One thing this explains is why ASan has false negatives. It's a great tool, but the typical comment that it fully mitigates memory safety issues is just not true (even assuming your tests actually trigger the memory safety bugs, which unlike eg code coverage there's no knowing if you achieved or not)
“All decent C compilers have compilation options so that at run-time any undefined actions, including integer overflow and out-of-bounds accesses, will be trapped.”
“Despite the hype, by default Rust is not safer than C compiled with the right options, because the default for Rust releases is also to omit many run-time checks.”
Upthread someone asks for a “-safe” flag which makes C a safe language. The reply is “It's called AddressSanitizer. You enable it with the compiler flag -fsanitize=address.” Several replies ensue pointing out how wrong this is.
Who sanitizes the sanitizer? One of the most hilarious bugs I've previously seen is when someone found a memory out-of-bound access inside the run time support library of Asan.
"For this article, you’ll need the following knowledge:
Basic C understanding (Memory, Stack, Heap, Syscall)."
Obviously, since C doesn't prescribe any kind of heap, stack or syscall behavior (or if they even exist), I assume the author meant something like "Basic understanding of how C is often implemented on certain operating systems and hardware".
Readit News
https://news.ycombinator.com/item?id=37479651
“All decent C compilers have compilation options so that at run-time any undefined actions, including integer overflow and out-of-bounds accesses, will be trapped.”
“Despite the hype, by default Rust is not safer than C compiled with the right options, because the default for Rust releases is also to omit many run-time checks.”
https://news.ycombinator.com/item?id=25922430
Upthread someone asks for a “-safe” flag which makes C a safe language. The reply is “It's called AddressSanitizer. You enable it with the compiler flag -fsanitize=address.” Several replies ensue pointing out how wrong this is.
Does anyone know of a good explanation of HWAddress Sanitizer internals?
One for ARMv8 with Top-Byte-Ignore: you can use the top byte of memory addresses to store a tag.
When you allocate memory you return the "tagged" pointer and internally store "this region has this tag".
When you dereference a pointer, you check that the tag matches what you expect in your internal data structure.
With memory tagging extensions you can do something similar but the checks are performed by the processor.
Basic C understanding (Memory, Stack, Heap, Syscall)."
Obviously, since C doesn't prescribe any kind of heap, stack or syscall behavior (or if they even exist), I assume the author meant something like "Basic understanding of how C is often implemented on certain operating systems and hardware".
If you didn't have pain you'd still get the same damage to the body, you just wouldn't be aware.