Closed stuartly closed 3 years ago
We are aware of this problem and are currently working on a solution.
This is the problematic line:
#40 0x00007fddf97633f9 (anonymous namespace)::AFLCoverage::runOnModule(llvm::Module&) /home/stly/Documents/TargetFuzz/tools/aflgo/llvm_mode/afl-llvm-pass.so.cc:396:0
The LLVM GraphWriter crashes in some (deterministic) cases when AFLGo asks it to print a function's CFG into a dot-file.
I want to test the AFLGO using LAVA-M benchmark, but it can not wok.
aflgo-compiler (yeah!) 2.49b #0 0x0000000003f62e5f llvm::sys::PrintStackTrace(llvm::raw_ostream&) /home/stly/Documents/llvm/llvm-5.0/lib/Support/Unix/Signals.inc:398:0 #1 0x0000000003f62ef2 PrintStackTraceSignalHandler(void*) /home/stly/Documents/llvm/llvm-5.0/lib/Support/Unix/Signals.inc:462:0 #2 0x0000000003f61139 llvm::sys::RunSignalHandlers() /home/stly/Documents/llvm/llvm-5.0/lib/Support/Signals.cpp:49:0 #3 0x0000000003f626d4 SignalHandler(int) /home/stly/Documents/llvm/llvm-5.0/lib/Support/Unix/Signals.inc:252:0 #4 0x00007fddf933b390 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x11390) #5 0x00007fddf80ad428 gsignal /build/glibc-Cl5G7W/glibc-2.23/signal/../sysdeps/unix/sysv/linux/raise.c:54:0 #6 0x00007fddf80af02a abort /build/glibc-Cl5G7W/glibc-2.23/stdlib/abort.c:91:0 #7 0x00007fddf80a5bd7 __assert_fail_base /build/glibc-Cl5G7W/glibc-2.23/assert/assert.c:92:0 #8 0x00007fddf80a5c82 (/lib/x86_64-linux-gnu/libc.so.6+0x2dc82) #9 0x0000000003ef4a78 llvm::SmallVectorBase::grow_pod(void*, unsigned long, unsigned long) /home/stly/Documents/llvm/llvm-5.0/lib/Support/SmallVector.cpp:38:0 #10 0x0000000001e8add0 llvm::SmallVectorTemplateCommon<char, void>::grow_pod(unsigned long, unsigned long) /home/stly/Documents/llvm/llvm-5.0/include/llvm/ADT/SmallVector.h:83:0 #11 0x0000000001e89512 llvm::SmallVectorTemplateBase<char, true>::grow(unsigned long) /home/stly/Documents/llvm/llvm-5.0/include/llvm/ADT/SmallVector.h:303:0 #12 0x0000000001e873f6 void llvm::SmallVectorImpl<char>::append<char const*, void>(char const*, char const*) /home/stly/Documents/llvm/llvm-5.0/include/llvm/ADT/SmallVector.h:402:0 #13 0x0000000003f3a1e0 llvm::raw_svector_ostream::write_impl(char const*, unsigned long) /home/stly/Documents/llvm/llvm-5.0/lib/Support/raw_ostream.cpp:769:0 #14 0x0000000003f3868a llvm::raw_ostream::write(char const*, unsigned long) /home/stly/Documents/llvm/llvm-5.0/lib/Support/raw_ostream.cpp:225:0 #15 0x0000000002653527 llvm::raw_ostream::operator<<(llvm::SmallVectorImpl<char> const&) /home/stly/Documents/llvm/llvm-5.0/include/llvm/Support/raw_ostream.h:195:0 #16 0x0000000003f2a5a5 llvm::Twine::printOneChild(llvm::raw_ostream&, llvm::Twine::Child, llvm::Twine::NodeKind) const /home/stly/Documents/llvm/llvm-5.0/lib/Support/Twine.cpp:76:0 #17 0x0000000003f2aa4b llvm::Twine::print(llvm::raw_ostream&) const /home/stly/Documents/llvm/llvm-5.0/lib/Support/Twine.cpp:166:0 #18 0x0000000003f2a53e llvm::Twine::printOneChild(llvm::raw_ostream&, llvm::Twine::Child, llvm::Twine::NodeKind) const /home/stly/Documents/llvm/llvm-5.0/lib/Support/Twine.cpp:64:0 #19 0x0000000003f2aa24 llvm::Twine::print(llvm::raw_ostream&) const /home/stly/Documents/llvm/llvm-5.0/lib/Support/Twine.cpp:165:0 #20 0x0000000003f2a309 llvm::Twine::toVector(llvm::SmallVectorImpl<char>&) const /home/stly/Documents/llvm/llvm-5.0/lib/Support/Twine.cpp:33:0 #21 0x0000000003868da5 llvm::Twine::toStringRef(llvm::SmallVectorImpl<char>&) const /home/stly/Documents/llvm/llvm-5.0/include/llvm/ADT/Twine.h:467:0 #22 0x0000000003f2a271 llvm::Twine::str[abi:cxx11]() const /home/stly/Documents/llvm/llvm-5.0/lib/Support/Twine.cpp:29:0 #23 0x00007fddf9765e78 llvm::DOTGraphTraits<llvm::Function const*>::getEdgeAttributes[abi:cxx11](llvm::BasicBlock const*, llvm::TerminatorInst::SuccIterator<llvm::TerminatorInst const*, llvm::BasicBlock const>, llvm::Function const*) /home/stly/Documents/binutils-gdb/build/installed/include/llvm/Analysis/CFGPrinter.h:176:18 #24 0x00007fddf976544f llvm::GraphWriter<llvm::Function const*>::writeEdge(llvm::BasicBlock const*, unsigned int, llvm::TerminatorInst::SuccIterator<llvm::TerminatorInst const*, llvm::BasicBlock const>) /home/stly/Documents/binutils-gdb/build/installed/include/llvm/Support/GraphWriter.h:253:7 #25 0x00007fddf9765151 llvm::GraphWriter<llvm::Function const*>::writeNode(llvm::BasicBlock const*) /home/stly/Documents/binutils-gdb/build/installed/include/llvm/Support/GraphWriter.h:230:5 #26 0x00007fddf9764893 llvm::ilist_node_base<true>::getNext() const /home/stly/Documents/binutils-gdb/build/installed/include/llvm/ADT/ilist_node_base.h:44:45 #27 0x00007fddf9764893 llvm::ilist_node_impl<llvm::ilist_detail::node_options<llvm::BasicBlock, true, false, void> >::getNext() const /home/stly/Documents/binutils-gdb/build/installed/include/llvm/ADT/ilist_node.h:75:0 #28 0x00007fddf9764893 llvm::ilist_iterator<llvm::ilist_detail::node_options<llvm::BasicBlock, true, false, void>, false, true>::operator++() /home/stly/Documents/binutils-gdb/build/installed/include/llvm/ADT/ilist_iterator.h:159:0 #29 0x00007fddf9764893 llvm::simple_ilist<llvm::BasicBlock>::begin() const /home/stly/Documents/binutils-gdb/build/installed/include/llvm/ADT/simple_ilist.h:119:0 #30 0x00007fddf9764893 llvm::Function::begin() const /home/stly/Documents/binutils-gdb/build/installed/include/llvm/IR/Function.h:581:0 #31 0x00007fddf9764893 llvm::GraphTraits<llvm::Function const*>::nodes_begin(llvm::Function const*) /home/stly/Documents/binutils-gdb/build/installed/include/llvm/IR/CFG.h:236:0 #32 0x00007fddf9764893 llvm::iterator_range<llvm::GraphTraits<llvm::Function const*>::nodes_iterator> llvm::nodes<llvm::Function const*>(llvm::Function const* const&) /home/stly/Documents/binutils-gdb/build/installed/include/llvm/ADT/GraphTraits.h:90:0 #33 0x00007fddf9764893 llvm::GraphWriter<llvm::Function const*>::writeNodes() /home/stly/Documents/binutils-gdb/build/installed/include/llvm/Support/GraphWriter.h:156:0 #34 0x00007fddf9764893 llvm::GraphWriter<llvm::Function const*>::writeGraph(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) /home/stly/Documents/binutils-gdb/build/installed/include/llvm/Support/GraphWriter.h:119:0 #35 0x00007fddf97633f9 std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_data() const /usr/lib/gcc/x86_64-linux-gnu/5.4.0/../../../../include/c++/5.4.0/bits/basic_string.h:135:28 #36 0x00007fddf97633f9 std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_is_local() const /usr/lib/gcc/x86_64-linux-gnu/5.4.0/../../../../include/c++/5.4.0/bits/basic_string.h:170:0 #37 0x00007fddf97633f9 std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_dispose() /usr/lib/gcc/x86_64-linux-gnu/5.4.0/../../../../include/c++/5.4.0/bits/basic_string.h:179:0 #38 0x00007fddf97633f9 std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::~basic_string() /usr/lib/gcc/x86_64-linux-gnu/5.4.0/../../../../include/c++/5.4.0/bits/basic_string.h:543:0 #39 0x00007fddf97633f9 llvm::raw_ostream& llvm::WriteGraph<llvm::Function const*>(llvm::raw_ostream&, llvm::Function const* const&, bool, llvm::Twine const&) /home/stly/Documents/binutils-gdb/build/installed/include/llvm/Support/GraphWriter.h:316:0 #40 0x00007fddf97633f9 (anonymous namespace)::AFLCoverage::runOnModule(llvm::Module&) /home/stly/Documents/TargetFuzz/tools/aflgo/llvm_mode/afl-llvm-pass.so.cc:396:0 #41 0x000000000384dcd6 (anonymous namespace)::MPPassManager::runOnModule(llvm::Module&) /home/stly/Documents/llvm/llvm-5.0/lib/IR/LegacyPassManager.cpp:1591:0 #42 0x000000000384e3eb llvm::legacy::PassManagerImpl::run(llvm::Module&) /home/stly/Documents/llvm/llvm-5.0/lib/IR/LegacyPassManager.cpp:1694:0 #43 0x000000000384e5f7 llvm::legacy::PassManager::run(llvm::Module&) /home/stly/Documents/llvm/llvm-5.0/lib/IR/LegacyPassManager.cpp:1726:0 #44 0x000000000420a2bf (anonymous namespace)::EmitAssemblyHelper::EmitAssembly(clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >) /home/stly/Documents/llvm/llvm-5.0/tools/clang/lib/CodeGen/BackendUtil.cpp:784:0 #45 0x000000000420c4d2 clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::DataLayout const&, llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >) /home/stly/Documents/llvm/llvm-5.0/tools/clang/lib/CodeGen/BackendUtil.cpp:1134:0 #46 0x0000000004d531b3 clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) /home/stly/Documents/llvm/llvm-5.0/tools/clang/lib/CodeGen/CodeGenAction.cpp:263:0 #47 0x0000000005a660ff clang::ParseAST(clang::Sema&, bool, bool) /home/stly/Documents/llvm/llvm-5.0/tools/clang/lib/Parse/ParseAST.cpp:161:0 #48 0x0000000004858207 clang::ASTFrontendAction::ExecuteAction() /home/stly/Documents/llvm/llvm-5.0/tools/clang/lib/Frontend/FrontendAction.cpp:1004:0 #49 0x0000000004d50f76 clang::CodeGenAction::ExecuteAction() /home/stly/Documents/llvm/llvm-5.0/tools/clang/lib/CodeGen/CodeGenAction.cpp:993:0 #50 0x0000000004857c1c clang::FrontendAction::Execute() /home/stly/Documents/llvm/llvm-5.0/tools/clang/lib/Frontend/FrontendAction.cpp:906:0 #51 0x00000000047f5526 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /home/stly/Documents/llvm/llvm-5.0/tools/clang/lib/Frontend/CompilerInstance.cpp:981:0 #52 0x00000000049a19bd clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /home/stly/Documents/llvm/llvm-5.0/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:251:0 #53 0x0000000001e8def4 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /home/stly/Documents/llvm/llvm-5.0/tools/clang/tools/driver/cc1_main.cpp:221:0 #54 0x0000000001e83105 ExecuteCC1Tool(llvm::ArrayRef<char const*>, llvm::StringRef) /home/stly/Documents/llvm/llvm-5.0/tools/clang/tools/driver/driver.cpp:306:0 #55 0x0000000001e83d23 main /home/stly/Documents/llvm/llvm-5.0/tools/clang/tools/driver/driver.cpp:387:0 #56 0x00007fddf8098830 __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:325:0 #57 0x0000000001e80719 _start (/home/stly/Documents/binutils-gdb/build/installed/bin/clang-5.0+0x1e80719) Stack dump: 0. Program arguments: /home/stly/Documents/binutils-gdb/build/installed/bin/clang-5.0 -cc1 -triple x86_64-unknown-linux-gnu -emit-llvm-bc -flto -flto-unit -disable-free -main-file-name getndelim2.c -mrelocation-model static -mthread-model posix -fmath-errno -masm-verbose -mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64 -momit-leaf-frame-pointer -dwarf-column-info -debug-info-kind=limited -dwarf-version=4 -debugger-tuning=gdb -coverage-notes-file /home/stly/Documents/TargetFuzz/Benchmark/LAVA-M/base64/coreutils-8.24-lava-safe/lib/getndelim2.gcno -resource-dir /home/stly/Documents/binutils-gdb/build/installed/lib/clang/5.0.0 -dependency-file lib/.deps/getndelim2.Tpo -sys-header-deps -MP -MT lib/getndelim2.o -I . -I ./lib -I lib -I ./lib -I src -I ./src -D __AFL_HAVE_MANUAL_CONTROL=1 -D __AFL_COMPILER=1 -D FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION=1 -D __AFL_LOOP(_A)=({ static volatile char *_B __attribute__((used)); _B = (char*)"##SIG_AFL_PERSISTENT##"; __attribute__((visibility("default"))) int _L(unsigned int) __asm__("__afl_persistent_loop"); _L(_A); }) -D __AFL_INIT()=do { static volatile char *_A __attribute__((used)); _A = (char*)"##SIG_AFL_DEFER_FORKSRV##"; __attribute__((visibility("default"))) void _I(void) __asm__("__afl_manual_init"); _I(); } while (0) -internal-isystem /usr/local/include -internal-isystem /home/stly/Documents/binutils-gdb/build/installed/lib/clang/5.0.0/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O3 -fdebug-compilation-dir /home/stly/Documents/TargetFuzz/Benchmark/LAVA-M/base64/coreutils-8.24-lava-safe -ferror-limit 19 -fmessage-length 97 -funroll-loops -fobjc-runtime=gcc -fdiagnostics-show-option -fcolor-diagnostics -vectorize-loops -vectorize-slp -load /home/stly/Documents/TargetFuzz/tools/aflgo/afl-llvm-pass.so -mllvm -targets=/home/stly/Documents/TargetFuzz/Benchmark/LAVA-M/base64/coreutils-8.24-lava-safe/AFLGO_TEMP/bbtargets.txt -mllvm -outdir=/home/stly/Documents/TargetFuzz/Benchmark/LAVA-M/base64/coreutils-8.24-lava-safe/AFLGO_TEMP -o lib/getndelim2.o -x c lib/getndelim2.c 1. <eof> parser at end of file 2. Per-module optimization passes 3. Running pass 'Unnamed pass: implement Pass::getPassName()' on module 'lib/getndelim2.c'. clang-5.0: error: unable to execute command: Aborted clang-5.0: error: clang frontend command failed due to signal (use -v to see invocation) clang version 5.0.0 (tags/RELEASE_500/final) Target: x86_64-unknown-linux-gnu Thread model: posix InstalledDir: /home/stly/Documents/binutils-gdb/build/installed/bin clang-5.0: note: diagnostic msg: PLEASE submit a bug report to http://llvm.org/bugs/ and include the crash backtrace, preprocessed source, and associated run script.
May I ask if your LAVA-M test passed, you can share the process, thank you.
We are aware of this problem and are currently working on a solution.
This is the problematic line:
#40 0x00007fddf97633f9 (anonymous namespace)::AFLCoverage::runOnModule(llvm::Module&) /home/stly/Documents/TargetFuzz/tools/aflgo/llvm_mode/afl-llvm-pass.so.cc:396:0
The LLVM GraphWriter crashes in some (deterministic) cases when AFLGo asks it to print a function's CFG into a dot-file.
Hello, I would like to know if the LAVA data set problem has been resolved, whether there is a way to use, thank you
@LingXinL Can you check with the most recent version? PR #55 might have resolved the LLVM GraphWriter crashes.
Closing this. Feel free to reopen if this is still a problem.
I want to test the AFLGO using LAVA-M benchmark, but it can not wok.