Introduction
This lesson gives you a little bit of an introduction on how to read ASAN errors. They will point out common mistakes with dynamic memory and how to understand what ASAN is telling you about them
Important note: this is by no means a complete set of documentation for every single ASAN error you will come across! The intention is for you to be able to start reading these messages and knowing how/where to investigate your code
Snippets in this lesson are compiled with the options -fsanitize=address to enable AddressSanitizer and -g to enable debug symbols (this will allow us to get code line numbers in the ASAN output)
Copyright By PowCoder代写 加微信 powcoder
Reading General ASAN Errors
You have probably seen the something like the following pop up when running your program
AddressSanitizer:DEADLYSIGNAL
=================================================================
==17==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc 0x55aa7016b1a0 bp 0x7ffc8 ==17==The signal is caused by a WRITE memory access.
==17==Hint: address points to the zero page.
#0 0x55aa7016b19f in main /home/main.c:6
#1 0x7f81b922f022 in __libc_start_main (/usr/lib/libc.so.6+0x27022) #2 0x55aa7016b08d in _start (/home/main+0x108d)
AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/main.c:6 in main ==17==ABORTING
At �rst glance, this may look horrifying! How do we read this? The starting points are bolded below:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==17==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc 0x55aa7016b1a0 bp 0x7ffc8 ==17==The signal is caused by a WRITE memory access.
==17==Hint: address points to the zero page.
#0 0x55aa7016b19f in main /home/main.c:6
#1 0x7f81b922f022 in __libc_start_main (/usr/lib/libc.so.6+0x27022) #2 0x55aa7016b08d in _start (/home/main+0x108d)
AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/main.c:6 in main ==17==ABORTING
First, line 4 of the outputtells us what we were trying to do. This can be either WRITE or READ. Sometimes, this line will also tell you how many bytes you are reading/writing.
If it is a WRITE, you are attempting to assign a value at the address you are using. This is common in assignment statements, usually in loops, or when you are using the length variable as an index instead of length-1
If it is a READ, you are attempting to read a value at the address you are using. This is common in print statements, uninitialised pointers, and when comparing values in an if statement
Line 3 will tell you where this read/write is happening (the address), and what kind of error it is (in this case a SEGV)
The #0 line is the last call that occurred in the program when this happened – in this case, line 6 of the main function in main.c. These line numbers may not show up unless you compile with the �ag
The following slides will give you a brief overview of some common bugs, how to read the ASAN output for them and what to watch out for.
SEGV (Part I)
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet and read ASAN’s output – what does it tell you? Hint: n->value is the same as (*n).value
Then, open the solution to read the explanation.
SEGV (Part II)
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet and read ASAN’s output – what does it tell you? Hint: what are the contents of the memory given to you by malloc ? Then, open the solution to read the explanation.
heap-bu�er-over�ow
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet and read ASAN’s output – what does it tell you?
Hint: what information are we trying to store in variable n , and how much memory are we allocating?
Then, open the solution to read the explanation.
stack-bu�er-over�ow
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet and read ASAN’s output – what does it tell you? Hint: how does C know where a string ends?
Then, open the solution to read the explanation.
heap-use-after-free (Part I)
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet and read ASAN’s output – what does it tell you? Then, open the solution to read the explanation.
heap-use-after-free (Part II)
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet and read ASAN’s output – what does it tell you? Then, open the solution to read the explanation.
double-free
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet and read ASAN’s output – what does it tell you? Then, open the solution to read the explanation.
attempting free on address which was not malloc()-ed
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet, type some text, and read ASAN’s output – what does it tell you? Then, open the solution to read the explanation.
Be careful with realloc
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet and read ASAN’s output – what does it tell you? Then, open the solution to read the explanation.
LeakSanitizer (Part I)
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet and read ASAN’s output – what does it tell you?
Note: if you want to run this locally, you may have to explicitly enable LeakSanitizer. Information on this can be found on the internet!
Then, open the solution to read the explanation.
LeakSanitizer (Part II)
Read the code in the helper.h �le and main function in main.c and have a think about what will happen. What is wrong, and where?
Run the snippet and read ASAN’s output – what does it tell you?
Note: if you want to run this locally, you may have to explicitly enable LeakSanitizer. Information on this can be found on the internet!
Then, open the solution to read the explanation.
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com