I moved the new question to a separate thread. Please ignore this one.
在 2014年7月15日星期二UTC+8上午10时53分00秒,Shiny Teng写道:
>
> Thank you for your reply!
> It would be great help if I could debug asanified executables. But I
> failed to try it out.
>
> I tried debugging with lldb, same codes as I pasted before.
>
> Build:
> /usr/local/Cellar/llvm34/3.4.1_1/bin/clang++-3.4 -O0 -g -fsanitize=address
> longstack.cc -o ./longstack
>
> Debug:
> (lldb) target create ~/Test\ Projects/clang/longstack
> Current executable set to '~/Test Projects/clang/longstack' (x86_64).
> (lldb) run --stop-at-entry
> Process 65604 launched: '/Users/tengxiang/Test Projects/clang/longstack'
> (x86_64)
> Process 65604 stopped
> * thread #1: tid = 0xa5879, 0x00007fff5fc01028 dyld`_dyld_start, stop
> reason = exec
> frame #0: 0x00007fff5fc01028 dyld`_dyld_start
> dyld`_dyld_start:
> -> 0x7fff5fc01028: popq %rdi
> 0x7fff5fc01029: pushq $0
> 0x7fff5fc0102b: movq %rsp, %rbp
> 0x7fff5fc0102e: andq $-16, %rsp
> (lldb) b foo
> Breakpoint 1: where = longstack`foo(int) + 291 at longstack.cc:5, address
> = 0x0000000100000ab3
> (lldb) c
> Process 65604 resuming
> Process 65604 stopped
> * thread #1: tid = 0xa5879, 0x0000000100000ab3
> longstack`foo(n=<unavailable>) + 291 at longstack.cc:5, queue =
> 'com.apple.main-thread, stop reason = breakpoint 1.1
> frame #0: 0x0000000100000ab3 longstack`foo(n=<unavailable>) + 291 at
> longstack.cc:5
> 2
> 3 void foo(int n)
> 4 {
> -> 5 a[n]++;
> 6 foo(++n);
> 7 }
> 8
> (lldb) p n
> error: Couldn't materialize struct: size of variable n disagrees with the
> ValueObject's size
> Errored out in Execute, couldn't PrepareToExecuteJITExpression
>
> See I can't print variable's value. And bt won't show parameters' value,
> looks like
> frame #0: 0x0000000100000ab3 longstack`foo(n=<unavailable>) + 291 at
> longstack.cc:5
>
> And then I tried remove -fsanitize=address, like
> /usr/local/Cellar/llvm34/3.4.1_1/bin/clang++-3.4 -O0 -g longstack.cc -o
> ./longstack
>
> It prints in lldb,
> (lldb) p n
> (int) $0 = 258504
>
> Did I miss anything? Or is there a way to print variables in asan-ified
> executables in debugging?
>
> Regards,
> -xiang
>
>
>
>
>
>
>
> 在 2014年7月14日星期一UTC+8下午5时02分05秒,kcc写道:
>>
>>
>>
>>
>> On Mon, Jul 14, 2014 at 12:09 PM, Shiny Teng <[email protected]> wrote:
>>
>>> Hi experts,
>>> I'm using llvm3.4.1 on OSX 10.9.3.
>>> My codes,
>>>
>>> // longstack.cc
>>> int* a;
>>> void foo(int n)
>>> {
>>> a[n]++;
>>> foo(++n);
>>> }
>>> int main(int argc, char** argv) {
>>> a = new int[30];
>>> foo(0);
>>> }
>>>
>>> And it builds,
>>> /usr/local/Cellar/llvm34/3.4.1_1/bin/clang-3.4 -O0 -g -fsanitize=address
>>> longstack.cc -o ./longstack
>>>
>>> Only thing I set is,
>>> export ASAN_SYMBOLIZER_PATH=/usr/local/Cellar/
>>>
>>> It reports,
>>>
>>> =================================================================
>>> ==49571==ERROR: AddressSanitizer: heap-buffer-overflow on address
>>> 0x60c00000bff8 at pc 0x10cffbb69 bp 0x7fff52c02a70 sp 0x7fff52c02a68
>>> READ of size 4 at 0x60c00000bff8 thread T0
>>> #0 0x10cffbb68 in foo(int) /Users/tengxiang/Test
>>> Projects/clang/longstack.cc:5
>>> #1 0x10cffbb8d in foo(int) /Users/tengxiang/Test
>>> Projects/clang/longstack.cc:6
>>> ...
>>> #30 0x10cffbb8d in foo(int) /Users/tengxiang/Test
>>> Projects/clang/longstack.cc:6
>>> #31 0x10cffbdaa in main /Users/tengxiang/Test
>>> Projects/clang/longstack.cc:11
>>> #32 0x7fff8d8ef5fc in start (/usr/lib/system/libdyld.dylib+0x35fc)
>>> #33 0x0
>>>
>>> ...
>>> ==49571==ABORTING
>>>
>>> Please see the callstack foo(int) doesn't tell what's the inbound
>>> parameter int's value.
>>>
>>> As comparison, I debugged it with lldb, it shows call stack with "bt".
>>>
>>>
>>> ...
>>> frame #258473: 0x0000000100000f33 longstacknormal`foo(n=32) + 51 at
>>> longstack.cc:6
>>> ...
>>> frame #258504: 0x0000000100000f33 longstacknormal`foo(n=1) + 51 at
>>> longstack.cc:6
>>> frame #258505: 0x0000000100000f72 longstacknormal`main(argc=2,
>>> argv=0x00007fff5fbffba0) + 50 at longstack.cc:11
>>> frame #258506: 0x00007fff8d8ef5fd libdyld.dylib`start + 1
>>>
>>> Please see foo(n=32).
>>>
>>> My question is, did I miss anything or is it possible to get things like
>>> that in ASAN report?
>>>
>>
>> asan currently can not do this, sorry.
>> Such functionality is far from trivial and we are not planing to
>> implement it.
>> However, you can attach gdb or lldb to asan-ified process when it has
>> reported an error and get a more complete stack trace.
>> https://code.google.com/p/address-sanitizer/wiki/AddressSanitizer#gdb
>> If you think that such functionality in asan is worth the effort, feel
>> free to file a bug report:
>> https://code.google.com/p/address-sanitizer/issues/list
>>
>> Thanks!
>>
>> --kcc
>>
>>
>>
>>> Regards,
>>> -xiang
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "address-sanitizer" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to [email protected].
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
--
You received this message because you are subscribed to the Google Groups
"address-sanitizer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
