Xavier Login, a new employee, encounters a memory error while validating an input in C code. After fixing the mistake, he wonders why ASan only detected the first error and not the second. This article explores how AddressSanitizer (ASan) works in detecting memory errors in C/C++. ASan divides the virtual memory into Application, Shadow, and Protected memory, using a method called Infection to identify memory errors. However, ASan may miss out-of-bound accesses if too far from a known allocation point. The article delves into ASan’s core concepts, instrumentation module, and run-time library, providing insights on error detection and reporting methods.
https://blog.gistre.epita.fr/posts/benjamin.peter-2022-10-28-address_sanitizer_internals/