Compile and Using MariaDB with AddressSanitizer (ASAN)
What is AddressSantitizer (ASAN)
- Use after free (dangling pointer dereference)
- Heap buffer overflow
- Stack buffer overflow
- Global buffer overflow
- Use after return
- Use after scope
- Initialization order bugs
- Memory leaks
To use ASAN you need a gcc version that supports ASAN. gcc 4.8.5 and up are known to work.
How to Compile MariaDB for ASAN
ASAN is supported in MariaDB 10.1 and up.
You can use one of the two following build commands:
cmake . -DWITH_ASAN=ON
or from MariaDB 10.2 and up:
Running an ASAN Build
To run mysqld with instrumentation you have to set the
ASAN_OPTIONS environment variable before starting
mysqld. Either in your shell or in your mysqld_safe script.
The above command will abort mysqld if any errors are found, which is good for debugging. If you set abort_on_error=0 all errors are logged to your error log file (mysqld.err).
A side effect of using ASAN builds is that you will not get any core file if your server crashes.
The MariaDB test system can use Valgrind for finding memory leaks and wrong memory accesses. Valgrind is an instrumentation framework for building dynamic analysis tools. If Valgrind is installed on your system, you can simply use mysql-test-run --valgrind to run the test under Valgrind.