Compiler Sanitizers

From HPC Wiki
Jump to: navigation, search

Compiler Sanitizers

The C/C++ compilers Clang/LLVM and GCC support so-called sanitizers. These sanitizers are built into the application code and track the execution at runtime to report execution errors. There are currently four interesting sanitizers:

  • AddressSanitizer and LeakSanitizer
  • ThreadSanitizer
  • MemorySanitizer

AddressSanitizer and LeakSanitizer

The AddressSanitizer is a memory error detector for C/C++. The LeakSanitizer detects memory leaks and is part of the AddressSanitizer for many operating systems. They detect following errors:

  • Use after free (dangling pointer dereference)
  • Heap buffer overflow
  • Stack buffer overflow
  • Global buffer overflow
  • Use after return
  • Use after scope
  • Initialization order bugs
  • Memory leaks

In order to activate it for your code, compile it with:
$CC -fsanitize=address -fno-omit-frame-pointer ...
The -fno-omit-frame-pointer is used for better readability of the error output.

The AddressSanitizer cannot be combined with the ThreadSanitizer

For further information: AddressSanitizer and LeakSanitizer

ThreadSanitizer

ThreadSanitizer is a data race detector for C/C++. Data races are one of the most common and hardest to debug types of bugs in concurrent systems. A data race occurs when two threads access the same variable concurrently and at least one of the accesses is write.

In order to activate it for your code, compile it with:
$CC -fsanitize=thread ...

For further information: ThreadSanitizer

MemorySanitizer

MemorySanitizer is a detector of uninitialized memory reads in C/C++ programs.

Uninitialized values occur when stack- or heap-allocated memory is read before it is written. MemorySanitizer detects cases where such values affect program execution.

MemorySanitizer is bit-exact: it can track uninitialized bits in a bitfield. It will tolerate copying of uninitialized memory, and also simple logic and arithmetic operations with it. In general, MemorySanitizer silently tracks the spread of uninitialized data in memory, and reports a warning when a code branch is taken (or not taken) depending on an uninitialized value.

In order to activate it for your code, compile it with:
$CC -fsanitize=memory -fPIE -pie ...
The -fno-omit-frame-pointer is used for better readability of the error output.

For further information: MemorySanitizer