ASAN使用

参考

• https://github.com/google/sanitizers/wiki/AddressSanitizer
• Program Instrumentation Options
• 工欲善其事必先利其器——AddressSanitizer
• Linux下内存检测工具：asan
• ASAN_OPTIONS
  • SanitizerCommonFlags
  • 可以使用的一些标志位及其含义
• kernel-sanitizers

Shadow数字的含义

  Heap left redzone:     fa
  Heap righ redzone:     fb
  Freed Heap region:     fd
  Stack left redzone:    f1
  Stack mid redzone:     f2
  Stack right redzone:   f3
  Stack partial redzone: f4
  Stack after return:    f5
  Stack use after scope: f8
  Global redzone:        f9
  Global init order:     f6
  Poisoned by user:      f7
  ASan internal:         fe

示例

• demo.c

#include <stdio.h>
#include <stdlib.h>

int main(int argc, const char *argv[])
{
        char *buffer;

        buffer = malloc(1024);
        sprintf(buffer, "Hello World\n");
        printf("%s\n", buffer);
        free(buffer);
        printf("%s\n", buffer);
        return 0;
}

• Makefile

CFLAGS=-Wall -g -fsanitize=address -fno-omit-frame-pointer
LDFLAGS=-fsanitize=address -static-libasan

all:demo

demo:demo.o

demo.o: %.o:%.c

clean:
        $(RM) *.o demo


.PHONY:all clean

• setenv.sh

export ASAN_OPTIONS=abort_on_error=1:disable_coredump=0:unmap_shadow_on_exit=1:log_path=${PWD}/asan:malloc_context_size=15

将来生成的asan文件的路径是：${PWD}/asan.847015
。。。