https://baszerr.eu/ Sat, 02 May 2026 10:36:18 +0000 FeedCreator 1.8 https://baszerr.eu/lib/exe/fetch.php?media=wiki:dokuwiki.svg https://baszerr.eu/ https://baszerr.eu/doku.php?id=blog:2013:05:25:asan <h1 class="sectionedit1" id="address_sanitizer">2013.05.25 - address sanitizer</h1> <div class="level1"> <p> when it comes to debugging memory issues two tools have a warm place in my heart: <a href="https://en.wikipedia.org/wiki/Duma (software)" class="interwiki iw_wp" title="https://en.wikipedia.org/wiki/Duma (software)">duma</a> and <a href="https://en.wikipedia.org/wiki/valgrind" class="interwiki iw_wp" title="https://en.wikipedia.org/wiki/valgrind">valgrind</a>. both are nice, but there is always some “but”. duma is fast, but is only able to detect issues related to a heap. valgrind is a bit more robust (in fact – not limited to out-of-range r/w detection), but is terribly slow. recently i got aware of a new kid in town – <a href="https://code.google.com/p/address-sanitizer" class="urlextern" title="https://code.google.com/p/address-sanitizer" rel="ugc nofollow">address sanitizer</a> plugin for <a href="https://en.wikipedia.org/wiki/clang" class="interwiki iw_wp" title="https://en.wikipedia.org/wiki/clang">clang</a>, starting with version 3.1. it is <a href="http://clang.llvm.org/docs/AddressSanitizer.html" class="urlextern" title="http://clang.llvm.org/docs/AddressSanitizer.html" rel="ugc nofollow">incredibly easy to use</a>: it is enough to pass <em>-g -fsanitize=address -fno-omit-frame-pointer</em> flags to compilation and linking, and it is done – code is instrumented using Asan! </p> <p> the main idea behind this tool is to instrument code, in places that “might go wrong”, instead of relying on page allocations (heap-only) or full emulation (slow). most of the memory issues can be detected this way, while having minimal overhead on the performance (~2x, typically) and extra memory usage (both heap and stack). </p> <p> having sample program: </p> <pre class="code c"><span class="co2">#include &lt;iostream&gt;</span> using namespace std<span class="sy0">;</span> <span class="kw4">char</span> <span class="kw4">const</span><span class="sy0">*</span> mkStr<span class="br0">&#40;</span>string const<span class="sy0">&amp;</span> in<span class="br0">&#41;</span> <span class="br0">&#123;</span> <span class="kw1">return</span> in.<span class="me1">c_str</span><span class="br0">&#40;</span><span class="br0">&#41;</span><span class="sy0">;</span> <span class="br0">&#125;</span> <span class="kw4">int</span> main<span class="br0">&#40;</span><span class="kw4">void</span><span class="br0">&#41;</span> <span class="br0">&#123;</span> <span class="kw4">auto</span> str <span class="sy0">=</span> mkStr<span class="br0">&#40;</span><span class="st0">&quot;abc&quot;</span><span class="br0">&#41;</span><span class="sy0">;</span> cout <span class="sy0">&lt;&lt;</span> str <span class="sy0">&lt;&lt;</span> endl<span class="sy0">;</span> <span class="kw1">return</span> <span class="nu0">0</span><span class="sy0">;</span> <span class="br0">&#125;</span></pre> <p> and running binary compiled with llvm/clang-trunk (i.e. pre-3.3 release), produces the following output: </p> <p> <a href="https://baszerr.eu/lib/exe/detail.php?id=blog%3A2013%3A05%3A25%3Aasan&amp;media=blog:2013:05:25:asan_error_report.png" class="media" title="blog:2013:05:25:asan_error_report.png"><img src="https://baszerr.eu/lib/exe/fetch.php?media=blog:2013:05:25:asan_error_report.png" class="media" loading="lazy" title="asan error report: heap" alt="asan error report: heap" /></a> </p> <p> similarly out-of-bound reads on stack can be detected. happy debugging! :) </p> </div> anonymous@undisclosed.example.com (Anonymous) Tue, 15 Jun 2021 20:09:05 +0000