使用 ASAN 时如何修复错误 "cannot run C compiled programs"
How to fix error "cannot run C compiled programs" when using ASAN
问题: 运行ning configure
脚本工作正常,可以使用 C 编译器和生成的程序 运行。一旦添加了 ASAN,配置脚本就会抱怨生成的程序不能 运行.
./configure
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
...
对比
./configure CFLAGS="-fsanitize=address -fsanitize=undefined -fno-omit-frame-pointer -fstack-protector" LDFLAGS="-fsanitize=undefined -fsanitize=address" --enable-debug
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking whether CFLAGS can be modified... yes
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... configure: error: in `/tmp/test-asan':
configure: error: cannot run C compiled programs.
If you meant to cross compile, use `--host'.
See `config.log' for more details
config.log 显示:
configure:3653: checking whether we are cross compiling
configure:3661: gcc -o conftest -fsanitize=address -fsanitize=undefined -fno-omit-frame-pointer -fstack-protector -fsanitize=undefined -fsanitize=address conftest.c >&5
configure:3665: $? = 0
configure:3672: ./conftest
==9941==LeakSanitizer has encountered a fatal error.
==9941==HINT: For debugging, try setting environment variable LSAN_OPTIONS=verbosity=1:log_threads=1
==9941==HINT: LeakSanitizer does not work under ptrace (strace, gdb, etc)
configure:3676: $? = 1
configure:3683: error: in `/tmp/test-asan':
configure:3685: error: cannot run C compiled programs.
配置脚本的错误消息非常混乱(不涉及交叉编译),LeakSanitizer 的提示也好不到哪里去(我们不做任何调试)但包含一个重要的提示:ptrace。
正如 GDB + ptrace question the issue is that the Yama kernel security module 中所暗示的那样,已配置为防止 ASAN 使用 ptrace。
类似的,在 valgrind 中 运行ning 时可以看到稍微有用的消息:
error calling PR_SET_PTRACER, vgdb might block
要解决此问题:
- 选项 1:
运行 提升的 shell 中的配置脚本(和后来的测试)
(
sudo bash
)
- 选项 2(在 local/secured 机器上 [可能是 VM/sandbox]:
允许每个人使用 ptrace
echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope
执行此操作时,配置脚本 运行 会按预期运行,如果清理程序发现任何错误,生成的程序会在退出时中止。
我 运行 在使用“podman build”(“docker build”有效)时遇到了同样的问题。添加 ptrace 作为功能可能是可行的。但另一种解决方法是设置 ASAN_OPTIONS=detect_leaks=0
(在我的情况下为 ./configure
和 make test
)。
问题: 运行ning configure
脚本工作正常,可以使用 C 编译器和生成的程序 运行。一旦添加了 ASAN,配置脚本就会抱怨生成的程序不能 运行.
./configure
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
...
对比
./configure CFLAGS="-fsanitize=address -fsanitize=undefined -fno-omit-frame-pointer -fstack-protector" LDFLAGS="-fsanitize=undefined -fsanitize=address" --enable-debug
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking whether CFLAGS can be modified... yes
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... configure: error: in `/tmp/test-asan':
configure: error: cannot run C compiled programs.
If you meant to cross compile, use `--host'.
See `config.log' for more details
config.log 显示:
configure:3653: checking whether we are cross compiling
configure:3661: gcc -o conftest -fsanitize=address -fsanitize=undefined -fno-omit-frame-pointer -fstack-protector -fsanitize=undefined -fsanitize=address conftest.c >&5
configure:3665: $? = 0
configure:3672: ./conftest
==9941==LeakSanitizer has encountered a fatal error.
==9941==HINT: For debugging, try setting environment variable LSAN_OPTIONS=verbosity=1:log_threads=1
==9941==HINT: LeakSanitizer does not work under ptrace (strace, gdb, etc)
configure:3676: $? = 1
configure:3683: error: in `/tmp/test-asan':
configure:3685: error: cannot run C compiled programs.
配置脚本的错误消息非常混乱(不涉及交叉编译),LeakSanitizer 的提示也好不到哪里去(我们不做任何调试)但包含一个重要的提示:ptrace。
正如 GDB + ptrace question the issue is that the Yama kernel security module 中所暗示的那样,已配置为防止 ASAN 使用 ptrace。
类似的,在 valgrind 中 运行ning 时可以看到稍微有用的消息:
error calling PR_SET_PTRACER, vgdb might block
要解决此问题:
- 选项 1:
运行 提升的 shell 中的配置脚本(和后来的测试)
(
sudo bash
) - 选项 2(在 local/secured 机器上 [可能是 VM/sandbox]:
允许每个人使用 ptrace
echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope
执行此操作时,配置脚本 运行 会按预期运行,如果清理程序发现任何错误,生成的程序会在退出时中止。
我 运行 在使用“podman build”(“docker build”有效)时遇到了同样的问题。添加 ptrace 作为功能可能是可行的。但另一种解决方法是设置 ASAN_OPTIONS=detect_leaks=0
(在我的情况下为 ./configure
和 make test
)。