Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
According to i686 System V ABI 2.1.1, long double must be aligned to 4 bytes.
Thus, its size with padding is 12 bytes. Prior to this change only 10 bytes
were used.
This commit fixes the following out of bound pointer access.
```
$ clang -m32 -O0 -Xclang -disable-O0-optnone -g -emit-llvm -c test/Feature/VarArgAlignment.c -o varalign.bc
$ klee varalign.bc
KLEE: output directory is "/home/lukas/klee/klee-out-19"
KLEE: Using Z3 solver backend
KLEE: WARNING: undefined reference to function: printf
KLEE: WARNING ONCE: calling external: printf(44120064, 1, 2, 3) at test/Feature/VarArgAlignment.c:23 17
i1, i2, i3: 1, 2, 3
l1: 4
i4: 5
ld1: 6.000000
KLEE: ERROR: test/Feature/VarArgAlignment.c:35: memory error: out of bound pointer
KLEE: NOTE: now ignoring this error at this location
KLEE: done: total instructions = 499
KLEE: done: completed paths = 1
KLEE: done: generated tests = 1
```
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
With recent LLVM versions, this should allow to link against dynamic LLVM
libraries.
|
|
... for LLVM 14 in [1] and has already been removed from the LLVM 15
branch in [2].
Some changes are only temporary to silence the warning though, as
Type::getPointerElementType() is planned to be removed as well. [3]
[1] https://reviews.llvm.org/D117885/new/
[2] https://github.com/llvm/llvm-project/commit/d593cf7
[3] https://llvm.org/docs/OpaquePointers.html#migration-instructions
|
|
LLVM became more complex, use LLVM's CMake functionality directly instead
of replicating this behaviour in KLEE's build system.
Use the correct build flags provided by LLVM itself.
This is influenced by the way LLVM is built in the first place.
Remove older CMake support (< 3.0).
|
|
|
|
warning once per array. Add test case.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
use size() to get N in bind(), just like the way in prepare().
|
|
|
|
|
|
|
|
|
|
... in Executor::callExternalFunction.
Fixes the following error reported in Feature/VarArg{Alignment,LongDouble}.c
tests:
lib/Expr/Expr.cpp:366:5: runtime error: store to misaligned address
0x7ffc011d3528 for type 'long double', which requires 16 byte alignment
|
|
... by initialising all members of fundamental types of the ExecutionState
class.
Fixes the following error in SearcherTest.{Two,}RandomPath unit tests:
lib/Core/ExecutionState.cpp:114:22: runtime error: load of value 254, which is not a valid value for type 'bool'
|
|
|
|
by renaming flushMask to unflushedMask
|
|
|
|
|
|
Track all path terminations: esp. for debugging or visualising a persistent process tree (with or without full MoKlee integration) it is helpful to know the exact reason (StateTerminationType) why a path terminated.
|
|
See: https://reviews.llvm.org/D105653
|
|
See: https://github.com/llvm/llvm-project/commit/6312c53870897435b38881795460ad9f34bf9819
|
|
|
|
Since KLEE requires C++14, we should prefer `nullptr` to plain `0`.
|
|
The vector variants are not implemented at the moment.
See: https://reviews.llvm.org/D84125
Co-authored-by: Lukas Zaoral <lzaoral@redhat.com>
Co-authored-by: Martin Nowack <m.nowack@imperial.ac.uk>
|
|
The vector variants are not implemented at the moment.
See: https://reviews.llvm.org/D84125
Co-authored-by: Lukas Zaoral <lzaoral@redhat.com>
Co-authored-by: Martin Nowack <m.nowack@imperial.ac.uk>
|
|
... and has already been removed from the LLVM 13 source tree.
See:
https://reviews.llvm.org/D78127
https://reviews.llvm.org/D95570
|
|
Before, we reused the llvm::Function* value in the target program,
even though it stems from KLEE's own address space. This leads to
non-deterministic function pointers, even with --allocate-determ.
This issue was identified in the MoKLEE paper. Now, we allocate a
memory object per function, for its (potentially) deterministic
address. Mapping this address back to llvm::Functions is done by
the legalFunctions map.
Also, pointer width now depends on the target, not the host.
|
|
stats when not dumping states
|