find memory errors quickly. (-fsanitize, addresssanitizer)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

today we're looking at an easy way to find memory errors bugs in your code quickly and effortlessly I guess that's what easy means okay let's take a look [Music] welcome back everybody today we're talking about memory errors which are probably the bugs that give new programmers the biggest headaches I mean maybe not all memory errors I have talked about seg faults and how if you have a debugger handy those are super easy to sort out I'll link down in the description if you missed that video If segfaults are still giving you a headache but today I wanted to talk about memory corruption because those bugs can be really they can cause a lot of pain if you don't know what to do about them so just to be clear a memory corruption error or bug is when your program tries to read from or write to memory that has no business reading from or writing too basically it's memory that it shouldn't be accessing and sometimes this does result in a seg fault but not always sometimes it just messes things up and gives you weird hard to explain behaviors that just confuse people now if you've been following this channel for a while you know that I made a video a while back on valgrind and how you use valgrin to find to get insights into some of these problems so that's always an option for you but today I want to look at how you can have your compiler basically do it for you automatically and you get this almost for free so today I'm going to show you how this works with a really simple example but before we dive into it I just want to say a huge thank you to all of you who helped support this channel especially those who support the channel on patreon where you can get access to source code and my monthly office hour and also those that send me ideas for Content requests of things you'd like to see I really do appreciate it I do look at the comments as much as I can and specifically I just want to mention that this topic was requested by Tuesday I really hope this is helpful for your students so anyway yes thank you all for being here now let's jump into the code okay so we're starting out today with a simple there's a simple MTC program here not even hello world by the way while I'm showing this and see this example will work in C plus it should work just the same but so let's come in here and make a memory error okay so what I want to do is I want to make an array okay so something like this something like let's make an array of some characters let's call it some chars and then let's have some length right so we'll call it num letters and then up here let's let's maybe fill this with the lowercase alphabet the English alphabet so we'll say pound Define letters and we'll pound to find it to 26 and then we can come in here and let's make a little for Loop and let's go up to num letters and then in here we'll just say some chars and make the ith element of this array equal to the lowercase letter A plus I okay so this is just going to fill this array with a b c d all the way up to Z so nothing too complicated about that but then if we come in here let's say that we wanted to print out one of these elements right so we say an element and then percent C so let's print out a character from this and let's just say that we happen to have a bug in our code and so we try to get the 50th character in this array of course the array is not that big so this should give us some at least strange results it might seg fault I don't think it's going to seg fault for reasons relating to virtual memory paging and stuff like that I've mentioned those a little bit in previous videos if you want to hear more about virtual memory paging and why sometimes memory errors check fault and sometimes they don't then maybe we can talk more about that in the future but for today's purposes it's enough to just say that this probably won't seg file it probably will just give me garbage now also I have a make file up here really simple just like the other make files you've seen in my other programs so nothing too fancy nothing to worry about if you haven't seen make before do check out my make videos but so let's come down here and let's just try to compile this program if I come down and run make I notice my virtual machine has a clock skew just disregard basically this and this we're just looking at this compile line right here but so if we come in here and we run it then you're gonna see well okay that was a little strange right maybe we don't really know what we got and I'm going to add a new line in here um so we will return back to the beginning but basically we're getting something that isn't a through z right it's probably either a zero or it might be a non-printable character or who knows the point is it's not one of the letters this is a bug but it's just showing up as like just not having a character there now I was actually surprised here sometimes compilers are smart enough to look at this and say because this is a statically allocated array they can come in here and say yeah this is not going to fit so I actually thought depending on the compiler we use if I came in here and used clang I think I might actually get a warning let's just see um yeah so clang will notice that hey this is you're going out of bounds so this is a bit of an issue so let's just just to make it a little pickier let's come in here and instead of GCC let's use clang okay so now we can make clean and okay so now now we get the warning okay so it's smart enough to say hey yeah this this element 50 is problematic but what if we came in here and what if it was we had a variable in between so we had something like int idx equals 50 right so this is just an integer and then in here we are now using the index is going to be idx this makes it a bit harder for the compiler to always figure out what's going on and so if I come in here now you see that that warning is nowhere to be seen okay so now we don't get the warning even using clang and so that's annoying but that's where this comes in real Handy is if I want to come in here when I'm compiling things so I can come in here and let's just take let's just take this compile line right here okay if I come in and in this compile line I add a new compiler flag and I just say F sanitize equals address okay so what this is doing is this saying I want you to sanitize the addresses I want you to check addresses to make sure that they are okay so now if I compile this okay and we can add it to our make file but I was getting tired of These Warnings so I'll add it later on in fact now let's add it right now we just come up here to see flags and put F sanitize equals address just so you can see kind of where I'm going with this but now something interesting happens when I run my example okay so now you can see we got a bunch of output and what happens is it's very similar to the output you get with valgrind which is an external tool but this what this is doing is actually compiling the checks right into my program and so now you can see it comes in here and it says hey there was this read of size one so one byte at this particular address which you know may not look like much to you but once you get used to things but once you get used to programming a long time you might look at this and say oh that looks like a local variable but even if you don't notice it it is going to give you the stack frame right here no it is going to tell you information like this is on the stack which thread it's running on and the offset from a particular frame okay so this is all being produced by a tool called address sanitizer which is basically putting a bunch of code into my code which is checking all of my memory accesses and then also down here it actually gives me a what's called a it's a it's a summary of The Shadow memory now I don't have time in this video to dig into Shadow memory let me know if you'd like to see a video on Shadow memory and what what this actually is saying but really what it's doing is it's giving me a map of my address space and where my invalid access actually occurred and then down here it's got a key that that gives information about how this memory is being used you know what is this region that's being messed up and that can often give you insight into what my program did that was wrong so that's pretty cool basically we didn't have to do anything except change how we compile our program we just had to add this sanitize equals address option to the compiler and everything just happened right now so that's really cool but keep in mind that nothing or almost nothing in this world is free so this does come at a cost in this case it's a performance cost because the compiler is inserting a bunch of memory checks throughout my code and so if we come down here and we look let's say we take a look at the size of my binary you can see okay we've got a pretty good size binary here if I come down here and I remove this and we make clean recompile you can see so like I have a much smaller binary at this point than if we come back here add it back in so we may claim it may compile again and you can see yeah so you have a much larger binary that's being created and the size of this may vary by compiler like if we come in here and we say GCC and we recompile it you know now you're seeing okay so it's still bigger but with GCC it's not nearly as big as it was with clang this is just coming from the fact that these compilers are inserting these checks in different ways and clang's probably including a bunch of code statically maybe I don't know I'd have to look deeper into it but the point is this will vary a bit by compiler but either way the code is a bit bigger and if we timed it you would see that the code is also a little bit slower because it's having to make these checks you know nothing's free so what you often see in commercial code is that address sanitizer will be turned on during debugging now your debug builds will have this turned on because it gives you lots of really rich information about what your program's doing and what it's doing incorrectly while you are trying to figure things out and then if you need that binary to be lean and mean and really small when you ship it out then you can take this out in your release build if you don't know what I'm talking about with debug and release builds well check out some of my my build system I make more complicated make videos I do talk about how to produce two different binaries for different purposes I will drop a link down the description for those videos as well but I hope you learned something new I hope this helps some of you to be able to find your bugs more quickly not be afraid of those nasty memory corruption bugs that can otherwise be a real pain to find with tools like address sanitizer they're really not that bad so I hope this helps hope you learned something new and until next week I'll see you later

Info

Channel: Jacob Sorber

Views: 5,263

Rating: undefined out of 5

Keywords: find memory errors, memory errors, memory bugs, find memory bugs, address sanitizer, address sanitizer gcc, address sanitizer clang, memory errors in c, errors, finding memory issues, memory issues in c, finding memory errors, finding memory bugs, program memory bugs

Id: tEbV21aPSKw

Channel Id: undefined

Length: 9min 43sec (583 seconds)

Published: Tue May 16 2023