search

lifting-bits / mcsema

Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode
https://www.trailofbits.com/expertise/mcsema
GNU Affero General Public License v3.0
2.65k stars 343 forks source link

Fail to build KLEE Maze example #569

Open sunlv opened 5 years ago

sunlv commented 5 years ago

HI, I tried to run build_klee.sh(ubunutu 16.04), and I got this error: "Remote branch llvm_39 not found in upstream origin",

If I deleted the branch information, I got the error at end of this process: "CMake Error at /home/wangsl/data/klee_ws/remill-build/libraries/llvm/lib/cmake/llvm/LLVM-Config.cmake:203 (message): Library `jit' not found in list of llvm libraries."

I tried to use the lastest KLEE (2.0), it succeed. but when i run klee on maze.bc, I got the error: 0 klee 0x0000000001339e38 llvm::sys::PrintStackTrace(llvm::raw_ostream&) + 56 1 klee 0x0000000001337e0e llvm::sys::RunSignalHandlers() + 62 2 klee 0x0000000001337f5c 3 libpthread.so.0 0x00007f48e44bc390 4 klee 0x00000000012417eb llvm::Value::stripInBoundsOffsets() + 27 5 klee 0x00000000011e29fd llvm::GlobalValue::getAlignment() const + 45 6 klee 0x000000000119a3a7 llvm::ConstantFoldBinaryInstruction(unsigned int, llvm::Constant, llvm::Constant) + 1015 7 klee 0x00000000011b454f llvm::ConstantExpr::get(unsigned int, llvm::Constant, llvm::Constant, unsigned int, llvm::Type) + 47 8 klee 0x00000000011b4f34 llvm::ConstantExpr::handleOperandChangeImpl(llvm::Value, llvm::Value) + 324 9 klee 0x00000000011b52e5 llvm::Constant::handleOperandChange(llvm::Value, llvm::Value) + 101 10 klee 0x00000000012453f8 llvm::Value::replaceAllUsesWith(llvm::Value) + 104 11 klee 0x00000000011b52c5 llvm::Constant::handleOperandChange(llvm::Value, llvm::Value) + 69 12 klee 0x00000000012453f8 llvm::Value::replaceAllUsesWith(llvm::Value) + 104 13 klee 0x0000000000aaaa09 14 klee 0x0000000000f0b58c 15 klee 0x0000000000f11531 llvm::ValueMapper::mapValue(llvm::Value const&) + 17 16 klee 0x0000000000aa73d4 17 klee 0x0000000000aa8e89 llvm::IRMover::move(std::unique_ptr<llvm::Module, std::default_delete >, llvm::ArrayRef<llvm::GlobalValue>, std::function<void (llvm::GlobalValue&, std::function<void (llvm::GlobalValue&)>)>) + 1721 18 klee 0x0000000000a9e6d7 19 klee 0x0000000000a9f1de llvm::Linker::linkInModule(std::unique_ptr<llvm::Module, std::default_delete >, unsigned int, llvm::DenseSet<llvm::GlobalValue const, llvm::DenseMapInfo<llvm::GlobalValue const> >*) + 270 20 klee 0x0000000000a9f392 llvm::Linker::linkModules(llvm::Module&, std::unique_ptr<llvm::Module, std::default_delete >, unsigned int) + 82 21 klee 0x0000000000a20740 22 klee 0x0000000000a1fbec klee::linkModules(std::vector<std::unique_ptr<llvm::Module, std::default_delete >, std::allocator<std::unique_ptr<llvm::Module, std::default_delete > > >&, llvm::StringRef, std::cxx11::basic_string<char, std::char_traits, std::allocator >&) + 2284 23 klee 0x0000000000a1be48 klee::KModule::link(std::vector<std::unique_ptr<llvm::Module, std::default_delete >, std::allocator<std::unique_ptr<llvm::Module, std::default_delete > > >&, std::cxx11::basic_string<char, std::char_traits, std::allocator > const&) + 120 24 klee 0x00000000005f646b klee::Executor::setModule(std::vector<std::unique_ptr<llvm::Module, std::default_delete >, std::allocator<std::unique_ptr<llvm::Module, std::default_delete > > >&, klee::Interpreter::ModuleOptions const&) + 747 25 klee 0x00000000005f078b main + 7099 26 libc.so.6 0x00007f48e3860830 __libc_start_main + 240 27 klee 0x00000000005ebc89 _start + 41 Segmentation fault (core dumped)

Any idea about how to fix it?

pgoodman commented 5 years ago

Can you submit a PR with your fixes to build_klee.sh?

Besides that, my best guess is that the version of remill's LLVM isn't matching the one used by KLEE. If you can figure out what version KLEE is using, or find a way to force it to use the LLVM the remill-build/libraries dir, then that could be helpful.

sunlv commented 5 years ago

Hi, Thanks for your reply! I will submit the pr later. The only difference is that I deleted the "-branch llvm_39" from git clone command in the build_klee.sh. In fact, when I ran "git branch -a" in KLEE, the output showed that no branch named "llvm_39".

The replaced KLEE version is 2.0, I have installed no other version LLVM besides the remill-build/libraries, and it built succeed. So I guess that there are some differences between 2.0 and the original version(maybe 1.2).

pgoodman commented 4 years ago

@sunlv Can you submit that PR? Thanks!