Hi
I am using SanitizerCoverage feature supported by clang to get the
basicblock coverage.
my tested binaries are spec cpu2006. I compiled the binary with the option
COPTIMIZE = -O0 -fsanitize=address -fsanitize-coverage=bb -flto
-fno-strict-aliasing -std=gnu89 -gdwarf-3
After the compiling process is end. I run the 400.perlbench. with the
command
ASAN_OPTIONS=coverage=1 ./perlbench. However, the AddressSanitizer detect
the global buffer overflow and I could not run the perlbench properly.
Is there anything wrong or I missed some configurations? I just want to
compile the binaries with instrumented coverage information so that I can
calculate the bb coverage. Many Thanks
==17619==ERROR: AddressSanitizer: global-buffer-overflow on address
0x000000b46465 at pc 0x00000049ffcd bp 0x7fff4f265ec0 sp 0x7fff4f265670
READ of size 6 at 0x000000b46465 thread T0
#0 0x49ffcc in __interceptor_memcmp.part.75
/home/jmh/Downloads/llvm-4/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:690
#1 0x6843a0 in PerlIO_find_layer
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:751:6
#2 0x6869fc in PerlIO_default_buffer
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1015:32
#3 0x683f13 in PerlIO_default_layers
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1113:6
#4 0x691cff in PerlIO_resolve_layers
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1433:26
#5 0x690ef3 in PerlIO_openn
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1519:15
#6 0x6907a1 in PerlIO_fdopen
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:4745:12
#7 0x6906e8 in PerlIO_stdstreams
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1150:2
#8 0x6946ef in Perl_PerlIO_stdin
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:4686:2
#9 0x66a465 in S_open_script
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perl.c:3348:12
#10 0x65f01d in S_parse_body
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perl.c:1718:5
#11 0x65b5b9 in perl_parse
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perl.c:1312:2
#12 0x696dd2 in main
/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlmain.c:96:18
#13 0x7f169601082f in __libc_start_main
/build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291
#14 0x41bc58 in _start
(/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlbench+0x41bc58)
0x000000b46465 is located 0 bytes to the right of global variable
'<string
literal>' defined in 'perlio.c:2566:5' (0xb46460) of size 5
'<string literal>' is ascii string 'unix'
SUMMARY: AddressSanitizer: global-buffer-overflow
/home/jmh/Downloads/llvm-4/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:690
in __interceptor_memcmp.part.75
Shadow bytes around the buggy address:
0x000080160c30: 00 00 00 00 05 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
0x000080160c40: 06 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 04 f9 f9 f9
0x000080160c50: f9 f9 f9 f9 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9
0x000080160c60: 00 00 00 00 00 00 00 00 06 f9 f9 f9 f9 f9 f9 f9
0x000080160c70: 00 00 00 00 00 00 01 f9 f9 f9 f9 f9 00 00 00 00
=>0x000080160c80: 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00[05]f9 f9 f9
0x000080160c90: f9 f9 f9 f9 00 00 00 00 03 f9 f9 f9 f9 f9 f9 f9
0x000080160ca0: 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
0x000080160cb0: 06 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 07 f9 f9 f9
0x000080160cc0: f9 f9 f9 f9 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9
0x000080160cd0: 00 00 00 00 05 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==17619==ABORTING
Regards
Muhui
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.llvm.org/pipermail/llvm-dev/attachments/20180905/da2378b4/attachment-0001.html>
Alexander Potapenko via llvm-dev
2018-Sep-05 10:57 UTC
[llvm-dev] AddressSanitizer on SPECCPU2006
This is a known problem in SPECCPU2006, see https://github.com/google/sanitizers/wiki/AddressSanitizerFoundBugs On Wed, Sep 5, 2018 at 7:36 AM Muhui Jiang via llvm-dev <llvm-dev at lists.llvm.org> wrote:> > Hi > > I am using SanitizerCoverage feature supported by clang to get the basicblock coverage. > > my tested binaries are spec cpu2006. I compiled the binary with the option > COPTIMIZE = -O0 -fsanitize=address -fsanitize-coverage=bb -flto -fno-strict-aliasing -std=gnu89 -gdwarf-3 > > After the compiling process is end. I run the 400.perlbench. with the command > ASAN_OPTIONS=coverage=1 ./perlbench. However, the AddressSanitizer detect the global buffer overflow and I could not run the perlbench properly. > > Is there anything wrong or I missed some configurations? I just want to compile the binaries with instrumented coverage information so that I can calculate the bb coverage. Many Thanks > > > ==17619==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000000b46465 at pc 0x00000049ffcd bp 0x7fff4f265ec0 sp 0x7fff4f265670 > > READ of size 6 at 0x000000b46465 thread T0 > > #0 0x49ffcc in __interceptor_memcmp.part.75 /home/jmh/Downloads/llvm-4/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:690 > > #1 0x6843a0 in PerlIO_find_layer /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:751:6 > > #2 0x6869fc in PerlIO_default_buffer /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1015:32 > > #3 0x683f13 in PerlIO_default_layers /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1113:6 > > #4 0x691cff in PerlIO_resolve_layers /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1433:26 > > #5 0x690ef3 in PerlIO_openn /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1519:15 > > #6 0x6907a1 in PerlIO_fdopen /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:4745:12 > > #7 0x6906e8 in PerlIO_stdstreams /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1150:2 > > #8 0x6946ef in Perl_PerlIO_stdin /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:4686:2 > > #9 0x66a465 in S_open_script /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perl.c:3348:12 > > #10 0x65f01d in S_parse_body /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perl.c:1718:5 > > #11 0x65b5b9 in perl_parse /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perl.c:1312:2 > > #12 0x696dd2 in main /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlmain.c:96:18 > > #13 0x7f169601082f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291 > > #14 0x41bc58 in _start (/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlbench+0x41bc58) > > > 0x000000b46465 is located 0 bytes to the right of global variable '<string literal>' defined in 'perlio.c:2566:5' (0xb46460) of size 5 > > '<string literal>' is ascii string 'unix' > > SUMMARY: AddressSanitizer: global-buffer-overflow /home/jmh/Downloads/llvm-4/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:690 in __interceptor_memcmp.part.75 > > Shadow bytes around the buggy address: > > 0x000080160c30: 00 00 00 00 05 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 > > 0x000080160c40: 06 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 04 f9 f9 f9 > > 0x000080160c50: f9 f9 f9 f9 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 > > 0x000080160c60: 00 00 00 00 00 00 00 00 06 f9 f9 f9 f9 f9 f9 f9 > > 0x000080160c70: 00 00 00 00 00 00 01 f9 f9 f9 f9 f9 00 00 00 00 > > =>0x000080160c80: 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00[05]f9 f9 f9 > > 0x000080160c90: f9 f9 f9 f9 00 00 00 00 03 f9 f9 f9 f9 f9 f9 f9 > > 0x000080160ca0: 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 > > 0x000080160cb0: 06 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 07 f9 f9 f9 > > 0x000080160cc0: f9 f9 f9 f9 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 > > 0x000080160cd0: 00 00 00 00 05 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 > > Shadow byte legend (one shadow byte represents 8 application bytes): > > Addressable: 00 > > Partially addressable: 01 02 03 04 05 06 07 > > Heap left redzone: fa > > Freed heap region: fd > > Stack left redzone: f1 > > Stack mid redzone: f2 > > Stack right redzone: f3 > > Stack after return: f5 > > Stack use after scope: f8 > > Global redzone: f9 > > Global init order: f6 > > Poisoned by user: f7 > > Container overflow: fc > > Array cookie: ac > > Intra object redzone: bb > > ASan internal: fe > > Left alloca redzone: ca > > Right alloca redzone: cb > > ==17619==ABORTING > > > > Regards > > Muhui > _______________________________________________ > LLVM Developers mailing list > llvm-dev at lists.llvm.org > http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev-- Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
Hi If so, is it able to disable this check. All I need is just to get the BB coverage information Regards Muhui Alexander Potapenko <glider at google.com>于2018年9月5日 周三下午6:57写道:> This is a known problem in SPECCPU2006, see > https://github.com/google/sanitizers/wiki/AddressSanitizerFoundBugs > On Wed, Sep 5, 2018 at 7:36 AM Muhui Jiang via llvm-dev > <llvm-dev at lists.llvm.org> wrote: > > > > Hi > > > > I am using SanitizerCoverage feature supported by clang to get the > basicblock coverage. > > > > my tested binaries are spec cpu2006. I compiled the binary with the > option > > COPTIMIZE = -O0 -fsanitize=address -fsanitize-coverage=bb -flto > -fno-strict-aliasing -std=gnu89 -gdwarf-3 > > > > After the compiling process is end. I run the 400.perlbench. with the > command > > ASAN_OPTIONS=coverage=1 ./perlbench. However, the AddressSanitizer > detect the global buffer overflow and I could not run the perlbench > properly. > > > > Is there anything wrong or I missed some configurations? I just want to > compile the binaries with instrumented coverage information so that I can > calculate the bb coverage. Many Thanks > > > > > > ==17619==ERROR: AddressSanitizer: global-buffer-overflow on address > 0x000000b46465 at pc 0x00000049ffcd bp 0x7fff4f265ec0 sp 0x7fff4f265670 > > > > READ of size 6 at 0x000000b46465 thread T0 > > > > #0 0x49ffcc in __interceptor_memcmp.part.75 > /home/jmh/Downloads/llvm-4/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:690 > > > > #1 0x6843a0 in PerlIO_find_layer > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:751:6 > > > > #2 0x6869fc in PerlIO_default_buffer > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1015:32 > > > > #3 0x683f13 in PerlIO_default_layers > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1113:6 > > > > #4 0x691cff in PerlIO_resolve_layers > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1433:26 > > > > #5 0x690ef3 in PerlIO_openn > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1519:15 > > > > #6 0x6907a1 in PerlIO_fdopen > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:4745:12 > > > > #7 0x6906e8 in PerlIO_stdstreams > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:1150:2 > > > > #8 0x6946ef in Perl_PerlIO_stdin > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlio.c:4686:2 > > > > #9 0x66a465 in S_open_script > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perl.c:3348:12 > > > > #10 0x65f01d in S_parse_body > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perl.c:1718:5 > > > > #11 0x65b5b9 in perl_parse > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perl.c:1312:2 > > > > #12 0x696dd2 in main > /home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlmain.c:96:18 > > > > #13 0x7f169601082f in __libc_start_main > /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:291 > > > > #14 0x41bc58 in _start > (/home/jmh/Downloads/spec2006_v1.2/benchspec/CPU2006/400.perlbench/build/build_base_elf-64bit.0000/perlbench+0x41bc58) > > > > > > 0x000000b46465 is located 0 bytes to the right of global variable > '<string literal>' defined in 'perlio.c:2566:5' (0xb46460) of size 5 > > > > '<string literal>' is ascii string 'unix' > > > > SUMMARY: AddressSanitizer: global-buffer-overflow > /home/jmh/Downloads/llvm-4/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:690 > in __interceptor_memcmp.part.75 > > > > Shadow bytes around the buggy address: > > > > 0x000080160c30: 00 00 00 00 05 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 > > > > 0x000080160c40: 06 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 04 f9 f9 f9 > > > > 0x000080160c50: f9 f9 f9 f9 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 > > > > 0x000080160c60: 00 00 00 00 00 00 00 00 06 f9 f9 f9 f9 f9 f9 f9 > > > > 0x000080160c70: 00 00 00 00 00 00 01 f9 f9 f9 f9 f9 00 00 00 00 > > > > =>0x000080160c80: 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00[05]f9 f9 f9 > > > > 0x000080160c90: f9 f9 f9 f9 00 00 00 00 03 f9 f9 f9 f9 f9 f9 f9 > > > > 0x000080160ca0: 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 > > > > 0x000080160cb0: 06 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 07 f9 f9 f9 > > > > 0x000080160cc0: f9 f9 f9 f9 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 > > > > 0x000080160cd0: 00 00 00 00 05 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 > > > > Shadow byte legend (one shadow byte represents 8 application bytes): > > > > Addressable: 00 > > > > Partially addressable: 01 02 03 04 05 06 07 > > > > Heap left redzone: fa > > > > Freed heap region: fd > > > > Stack left redzone: f1 > > > > Stack mid redzone: f2 > > > > Stack right redzone: f3 > > > > Stack after return: f5 > > > > Stack use after scope: f8 > > > > Global redzone: f9 > > > > Global init order: f6 > > > > Poisoned by user: f7 > > > > Container overflow: fc > > > > Array cookie: ac > > > > Intra object redzone: bb > > > > ASan internal: fe > > > > Left alloca redzone: ca > > > > Right alloca redzone: cb > > > > ==17619==ABORTING > > > > > > > > Regards > > > > Muhui > > _______________________________________________ > > LLVM Developers mailing list > > llvm-dev at lists.llvm.org > > http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev > > > > -- > Alexander Potapenko > Software Engineer > > Google Germany GmbH > Erika-Mann-Straße, 33 > 80636 München > > Geschäftsführer: Paul Manicle, Halimah DeLaine Prado > Registergericht und -nummer: Hamburg, HRB 86891 > Sitz der Gesellschaft: Hamburg >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20180905/7f538d6f/attachment.html>