堆栈内存溢出
  简体   繁体   English

我实际上如何使用AddressSanitizer和MemorySanitizer?

[英]How can I practically use AddressSanitizer and MemorySanitizer?

 原文  2017-03-15 22:35:17       c++/ c/ linux/ address-sanitizer/ memory-sanitizer

问题描述

AddressSanitizer and MemorySanitizer are very useful tools, but they require that the whole program be appropriately instrumented. AddressSanitizer和MemorySanitizer是非常有用的工具,但它们要求对整个程序进行适当的检测。 (At least, for the Clang version of AddressSanitizer; see here in the MemorySanitizer docs and the "using private aliases for globals" section of AddressSanitizerClangVsGCC .) (至少,AddressSanitizer的锵版本;看到这里的MemorySanitizer文档和“使用专用别名全局”的部分AddressSanitizerClangVsGCC 。)

If taken at its word, this means that all library dependencies need to be built with the appropriate compiler flags to enable ASan or MSan. 如果一言以蔽之,这意味着需要使用适当的编译器标志来构建所有库依赖项,以启用ASan或MSan。 For a typical Linux application that requires various third-party dependencies, what's a practical way of doing this? 对于需要各种第三方依赖性的典型Linux应用程序,这样做的实际方法是什么? The Sanitizers are apparently a Google project, and I get the impression that Google code mostly just uses their own monorepo and their own build tools , but this may be outside of the reach of the average developer. 消毒剂显然是Google的一个项目,给我的印象是Google代码大多只使用他们自己的monorepo和他们自己的构建工具 ,但这可能是普通开发人员无法承受的。 Is there a simple way of getting libraries built with the Sanitizers without investing in a lot of extra infrastructure or build scripts? 有没有一种简单的方法可以用消毒剂来构建库而无需投资大量额外的基础结构或构建脚本?

2 个解决方案

解决方案1
 2 已采纳  2017-03-16 08:10:09

AddressSanitizer supports separate instrumentation ie you can instrument just parts of your program with it (separate DSOs or even separate object files). AddressSanitizer支持单独的检测,即,您可以仅使用它检测程序的一部分(单独的DSO甚至单独的目标文件)。 Note however that if you use static Asan runtime (which is default on Clang, unless you build with -shared-libasan ) you must instrument main executable. 但是请注意,如果您使用静态Asan运行时(除非使用-shared-libasan构建,否则在Clang中是默认运行时),因此必须检测主可执行文件。 Shared runtime (default in GCC) does not have this problem but you'll need to LD_PRELOAD it if executable isn't instrumented. 共享运行时(GCC中的默认运行)不存在此问题,但是如果未检测到可执行文件,则需要LD_PRELOAD See discussion in wiki for details. 有关详细信息,请参见Wiki中的讨论

As for MemorySanitizer, it indeed requires all of it's dependencies to be rebuilt. 至于MemorySanitizer,确实需要重建所有依赖项。 This is the major reason why the tool isn't widely used outside Google. 这是该工具未在Google之外广泛使用的主要原因。

解决方案2
 1  2017-03-15 22:40:46

The sanitizers can easily be used on your own code without rebuilding system dependencies. 可以在您自己的代码上轻松使用消毒器,而无需重建系统依赖性。 I do so routinely with a large(ish) 2M line code base on RHEL 6 & 7 using both GCC and Clang - it's not a problem. 我通常会同时使用基于GCC和Clang的RHEL 6和7,使用大型(ish)2M行代码进行操作-这不是问题。 If it is a problem; 如果有问题; you are doing it wrong (or there is a bug somewhere that needs fixing). 您做错了(或某处需要修复的错误)。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在Android NDK GCC上使用AddressSanitizer? - How to Use AddressSanitizer on Android NDK GCC? 如何在 gcc 中抑制来自 AddressSanitizer 的堆栈缓冲区溢出 - How can I suppress a stack-buffer-overflow from AddressSanitizer in gcc 如何链接使用 MSVC 和 AddressSanitizer 编译的程序 - How do I link program compiled with MSVC and AddressSanitizer 如何解释 AddressSanitizer 输出? - How to interpret AddressSanitizer output? 出现浮动精度问题时,如何实际解决凸包? - how can you practically solve the convex hull when there are floating precision issues? AddressSanitizer 可以用来记录 malloc 调用吗? - Can AddressSanitizer be used to log malloc calls? 如何使AddressSanitizer不检查第三方库 - How to make AddressSanitizer not check third party libraries 如何实际定制IE上下文菜单? - How to practically customize IE context menu? 空输入如何出现AddressSanitizer错误 - How come out the AddressSanitizer error for empty input 可变内容导致 AddressSanitizer: heap-use-after-free on address - Variadic content leads to AddressSanitizer: heap-use-after-free on address
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM