International Journal of Open Information Technologies

C/C++ programs often suffer from memory corruption bugs. Over the years, numerous tools were developed to help with their detection. A recent addition is AddressSanitizer (ASan) - an extraordinarily fast runtime checker with a good coverage of various types of bugs.

This paper describes our experience in integration of ASan technology into large-scale software products: Tizen distribution and Linux kernel. The tool has already found around a hundred of serious memory bugs in various Tizen applications and in mainline Linux kernel

D. A. Wheeler, "How to Prevent the next Heartbleed," 29 April 2014. [Online]. Available: http://www.dwheeler.com/essays/heartbleed.html.

K. Serebryany, "AddressSanitizer: A Fast Address Sanity Checker," in USENIX, 2012.

K. Serebryany, "Comparison of Memory Tools," 04 July 2014. [Online]. Available: https://code.google.com/p/address-sanitizer/wiki/ComparisonOfMemoryTools.

H. Boeck, "How Heartbleed could've been found," 7 April 2015. [Online]. Available: https://blog.hboeck.de/archives/868-How-Heartbleed-couldve-been-found.html.

J. S. Nicholas Nethercote, "How to Shadow Every Byte of Memory Used by a Program," in Proceedings of the 3rd international conference on Virtual execution environments, 2007.

"Tizen on Wikipedia," 18 July 2015. [Online]. Available: https://en.wikipedia.org/wiki/Tizen.

"Zram on Wikipedia," [Online]. Available: https://en.wikipedia.org/wiki/Zram.

B.P. Miller, L. Fredriksen, and B. So, "An Empirical Study of the Reliability of UNIX Utilities," in Communications of the ACM 33, 1990.

X. Chen, "MemBrush: A practical tool to detect custom memory allocators in C binaries," in 20th Working Conference on Reverse Engineering, Koblenz, 2013.

M. Larabel, "KernelASan: Bringing Address Sanitizer To The Linux Kernel," 18 July 2014. [Online]. Available: http://www.phoronix.com.