nginx下使用asan和valgrind兩個靜態檢查工具

• 2019 年 10 月 7 日
• 筆記

1、valgrind

valgrind安裝：參考：https://blog.csdn.net/justheretobe/article/details/52986461

wegit：http://valgrind.org/downloads/valgrind-3.12.0.tar.bz2

tar -jxvf valgrind-3.12.0.tar.bz2

cd valgrind-3.12.0

./configure

make

sudo make install

輸入valgrind–h顯示valgrind的參數及提示，說明安裝成功

luajit問題：參考https://groups.google.com/forum/#!topic/openresty/riEO_YXTwz4

 sudo valgrind --tool=memcheck --leak-check=full /usr/local/nginx-1.4.2/sbin/nginx  ==41400== Memcheck, a memory error detector  ==41400== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.  ==41400== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info  ==41400== Command: /usr/local/nginx-1.4.2/sbin/nginx  ==41400==  ==41400== Warning: set address range perms: large range [0x957a040, 0x2e45f7e2) (undefined)  ==41400== Warning: set address range perms: large range [0x957b040, 0x2e45f040) (defined)  nginx: [error] failed to initialize Lua VM in /usr/local/nginx-1.4.2/conf/nginx.conf:125  ==41400==  ==41400== HEAP SUMMARY:  ==41400==     in use at exit: 619,703,912 bytes in 3,285 blocks  ==41400==   total heap usage: 20,476 allocs, 17,191 frees, 626,783,730 bytes allocated  ==41400==  ==41400== 128 bytes in 1 blocks are possibly lost in loss record 583 of 650  ==41400==    at 0x4C2ABA0: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)  ==41400==    by 0x431D0A: ngx_alloc (ngx_alloc.c:22)  ==41400==    by 0x4222CE: ngx_crc32_table_init (ngx_crc32.c:117)  ==41400==    by 0x41A20B: main (nginx.c:320)  ==41400==  ==41400== 1,024 bytes in 1 blocks are definitely lost in loss record 626 of 650  ==41400==    at 0x4C2D136: memalign (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)  ==41400==    by 0x4C2D251: posix_memalign (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)  ==41400==    by 0x431DBB: ngx_memalign (ngx_alloc.c:57)  ==41400==    by 0x41B5C2: ngx_create_pool (ngx_palloc.c:21)  ==41400==    by 0x419F52: main (nginx.c:299)  ==41400==  ==41400== LEAK SUMMARY:  ==41400==    definitely lost: 1,024 bytes in 1 blocks  ==41400==    indirectly lost: 0 bytes in 0 blocks  ==41400==      possibly lost: 128 bytes in 1 blocks  ==41400==    still reachable: 619,702,760 bytes in 3,283 blocks  ==41400==         suppressed: 0 bytes in 0 blocks  ==41400== Reachable blocks (those to which a pointer was found) are not shown.  ==41400== To see them, rerun with: --leak-check=full --show-leak-kinds=all  ==41400==  ==41400== For counts of detected and suppressed errors, rerun with: -v  ==41400== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)

解決的辦法是使用 openresty 的 luajit 倉庫的 v2.1-agentzh 分支重新： https://github.com/openresty/luajit2/tree/v2.1-agentzh ，然後，重新編譯一個特殊版本的 LuaJIT，強制它使用系統的分配器，即在編譯 LuaJIT 時使用類似下面的命令： make CCDEBUG=-g Q= XCFLAGS='-DLUAJIT_USE_VALGRIND -DLUAJIT_USE_SYSMALLOC'

編譯腳本做下面的修改：

export LUAJIT_INC=/usr/local/include/luajit-2.1

啟動方式

sudo valgrind –tool=memcheck ./sbin/nginx -p . -c conf/配置文件.conf

2、asan

（1）適配程式碼：

編譯腳本中添加：

–fsanitize=address -fno-omit-frame-pointer -static-libasan –with-ld-opt="-fsanitize=address -static-libasan"

makefile中添加 ：-fsanitize=address -fno-omit-frame-pointer -static-libasan

nginx本身需要適配一些文件，不然，會誤認為是記憶體泄漏。

修改下面的文件：

modified: libs/libwtf/GNUmakefile modified: libs/protobuf/Makefile modified: src/core/nginx.h modified: src/core/ngx_array.c modified: src/core/ngx_array.h modified: src/core/ngx_palloc.c modified: src/core/ngx_palloc.h

(2)安裝clang

(3)編譯新版本運行起來，然後查看日誌

默認情況下，asan遇到記憶體問題，就會終止當前進程的執行，並在spanner的日誌文件error.log中列印相關的問題，以及問題的調用棧資訊。

線上生成的調用棧只有函數地址，沒有符號資訊，可以將生成的調用棧弄下來，