about summary refs log tree commit diff homepage
path: root/lib
AgeCommit message (Collapse)Author
2020-10-12Exception handling only for LLVM >= 8.0.0Julian Büning
2020-10-12use isa<> and explicit nullptr-check for compilation with older LLVM ↵Felix Rath
versions, also mark two errors as ExecErrors, as these should not be caused by users
2020-10-12Implemented support for C++ ExceptionsFelix Rath
We implement the Itanium ABI unwinding base-API, and leave the C++-specific parts to libcxxabi. Co-authored-by: Lukas Wölfer <lukas.woelfer@rwth-aachen.de>
2020-10-09implement fneg instructionJulian Büning
2020-10-09fix: fabs() working on the wrong argumentDavid Laprell
2020-10-09Replace `NULL` with explicit `nullptr`Martin Nowack
2020-10-09Explicitly track global variables in getDirectCallTargetMartin Nowack
Global variables can't be a direct call target. Their values are read and treated as indirect call targets.
2020-09-26Replace llvm::CallSite with llvm::CallBase on LLVM 8+Lukas Zaoral
This is in preparation for LLVM 11 as the llvm:CallSite class has been removed.
2020-09-03Guard process-tree compression with a command-line switchSebastian Poeplau
2020-09-03Fix PTree::remove to clean the tree properlySebastian Poeplau
The previous version left unnecessary intermediate nodes behind, sometimes leading to very long paths in the tree.
2020-09-02More robust handling of unknown intrinsicsAlastair Reid
- If an unknown intrinsic appears in the bitcode file, it is reported but execution can proceed. - If an unknown intrinsic is encountered during execution of some path, - the intrinsic is reported - this path is treated as an error - execution of other paths can proceed To be more precise, there is a list of "known unknown intrinsics". Intrinsics not on this list will prevent execution.
2020-08-19DiscretePDF: use IDs instead of pointers (see PR #739)Frank Busse
2020-07-30introduce --rng-initial-seed=<unsigned>Frank Busse
* move global theRNG into Executor * pass theRNG via ctor to searchers * remove some type warnings from RNG.cpp Fixes #1023.
2020-07-29remove holes in Instruction-/FunctionInfoTable, add documentationFrank Busse
2020-07-01Clean-up and add documentationMartin Nowack
2020-07-01Remove state contructor with constraintsMartin Nowack
This constructor has been a hack and was wrongly used, use ConstraintManager instead. Allow copy-constructing states only via `ExecutionState::branch()` call.
2020-07-01Use constraint sets and separate metadata for timing solver invocationMartin Nowack
Decouple ExecutionState from TimingSolver Instead of providing an execution state to the timing solver use a set of constraints and an additional object for metadata. Fixes: * correct accounting of metadata to a specific state * accounting of all solver invocations (e.g. solver-getRange was not accounted) * allows to invoke the solver without a state (avoids costly copying of states/constraints)
2020-07-01Use `unique_ptr` for solver in timing solverMartin Nowack
2020-07-01Separate constraint set and constraint managerMartin Nowack
2020-07-01Move constraint implementation from header to cpp filesMartin Nowack
2020-06-29Enable subsets for RandomPathSearcherTimotej Kapus
2020-06-29[PTree] Replace left/right with PointerIntPairTimotej Kapus
2020-06-29Revert "refactor PTree: use unique_ptr"Timotej Kapus
This reverts commit 0aed7731210d0eb41c0ea767edb8067130cf6252.
2020-06-29Implement fshr/fshl intrinsicsAlastair Reid
Changes: - IntrinsicCleaner accepts fshr/fshl as accepted intrinsics - Executor::executeCall converts fshr/fshl to urem/zext/concat/shift/extract - Klee/main suppresses warnings about externals that are LLVM reserved (i.e., begin with "llvm.") - New test exercises 32 and 7 bit versions including oversize shift values Test values are based on LLVM's test for fshl/fshr - Changes that depend on existence of fshr/fshl are guarded by #if LLVM_VERSION_CODE >= LLVM_VERSION(7, 0) or ; REQUIRES: geq-llvm-7.0
2020-06-25Enforce fork/branch limits in branch() and fix double terminationFrank Busse
* extend help messages for -max-memory and -max-memory-inhibit * introduces branchingPermitted() * enforces fork/branch limits in branch() (vector version) * changes main loop * calls updateStates() before checkMemoryUsage() * calls updateStates() again in case we early terminate states This should prevent double termination for now. Other solutions are imho more expensive as we would have to compare possibly large vectors of states (either states(arr) in checkMemoryUsage() or removedStates in terminateState()).
2020-06-25fix Executor: initializeGlobalAliasesJulian Büning
2020-06-25Executor: consolidate initialization of global objectsJulian Büning
2020-06-25Executor: light refactoring of {allocate,initialize}GlobalObjectsJulian Büning
mainly range-based for, code deduplication
2020-06-25Executor: split initializeGlobalsJulian Büning
2020-06-25ExecutorUtil: assert that GlobalValue is already knownJulian Büning
2020-06-24StatsTracker: initialize indexed stats when user searcher requires MD2UAdrian Herrera
This is the same check used in Executor::setModule. Without this check, KLEE will segfault in StatisticsManager::incrementIndexedValue, getIndexedValue, and setIndexedValue when `-output-stats=false` or `-output-istats=false` because StatisticsManager::indexedStats has not been allocated.
2020-06-24print stateID with --debug-print-instructionsFrank Busse
2020-06-24add ExecutionState IDsFrank Busse
* add getID()/setID() * use ExecutionStateIDCompare in Executor::states set * output state id in .err files
2020-06-24slightly update ExecutionState, remove holes in structFrank Busse
2020-06-19Correctly copy variadic arguments with byval attributeCristian Cadar
2020-06-19Renamed loop index from "i" to "k" in executeCall() so that we can reuse ↵Cristian Cadar
"Instruction *i" declared at the beginning of the function. Reformatted this function.
2020-06-06[Module] Disable lifting for inline asm resembling memory fences with return ↵Martin Nowack
values Inline asm used for memory barriers might use their operands and propagate them as return value. This is currently not supported. Tighten check for this condition and do not to lift those inline asm instructions. Fixes #1252
2020-05-01[Solver:STP] Fix handling of array namesMartin Nowack
Array names used for STP queries used to be restricted to 32 characters, with the last characters replaced by a unique number. Similarly, an array is made unique by `klee_make_symbolic`. Unfortunately, both combined can lead to the generation of the same STP array name for different arrays. This leads to wrong queries with invalid results. This is more likely be triggered with longer names for `klee_make_symbolic` Fixes #1257
2020-04-30Moved header files that were placed directly in include/klee/ into ↵Cristian Cadar
appropriate existing directories and a new directory Statistics; a few missing renames.
2020-04-30Removed include/klee/util and moved header files to appropriate placesCristian Cadar
2020-04-30Created include/klee/Core directory and moved appropriate files direc\Cristian Cadar
tly in lib/Core
2020-04-30Move header files from lib/Expr to include/klee/Expr to eliminate includes ↵Cristian Cadar
using "../"
2020-04-30Removed the Internal directory from include/kleeCristian Cadar
2020-04-08readStringAtAddress: support pointer into objectsMarek Chalupa
The code assumed that the passed pointer points at the beginning of the object. Remove this assumption and support any (constant) pointer. The string is read util either the end of the object is hit (in which case a warning is issued as the string was not zero terminated) or until the terminating zero is found.
2020-04-08readStringAtAddress: use stringstream to obtain the stringMarek Chalupa
The code is simpler and more in the spirit of C++.
2020-04-08stats: rename QueriesConstructs to QueryConstructsFrank Busse
2020-04-08Statistic: slightly modernise class definitionFrank Busse
2020-04-08stats: remove queryConstructTime (unused)Frank Busse
2020-03-27Ensure that temp_builder is used when adding constant array value assertion ↵Daniel Grumberg
constraints
2020-03-22StatsTracker: remove NumObjects, fix assignment of and always write ↵Frank Busse
ArrayHashTime * fix binding order for assignments when KLEE_ARRAY_DEBUG enabled * always write ArrayHashTime column to run.stats, assign -1 when KLEE_ARRAY_DEBUG disabled * remove unused NumObjects column from run.stats * remove NumObjects panel from Grafana