c++ - 缺少用于 LLVM 编译器-rt 的 libclang_rt.san-x86_64.a 文件

Question

我刚刚构建了 LLVM/Clang compiler-rt并尝试了 -fsanitize 选项。但奇怪的是链接失败了，因为它找不到 libclang_rt.san-x86_64.a。

/usr/bin/ld: cannot find /home/hongxu/RESEARCH/llvm-git/obj/bin/../lib/clang/3.7.0/lib/linux/libclang_rt.san-x86_64.a: No such file or directory
clang-3.7: error: linker command failed with exit code 1 (use -v to see invocation)

当我进入目录/home/hongxu/RESEARCH/llvm-git/obj/bin/../lib/clang/3.7.0/lib/linux/时，我发现有是其他库文件

# AddressSanitizer
libclang_rt.asan_cxx-x86_64.a
libclang_rt.asan-preinit-x86_64.a
libclang_rt.asan-x86_64.a
# DataFlowSanitizer
libclang_rt.dfsan-libc-x86_64.a
libclang_rt.dfsan-x86_64.a
# LeakSanitizer
libclang_rt.lsan-x86_64.a
# MemorySanitizer
libclang_rt.msan-x86_64.a
# ThreadSanitizer
libclang_rt.tsan-x86_64.a
# UndefinedBehaviorSanitizer
libclang_rt.ubsan_cxx-x86_64.a
libclang_rt.ubsan_standalone_cxx-x86_64.a
libclang_rt.ubsan_standalone-x86_64.a
libclang_rt.ubsan-x86_64.a

而且根据compiler-rt page我可以从名字猜到它们的功能。

但是 libclang_rt.san-x86_64.a 是什么？我怎样才能得到它？

Answer 1

But strangely the link failed since it cannot find libclang_rt.san-x86_64.a.

是的，make install不安装一些需要的东西。其他时候，它将它们安装在非标准位置。

它不安装的其他东西包括asan_symbolize.py ，用于表示来自 Address Sanitizer (ASan) 的转储。

---

But what is libclang_rt.san-x86_64.a? And how can I get it?

它是 sanitizer 库之一。您可能拥有它，只是您没有意识到它，因为它位于非标准位置。例如，在我的系统上(我自己构建 LLVM/Clang 的地方):

$ find /usr -name libclang_rt.san-x86_64.a 2>/dev/null 
/usr/local/lib/clang/3.5.0/lib/linux/libclang_rt.san-x86_64.a

所以你要做的就是使用 LD_LIBRARY_PATH (Linux) 或 DYLD_LIBRARY_PATH (OS X) 以确保编译器驱动程序可以找到它。您应该永远必须手动添加各种清理器库 - 编译器驱动程序应该始终为您添加它们。

为了完整起见，Clang 3.4 在 /usr/local/lib/clang/3.4/lib/linux/ 安装了 sanitizer 库在 Linux 上； Clang 3.3 安装在 /usr/local/lib/clang/3.3/lib/darwin/在 OS X 上。

您实际上可以在源代码中更改搜索目录，它们将由编译器驱动程序自动选取。我想我必须更改实际来源，因为我找不到配置选项来添加像 /usr/local/lib/clang/<version>/lib/linux/ 这样的位置。 .看看tools/clang/lib/Frontend/InitHeaderSearch.cpp和 friend 。这就是像 .../include/c++/4.2.1 这样的路径来自。

---

顺便说一下，这里是如何使用 Address Sanitizer 和 asan_symbolize.py .首先，运行 2to3和 asan_symbolize.py修复 Python 人员破坏的与基本 I/O 相关的问题:

$ find Clang-3.5/ -name asan_symbolize.py
Clang-3.5/llvm/projects/compiler-rt/lib/asan/scripts/asan_symbolize.py
2to3 -w Clang-3.5/llvm/projects/compiler-rt/lib/asan/scripts/asan_symbolize.py

echo "" | Clang-3.5/llvm/projects/compiler-rt/lib/asan/scripts/asan_symbolize.py
# Fix errors 2to3 missed

然后，将其复制到一个众所周知的位置(或将其放在路径中):

sudo cp Clang-3.5/llvm/projects/compiler-rt/lib/asan/scripts/asan_symbolize.py /usr/local/bin

然后，对于您的项目:

export CPPFLAGS="-fsanitze=undefined -fsanitize=address"
export CFLAGS="-fsanitze=undefined -fsanitize=address"
export CXXFLAGS="-fsanitze=undefined -fsanitize=address -fno-sanitize=vptr"
export CC=/usr/local/bin/clang
export CXX=/usr/local/bin/clang++
export LD_LIBRARY_PATH=/usr/local/lib/clang/3.5.0/lib/linux

./configure
make
make check 2>&1 | asan_symbolize.py

CPPFLAGS实际上对于 Autotools 项目来说非常重要。否则，您会遇到可怕的C 编译器无法创建可执行文件错误。

当您遇到 ASan 错误时，您将看到类似于:

make test 2>&1 | asan_symbolize.py
...

/usr/local/bin/clang -fsanitize=address -Xlinker -export-dynamic
    -o python Modules/python.o libpython3.3m.a -ldl -lutil
    /usr/local/ssl/lib/libssl.a /usr/local/ssl/lib/libcrypto.a -lm
./python -E -S -m sysconfig --generate-posix-vars
=================================================================
==24064==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x619000004020 at pc 0x4ed4b2 bp 0x7fff80fff010 sp 0x7fff80fff008
READ of size 4 at 0x619000004020 thread T0
  #0 0x4ed4b1 in PyObject_Free Python-3.3.5/./Objects/obmalloc.c:987
  #1 0x7a2141 in code_dealloc Python-3.3.5/./Objects/codeobject.c:359
  #2 0x620c00 in PyImport_ImportFrozenModuleObject
       Python-3.3.5/./Python/import.c:1098
  #3 0x620d5c in PyImport_ImportFrozenModule
       Python-3.3.5/./Python/import.c:1114
  #4 0x63fd07 in import_init Python-3.3.5/./Python/pythonrun.c:206
  #5 0x63f636 in _Py_InitializeEx_Private
       Python-3.3.5/./Python/pythonrun.c:369
  #6 0x681d77 in Py_Main Python-3.3.5/./Modules/main.c:648
  #7 0x4e6894 in main Python-3.3.5/././Modules/python.c:62
  #8 0x2abf9a525eac in __libc_start_main
       /home/aurel32/eglibc/eglibc-2.13/csu/libc-start.c:244
  #9 0x4e664c in _start (Python-3.3.5/./python+0x4e664c)

AddressSanitizer can not describe address in more detail (wild
memory access suspected).
SUMMARY: AddressSanitizer: heap-buffer-overflow
  Python-3.3.5/./Objects/obmalloc.c:987 PyObject_Free
Shadow bytes around the buggy address:
  0x0c327fff87b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff87c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff87d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff87e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff87f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c327fff8800: fa fa fa fa[fa]fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff8810: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff8820: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff8830: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff8840: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c327fff8850: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:     fa
  Heap right redzone:    fb
  Freed heap region:     fd
  Stack left redzone:    f1
  Stack mid redzone:     f2
  Stack right redzone:   f3
  Stack partial redzone: f4
  Stack after return:    f5
  Stack use after scope: f8
  Global redzone:        f9
  Global init order:     f6
  Poisoned by user:      f7
  ASan internal:         fe
==24064==ABORTING
make: *** [pybuilddir.txt] Error 1

---

在 Python 的 Dynamic Analysis with Clang 中有更完整的 LLVM/Clang 构建过程和使用 santizers 的文章。 .我前一段时间写的，所以版本和食谱都过时了。但概念是相同的。