Hi,
We tried running softboundcets-34 with fuzzer-test-suite challenges. These are the steps that we followed:
1)We installed and built softboundcets-34
2)Installed and built fuzzer-test-suite
3)Ran the challenge: proj4-2017-08-14 with softboundcets by including the flag -fsoftboundcets in the CXX flags (attached file common.sh) using the following command.
./proj4-2017-08-14/build.sh
4)We got the following error on executing the above command
Building with afl
clang: warning: argument unused during compilation: '-debug-pass=Arguments'
clang: SoftBoundCETS.cpp:4653: void SoftBoundCETSPass::gatherBaseBoundPass1(llvm::Function *): Assertion `!isa<PointerType>(v1->getType())&& " Generating Pointer and not being handled"' failed.
0 clang 0x00000000033b7c29 llvm::sys::PrintStackTrace(_IO_FILE*) + 41
1 clang 0x00000000033b7e9b
2 clang 0x00000000033b80fd
3 libpthread.so.0 0x00007f43daf08390
4 libc.so.6 0x00007f43d9e94428 gsignal + 56
5 libc.so.6 0x00007f43d9e9602a abort + 362
6 libc.so.6 0x00007f43d9e8cbd7
7 libc.so.6 0x00007f43d9e8cc82
8 clang 0x000000000209417a SoftBoundCETSPass::gatherBaseBoundPass1(llvm::Function*) + 2586
9 clang 0x000000000209650e SoftBoundCETSPass::runOnModule(llvm::Module&) + 830
10 clang 0x00000000033205ec
11 clang 0x0000000003320225 llvm::legacy::PassManagerImpl::run(llvm::Module&) + 293
12 clang 0x0000000003320a71 llvm::legacy::PassManager::run(llvm::Module&) + 33
13 clang 0x0000000000bc2f2e
14 clang 0x0000000000bc2a61 clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::Module*, clang::BackendAction, llvm::raw_ostream*) + 97
15 clang 0x0000000000bc038a
16 clang 0x0000000000e11d94 clang::ParseAST(clang::Sema&, bool, bool) + 740
17 clang 0x00000000009188a1 clang::ASTFrontendAction::ExecuteAction() + 337
18 clang 0x0000000000bbf52a clang::CodeGenAction::ExecuteAction() + 1210
19 clang 0x000000000091840a clang::FrontendAction::Execute() + 186
20 clang 0x00000000008e55a0 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) + 768
21 clang 0x00000000008ac25e clang::ExecuteCompilerInvocation(clang::CompilerInstance*) + 1038
22 clang 0x000000000089ba82 cc1_main(char const**, char const**, char const*, void*) + 658
23 clang 0x00000000008a660c main + 780
24 libc.so.6 0x00007f43d9e7f830 __libc_start_main + 240
25 clang 0x000000000089afd9 _start + 41
Stack dump:
0. Program arguments: /home/malathy/softboundcets-34/softboundcets-llvm-clang34/Debug+Asserts/bin/clang -cc1 -triple x86_64-unknown-linux-gnu -emit-obj -disable-free -main-file-name afl_driver.cpp -mrelocation-model static -mdisable-fp-elim -fmath-errno -masm-verbose -mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64 -target-linker-version 2.26.1 -momit-leaf-frame-pointer -g -coverage-file /home/malathy/fuzzer-test-suite/afl_driver.o -resource-dir /home/malathy/softboundcets-34/softboundcets-llvm-clang34/Debug+Asserts/bin/../lib/clang/3.4 -I ./Fuzzer -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/5.4.0/../../../../include/c++/5.4.0 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/5.4.0/../../../../include/c++/5.4.0/x86_64-linux-gnu -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/5.4.0/../../../../include/c++/5.4.0/backward -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/5.4.0/../../../../include/x86_64-linux-gnu/c++/5.4.0 -internal-isystem /usr/local/include -internal-isystem /home/malathy/softboundcets-34/softboundcets-llvm-clang34/Debug+Asserts/bin/../lib/clang/3.4/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -std=c++11 -fdeprecated-macro -fdebug-compilation-dir /home/malathy/fuzzer-test-suite -ferror-limit 19 -fmessage-length 143 -fsoftboundcets -mstackrealign -fobjc-runtime=gcc -fcxx-exceptions -fexceptions -fdiagnostics-show-option -fcolor-diagnostics -vectorize-loops -o afl_driver.o -x c++ ./Fuzzer/afl/afl_driver.cpp
1. <eof> parser at end of file
2. Per-module optimization passes
3. Running pass ' SoftBoundCETSPass' on module './Fuzzer/afl/afl_driver.cpp'.
clang: error: unable to execute command: Aborted (core dumped)
clang: error: clang frontend command failed due to signal (use -v to see invocation)
clang version 3.4 (branches/release_34)
Target: x86_64-unknown-linux-gnu
Thread model: posix
clang: note: diagnostic msg: PLEASE submit a bug report to http://llvm.org/bugs/ and include the crash backtrace, preprocessed source, and associated run script.
clang: note: diagnostic msg:
********************
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang: note: diagnostic msg: /tmp/afl_driver-29d832.cpp
clang: note: diagnostic msg: /tmp/afl_driver-29d832.sh
clang: note: diagnostic msg:
********************
ar: afl_driver.o: No such file or directory
clang: error: no such file or directory: 'BUILD/test/fuzzers/standard_fuzzer.cpp'
clang: error: no such file or directory: 'BUILD/src/.libs/libproj.a'
5)We ran softbounds with -O0 optimisation as that does not enable the SROA pass in LLVM
and we disabled vectorization by including the following two flags in FUZZ_CXXFLAGS in common.sh:-fno-slp-vectorize and -fno-vectorize.
We also changed the following in lib/Transforms/IPO/PassManagerBuilder.cpp to disable vectorisation
as we still found the following flag -vectorize-loops being used in the console output.
static cl::opt<bool>
RunLoopVectorization("vectorize-loops", cl::Hidden,
cl::desc("Run the Loop vectorization passes"));
to
static cl::opt<bool>
RunLoopVectorization("vectorize-loops", cl::Hidden, cl::init(false)
cl::desc("Run the Loop vectorization passes"));
6)Since we still got the same error, we tried disabling the SROA pass in LLVM by commenting FPM.add(createSROAPass()) in lib/Transforms/IPO/PassManagerBuilder.cpp to see if the compiler works for higher optimization levels(-O2).
-vectorize-loops still did not get disabled and we got the same error(console output attached) after following the above steps.
Hi, We tried running softboundcets-34 with fuzzer-test-suite challenges. These are the steps that we followed: 1)We installed and built softboundcets-34 2)Installed and built fuzzer-test-suite 3)Ran the challenge: proj4-2017-08-14 with softboundcets by including the flag -fsoftboundcets in the CXX flags (attached file common.sh) using the following command.
4)We got the following error on executing the above command
5)We ran softbounds with -O0 optimisation as that does not enable the SROA pass in LLVM and we disabled vectorization by including the following two flags in FUZZ_CXXFLAGS in common.sh:-fno-slp-vectorize and -fno-vectorize.
We also changed the following in lib/Transforms/IPO/PassManagerBuilder.cpp to disable vectorisation as we still found the following flag -vectorize-loops being used in the console output.
to
6)Since we still got the same error, we tried disabling the SROA pass in LLVM by commenting FPM.add(createSROAPass()) in lib/Transforms/IPO/PassManagerBuilder.cpp to see if the compiler works for higher optimization levels(-O2).
-vectorize-loops still did not get disabled and we got the same error(console output attached) after following the above steps.
softbound-files.zip