[issue21037] add an AddressSanitizer build option
Charles-François Natali
report at bugs.python.org
Tue Apr 29 22:54:46 CEST 2014
Charles-François Natali added the comment:
> How do we spot any ASAN issues, though? Does ASAN change the process' return code on errors?
It aborts:
$ cat /tmp/test.c
int main(int argc, char *argv[])
{
int bar[16] = {0};
/* oops */
return bar[16];
}
$ gcc -Wall -fsanitize=address -o /tmp/test /tmp/test.c
$ /tmp/test
=================================================================
==15028== ERROR: AddressSanitizer: stack-buffer-overflow on address
0xbffab500 at pc 0x80485ec bp 0xbffab488 sp 0xbffab47c
READ of size 4 at 0xbffab500 thread T0
#0 0x80485eb (/tmp/test+0x80485eb)
#1 0xb5fd8a62 (/lib/i386-linux-gnu/i686/cmov/libc-2.18.so+0x19a62)
#2 0x8048490 (/tmp/test+0x8048490)
Address 0xbffab500 is located at offset 96 in frame <main> of T0's stack:
This frame has 1 object(s):
[32, 96) 'bar'
HINT: this may be a false positive if your program uses some custom
stack unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
Shadow bytes around the buggy address:
0x37ff5650: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37ff5660: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37ff5670: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37ff5680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37ff5690: 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 00 00 00
=>0x37ff56a0:[f3]f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
0x37ff56b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37ff56c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37ff56d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37ff56e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37ff56f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap righ redzone: fb
Freed Heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
ASan internal: fe
==15028== ABORTING
You obviously don't see here, but it also colors the output in a terminal :-)
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue21037>
_______________________________________
More information about the Python-bugs-list
mailing list