LLMpediaThe first transparent, open encyclopedia generated by LLMs

AddressSanitizer

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: V8 (JavaScript engine) Hop 3
Expansion Funnel Raw 88 → Dedup 17 → NER 16 → Enqueued 12
1. Extracted88
2. After dedup17 (None)
3. After NER16 (None)
Rejected: 1 (not NE: 1)
4. Enqueued12 (None)
AddressSanitizer
NameAddressSanitizer
DeveloperGoogle
Released2011
Programming languageC++
Operating systemLinux, Windows, macOS, Android, FreeBSD
LicenseBSD-like

AddressSanitizer is a fast memory error detector for C and C++ programs developed to find out-of-bounds accesses and use-after-free bugs. It integrates with compilers and runtime tooling to instrument code, using shadow memory and redzones to expose invalid memory operations during testing and debugging. Major software projects and institutions adopt it to harden codebases and improve reliability across platforms.

Overview

AddressSanitizer operates as an instrumentation-based sanitizer that intercepts memory accesses to reveal invalid reads and writes. It complements tools such as Valgrind, MemorySanitizer, ThreadSanitizer, UndefinedBehaviorSanitizer, and works alongside debuggers like GDB and LLDB. The project is associated with organizations including Google, LLVM Project, Clang, GCC, Chromium Project, and Mozilla Foundation. Prominent users include Android Open Source Project, Kubernetes, Node.js, OpenSSL, and large codebases at Facebook, Microsoft, and Apple Inc..

Implementation and Integration

The implementation relies on compiler instrumentation and a runtime library to maintain a shadow memory mapping. Compilers such as Clang and GCC insert redzones and replace standard memory allocation hooks; toolchains including LLVM and MinGW-w64 provide integration points. Continuous integration systems like Jenkins, Travis CI, GitHub Actions, and Bazel (software) often run AddressSanitizer builds alongside static analyzers such as Coverity, PVS-Studio, and Cppcheck. Build systems and package managers including CMake, Autotools, Meson, Conan (software) and vcpkg support sanitizer-enabled configurations for projects like LibreOffice, Firefox, and Chromium.

Detection Techniques and Capabilities

AddressSanitizer detects heap, stack, and global buffer overflows, as well as use-after-free errors, by coloring shadow memory and poisoning freed regions. Its approach augments runtime checks similar in goal to tools like Electric Fence and complements fuzzers such as AFL (software) and libFuzzer for bug discovery. It reports detailed diagnostics compatible with crash reporters used by Sentry (software), Crashpad, and Breakpad, and integrates with sanitizers pipeline alongside SanitizerCoverage and SafeStack. Major vulnerability disclosures involving projects like OpenSSL, glibc, Outlook (software), and Chrome have employed AddressSanitizer during triage.

Performance and Limitations

AddressSanitizer trades memory use for detection speed: typical overheads include roughly 2x-3x memory and 2x-3x execution slowdown, depending on workload characteristics and mitigations like Control Flow Integrity and Stack Smashing Protector. It cannot detect certain classes of bugs such as data races (addressed by ThreadSanitizer) or uninitialized memory accesses (addressed by MemorySanitizer). Platform-specific limitations exist for systems such as Windows NT, FreeBSD, and embedded targets; kernel-mode variants like KASAN are used in Linux kernel development. Large projects such as TensorFlow, PostgreSQL, MySQL, and Redis balance sanitizer overhead with test coverage using sharded test execution similar to strategies used by Google Test and Catch2.

Usage Examples and Tooling

Developers enable AddressSanitizer with compiler flags provided by Clang and GCC and run instrumented binaries in environments that include Docker (software) containers, virtual machines managed by QEMU, or cloud CI runners on Google Cloud Platform, Amazon Web Services, and Microsoft Azure. Debugging integrations exist for IDEs and editors like Visual Studio Code, CLion, Eclipse, Visual Studio, and Xcode. Visualization and reporting tools integrate with bug trackers such as JIRA, Bugzilla, and GitHub Issues to triage reports from fuzzing campaigns that use ClusterFuzz, OSS-Fuzz, and bespoke harnesses employed by projects like LibreSSL and BoringSSL.

History and Development

AddressSanitizer originated in research and engineering efforts to scale memory bug detection beyond slower tools; its early work connects to academic efforts in dynamic analysis at institutions like MIT, Stanford University, University of California, Berkeley, Carnegie Mellon University, and University of Washington. The tool saw major adoption after integration into LLVM and Clang and widespread use in projects at Google including Chrome and Android. Subsequent extensions produced related technologies: kernel variants such as KASAN for Linux kernel, hardened allocators like PartitionAlloc and jemalloc instrumentation, and complementary sanitizers maintained within the LLVM Project ecosystem. Key contributors include engineers from Google, Mozilla Foundation, Red Hat, Intel, and ARM Limited.

Category:Debugging tools