Note: This page is work in progress!
What is Address Sanitizer?
Address Sanitizer (ASan) is a fast memory error detector that detects use-after-free and out-of-bound bugs in C/C++ programs. It uses a compile-time instrumentation to check all reads and writes during the execution. In addition, the runtime part replaces the
free functions to check dynamically allocated memory. More information on how ASan works can be found at http://code.google.com/p/address-san...tizerAlgorithm .
Note: This manual assumes you are using Linux to build. MacOSX might also work but is untested.
The ASan instrumentation is implemented as an LLVM pass and integrated into Clang. Therefore, we must first get and build LLVM and Clang.
Note: At the time of writing, ASan has only been integrated into LLVM/Clang SVN trunk versions and might not be included yet in regular releases. Therefore, the manual describes how to check out LLVM/Clang and build from source.
The following commands do a fresh SVN checkout/build of LLVM, Clang and the compiler runtime libraries with a revision confirmed to work:
REV=146212 # You can alter this if you want to try newer revisions.
svn co -r $REV http://llvm.org/svn/llvm-project/llvm/trunk llvm
export LLVM_HOME=`pwd` # We will refer to this variable later during the build.
(cd tools && svn co -r $REV http://llvm.org/svn/llvm-project/cfe/trunk clang)
(cd projects && svn co -r $REV http://llvm.org/svn/llvm-project/compiler-rt/trunk compiler-rt)
Before we start building, we apply a small patch to clang that disables the automated adding of linker flags when compiling and linking in one pass with Clang. Without this patch, this functionality could interfere with our use of a shared library for ASan later (see below). The following patch command assumes you downloaded the attached
disable_asan_linker.patch file to your home directory:
(cd tools/clang && patch -p0 < disable_asan_linker.patch)
Now we can start our build, which can take a while depending on your machine specs. Adjust the
-j parameter to your needs depending on your CPUs:
(cd build && ../configure --enable-optimized && make -j 10)
ASan Runtime Library
Parts of the ASan code are in a runtime library which is included now in the compiler-rt repository that we checked out and built earlier. The default installation target builds a
.a file that is linked to all code. To my knowledge, this can't and won't work with Firefox which is why we will use a
.so that we link to our code. Perform the following steps to build and install the architecture specific
make -f Makefile.old clean lib
sudo ln -s $LLVM_HOME/projects/compiler-rt/lib/asan/bin_linux/libasan64.so /usr/lib/
Of course you can omit the last step and set your
LD_LIBRARY_PATH appropriately, this is just for convenience.
Getting and patching the source
The following build process was last tested with mozilla-central revision 5c8405e6226e. First, get yourself a clone of mozilla-central. Before we start with the build configuration, we need to apply several patches:
- We need to disable a SIGPIPE handler in nsprpub (see attached nsprpub_disable_sigpipe_handler.patch)
- We need to ensure NSS uses our CFLAGS/LDFLAGS for building (see attached nss_unconditional_archflag.patch)
- Until bug 709483 is fixed, we need to apply the fix ourselves (see attached bug709483.patch)
- Until bug 709580 is fixed, we need to apply the fix ourselves (see attached bug709580.patch)