You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Address Sanitizer is a clang extension that does runtime validation to identify memory corruption.

Essentially, you build with clang (3.1+) with an additional flag and it will insert code around all memory accesses as well as allocate additional memory to keep track of what memory addresses are valid. This slows down the executable noticeably (~2-3x) but not so much it is unusable. They have taken a stance to not allow any false positives and if a memory issue is found, the application crashes. More details can be found at: http://clang.llvm.org/docs/AddressSanitizer.html.

Recent versions of clang include a Leak Sanitizer as part of the Address Sanitizer which is turned on by default. Unfortunately, the Leak Sanitizer reports lots of false-positive leaks from Impala's embedded JVM, so it is recommended to disable it for now (see IMPALA-2746).

Using it with Impala

To make a build with address sanitizer on, just run Impala/bin/make_asan.sh. This places the binaries in build/debug and they can be run as usual. You will need to make a global environment change to disable address sanitizer from catching SEGV which the JVM loves to do. This can be done by:

export ASAN_OPTIONS="handle_segv=0:detect_leaks=0"
Handling issues

Address sanitizer will crash the app and output a short description of the error (e.g. Read invalid bytes) and then print the stack. They have a script to symbolize the stack output. You can run this like:

./be/build/debug/exprs/expr-test | $LLVM_SRC/projects/compiler-rt/lib/asan/scripts/asan_symbolize.py | c++filt
gdb

Use the abort_on_error flag to make gdb stop when asan causes a crash:

export ASAN_OPTIONS="handle_segv=0::detect_leaks=0:abort_on_error=1"

Another option is to break in the debugger at

__sanitizer::Die()
Core dumps

Address sanitizer disables core dumps by default on 64-bit systems because it maps a huge amount of virtual memory (16TB).

However, using the following ASAN flags produces useful core dumps.

The file size of the core reported by the OS is typically 15TB which seems incorrect. Still, the core is usually useful:

export ASAN_OPTIONS="handle_segv=0:detect_leaks=0:abort_on_error=1:unmap_shadow_on_exit=1:disable_core=0"

See the following discussion for more information:

https://groups.google.com/forum/#!topic/address-sanitizer/ROkIGdTicgg.

  • No labels