about summary refs log tree commit diff homepage
path: root/include
AgeCommit message (Collapse)Author
2015-08-03Merge pull request #198 from holycrap872/IndependentSolverGetInitialValuesCristian Cadar
New version of the get initial values functionality which makes use of the independent solver.
2015-06-03Added an option --readable-posix-inputs which is used to turn on/off the CEX ↵Cristian Cadar
preferences added in the POSIX model. Removed option --prefer-cex which controlled all CEX preferences.
2015-04-25Give KLEE release version information in the output of klee and kleaverDan Liew
when they are given the --version command line option. Unfortunately to make the build type and git revision available we need to check this for every build which means KLEE's support library will be rebuilt for every build which will slow down incremental builds. This addresses issue #231
2015-04-15Fix the handling of AShrExpr in ExprSMTLIBPrinter so that an overshiftDan Liew
always goes to zero (matches LLVM's APInt::ashr(...)). This is meant to partially address issue #218. There are a few problems with this commit * It is possible for AShrExpr to not be abbreviated because the scan methods will not see that we print the 0th child of the AShrExpr twice * The added test case should really be run through an SMT solver ( i.e. STP) but that requires infrastructure changes.
2015-04-03Fixed issue introduce during a previous refactoring, related to field ordering.Cristian Cadar
2015-04-02Merge pull request #209 from erakadjiev/timestamp_optimizeCristian Cadar
Cleaner, more efficient timestamps
2015-04-02Revert "[include] Added documentation" to avoid a conflict with a pending ↵Cristian Cadar
pull request. This reverts commit badffc570e1be6b675dcab7e21829bd029c46287.
2015-04-02Fixed some doxygen issues.Cristian Cadar
2015-04-02Removed unused fakeState field from ExecutionStateCristian Cadar
2015-04-02Pass over the comments in ExecutionState.hCristian Cadar
2015-04-02Removed underConstrained field, which I believe was re-introduced byCristian Cadar
mistake in the last cleanup commit.
2015-04-02[Core] Documentation and cleanupMartin Nowack
* Removed unused member ShadowObjects in ExecutionState * Added documentation of members and reorder according to categories
2015-04-01Commit of improved IndependentSolver::getIniitalValues().Eric Rizzi
Previous implementation simply passed the entire constraint forward without any factoring of the constraint at all. This is a problem since it is highly likely that there are cached solutions to pieces of the constraint. The new implementation breaks the entire constraint down into its requisite factors and passes each piece forward, one by one, down the solver chain. After an answer is returned, it is integrated into a larger solution. Since, by definition, no factor can affect another, we can safely create a solution to the larger constraint from the answers of its smaller pieces. The reconstruction of the solution is done by analyzing which parts of an array a factor touches. If the factor is the only one to reference a particular array, then all of the values calculated in the solution for that array are included in the final answer. If the factor references a particular element of the array (for example, arr[1]), then only the value in index 1 of array arr will be included in the solution.
2015-04-01[include] Add missing functions in klee.hMartin Nowack
2015-04-01[runtime] Fix comments to c style for c files and headersMartin Nowack
2015-04-01[include] Added documentationMartin Nowack
2015-04-01[include] Removed unused variableMartin Nowack
2015-03-13Timestamp improvements.Emil Rakadjiev
Replaced inefficient llvm::sys::Process::GetTimeUsage() with TimeValue::now(), because in many cases only the wall clock time is needed, not the user and sys times (which are significantly more expensive to get). Updated TimingSolver and WallTimer accordingly.
2015-02-27Improved some comments and fixed some formatting issues in the Array factory ↵Cristian Cadar
patch.
2015-02-22Added factory method for Arrays + hid constructors from outside callsEric Rizzi
The way that Arrays were handled in the past led to the possibility of aliasing issues. This occured whenever a new branch discovered an array for the first time. Each branch would create a new instance of the same array without seeing if it had been created before. Therefore, should a new branch encounter the same state as some previous branch, the previous branch's solution wouldn't satisfy the new state since they didn't recognize they were referencing the same array. By creating an array factory that creates a single symbolic array, that problem is handled. Note: Concrete arrays should not be created by the factory method since their values are never shared between branches. The factory works by seeing if an array with a similar hash has been created before (the hash is based on the name and size of array). If there has been it then searches through all of the arrays with the same hash (stored in a vector) to see if there is one with an exact match. If there is one, the address of this previously created equivalent array is returned. Otherwise, the newly created array is unique, it is added to the map, and it's address is returned. This aliasing issue can be seen by comparing the output of the Dogfood/ImmutableSet.cpp test cases with and with out this commit. Both act correctly, but the number of queries making it to the solver in the previous version is much greater 244 vs 211. This is because the UBTree in the CexCachingSolver and the cache in the CachingSolver do not recognize queries whose solutions were previously calculated because it doesn't think the arrays in the two queries are the same. While this does not cause an error, it does mean that extra calls are made.
2014-12-13Clean up a few comments in ExprSMTLIBPrinterDan Liew
2014-12-12Print nested let-abbreviations in ExprSMTLIBPrinterRaimondas Sasnauskas
This patch introduces nested let-abbreviations in the ExprSMTLIBPrinter to reduce the size of the SMTLIBv2 queries and the corresponding processing time (bugfix for #170). The current implementation of the let abbreviation mode does not consider expression intra-dependencies and prints all abbreviations in the same let scope. For a (simplified) example, it prints (assert (let ( (?B1 (A + B)) (?B2 (A + B + C)) ) (= ?B1 ?B2) ) ). This is extremely inefficient if the expressions (and there many of these!) extensively reuse their subexpressions. Therefore, it's better to print the query with nested let-expressions by reusing existing expression bindings in the new let scope: (assert (let ( (?B1 (A + B)) ) (let ( (?B2 (?B1 + C)) ) (= ?B1 ?B2) ) ) ). This patch adds a new function ExprSMTLIBPrinter::scanBindingExprDeps() that scans bindings for expression dependencies. The result is a vector of new bindings (orderedBindings) that represents the expression dependency tree. When printing in the let-abbreviation mode, the new code starts with abbreviating expressions that have no dependencies and then gradually makes these new bindings available in the upcoming let-scopes where expressions with dependencies reuse them. The effect of nested let-abbreviations is comparable to :named abbreviations. However, the latter mode is not supported by the majority of the solvers.
2014-12-02Unbreak compilation (in metaSMT configuration) by preventing the #defineHristina Palikareva
unordered_map and unordered_set from leaking out into other compilation units. This should be removed entirely when C++11 support lands.
2014-12-02The printing of constraints and the QueryExpr have been merged into aDan Liew
single method with two different implementations. There is one version of this method for human readability (printHumanReadableQuery()) and a version for machine consumption (printMachineReadableQuery()). The reason for having two versions is because different behaviour is needed in different scenarios * In machine readable mode the entire query is printed inside a single ``(assert ...)``. This is done to allow ``(let ...)`` to abbreviate as much as possible. * In human readable mode each constraint and query expression is printed inside its own ``(assert ...)`` unless the abbreviation mode is ABBR_LET in which case all constraints and query expr are printed inside a single ``(assert ...)`` much like in the machine readable mode Whilst I was here I also fixed a bug handling identation when printing ``(let ...)`` expressions in printAssert()
2014-12-02Implement :named and let abbreviation modes in ExprSMTLIBPrinterRaimondas Sasnauskas
* Set the default abbreviation mode to let (ExprSMTLIBPrinter::ABBR_LET) * Remove the now defunct ExprSMTLIBLetPrinter * Improve performance of ExprSMTLIBPrinter::scan() by keeping track of visited Expr to avoid visiting them again * Rename ExprSMTLIBPrinter::printQuery() to ExprSMTLIBPrinter::printQueryExpr()
2014-10-31Switch to using autoconf 2.69 this version is more commonly availableDan Liew
on Linux systems (2.60 is quite old) which will make updating the configure script easier for most users.
2014-09-19Removed code related to underConstrained, as it is unused (issue pointed out ↵Cristian Cadar
by @hpalikareva).
2014-09-13Add KLEE specific DEBUG macros.Daniel Dunbar
- This allows us to build in +Asserts mode even when LLVM isn't (by disabling the checks in that mode). - Eventually it would be nice to just move off of LLVM's DEBUG infrastructure entirely and just have our own copy, but this works for now. - Fixes #150.
2014-09-12[FloatEvaluation] Use llvm::report_fatal_error() instead of assert(0) for ↵Daniel Dunbar
unsupported floating point widths.
2014-09-12When building against libc++ (vs libstdcxx), use standard ↵Daniel Dunbar
unordered_{map,set} includes. - I'm not sure what the status of libstdcxx's c++11 support is. It may be we can just move over to <unordered_map> everywhere, but I don't have a Linux test machine handy at the moment.
2014-09-12Regenerate configure.Daniel Dunbar
2014-09-12Regenerate configure with sanctioned autoconf version.Daniel Dunbar
2014-05-30Fix ExprTest under LLVM 2.9Martin Nowack
2014-05-29Remove #include <iostream> to avoid static constructorsMartin Nowack
iostream injects static constructor function into every compilation unit. Remove this to avoid it.
2014-05-29Refactoring from std::ostream to llvm::raw_ostreamMartin Nowack
According to LLVM: lightweight and simpler implementation of streams.
2014-04-24Merge pull request #116 from MartinNowack/fix_mallocDan Liew
Fix handling of memory usage in KLEE.
2014-04-24Renamed GetTotalMemoryUsage to GetTotalMallocUsageMartin Nowack
2014-04-24Have configure check for presense of mallinfo for the newly addedDan Liew
klee::util::GetTotalMemoryUsage()
2014-04-24Fix handling of memory usage in KLEE.Martin Nowack
Memory usage API in LLVM since 3.3 is not working the way it is intended by KLEE. This ports the pre 3.3. version to KLEE. Fixes the malloc test case.
2014-04-24Add missing newline at end of file to silence a clang warning.Dan Liew
2014-04-24Asserting that update lists have non-NULL roots within ReadExpr objects (updateHristina Palikareva
lists can have NULL roots, e.g. in MemoryObject instances with concrete contents, where root is allocated lazily only when the updates are required). Also checking whether array updates are typed correctly in UpdateList::extend() rather than in the constructor of UpdateNode (only for update lists with non-NULL roots).
2014-04-16Removing a few more hard-coded values for domains and ranges of Array objectsHristina Palikareva
2014-04-15Associate a domain and range with each arrayPeter Collingbourne
2014-04-04Add the ability to control whether the pretty printer uses line breaksPeter Collingbourne
This change makes it possible to more reliably write unit tests which check that an expression is equivalent to an expected pretty printed string.
2014-03-09Use clang-format to reformat SMT-LIB printer in LLVM style.Peter Collingbourne
2014-01-12Merge pull request #68 from MartinNowack/feature_kleeInternalFunctionsDan Liew
Feature klee internal functions
2013-12-21klee-uclibc detection is now a lot cleaner. KLEE now assumesDan Liew
it can find klee-uclibc inside the same folder as the other runtime libraries with the name "klee-uclibc.bca" This is implemented as follows: * When building, a sym-link is created to klee-uclibc's libc.a file in the same directory that the rest of KLEE's runtime libraries are built. This done so that if a developer changes klee-uclibc on their system then the correct version of klee-uclibc is used by KLEE. * When installing, klee-uclibc's libc.a file is installed in the same directory that the rest of KLEE's runtime libraries are installed. In addition the configure script argument --with-uclibc can now operate in two ways. It can either be passed the path to the root of klee-uclibc or it can be passed a path to the libc.a file built by klee-uclibc. This new behaviour has been added to allow users to potential use pre-built versions of klee-uclibc.
2013-12-19Allow to specify KLEE-internal functionsMartin Nowack
KLEE provides runtime library functions to do detection of bugs (e.g. overflow). This runtime functions are not the location of the bugs but it is the next non-runtime library function from the stack. Use the caller inside that function to indicate where the bug is.
2013-12-12Patch by Daniel Lupei, fixing a performance bug with theCristian Cadar
counterexample cache. (This is an old patch, reported at http://llvm.org/bugs/show_bug.cgi?id=11435, on KLEE's old bug tracking system.)
2013-12-11Merge pull request #31 from antiAgainst/chroot-replayCristian Cadar
Chroot replay feature