| Kostya Serebryany | ce98c9b | 2011-11-28 20:51:02 +0000 | [diff] [blame] | 1 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" |
| 2 | "http://www.w3.org/TR/html4/strict.dtd"> |
| 3 | <!-- Material used from: HTML 4.01 specs: http://www.w3.org/TR/html401/ --> |
| 4 | <html> |
| 5 | <head> |
| 6 | <META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> |
| 7 | <title>AddressSanitizer, a fast memory error detector</title> |
| 8 | <link type="text/css" rel="stylesheet" href="../menu.css"> |
| 9 | <link type="text/css" rel="stylesheet" href="../content.css"> |
| 10 | <style type="text/css"> |
| 11 | td { |
| 12 | vertical-align: top; |
| 13 | } |
| 14 | </style> |
| 15 | </head> |
| 16 | <body> |
| 17 | |
| 18 | <!--#include virtual="../menu.html.incl"--> |
| 19 | |
| 20 | <h1>AddressSanitizer</h1> |
| 21 | <ul> |
| 22 | <li> <a href="intro">Introduction</a> |
| 23 | <li> <a href="usage">Usage</a> |
| 24 | <ul><li> <a href="has_feature">__has_feature(address_sanitizer)</a></ul> |
| 25 | <li> <a href="platforms">Supported Platforms</a> |
| 26 | <li> <a href="limitations">Limitations</a> |
| 27 | <li> <a href="status">Current Status</a> |
| 28 | </ul> |
| 29 | |
| 30 | <h2 id="intro">Introduction</h2> |
| 31 | AddressSanitizer is a fast memory error detector. |
| 32 | It consists of a compiler instrumentation module and a run-time library. |
| 33 | The tool can detect the following types of bugs: |
| 34 | <ul> <li> Out-of-bounds accesses to <ul><li>heap <li>stack <li>globals</ul> |
| 35 | <li> Use-after-free |
| 36 | <li> Use-after-return (to some extent) |
| 37 | <li> Double-free |
| 38 | </ul> |
| 39 | Typical slowdown introduced by AddressSanitizer is <b>2x</b>. |
| 40 | |
| 41 | <h2 id="intro">Usage</h2> |
| 42 | In order to use AddressSanitizer simply compile and link your program with |
| 43 | <tt>-faddress-sanitizer</tt> flag and optimization level <tt>-O1</tt> or higher |
| 44 | and then run it. If a bug is detected, the program will print an error message |
| 45 | and exit. |
| 46 | |
| 47 | <h3 id="has_feature">__has_feature(address_sanitizer)</h3> |
| 48 | In some cases one may need to execute different code depending on whether |
| 49 | AddressSanitizer is enabled. |
| 50 | <a href="LanguageExtensions.html#__has_feature_extension">__has_feature</a> |
| 51 | can be used for this purpose. |
| 52 | <pre> |
| 53 | #if defined(__has_feature) && __has_feature(address_sanitizer) |
| 54 | code that runs only under AddressSanitizer |
| 55 | #else |
| 56 | code that does not run under AddressSanitizer |
| 57 | #endif |
| 58 | </pre> |
| 59 | |
| 60 | <h2 id="platforms">Supported Platforms</h2> |
| 61 | AddressSanitizer is supported on the following platforms: |
| 62 | <ul> <li>Linux <ul> <li> i386 <li> x86_64 <li> ARM </ul> |
| 63 | <li>Darwin <ul> <li> i386 <li> x86_64 </ul> |
| 64 | </ul> |
| 65 | |
| 66 | <h2 id="limitations">Limitations</h2> |
| 67 | <ul> |
| 68 | <li> AddressSanitizer uses more real memory than a native run. |
| 69 | How much -- depends on the allocations sizes. The smaller the |
| 70 | allocations you make the bigger the overhead. |
| 71 | <li> On 64-bit platforms AddressSanitizer maps (but not reserves) |
| 72 | 16+ Terabytes of virtual address space. |
| 73 | This means that tools like <tt>ulimit</tt> may not work as usually expected. |
| 74 | <li> Static linking is not supported. |
| 75 | </ul> |
| 76 | |
| 77 | |
| 78 | <h2 id="status">Current Status</h2> |
| 79 | AddressSanitizer is work-in-progress and is not yet fully functional in the LLVM/Clang head. |
| 80 | For the up-to-date usable version and full documentation refer to |
| 81 | <a href="http://code.google.com/p/address-sanitizer/">http://code.google.com/p/address-sanitizer</a>. |
| 82 | |
| 83 | |
| 84 | </body> |
| 85 | </html> |