0

We are planning to integrate AddressSanitizer tool into our build infrastructure.

For that i am working on our GNUmake files to compile all my C code with AddressSanitizer (adding flag :-fsanitize=address). Now i would like to verify whether created object file or executable is compiled with AddressSanitizer or not.

Is there any way i can verify the same.

I am just trying to run nm | grep asan :-

It gives following undefined reference symbols.

     U __asan_init
     U __asan_option_detect_stack_use_after_return
     U __asan_register_globals
     U __asan_report_load1
     U __asan_report_load4
     U __asan_stack_malloc_1
     U __asan_unregister_globals

I am not sure whether it is right way of checking. It shows undefined reference as above. I am not sure whether i am doing right way of integrated AddressSanitizer in our build system. Is it fine just to compile code with ( -fsanitize=address) ? or still i need to do something here for successful usage of AddressSanitizer.

Please help me in this. Thanks in Advance.

santosh
  • 421
  • 1
  • 6
  • 14
  • "Is it fine just to compile code with ( -fsanitize=address)" - you need to both compile (`-c`) and link with this flag. – yugr Jan 20 '20 at 11:49
  • yugr, Yeah for linking also i am using the flag, But while linking i also need to use the library of asan right ? i.e -L/test/common/pkg/gcc/v4.8.0/lib -lasan – santosh Jan 20 '20 at 12:33
  • No, `-fsanitize=address` will add those flags for you. – yugr Jan 20 '20 at 13:13
  • if we don't link via -L/test/.... -lasan, symbols will be un-defiled as i mentioned right ? Only using -fsanitize=address flag without using -lasan library is correct way of using Address sanitizer ? – santosh Jan 20 '20 at 15:28
  • When linking, internal `-fsanitize=address` expands to `-L... -lasan` and a bunch of other stuff. Asan developers suggest to use `-fsanitize=address` instead of explicit `-lasan`. Check [this answer](https://stackoverflow.com/a/40215639/2170527) for more details. – yugr Jan 20 '20 at 15:47
  • Thank You @ yugr, After compiling my code with -fsanitize=address i can see the symbols regarding asan and those are undefined. That should be fine right ? Just running our build commands with the -fsanitize=address flag indicates successful usage of Address sanatizer irrespective of symbol defined or not right ? I was thinking that those symbols should be defined. – santosh Jan 20 '20 at 16:00
  • 1
    On GCC undefined symbols in final executable are expected because they will be imported at startup from `libasan.so` (if you use Clang they will be defined because it link `libclangrt_asan` statically). – yugr Jan 20 '20 at 18:10
  • Hi yugr, Once after build succeeds when i try to run tests, i am getting undefined reference to `__asan_report_store4' symbols error. Do we also need to provide '-fsanitize=address' flag while creating .so files ? Only providing the same flag at compiling .c files is not sufficient ? – santosh Jan 21 '20 at 07:09
  • i am using gcc6.3 and how can i make those symbols defined? As you mentioned in other posts that using -lasan is not the right way.. Could you please tell me how to make the symbols defined with gcc combination. – santosh Jan 21 '20 at 07:24
  • Please read the link to answer I posted above. – yugr Jan 21 '20 at 12:44
  • Does this answer your question? [How to use AddressSanitizer with GCC?](https://stackoverflow.com/questions/37970758/how-to-use-addresssanitizer-with-gcc) – yugr Jan 21 '20 at 12:46
  • Yes, i followed the same.. My build is getting succeed but tests fail with error : ==57920==ASan runtime does not come first in initial library list; you should either link runtime to your application or manually preload it with LD_PRELOAD. xrun: *E,ELBERR: Error during elaboration (status 1), exiting. – santosh Jan 21 '20 at 12:51
  • This is a different issue and answer to it depends on details of how your application is compiled (e.g. whether you build shared library or executable and how you run it). I suggest to post a different question, preferably with a smallish repro case. – yugr Jan 21 '20 at 15:10

1 Answers1

1

Grepping for reference for Asan functions (usually __asan_report_) in symbol table is fine when checking object files. For linked executables it also works in most cases (except when you link with GCC and -static-libasan -s).

yugr
  • 19,769
  • 3
  • 51
  • 96