33

Clang has various sanitizers that can be turned on to catch problems at runtime.
However, there are some sanitizers that I can't use together. Why is that? 

clang++-3.9 -std=c++1z -g -fsanitize=memory -fsanitize=address -o main main.cpp                                                                                   1
clang: error: invalid argument '-fsanitize=address' not allowed with '-fsanitize=memory'

It's not a big deal, but when I run my unit tests, it takes longer than it should, because I have create multiple binaries for the same tests, and run each of them separately. 

clang++-3.9 -std=c++1z -g -fsanitize=address -o test1 test.cpp
clang++-3.9 -std=c++1z -g -fsanitize=memory -fsanitize=undefined  -o test2 test.cpp
Trevor Hickey
  • 36,288
  • 32
  • 162
  • 271
  • 1
    My guess would be, that some of the instrumentation is just not compatible - e.g. instrumentation for one sanitizer would result in false positives or false negatives in the other one. But I'd be very interested in the technical details too. – MikeMB May 01 '16 at 21:18
  • 2
    "when I run my unit tests, it takes longer than it should" -> it looks like you're not using `-O`. `-O1` is safe to use with memory sanitizer and will not corrupt stacktraces (apart from tail-calls) – viraptor May 02 '16 at 00:55
  • @viraptor Thanks, that's a good point. I was referring to the actual compilation time too. Building multiple binaries to test the same software components. – Trevor Hickey May 02 '16 at 01:41

2 Answers2

19

I think the problem is that Asan and Msan both want to control the heap, and both want to reserve a large amount of memory to use as "shadow memory" which tracks the allocations and usage of the memory your program uses.

They can't both be active because they would be trying to track the memory being used by the other sanitizer (which may not appear to be "safe" according to the rules that the sanitizer checks).

It would also result in crazy memory usage, because both sanitizers would be allocating additional memory to track every byte your program uses.

Maybe in theory they could be re-engineered to share a common framework so they can cooperate and not clash, but there are probably very good practical reasons why that would be difficult, or hurt performance.

Jonathan Wakely
  • 166,810
  • 27
  • 341
  • 521
3

It was a design decision to separate Address Sanitizer and Memory Sanitizer to decrease the overall runtime in comparison to tools like MemCheck and Dr. Memory, which target addressability problems and use of uninitialized memory at the same time. According to the developers, handling these two types of problems together creates more overhead than running ASan and MSan after each other.

fransie
  • 67
  • 8