[llvm-bugs] [Bug 35727] New: Crashes in runs llvm-profdata merge -sparse default.profraw -o default.profdata

via llvm-bugs llvm-bugs at lists.llvm.org
Thu Dec 21 19:44:10 PST 2017 

https://bugs.llvm.org/show_bug.cgi?id=35727

            Bug ID: 35727
           Summary: Crashes in runs llvm-profdata merge -sparse
                    default.profraw -o default.profdata
           Product: clang
           Version: 5.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: Frontend
          Assignee: unassignedclangbugs at nondot.org
          Reporter: smarkelov at yandex-team.ru
                CC: llvm-bugs at lists.llvm.org

Created attachment 19591
  --> https://bugs.llvm.org/attachment.cgi?id=19591&action=edit
First compressed default.profraw

I encountered a crash in llvm-profdata while analysis of Clang code-bases
coverage report after fuzzings.

I use libfuzzer to fuzz our components. The flags used to compile the
components:
-fsanitize=undefined -fprofile-instr-generate -fcoverage-mapping
-fno-use-cxa-atexit

The result of fuzzing are attached. Please note I compressed them to safe the
memory.

The first crash occurs on load input of the first default.profraw when I tried
to convert default.profraw -> default.profdata:

LLVM ERROR: out of memory
#0 0x00000000004a5294 PrintStackTraceSignalHandler(void*)
(/usr/bin/llvm-profdata+0x4a5294)
#1 0x00000000004a5576 SignalHandler(int) (/usr/bin/llvm-profdata+0x4a5576)
#2 0x00007f7bb847f330 __restore_rt
(/lib/x86_64-linux-gnu/libpthread.so.0+0x10330)
#3 0x00007f7bb7072c37 gsignal
/build/eglibc-oGUzwX/eglibc-2.19/signal/../nptl/sysdeps/unix/sysv/linux/raise.c:56:0
#4 0x00007f7bb7076028 abort
/build/eglibc-oGUzwX/eglibc-2.19/stdlib/abort.c:91:0
#5 0x0000000000486945 llvm::report_bad_alloc_error(char const*, bool)
(/usr/bin/llvm-profdata+0x486945)
#6 0x0000000000489447 llvm::SmallVectorBase::grow_pod(void*, unsigned long,
unsigned long) (/usr/bin/llvm-profdata+0x489447)
#7 0x0000000000485a46 llvm::zlib::uncompress(llvm::StringRef,
llvm::SmallVectorImpl<char>&, unsigned long) (/usr/bin/llvm-profdata+0x485a46)
#8 0x00000000004519c3 llvm::readPGOFuncNameStrings(llvm::StringRef,
llvm::InstrProfSymtab&) (/usr/bin/llvm-profdata+0x4519c3)
#9 0x000000000045902c llvm::RawInstrProfReader<unsigned
long>::createSymtab(llvm::InstrProfSymtab&) (/usr/bin/llvm-profdata+0x45902c)
#10 0x00000000004587a4 llvm::RawInstrProfReader<unsigned
long>::readHeader(llvm::RawInstrProf::Header const&)
(/usr/bin/llvm-profdata+0x4587a4)
#11 0x0000000000458ac1 llvm::RawInstrProfReader<unsigned
long>::readNextHeader(char const*) (/usr/bin/llvm-profdata+0x458ac1)
#12 0x0000000000458917 llvm::RawInstrProfReader<unsigned
long>::readNextRecord(llvm::NamedInstrProfRecord&)
(/usr/bin/llvm-profdata+0x458917)
#13 0x0000000000456870 llvm::InstrProfIterator::Increment()
(/usr/bin/llvm-profdata+0x456870)
#14 0x000000000040eeec loadInput(WeightedFile const&, WriterContext*)
(/usr/bin/llvm-profdata+0x40eeec)
#15 0x0000000000408100 merge_main(int, char const**)
(/usr/bin/llvm-profdata+0x408100)
#16 0x000000000040615f main (/usr/bin/llvm-profdata+0x40615f)
#17 0x00007f7bb705df45 __libc_start_main
/build/eglibc-oGUzwX/eglibc-2.19/csu/libc-start.c:321:0
#18 0x0000000000405ad2 _start (/usr/bin/llvm-profdata+0x405ad2)
Stack dump:
0.      Program arguments: /usr/bin/llvm-profdata llvm-profdata merge -sparse
default.profraw -o default.profdata 



The second crash occurs on merge of the second default.profraw.

#0 0x00000000004a5294 PrintStackTraceSignalHandler(void*)
(/usr/bin/llvm-profdata+0x4a5294)
#1 0x00000000004a5576 SignalHandler(int) (/usr/bin/llvm-profdata+0x4a5576)
#2 0x00007f196a992330 __restore_rt
(/lib/x86_64-linux-gnu/libpthread.so.0+0x10330)
#3 0x00007f19695dac9a memchr
/build/eglibc-oGUzwX/eglibc-2.19/string/../sysdeps/x86_64/memchr.S:154:0
#4 0x000000000048ae18 llvm::StringRef::find(llvm::StringRef, unsigned long)
const (/usr/bin/llvm-profdata+0x48ae18)
#5 0x000000000048b402
llvm::StringRef::split(llvm::SmallVectorImpl<llvm::StringRef>&,
llvm::StringRef, int, bool) const (/usr/bin/llvm-profdata+0x48b402)
#6 0x0000000000451b5a llvm::readPGOFuncNameStrings(llvm::StringRef,
llvm::InstrProfSymtab&) (/usr/bin/llvm-profdata+0x451b5a)
#7 0x000000000045902c llvm::RawInstrProfReader<unsigned
long>::createSymtab(llvm::InstrProfSymtab&) (/usr/bin/llvm-profdata+0x45902c)
#8 0x00000000004587a4 llvm::RawInstrProfReader<unsigned
long>::readHeader(llvm::RawInstrProf::Header const&)
(/usr/bin/llvm-profdata+0x4587a4)
#9 0x0000000000458ac1 llvm::RawInstrProfReader<unsigned
long>::readNextHeader(char const*) (/usr/bin/llvm-profdata+0x458ac1)
#10 0x0000000000458917 llvm::RawInstrProfReader<unsigned
long>::readNextRecord(llvm::NamedInstrProfRecord&)
(/usr/bin/llvm-profdata+0x458917)
#11 0x0000000000456870 llvm::InstrProfIterator::Increment()
(/usr/bin/llvm-profdata+0x456870)
#12 0x000000000040eeec loadInput(WeightedFile const&, WriterContext*)
(/usr/bin/llvm-profdata+0x40eeec)
#13 0x0000000000408100 merge_main(int, char const**)
(/usr/bin/llvm-profdata+0x408100)
#14 0x000000000040615f main (/usr/bin/llvm-profdata+0x40615f)
#15 0x00007f1969570f45 __libc_start_main
/build/eglibc-oGUzwX/eglibc-2.19/csu/libc-start.c:321:0
#16 0x0000000000405ad2 _start (/usr/bin/llvm-profdata+0x405ad2)
Stack dump:
0.      Program arguments: /usr/bin/llvm-profdata llvm-profdata merge -sparse
default.profraw -o default.profdata 

What is wrong there? I upsets me.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20171222/3f3ffaf5/attachment.html>

More information about the llvm-bugs mailing list