. They all start similar (ERROR: AddressSanitizer...) except for Memory leaks (ERROR: LeakSanitizer...). Two examples are provided below.

Address Sanitizer: heap use after free
==162==ERROR: AddressSanitizer: heap-use-after-free on address 0x607000000025 at pc 0x0000004c317b bp 0x7ffccaf1d220 sp 0x7ffccaf1d218
READ of size 1 at 0x607000000025 thread T0
    #0 0x4c317a in main (/mnt/c/Users/Pascal/netdef/a.out+0x4c317a)
    #1 0x7f60f59e00b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #2 0x41b2dd in _start (/mnt/c/Users/Pascal/netdef/a.out+0x41b2dd)

0x607000000025 is located 5 bytes inside of 80-byte region [0x607000000020,0x607000000070)
freed by thread T0 here:
    #0 0x49379d in free (/mnt/c/Users/Pascal/netdef/a.out+0x49379d)
    #1 0x4c3135 in main (/mnt/c/Users/Pascal/netdef/a.out+0x4c3135)
    #2 0x7f60f59e00b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

previously allocated by thread T0 here:
    #0 0x493a1d in malloc (/mnt/c/Users/Pascal/netdef/a.out+0x493a1d)
    #1 0x4c3128 in main (/mnt/c/Users/Pascal/netdef/a.out+0x4c3128)
    #2 0x7f60f59e00b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

SUMMARY: AddressSanitizer: heap-use-after-free (/mnt/c/Users/Pascal/netdef/a.out+0x4c317a) in main


UndefinedBehavior Sanitizer

UndefinedBehaviorSanitizer (UBSan) is a fast undefined behavior detector. UBSan modifies the program at compile-time to catch various kinds of undefined behavior during program execution.

A list of available checks can be found here. The flag -fsanitize=undefined will perform all checks except for float-divide-by-zero, unsigned-integer-overflow, implicit-conversion, local-bounds and the nullability-* group of checks.

Depending on the severity, error detection look like the following:

UndefinedBehavior: division by zero
test.c:4:13: runtime error: division by zero
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior test.c:4:13 in
UndefinedBehaviorSanitizer:DEADLYSIGNAL
==120==ERROR: UndefinedBehaviorSanitizer: FPE on unknown address 0x00000042370f (pc 0x00000042370f bp 0x7fff8e7e9860 sp 0x7fff8e7e9850 T120)
    #0 0x42370f in main (/mnt/c/Users/Pascal/netdef/a.out+0x42370f)
    #1 0x7f941dd3c0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #2 0x40330d in _start (/mnt/c/Users/Pascal/netdef/a.out+0x40330d)

UndefinedBehaviorSanitizer can not provide additional info.
SUMMARY: UndefinedBehaviorSanitizer: FPE (/mnt/c/Users/Pascal/netdef/a.out+0x42370f) in main
==120==ABORTING
UndefinedBehavior: signed integer overflow
test.c:3:5: runtime error: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior test.c:3:5 in
  • No labels