Fatal编程技术网
  • debugging/
  • Debugging 使用AddressSanitizer输出获取行号?

Debugging 使用AddressSanitizer输出获取行号?

debugging

Debugging 使用AddressSanitizer输出获取行号?,debugging,address-sanitizer,Debugging,Address Sanitizer,我试图让AddressSanitizer在堆栈跟踪中生成行号。我用Mac和Fedora19系统进行了测试,结果也差不多 下面是一个简单的程序: #include <cstdio> #include <cstdlib> int main(int argc,char **argv) { char *buf = (char *)malloc(5); free(buf); puts("get ready"); buf[4] = '3';

我试图让AddressSanitizer在堆栈跟踪中生成行号。我用Mac和Fedora19系统进行了测试,结果也差不多

下面是一个简单的程序:

#include <cstdio>
#include <cstdlib>

int main(int argc,char **argv)
{
    char *buf = (char *)malloc(5);
    free(buf);
    puts("get ready");
    buf[4] = '3';
    puts("done");
    return(0);
}
我运行它(llvm符号器在我的路径中):

如你所见,我有符号,但没有行号。如何获取行号

回答一个问题,下面是
objdump-hx

$ objdump -h x x: file format elf64-x86-64 Sections: Idx Name Size VMA LMA File off Algn 0 .interp 0000001c 0000000000400238 0000000000400238 00000238 2**0 CONTENTS, ALLOC, LOAD, READONLY, DATA 1 .note.ABI-tag 00000020 0000000000400254 0000000000400254 00000254 2**2 CONTENTS, ALLOC, LOAD, READONLY, DATA 2 .note.gnu.build-id 00000024 0000000000400274 0000000000400274 00000274 2**2 CONTENTS, ALLOC, LOAD, READONLY, DATA 3 .gnu.hash 0000003c 0000000000400298 0000000000400298 00000298 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 4 .dynsym 000001b0 00000000004002d8 00000000004002d8 000002d8 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 5 .dynstr 00000141 0000000000400488 0000000000400488 00000488 2**0 CONTENTS, ALLOC, LOAD, READONLY, DATA 6 .gnu.version 00000024 00000000004005ca 00000000004005ca 000005ca 2**1 CONTENTS, ALLOC, LOAD, READONLY, DATA 7 .gnu.version_r 00000020 00000000004005f0 00000000004005f0 000005f0 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 8 .rela.dyn 00000018 0000000000400610 0000000000400610 00000610 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 9 .rela.plt 000000d8 0000000000400628 0000000000400628 00000628 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 10 .init 0000001a 0000000000400700 0000000000400700 00000700 2**2 CONTENTS, ALLOC, LOAD, READONLY, CODE 11 .plt 000000a0 0000000000400720 0000000000400720 00000720 2**4 CONTENTS, ALLOC, LOAD, READONLY, CODE 12 .text 00000224 00000000004007c0 00000000004007c0 000007c0 2**4 CONTENTS, ALLOC, LOAD, READONLY, CODE 13 .fini 00000009 00000000004009e4 00000000004009e4 000009e4 2**2 CONTENTS, ALLOC, LOAD, READONLY, CODE 14 .rodata 000000bc 0000000000400a00 0000000000400a00 00000a00 2**5 CONTENTS, ALLOC, LOAD, READONLY, DATA 15 .eh_frame_hdr 00000044 0000000000400abc 0000000000400abc 00000abc 2**2 CONTENTS, ALLOC, LOAD, READONLY, DATA 16 .eh_frame 00000134 0000000000400b00 0000000000400b00 00000b00 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 17 .preinit_array 00000008 0000000000600d98 0000000000600d98 00000d98 2**3 CONTENTS, ALLOC, LOAD, DATA 18 .init_array 00000010 0000000000600da0 0000000000600da0 00000da0 2**3 CONTENTS, ALLOC, LOAD, DATA 19 .fini_array 00000010 0000000000600db0 0000000000600db0 00000db0 2**3 CONTENTS, ALLOC, LOAD, DATA 20 .jcr 00000008 0000000000600dc0 0000000000600dc0 00000dc0 2**3 CONTENTS, ALLOC, LOAD, DATA 21 .dynamic 00000230 0000000000600dc8 0000000000600dc8 00000dc8 2**3 CONTENTS, ALLOC, LOAD, DATA 22 .got 00000008 0000000000600ff8 0000000000600ff8 00000ff8 2**3 CONTENTS, ALLOC, LOAD, DATA 23 .got.plt 00000060 0000000000601000 0000000000601000 00001000 2**3 CONTENTS, ALLOC, LOAD, DATA 24 .data 00000070 0000000000601060 0000000000601060 00001060 2**5 CONTENTS, ALLOC, LOAD, DATA 25 .bss 00000008 00000000006010d0 00000000006010d0 000010d0 2**2 ALLOC 26 .comment 00000058 0000000000000000 0000000000000000 000010d0 2**0 CONTENTS, READONLY 27 .debug_aranges 00000050 0000000000000000 0000000000000000 00001128 2**0 CONTENTS, READONLY, DEBUGGING 28 .debug_info 00001041 0000000000000000 0000000000000000 00001178 2**0 CONTENTS, READONLY, DEBUGGING 29 .debug_abbrev 0000038e 0000000000000000 0000000000000000 000021b9 2**0 CONTENTS, READONLY, DEBUGGING 30 .debug_line 00000239 0000000000000000 0000000000000000 00002547 2**0 CONTENTS, READONLY, DEBUGGING 31 .debug_str 00000a9a 0000000000000000 0000000000000000 00002780 2**0 CONTENTS, READONLY, DEBUGGING $ $objdump-hx x:文件格式elf64-x86-64 部分: Idx名称大小VMA LMA文件关闭Algn 0.interp 000000 1C 0000000000 4002380000000000 40023800000238 2**0 内容、分配、加载、只读、数据 1.注:ABI-tag 000000 20 0000000000 400254 0000000000 400254 00000254 2**2 内容、分配、加载、只读、数据 2.note.gnu.build-id 00000024 0000000000 400274 0000000000 400274 00000 274 2**2 内容、分配、加载、只读、数据 3.gnu.hash 0000003C0000000000 400298 0000000000 400298 00000298 2**3 内容、分配、加载、只读、数据 4.dynsym 000001B0000000000004002D8 000000000004002D8 000002d8 2**3 内容、分配、加载、只读、数据 5.dynstr 00000141 0000000000 400488 0000000000 400488 00000488 2**0 内容、分配、加载、只读、数据 6.gnu.version 000000 24 0000000000 4005CA 0000000000 4005CA 000005ca 2**1 内容、分配、加载、只读、数据 7.gnu.version_r 000000 20 0000000000 4005F00000000000 4005F0000005F0 2**3 内容、分配、加载、只读、数据 8.rela.dyn 000000 18 0000000000 400610 0000000000 400610 00000 2**3 内容、分配、加载、只读、数据 9.rela.plt 000000 D8 0000000000 400628 0000000000 400628 00000628 2**3 内容、分配、加载、只读、数据 10.初始0000001a 0000000000 4007000000000000 400700000002**2 内容、分配、加载、只读、代码 11.plt 000000 A0 0000000000 4007200000000000 400720000007202**4 内容、分配、加载、只读、代码 12.文本000002240000000000 4007C00000000000 4007C0000007C0 2**4 内容、分配、加载、只读、代码 13.fini 0000000 9 0000000000 4009E4 0000000000 4009E4 000009e4 2**2 内容、分配、加载、只读、代码 14.罗达达000000 BC 0000000000 400A00000000000 400A000000A00 2**5 内容、分配、加载、只读、数据 15.eh_框架\u hdr 000000 44 0000000000 400ABC 0000000000 400ABC 00000 ABC 2**2 内容、分配、加载、只读、数据 16.eh_框架00000 134 0000000000 400B00 0000000000 400B00 00000b00 2**3 内容、分配、加载、只读、数据 17.预初始化数组0000000 8 0000000000 600D98 0000000000 600D98 00000d98 00000d98 2**3 内容、分配、加载、数据 18.初始化数组000000 1000000000 600DA0 0000000000 600DA0 00000 2**3 内容、分配、加载、数据 19.fini_数组000000 1000000000 600DB0 0000000000 600DB0 00000db0 2**3 内容、分配、加载、数据 20.jcr 0000000 8 0000000000 600DC0 0000000000 600DC0 00000dc0 2**3 内容、分配、加载、数据 21.动态00000230 0000000000 600DC8 0000000000 600DC8 00000dc8 2**3 内容、分配、加载、数据 22.获得0000000 800000000 6000FF8 0000000000 6000FF8 00000ff8 2**3 内容、分配、加载、数据 23.got.plt 000000 60 0000000000 601000 0000000000 601000 000000 2**3 内容、分配、加载、数据 24.数据00000070 0000000000 601060 0000000000 601060 000010600 2**5 内容、分配、加载、数据 25.bss 00000008 0000000000 6010D00000000000 6010D0000010D0 2**2 阿洛克 26.意见000000 58 000000000000000000000000000000000000000000000010D0 2**0 内容,只读 27.调试参数000000 50 00000000000000000000000000000000001128 2**0 内容,只读,调试 28.调试信息0000104100000000000000000000000000000000001178 2**0 内容,只读,调试 29.调试abbrev 0000038e 000000000000000000000000000021B9 2**0 内容,只读,调试 30.调试行00000239 0000000000000000 0000000000000000 00002547 2**0 内容,只读,调试 31.调试字符串00000a9a 00000000000000000000000000000000002780 2**0 内容,只读,调试 $ 答案张贴在

您需要使用
llvm符号器
addr2line

GCC优于Clang的一个优点是,它附带了一个基于libbacktrace的良好内置符号。因此,只需去掉
ASAN_符号路径
ASAN_选项
,即可享受用户友好的输出:

$ g++ -g -fsanitize=address tmp.c && ./a.out
get ready
=================================================================
==30328==ERROR: AddressSanitizer: heap-use-after-free on address 0x60200000eff4 at pc 0x000000400985 bp 0x7fffeafad920 sp 0x7fffeafad918
WRITE of size 1 at 0x60200000eff4 thread T0
    #0 0x400984 in main /home/iuriig/tmp.c:9
    #1 0x7f1f99850f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
    #2 0x400848  (/home/iuriig/a.out+0x400848)

0x60200000eff4 is located 4 bytes inside of 5-byte region [0x60200000eff0,0x60200000eff5)
freed by thread T0 here:
    #0 0x7f1f9a5548a0 in __interceptor_free /home/iuriig/src/gcc-6.2.0/libsanitizer/asan/asan_malloc_linux.cc:45
    #1 0x40093e in main /home/iuriig/tmp.c:7
    #2 0x7f1f99850f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
(以上内容是在Ubuntu 16 w/GCC 6.2.0上复制的)。

GCC可以在没有外部帮助的情况下打印行号,前提是您使用调试信息构建。2014年,当我问这个问题时,它没有。@vy32很可能是这样,libbacktrace是在那个时候添加的。 $ objdump -h x x: file format elf64-x86-64 Sections: Idx Name Size VMA LMA File off Algn 0 .interp 0000001c 0000000000400238 0000000000400238 00000238 2**0 CONTENTS, ALLOC, LOAD, READONLY, DATA 1 .note.ABI-tag 00000020 0000000000400254 0000000000400254 00000254 2**2 CONTENTS, ALLOC, LOAD, READONLY, DATA 2 .note.gnu.build-id 00000024 0000000000400274 0000000000400274 00000274 2**2 CONTENTS, ALLOC, LOAD, READONLY, DATA 3 .gnu.hash 0000003c 0000000000400298 0000000000400298 00000298 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 4 .dynsym 000001b0 00000000004002d8 00000000004002d8 000002d8 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 5 .dynstr 00000141 0000000000400488 0000000000400488 00000488 2**0 CONTENTS, ALLOC, LOAD, READONLY, DATA 6 .gnu.version 00000024 00000000004005ca 00000000004005ca 000005ca 2**1 CONTENTS, ALLOC, LOAD, READONLY, DATA 7 .gnu.version_r 00000020 00000000004005f0 00000000004005f0 000005f0 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 8 .rela.dyn 00000018 0000000000400610 0000000000400610 00000610 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 9 .rela.plt 000000d8 0000000000400628 0000000000400628 00000628 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 10 .init 0000001a 0000000000400700 0000000000400700 00000700 2**2 CONTENTS, ALLOC, LOAD, READONLY, CODE 11 .plt 000000a0 0000000000400720 0000000000400720 00000720 2**4 CONTENTS, ALLOC, LOAD, READONLY, CODE 12 .text 00000224 00000000004007c0 00000000004007c0 000007c0 2**4 CONTENTS, ALLOC, LOAD, READONLY, CODE 13 .fini 00000009 00000000004009e4 00000000004009e4 000009e4 2**2 CONTENTS, ALLOC, LOAD, READONLY, CODE 14 .rodata 000000bc 0000000000400a00 0000000000400a00 00000a00 2**5 CONTENTS, ALLOC, LOAD, READONLY, DATA 15 .eh_frame_hdr 00000044 0000000000400abc 0000000000400abc 00000abc 2**2 CONTENTS, ALLOC, LOAD, READONLY, DATA 16 .eh_frame 00000134 0000000000400b00 0000000000400b00 00000b00 2**3 CONTENTS, ALLOC, LOAD, READONLY, DATA 17 .preinit_array 00000008 0000000000600d98 0000000000600d98 00000d98 2**3 CONTENTS, ALLOC, LOAD, DATA 18 .init_array 00000010 0000000000600da0 0000000000600da0 00000da0 2**3 CONTENTS, ALLOC, LOAD, DATA 19 .fini_array 00000010 0000000000600db0 0000000000600db0 00000db0 2**3 CONTENTS, ALLOC, LOAD, DATA 20 .jcr 00000008 0000000000600dc0 0000000000600dc0 00000dc0 2**3 CONTENTS, ALLOC, LOAD, DATA 21 .dynamic 00000230 0000000000600dc8 0000000000600dc8 00000dc8 2**3 CONTENTS, ALLOC, LOAD, DATA 22 .got 00000008 0000000000600ff8 0000000000600ff8 00000ff8 2**3 CONTENTS, ALLOC, LOAD, DATA 23 .got.plt 00000060 0000000000601000 0000000000601000 00001000 2**3 CONTENTS, ALLOC, LOAD, DATA 24 .data 00000070 0000000000601060 0000000000601060 00001060 2**5 CONTENTS, ALLOC, LOAD, DATA 25 .bss 00000008 00000000006010d0 00000000006010d0 000010d0 2**2 ALLOC 26 .comment 00000058 0000000000000000 0000000000000000 000010d0 2**0 CONTENTS, READONLY 27 .debug_aranges 00000050 0000000000000000 0000000000000000 00001128 2**0 CONTENTS, READONLY, DEBUGGING 28 .debug_info 00001041 0000000000000000 0000000000000000 00001178 2**0 CONTENTS, READONLY, DEBUGGING 29 .debug_abbrev 0000038e 0000000000000000 0000000000000000 000021b9 2**0 CONTENTS, READONLY, DEBUGGING 30 .debug_line 00000239 0000000000000000 0000000000000000 00002547 2**0 CONTENTS, READONLY, DEBUGGING 31 .debug_str 00000a9a 0000000000000000 0000000000000000 00002780 2**0 CONTENTS, READONLY, DEBUGGING $ 
$ g++ -g -fsanitize=address tmp.c && ./a.out
get ready
=================================================================
==30328==ERROR: AddressSanitizer: heap-use-after-free on address 0x60200000eff4 at pc 0x000000400985 bp 0x7fffeafad920 sp 0x7fffeafad918
WRITE of size 1 at 0x60200000eff4 thread T0
    #0 0x400984 in main /home/iuriig/tmp.c:9
    #1 0x7f1f99850f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
    #2 0x400848  (/home/iuriig/a.out+0x400848)

0x60200000eff4 is located 4 bytes inside of 5-byte region [0x60200000eff0,0x60200000eff5)
freed by thread T0 here:
    #0 0x7f1f9a5548a0 in __interceptor_free /home/iuriig/src/gcc-6.2.0/libsanitizer/asan/asan_malloc_linux.cc:45
    #1 0x40093e in main /home/iuriig/tmp.c:7
    #2 0x7f1f99850f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)