【技术备忘录】程序调试环境配置与使用

通用调试工具

1. scc：展示代码仓库中各种代码成分的组成情况。
   GitHub仓库地址
   • 安装

     sudo snap install scc
     

   • 用法

Sloc, Cloc and Code. Count lines of code in a directory with complexity estimation.
Version 3.5.0 (beta)
Ben Boyter <ben@boyter.org> + Contributors

Usage:
scc [flags] [files or directories]

Flags:
    --avg-wage int                       average wage value used for basic COCOMO calculation (default 56286)
    --binary                             disable binary file detection
    --by-file                            display output for every file
-m, --character                          calculate max and mean characters per line
    --ci                                 enable CI output settings where stdout is ASCII
    --cocomo-project-type string         change COCOMO model type [organic, semi-detached, embedded, "custom,1,1,1,1"] (default "organic")
    --count-as string                    count extension as language [e.g. jsp:htm,chead:"C Header" maps extension jsp to html and chead to C Header]
    --count-ignore                       set to allow .gitignore and .ignore files to be counted
    --currency-symbol string             set currency symbol (default "$")
    --debug                              enable debug output
    --directory-walker-job-workers int   controls the maximum number of workers which will walk the directory tree (default 8)
-a, --dryness                            calculate the DRYness of the project (implies --uloc)
    --eaf float                          the effort adjustment factor derived from the cost drivers (1.0 if rated nominal) (default 1)
    --exclude-dir strings                directories to exclude (default [.git,.hg,.svn])
-x, --exclude-ext strings                ignore file extensions (overrides include-ext) [comma separated list: e.g. go,java,js]
-n, --exclude-file strings               ignore files with matching names (default [package-lock.json,Cargo.lock,yarn.lock,pubspec.lock,Podfile.lock,pnpm-lock.yaml])
    --file-gc-count int                  number of files to parse before turning the GC on (default 10000)
    --file-list-queue-size int           the size of the queue of files found and ready to be read into memory (default 8)
    --file-process-job-workers int       number of goroutine workers that process files collecting stats (default 8)
    --file-summary-job-queue-size int    the size of the queue used to hold processed file statistics before formatting (default 8)
-f, --format string                      set output format [tabular, wide, json, json2, csv, csv-stream, cloc-yaml, html, html-table, sql, sql-insert, openmetrics] (default "tabular")
    --format-multi string                have multiple format output overriding --format [e.g. tabular:stdout,csv:file.csv,json:file.json]
    --gen                                identify generated files
    --generated-markers strings          string markers in head of generated files (default [do not edit,<auto-generated />])
-h, --help                               help for scc
-i, --include-ext strings                limit to file extensions [comma separated list: e.g. go,java,js]
    --include-symlinks                   if set will count symlink files
-l, --languages                          print supported languages and extensions
    --large-byte-count int               number of bytes a file can contain before being removed from output (default 1000000)
    --large-line-count int               number of lines a file can contain before being removed from output (default 40000)
    --min                                identify minified files
-z, --min-gen                            identify minified or generated files
    --min-gen-line-length int            number of bytes per average line for file to be considered minified or generated (default 255)
    --no-cocomo                          remove COCOMO calculation output
-c, --no-complexity                      skip calculation of code complexity
-d, --no-duplicates                      remove duplicate files from stats and output
    --no-gen                             ignore generated files in output (implies --gen)
    --no-gitignore                       disables .gitignore file logic
    --no-gitmodule                       disables .gitmodules file logic
    --no-hborder                         remove horizontal borders between sections
    --no-ignore                          disables .ignore file logic
    --no-large                           ignore files over certain byte and line size set by large-line-count and large-byte-count
    --no-min                             ignore minified files in output (implies --min)
    --no-min-gen                         ignore minified or generated files in output (implies --min-gen)
    --no-scc-ignore                      disables .sccignore file logic
    --no-size                            remove size calculation output
-M, --not-match stringArray              ignore files and directories matching regular expression
-o, --output string                      output filename (default stdout)
    --overhead float                     set the overhead multiplier for corporate overhead (facilities, equipment, accounting, etc.) (default 2.4)
-p, --percent                            include percentage values in output
    --remap-all string                   inspect every file and remap by checking for a string and remapping the language [e.g. "-*- C++ -*-":"C Header"]
    --remap-unknown string               inspect files of unknown type and remap by checking for a string and remapping the language [e.g. "-*- C++ -*-":"C Header"]
    --size-unit string                   set size unit [si, binary, mixed, xkcd-kb, xkcd-kelly, xkcd-imaginary, xkcd-intel, xkcd-drive, xkcd-bakers] (default "si")
    --sloccount-format                   print a more SLOCCount like COCOMO calculation
-s, --sort string                        column to sort by [files, name, lines, blanks, code, comments, complexity] (default "files")
    --sql-project string                 use supplied name as the project identifier for the current run. Only valid with the --format sql or sql-insert option
-t, --trace                              enable trace output (not recommended when processing multiple files)
-u, --uloc                               calculate the number of unique lines of code (ULOC) for the project
-v, --verbose                            verbose output
    --version                            version for scc
-w, --wide                               wider output with additional statistics (implies --complexity)

---

C/C++

VSCode 调试配置

带输入参数的LLDB配置

在fuzzer crash root cause过程中极为有用，将以下内容粘贴到VSCode工作区的.vscode/launch.json中，然后根据需要进行修改，即可在左侧边栏运行和调试(Ctri+Shift+D)上方的下拉菜单中看到LLDB: Launch fuzzer with crash file这一项。

{
    // 使用 IntelliSense 了解相关属性。 
    // 悬停以查看现有属性的描述。
    // 欲了解更多信息，请访问: https://go.microsoft.com/fwlink/?linkid=830387
    "version": "0.2.0",
    "configurations": [
        {
            "name": "LLDB: Launch fuzzer with argements",
            "type": "lldb",
            "request": "launch",
            "program": "${fileDirname}/fuzzer", // 修改这一项以修改要调试的fuzzer可执行文件
            "args": [
                "${input:args}"
            ],
            "cwd": "${fileDirname}",
            "stopOnEntry": false,
            "terminal": "integrated",
            "env": {
                "ASAN_OPTIONS": "abort_on_error=1:detect_leaks=0",
                "UBSAN_OPTIONS": "print_stacktrace=1"
            },
            // 将构建时源路径（来自 DWARF）映射到实际工作区/源位置，注意一定要先写深的路径再写浅的路径！
            // 这是在库源码使用-g选项编译时会使得DWARF调试信息带有绝对路径，在其他目录下进行调试的时候就要做好源码位置映射
            // 注意，如果编译的时候带上了-gline-tables-only选项，则其会覆盖-g选项，DAWRF信息不会带有源码绝对路径信息！
            "sourceMap": {
                "/FuzzAgent/output/libvpx/harnesses": "${fileDirname}",
                "/FuzzAgent/output/libvpx": "/FuzzAgent/working_dir/crash_analysis/libvpx"
            }
        },
        {
            "name": "LLDB: Launch poc with argements",
            "type": "lldb",
            "request": "launch",
            "program": "${fileDirname}/poc", // 修改这一项以修改要调试的poc可执行文件
            "args": [
                "${input:args}"
            ],
            "cwd": "${fileDirname}",
            "stopOnEntry": false,
            "terminal": "integrated",
            "env": {
                "ASAN_OPTIONS": "abort_on_error=1:detect_leaks=0",
                "UBSAN_OPTIONS": "print_stacktrace=1"
            },
        }
    ],
    "inputs": [
        {
            "id": "args",
            "type": "promptString",
            "description": "请输入传递给可执行文件的参数列表，以空格分隔",
            "default": ""
        }
    ]
}

LLDB的命令使用（由ChatGPT 5总结）

🐛 LLDB Cheat Sheet for Fuzzing Crash Analysis

• 启动 & 基础控制

命令	说明
lldb ./binary	启动 lldb，加载程序
run args	运行程序（带参数）
process launch -s	单步启动程序
c	continue，继续运行
n	next，单步过函数
s	step，单步进函数
finish	跑到当前函数返回
quit	退出 lldb

• 栈 & 源码定位

命令	说明
bt	打印调用栈
bt all	打印所有线程的栈
frame info line	当前帧源码位置
frame variable	打印当前帧的所有变量
frame variable var	打印指定变量
source list -c 20	显示当前行上下 20 行源码
image lookup --address 0xADDR	符号化地址，定位函数/源码行

• 断点 & 运行控制

命令	说明
b func_name	在函数入口设置断点
b file.c:123	在文件第 123 行断点
breakpoint list	查看所有断点
breakpoint delete 1	删除断点（按 ID）
breakpoint set --name func --condition "x<10"	条件断点

• 内存 & 变量检查

命令	说明
p var	打印变量
p (int)ptr->field	强制类型打印
expr var = 123	修改变量值
x/32xb buf	以字节形式 dump 内存 (32字节)
memory read --size 1 --count 64 0xADDR	从地址读 64 字节

• 信号 & 异常

命令	说明
process handle SIGABRT -s true -n false -p true	捕获 SIGABRT (ASan abort)
process handle SIGSEGV -s true -n false -p true	捕获 SIGSEGV

• 高级调试

命令	说明
watchpoint set variable var	监视变量被修改
watchpoint set expression -w write -s 4 &buffer[0]	监视内存写入
thread list	显示线程
thread select 3	切换到线程 3
bt	查看当前线程栈
bt all	查看所有线程栈
settings set target.inline-breakpoint-strategy always	在 inline 函数内允许断点

• 脚本化（Python）

命令	说明
command script import myscript.py	导入 Python 脚本
command script list	查看已注册的命令
command script add -f myscript.dump_input dump_input	添加自定义命令