Discussion:
(no subject)
agan Davis
2014-05-07 00:51:06 UTC
Permalink
Hi everyone

when I test php.bc using klee , the error emerge below:

Terminator found in the middle of a basic block!
label %if.else.i.i
Broken module found, compilation aborted!
0 klee 0x0000000000fde322 llvm::sys::PrintStackTrace(_IO_FILE*)
+ 34
1 klee 0x0000000000fdd749
2 libpthread.so.0 0x00007f91e38fecb0
3 libc.so.6 0x00007f91e2b50425 gsignal + 53
4 libc.so.6 0x00007f91e2b53b8b abort + 379
5 klee 0x0000000000f8c958
6 klee 0x0000000000f9996d
7 klee 0x0000000000f71bcf
llvm::FPPassManager::runOnFunction(llvm::Function&) + 607
8 klee 0x0000000000f71c3b
llvm::FPPassManager::runOnModule(llvm::Module&) + 43
9 klee 0x0000000000f716d0
llvm::MPPassManager::runOnModule(llvm::Module&) + 688
10 klee 0x0000000000f718a5
llvm::PassManagerImpl::run(llvm::Module&) + 245
11 klee 0x00000000005f03cd llvm::Optimize(llvm::Module*) + 205
12 klee 0x00000000005ea3e2
klee::KModule::prepare(klee::Interpreter::ModuleOptions const&,
klee::InterpreterHandler*) + 3666
13 klee 0x000000000059fbd6
klee::Executor::setModule(llvm::Module*, klee::Interpreter::ModuleOptions
const&) + 214
14 klee 0x000000000057ed62 main + 3794
15 libc.so.6 0x00007f91e2b3b76d __libc_start_main + 237
16 klee 0x00000000005969e9
Stack dump:
0. Running pass 'Function Pass Manager' on module
'/home/davis/klee/test-targets/php/sapi/cli/php.bc'.
1. Running pass 'Module Verifier' on function '@sqlite3PagerSharedLock'
KLEE: watchdog exiting (no child)

Is the problem from llvm/clang version or object itself?
Paul Marinescu
2014-05-07 09:37:39 UTC
Permalink
Hi Agan,
I suspect something in the way you created php.bc . Are you using the same LLVM version as in KLEE? Are you running any custom passes (either in KLEE or via opt). Does llc php.bc (for example) work?

Paul
Post by agan Davis
Hi everyone
Terminator found in the middle of a basic block!
label %if.else.i.i
Broken module found, compilation aborted!
0 klee 0x0000000000fde322 llvm::sys::PrintStackTrace(_IO_FILE*) + 34
1 klee 0x0000000000fdd749
2 libpthread.so.0 0x00007f91e38fecb0
3 libc.so.6 0x00007f91e2b50425 gsignal + 53
4 libc.so.6 0x00007f91e2b53b8b abort + 379
5 klee 0x0000000000f8c958
6 klee 0x0000000000f9996d
7 klee 0x0000000000f71bcf llvm::FPPassManager::runOnFunction(llvm::Function&) + 607
8 klee 0x0000000000f71c3b llvm::FPPassManager::runOnModule(llvm::Module&) + 43
9 klee 0x0000000000f716d0 llvm::MPPassManager::runOnModule(llvm::Module&) + 688
10 klee 0x0000000000f718a5 llvm::PassManagerImpl::run(llvm::Module&) + 245
11 klee 0x00000000005f03cd llvm::Optimize(llvm::Module*) + 205
12 klee 0x00000000005ea3e2 klee::KModule::prepare(klee::Interpreter::ModuleOptions const&, klee::InterpreterHandler*) + 3666
13 klee 0x000000000059fbd6 klee::Executor::setModule(llvm::Module*, klee::Interpreter::ModuleOptions const&) + 214
14 klee 0x000000000057ed62 main + 3794
15 libc.so.6 0x00007f91e2b3b76d __libc_start_main + 237
16 klee 0x00000000005969e9
0. Running pass 'Function Pass Manager' on module '/home/davis/klee/test-targets/php/sapi/cli/php.bc'.
KLEE: watchdog exiting (no child)
Is the problem from llvm/clang version or object itself?
_______________________________________________
klee-dev mailing list
https://mailman.ic.ac.uk/mailman/listinfo/klee-dev
Paul Marinescu
2014-05-07 12:34:09 UTC
Permalink
Seems to be an LLVM issue. You should be able to get more help directly
from them (see
http://llvm.org/docs/HowToSubmitABug.html#code-generator-bugs).
Alternatively, try a different LLVM build/version.

Paul
Hi paul
I build klee on llvm3.3/clang3.3, and generating php.bc though clang3.3,
it should not be the reason of llvm verison. when I exe llc php.bc,
While deleting: metadata %
An asserting value handle still pointed to this value!
UNREACHABLE executed at /home/davis/klee/llvm/lib/IR/Value.cpp:633!
0 llc 0x0000000001174942
llvm::sys::PrintStackTrace(_IO_FILE*) + 34
1 llc 0x0000000001173d69
2 libpthread.so.0 0x00007f470677ecb0
3 libc.so.6 0x00007f47059d0425 gsignal + 53
4 libc.so.6 0x00007f47059d3b8b abort + 379
5 llc 0x000000000115c6dc
6 llc 0x000000000111d8c8
llvm::ValueHandleBase::ValueIsDeleted(llvm::Value*) + 3128
7 llc 0x000000000111e055 llvm::Value::~Value() + 597
8 llc 0x00000000010f96ff llvm::MDNode::destroy() + 15
9 llc 0x00000000010f3a4d
llvm::LLVMContextImpl::~LLVMContextImpl() + 2941
10 llc 0x00000000010f1a01 llvm::LLVMContext::~LLVMContext() + 17
11 llc 0x00000000010f24ae
12 llc 0x000000000116001e llvm::ManagedStaticBase::destroy()
const + 46
13 llc 0x0000000001160085 llvm::llvm_shutdown() + 21
14 llc 0x000000000055d3ce main + 382
15 libc.so.6 0x00007f47059bb76d __libc_start_main + 237
16 llc 0x000000000056f875
0.Program arguments: llc php.bc
Aborted (core dumped)
May be llvm3.3 exists bug in this point?
Hi Agan,
I suspect something in the way you created php.bc . Are you using
the same LLVM version as in KLEE? Are you running any custom passes
(either in KLEE or via opt). Does llc php.bc (for example) work?
Paul
Post by agan Davis
Hi everyone
Terminator found in the middle of a basic block!
label %if.else.i.i
Broken module found, compilation aborted!
0 klee 0x0000000000fde322
llvm::sys::PrintStackTrace(_IO_FILE*) + 34
Post by agan Davis
1 klee 0x0000000000fdd749
2 libpthread.so.0 0x00007f91e38fecb0
3 libc.so.6 0x00007f91e2b50425 gsignal + 53
4 libc.so.6 0x00007f91e2b53b8b abort + 379
5 klee 0x0000000000f8c958
6 klee 0x0000000000f9996d
7 klee 0x0000000000f71bcf
llvm::FPPassManager::runOnFunction(llvm::Function&) + 607
Post by agan Davis
8 klee 0x0000000000f71c3b
llvm::FPPassManager::runOnModule(llvm::Module&) + 43
Post by agan Davis
9 klee 0x0000000000f716d0
llvm::MPPassManager::runOnModule(llvm::Module&) + 688
Post by agan Davis
10 klee 0x0000000000f718a5
llvm::PassManagerImpl::run(llvm::Module&) + 245
Post by agan Davis
11 klee 0x00000000005f03cd
llvm::Optimize(llvm::Module*) + 205
Post by agan Davis
12 klee 0x00000000005ea3e2
klee::KModule::prepare(klee::Interpreter::ModuleOptions const&,
klee::InterpreterHandler*) + 3666
Post by agan Davis
13 klee 0x000000000059fbd6
klee::Executor::setModule(llvm::Module*,
klee::Interpreter::ModuleOptions const&) + 214
Post by agan Davis
14 klee 0x000000000057ed62 main + 3794
15 libc.so.6 0x00007f91e2b3b76d __libc_start_main + 237
16 klee 0x00000000005969e9
0. Running pass 'Function Pass Manager' on module
'/home/davis/klee/test-targets/php/sapi/cli/php.bc'.
Post by agan Davis
1. Running pass 'Module Verifier' on function
KLEE: watchdog exiting (no child)
Is the problem from llvm/clang version or object itself?
_______________________________________________
klee-dev mailing list
https://mailman.ic.ac.uk/mailman/listinfo/klee-dev
agan Davis
2014-05-07 12:41:58 UTC
Permalink
I try to change the llvm version(3.4), but I can't build llvm-obj of
php.bc, getting the error below:
"clang: error: -emit-llvm cannot be used when linking".

Best Regards.
Post by Paul Marinescu
Seems to be an LLVM issue. You should be able to get more help directly
from them (see http://llvm.org/docs/HowToSubmitABug.html#code-
generator-bugs). Alternatively, try a different LLVM build/version.
Paul
Hi paul
I build klee on llvm3.3/clang3.3, and generating php.bc though clang3.3,
it should not be the reason of llvm verison. when I exe llc php.bc,
While deleting: metadata %
An asserting value handle still pointed to this value!
UNREACHABLE executed at /home/davis/klee/llvm/lib/IR/Value.cpp:633!
0 llc 0x0000000001174942
llvm::sys::PrintStackTrace(_IO_FILE*) + 34
1 llc 0x0000000001173d69
2 libpthread.so.0 0x00007f470677ecb0
3 libc.so.6 0x00007f47059d0425 gsignal + 53
4 libc.so.6 0x00007f47059d3b8b abort + 379
5 llc 0x000000000115c6dc
6 llc 0x000000000111d8c8
llvm::ValueHandleBase::ValueIsDeleted(llvm::Value*) + 3128
7 llc 0x000000000111e055 llvm::Value::~Value() + 597
8 llc 0x00000000010f96ff llvm::MDNode::destroy() + 15
9 llc 0x00000000010f3a4d
llvm::LLVMContextImpl::~LLVMContextImpl() + 2941
10 llc 0x00000000010f1a01 llvm::LLVMContext::~LLVMContext() + 17
11 llc 0x00000000010f24ae
12 llc 0x000000000116001e llvm::ManagedStaticBase::destroy()
const + 46
13 llc 0x0000000001160085 llvm::llvm_shutdown() + 21
14 llc 0x000000000055d3ce main + 382
15 libc.so.6 0x00007f47059bb76d __libc_start_main + 237
16 llc 0x000000000056f875
0.Program arguments: llc php.bc
Aborted (core dumped)
May be llvm3.3 exists bug in this point?
Hi Agan,
I suspect something in the way you created php.bc . Are you using
the same LLVM version as in KLEE? Are you running any custom passes
(either in KLEE or via opt). Does llc php.bc (for example) work?
Paul
Post by agan Davis
Hi everyone
Terminator found in the middle of a basic block!
label %if.else.i.i
Broken module found, compilation aborted!
0 klee 0x0000000000fde322
llvm::sys::PrintStackTrace(_IO_FILE*) + 34
Post by agan Davis
1 klee 0x0000000000fdd749
2 libpthread.so.0 0x00007f91e38fecb0
3 libc.so.6 0x00007f91e2b50425 gsignal + 53
4 libc.so.6 0x00007f91e2b53b8b abort + 379
5 klee 0x0000000000f8c958
6 klee 0x0000000000f9996d
7 klee 0x0000000000f71bcf
llvm::FPPassManager::runOnFunction(llvm::Function&) + 607
Post by agan Davis
8 klee 0x0000000000f71c3b
llvm::FPPassManager::runOnModule(llvm::Module&) + 43
Post by agan Davis
9 klee 0x0000000000f716d0
llvm::MPPassManager::runOnModule(llvm::Module&) + 688
Post by agan Davis
10 klee 0x0000000000f718a5
llvm::PassManagerImpl::run(llvm::Module&) + 245
Post by agan Davis
11 klee 0x00000000005f03cd
llvm::Optimize(llvm::Module*) + 205
Post by agan Davis
12 klee 0x00000000005ea3e2
klee::KModule::prepare(klee::Interpreter::ModuleOptions const&,
klee::InterpreterHandler*) + 3666
Post by agan Davis
13 klee 0x000000000059fbd6
klee::Executor::setModule(llvm::Module*,
klee::Interpreter::ModuleOptions const&) + 214
Post by agan Davis
14 klee 0x000000000057ed62 main + 3794
15 libc.so.6 0x00007f91e2b3b76d __libc_start_main + 237
16 klee 0x00000000005969e9
0. Running pass 'Function Pass Manager' on module
'/home/davis/klee/test-targets/php/sapi/cli/php.bc'.
Post by agan Davis
1. Running pass 'Module Verifier' on function
KLEE: watchdog exiting (no child)
Is the problem from llvm/clang version or object itself?
_______________________________________________
klee-dev mailing list
https://mailman.ic.ac.uk/mailman/listinfo/klee-dev
Daniel Liew
2014-05-07 13:26:10 UTC
Permalink
When linking programs using LLVM I am aware of two main options:

* Use the Gold linker with the LLVM plugin[1] and pass the relevant
option to the linker (I think it's -also-emit-llvm or -emit-llvm)
* Use the hacky wllvm script [2]

[1] http://llvm.org/docs/GoldPlugin.html
[2] https://github.com/travitch/whole-program-llvm
Daniel Liew
2014-05-11 19:06:18 UTC
Permalink
Hi,

It looks like you've found a bug in the "OverShiftCheckPass" of which
I am the author :(.

This pass isn't essential to KLEE's operation so you can disable it
with the command line argument -check-overshift=0 as a temporary work
around.

Can you upload php.bc somewhere so I can try to reproduce the issue
and hopefully find a fix.

Which clang did you use? Did you build it from source against LLVM3.4
or did you use a pre-compiled binary? I have had issues before where I
accidentally used my distro's clang (Release build) with my debug
build of LLVM being used in KLEE so it may be related to this.

Thanks,
Dan
agan Davis
2014-05-15 00:58:57 UTC
Permalink
Hi everyone

when I test some objects, it comes across the problem below:

klee: ModuleUtil.cpp:435: llvm::Function*
klee::getDirectCallTarget(llvm::CallSite): Assertion `0 && "FIXME:
Unresolved direct target for a constant expression."' failed.
0 klee 0x0000000000fde322 llvm::sys::PrintStackTrace(_IO_FILE*)
+ 34
1 klee 0x0000000000fdd749
2 libpthread.so.0 0x00002b0e978ffcb0
3 libc.so.6 0x00002b0e9855b425 gsignal + 53
4 libc.so.6 0x00002b0e9855eb8b abort + 379
5 libc.so.6 0x00002b0e985540ee
6 libc.so.6 0x00002b0e98554192
7 klee 0x00000000005ecf1c
klee::getDirectCallTarget(llvm::CallSite) + 220
8 klee 0x00000000005cb712
klee::StatsTracker::computeReachableUncovered() + 258
9 klee 0x00000000005cce0b
klee::StatsTracker::StatsTracker(klee::Executor&, std::string, bool) + 1291
10 klee 0x000000000059fc46
klee::Executor::setModule(llvm::Module*, klee::Interpreter::ModuleOptions
const&) + 326
11 klee 0x000000000057ed62 main + 3794
12 libc.so.6 0x00002b0e9854676d __libc_start_main + 237
13 klee 0x00000000005969e9
KLEE: watchdog exiting (no child)

Hoping someone give me help.

Thanks
Davis
Martin Nowack
2014-05-15 07:48:57 UTC
Permalink
Hey Davis,

Can you give me an example code?

I remember, once, I had the issue as well.
According to the code you can do the following:
432 // NOTE: This assert may fire, it isn't necessarily a problem and
433 // can be disabled, I just wanted to know when and if it happened.
434 assert(0 && "FIXME: Unresolved direct target for a constant expression.”);

But try to insert the following code before the assertion and tell me if it works or the output before the assertion got triggered.

-------
if (Function *f == dyn_cast<Function>(ce->stripPointerCasts()))
return f;
cs->dump();
———

Cheers,
Martin
Post by agan Davis
Hi everyone
klee: ModuleUtil.cpp:435: llvm::Function* klee::getDirectCallTarget(llvm::CallSite): Assertion `0 && "FIXME: Unresolved direct target for a constant expression."' failed.
0 klee 0x0000000000fde322 llvm::sys::PrintStackTrace(_IO_FILE*) + 34
1 klee 0x0000000000fdd749
2 libpthread.so.0 0x00002b0e978ffcb0
3 libc.so.6 0x00002b0e9855b425 gsignal + 53
4 libc.so.6 0x00002b0e9855eb8b abort + 379
5 libc.so.6 0x00002b0e985540ee
6 libc.so.6 0x00002b0e98554192
7 klee 0x00000000005ecf1c klee::getDirectCallTarget(llvm::CallSite) + 220
8 klee 0x00000000005cb712 klee::StatsTracker::computeReachableUncovered() + 258
9 klee 0x00000000005cce0b klee::StatsTracker::StatsTracker(klee::Executor&, std::string, bool) + 1291
10 klee 0x000000000059fc46 klee::Executor::setModule(llvm::Module*, klee::Interpreter::ModuleOptions const&) + 326
11 klee 0x000000000057ed62 main + 3794
12 libc.so.6 0x00002b0e9854676d __libc_start_main + 237
13 klee 0x00000000005969e9
KLEE: watchdog exiting (no child)
Hoping someone give me help.
Thanks
Davis
_______________________________________________
klee-dev mailing list
https://mailman.ic.ac.uk/mailman/listinfo/klee-dev
---------------------------------------------------
Martin Nowack
Research Assistant

Technische Universität Dresden
Computer Science
Institute of Systems Architecture
Systems Engineering
01062 Dresden

Phone: +49 351 463 39608
Email: martin_nowack-***@public.gmane.org
----------------------------------------------------

Loading...