[llvm] r295900 - [libFuzzer] Mark a test that infinite loops as unsupported
Justin Bogner via llvm-commits
llvm-commits at lists.llvm.org
Thu Feb 23 14:06:16 PST 2017
I may have been confused about exactly what was happening here, because
looking at the stack trace now it doesn't so much get stuck in a crash
loop as re-enter ASAN_MALLOC_HOOK and get stuck on a mutex. Anyways,
here's the stack trace:
* thread #1, queue = 'com.apple.main-thread', stop reason = signal SIGSTOP
frame #0: 0x00007fffd5a01492 libsystem_kernel.dylib`syscall_thread_switch + 10
frame #1: 0x00007fffd5aea348 libsystem_platform.dylib`_OSSpinLockLockYield + 63
frame #2: 0x0000000101484294 libclang_rt.asan_osx_dynamic.dylib`::SymbolizePC() [inlined] GenericScopedLock + 36 at sanitizer_mutex.h:187
frame #3: 0x000000010148428f libclang_rt.asan_osx_dynamic.dylib`::SymbolizePC() [inlined] GenericScopedLock at sanitizer_mutex.h:186
frame #4: 0x000000010148428f libclang_rt.asan_osx_dynamic.dylib`::SymbolizePC() + 31 at sanitizer_symbolizer_libcdep.cc:64
frame #5: 0x0000000101483c78 libclang_rt.asan_osx_dynamic.dylib`::Print() + 232 at sanitizer_stacktrace_libcdep.cc:35
frame #6: 0x0000000101467819 libclang_rt.asan_osx_dynamic.dylib`::__sanitizer_print_stack_trace() + 265 at asan_stack.cc:38
frame #7: 0x000000010146e801 libclang_rt.asan_osx_dynamic.dylib`::RunMallocHooks() + 33 at sanitizer_common.cc:453
* frame #8: 0x0000000101407cc0 libclang_rt.asan_osx_dynamic.dylib`::Allocate() + 1792 at asan_allocator.cc:494
frame #9: 0x000000010145f1a1 libclang_rt.asan_osx_dynamic.dylib`::wrap_malloc() + 385 at sanitizer_malloc_mac.inc:134
frame #10: 0x00007fffd59764c6 libsystem_c.dylib`ptsname + 39
frame #11: 0x00007fffd591f6ff libsystem_c.dylib`openpty + 97
frame #12: 0x00000001014763d1 libclang_rt.asan_osx_dynamic.dylib`::internal_forkpty() + 33 at sanitizer_mac.cc:208
frame #13: 0x00000001014856fa libclang_rt.asan_osx_dynamic.dylib`::StartSymbolizerSubprocess() + 570 at sanitizer_symbolizer_posix_libcdep.cc:180
frame #14: 0x0000000101484f5e libclang_rt.asan_osx_dynamic.dylib`::SendCommand() [inlined] Restart + 254 at sanitizer_symbolizer_libcdep.cc:433
frame #15: 0x0000000101484f3c libclang_rt.asan_osx_dynamic.dylib`::SendCommand() + 220 at sanitizer_symbolizer_libcdep.cc:409
frame #16: 0x000000010147cef5 libclang_rt.asan_osx_dynamic.dylib`::SymbolizePC() + 85 at sanitizer_symbolizer_mac.cc:141
frame #17: 0x00000001014842fa libclang_rt.asan_osx_dynamic.dylib`::SymbolizePC() + 138 at sanitizer_symbolizer_libcdep.cc:76
frame #18: 0x0000000101483c78 libclang_rt.asan_osx_dynamic.dylib`::Print() + 232 at sanitizer_stacktrace_libcdep.cc:35
frame #19: 0x0000000101467819 libclang_rt.asan_osx_dynamic.dylib`::__sanitizer_print_stack_trace() + 265 at asan_stack.cc:38
frame #20: 0x000000010146e801 libclang_rt.asan_osx_dynamic.dylib`::RunMallocHooks() + 33 at sanitizer_common.cc:453
frame #21: 0x0000000101407cc0 libclang_rt.asan_osx_dynamic.dylib`::Allocate() + 1792 at asan_allocator.cc:494
frame #22: 0x000000010146a30c libclang_rt.asan_osx_dynamic.dylib`::wrap__Znwm() + 364 at asan_new_delete.cc:106
frame #23: 0x0000000100001d4e LLVMFuzzer-TraceMallocTest`::LLVMFuzzerTestOneInput() + 510 at TraceMallocTest.cpp:20
frame #24: 0x0000000100025d02 LLVMFuzzer-TraceMallocTest`::ExecuteCallback() + 850 at FuzzerLoop.cpp:550
frame #25: 0x000000010002656c LLVMFuzzer-TraceMallocTest`::RunOne() + 348 at FuzzerLoop.cpp:501
frame #26: 0x000000010002a73f LLVMFuzzer-TraceMallocTest`::MutateAndTestOne() + 2175 at FuzzerLoop.cpp:757
frame #27: 0x000000010002afd8 LLVMFuzzer-TraceMallocTest`::Loop() + 296 at FuzzerLoop.cpp:791
frame #28: 0x000000010000aae9 LLVMFuzzer-TraceMallocTest`::FuzzerDriver() + 16137 at FuzzerDriver.cpp:568
frame #29: 0x0000000100079b56 LLVMFuzzer-TraceMallocTest`main + 230 at FuzzerMain.cpp:20
frame #30: 0x00007fffd58da255 libdyld.dylib`start + 1
frame #31: 0x00007fffd58da255 libdyld.dylib`start + 1
Kostya Serebryany <kcc at google.com> writes:
> interesting...
> do you have any details about the crash in stack trace reporting?
>
> On Wed, Feb 22, 2017 at 3:05 PM, Justin Bogner via llvm-commits <
> llvm-commits at lists.llvm.org> wrote:
>
>> Author: bogner
>> Date: Wed Feb 22 17:05:17 2017
>> New Revision: 295900
>>
>> URL: http://llvm.org/viewvc/llvm-project?rev=295900&view=rev
>> Log:
>> [libFuzzer] Mark a test that infinite loops as unsupported
>>
>> We need to investigate this, but for now it just causes too much
>> headache when trying to run these tests.
>>
>> Added:
>> llvm/trunk/lib/Fuzzer/test/trace-malloc-2.test
>> Modified:
>> llvm/trunk/lib/Fuzzer/test/lit.cfg
>> llvm/trunk/lib/Fuzzer/test/trace-malloc.test
>>
>> Modified: llvm/trunk/lib/Fuzzer/test/lit.cfg
>> URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/
>> test/lit.cfg?rev=295900&r1=295899&r2=295900&view=diff
>> ============================================================
>> ==================
>> --- llvm/trunk/lib/Fuzzer/test/lit.cfg (original)
>> +++ llvm/trunk/lib/Fuzzer/test/lit.cfg Wed Feb 22 17:05:17 2017
>> @@ -40,6 +40,9 @@ else:
>> if sys.platform.startswith('win') or sys.platform.startswith('cygwin'):
>> config.available_features.add('windows')
>>
>> +if sys.platform.startswith('darwin'):
>> + config.available_features.add('darwin')
>> +
>> if config.is_posix:
>> config.available_features.add('posix')
>>
>>
>> Added: llvm/trunk/lib/Fuzzer/test/trace-malloc-2.test
>> URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/
>> test/trace-malloc-2.test?rev=295900&view=auto
>> ============================================================
>> ==================
>> --- llvm/trunk/lib/Fuzzer/test/trace-malloc-2.test (added)
>> +++ llvm/trunk/lib/Fuzzer/test/trace-malloc-2.test Wed Feb 22 17:05:17
>> 2017
>> @@ -0,0 +1,8 @@
>> +// FIXME: This test infinite loops on darwin because it crashes
>> +// printing a stack trace repeatedly
>> +UNSUPPORTED: darwin
>> +
>> +RUN: LLVMFuzzer-TraceMallocTest -seed=1 -trace_malloc=2 -runs=1000 2>&1 |
>> FileCheck %s --check-prefix=TRACE2
>> +TRACE2-DAG: FREE[0]
>> +TRACE2-DAG: MALLOC[0]
>> +TRACE2-DAG: in LLVMFuzzerTestOneInput
>>
>> Modified: llvm/trunk/lib/Fuzzer/test/trace-malloc.test
>> URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/
>> test/trace-malloc.test?rev=295900&r1=295899&r2=295900&view=diff
>> ============================================================
>> ==================
>> --- llvm/trunk/lib/Fuzzer/test/trace-malloc.test (original)
>> +++ llvm/trunk/lib/Fuzzer/test/trace-malloc.test Wed Feb 22 17:05:17 2017
>> @@ -3,8 +3,3 @@ CHECK-DAG: MallocFreeTracer: STOP 0 0 (s
>> CHECK-DAG: MallocFreeTracer: STOP 0 1 (DIFFERENT)
>> CHECK-DAG: MallocFreeTracer: STOP 1 0 (DIFFERENT)
>> CHECK-DAG: MallocFreeTracer: STOP 1 1 (same)
>> -
>> -RUN: LLVMFuzzer-TraceMallocTest -seed=1 -trace_malloc=2 -runs=1000 2>&1 |
>> FileCheck %s --check-prefix=TRACE2
>> -TRACE2-DAG: FREE[0]
>> -TRACE2-DAG: MALLOC[0]
>> -TRACE2-DAG: in LLVMFuzzerTestOneInput
>>
>>
>> _______________________________________________
>> llvm-commits mailing list
>> llvm-commits at lists.llvm.org
>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>>
More information about the llvm-commits
mailing list