8

I am working on a C++ cmake project. Apart from my own source code, my project uses a lot of third party libraries. So, I am using shared libraries (with .so extension) which are present in /usr/local/lib and for some the code is present in /usr/local/include. (like I am using eigen library which is present in /usr/local/include/eigen3/).

How can I make sure that the Address Sanitizer only checks my source code and not any standard or third party libraries ??

PS : Currently, I am using Address Sanitizer like below :

ADD_COMPILE_OPTIONS(-O0 -g -Wall -fsanitize=address -fno-omit-frame-pointer)
SET(CMAKE_EXE_LINKER_FLAGS  "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=address")

And I am using gcc with version :

gcc (Ubuntu 5.4.0-6ubuntu1~16.04.10) 5.4.0 20160609

yugr
  • 19,769
  • 3
  • 51
  • 96
mascot
  • 141
  • 2
  • 9
  • Not sure why you are using -fsanitize=address. It might be helpful to include more reasoning. The gcc documentation states `Memory access instructions are instrumented to detect out-of-bounds and use-after-free bugs.`. So, this is mainly a debugging option. Is your third-party library violating access rules? Can you just turn the flag off when you are not doing unit test on your own code? The questions may seem naive, but that is because we do not have a good explanation for what you are trying to accomplish. – Gardener Nov 20 '18 at 13:03
  • There are still a lot of memory bugs which gcc can't detect. AddressSanitizer is a tool specifically made for that purpose. So, I am trying to test my project for any kind of memory issues. Since my code uses a lot of third party code as well, the source files of which are directly accessed, I am getting a lot of bugs in those as well. So, I am looking for a way by which I can mention what part of code Address Sanitizer should not check – mascot Nov 22 '18 at 09:17

2 Answers2

4

AddressSanitizer works by inserting code during the compilation (with the -fsanitize=address flag). So most code in third party libraries your code links to will be unaffected and not checked by AddressSanitizer, as they are already built into shared library files. If 3rd party calls standard function (memset, etc.), it'll still be checked.

Code in header files and header-only libraries such as Eigen are a special case, as all Eigen code gets directly inserted into your source files (through includes) and thus is also compiled with -fsanitize=address.

As the compiler doesn't differentiate between your code and included 3rd party code, there is no way to disable sanitizers for header-only 3rd party code.

In practice this does not usually cause any issues though. When using clang, you can create a sanitize-blacklist file to hide unwanted false positives (that you cannot fix upstream). Unfortunately gcc does not yet support blacklists.

w-m
  • 10,772
  • 1
  • 42
  • 49
  • 1
    "most third party libraries your code links to will be unaffected and not checked by AddressSanitizer" - if 3rd party calls standard function (`memset`, etc.) it'll still be checked. – yugr Nov 20 '18 at 15:07
  • "just add it to your local sanitize-blacklist file" - unfortunately OP uses gcc which does not support blacklists. – yugr Nov 20 '18 at 15:08
  • Thanks for the corrections @yugr, I incorporated them into the answer. Feel free to edit the answer directly if you think it needs further improvement. – w-m Nov 20 '18 at 15:47
  • @w-m Thanks for your answer. I can see the problem. I am getting bugs in all those third party codes whose source files are directly accessed by my code. sanitize-blacklist seems like the option I am looking for. I will try this one. – mascot Nov 22 '18 at 09:22
  • Were you successful? I blacklist stuff like `fun:*getColor*` to blacklist a templated function from some header, but it still crashes in that function. – oarfish Feb 24 '21 at 16:06
0

the LD_PRELOAD will affect the third libraries like pybind, but you can workaround with 'suppression.file' to suppress the specific source code, libraries, func name that are matched. see details in https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer

zac
  • 111
  • 1
  • 9