Discussion on: Writing safer C with Clang address sanitizer

tbodt profile image

Literally the only problem with asan is that if you pass a pointer to one of your libraries, and that library overruns the buffer, you'll only get a report if the library is also compiled with asan. When I was writing a Python C extension, I compiled my own version of Python with asan enabled, but I was also linking with V8, and V8 really really really wants to be built with a very specific revision of clang. And as I soon found out, you run into some pretty real trouble if you try to run a program with two different versions of asan at the same time.

loderunner profile image
Charles Francoise Author

Thanks for the feedback. Good point! I wouldn't go linking two different versions of asan, sounds much too risky.

But even if 3rd party libraries can't output a full report, it's still good to have an early failure, instead of a potentially mind-boggling memory issue later down the road.