Age | Commit message (Collapse) | Author |
|
|
|
|
|
placed them in the seeding category. Moved options and option categories in Executor.cpp to the klee namespace.
|
|
|
|
reformatting)
|
|
expression building/printing category
|
|
the startup category
|
|
category (with --write-cov, --write-cvcs etc.)
|
|
|
|
a help message.
|
|
|
|
* switch to Python 3
* add file encoding
* some PEP8 reformatting
* fix TOCTOU for open
* replace trimZeros() with rstrip
* remove unused pos/args variables
* remove --write-ints (print by default)
* remove progname section (unused)
* added/modified output rows
- "data:" now shows the Python representation (for use in scripts)
- "hex :" shows the hex representation
- "text:" shows ASCII, all out-of-range/non-printable characters are replaced by a dot
- "int :"/"uint:" print (unsigned) 8/16/32/64 bit integers
* reduce width for object counter to needed minimum instead of 4
* refactor printing into function
|
|
Co-Authored-By: ccadar <c.cadar@imperial.ac.uk>
|
|
|
|
|
|
|
|
original --run-in option to --running-dir
|
|
|
|
|
|
|
|
|
|
This should not change the behaviour of KLEE and mimics the old API.
- functions moved from util into time namespace
- uses time points and time spans instead of double
- CLI arguments now have the form "3h5min8us"
Changed command line parameters:
- batch-time (double to string)
- istats-write-interval (double to string)
- max-instruction-time (double to string)
- max-solver-time (double to string)
- max-time (double to string)
- min-query-time-to-log (double to string)
- seed-time (double to string)
- stats-write-interval (double to string)
- uncovered-update-interval (double to string)
- added: log-timed-out-queries (replaces negative max-solver-time)
|
|
concrete arguments and files.
* Sample use cases:
* Using an interesting input as a seed, such as a crashing input.
* Analyzing the path condition of a crashing input.
* Also added the test: test/Runtime/POSIX/GenBout.c
|
|
Starting with llvm 5, arguments of a function are not an iterator, but
an array. So they cannot be incremented in-place. Add a local auto
variable and increment that.
Otherwise we see:
../tools/klee/main.cpp:661:23: error: expression is not assignable
Value *oldArgv = &*(++mainFn->arg_begin());
^ ~~~~~~~~~~~~~~~~~~~
Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
|
|
and introduce klee_open_compressed_output_file with similar behavior
along some other minor improvements
|
|
to have only solver options.
|
|
|
|
* also adds klee-replay as dependency for systemtests
|
|
LLVM 4 renamed and splitted some headers. Take this into account in
includes.
Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
|
|
Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
|
|
|
|
To enable the POSIX support, the former implementation instrumented the
main function and inserted a call to `klee_init_env` at the beginning.
This has multiple disadvantages:
* debugging information was not correctly propagated leaving the call to
`klee_init_env` without debug information
* the main function always required `int arg, char**` as part of the
function definition of `main`
Based on the new linking infrastructure, we can now add an additional
wrapper `__klee_posix_wraper(int, char**)` that gets always called when
POSIX support is enabled. It executes `klee_init_env` and after that
calls the `main` function.
Enabling POSIX support only requires the renaming of the user provided
`main` into `__klee_posix_wrapped_main` in addition to linking.
|
|
|
|
Replace the remaining occurrences of `Inst::Create()` with
`llvm::Builder` to manage metadata automatically and to fold
instructions.
C++11 it and clang-format
|
|
No need to flush it, see llvm-mirror/llvm@d4177b2
Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
|
|
Link intrinsic library before executing optimizations.
This makes sure that any optimization run by KLEE on the module
is executed for the intrinsic library as well.
Support .ll files as input for KLEE as well.
|
|
|
|
Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
|
|
|
|
If an external function in KLEE is invoked, it might update errno.
Previously, the errno specific variable in a state was only updated
if it was part of the executed instructions.
That opened up a timeframe that increased the likelihood of errno being
overwritten by another method call.
This patch fixes two issues:
* the errno of the KLEE process state is updated before the external
function call allowing to detect changes to it later on
* after the external call, the memory object of errno is directly
updated
with its new value, reducing the likelihood to be overwritten by
another
call
Additional features:
* Add support for `errno()` for Darwin as well.
* Simplified errno handling in POSIX layer
|
|
|
|
Signed-off-by: Domenico Fabio Marino <nospamdomi@hotmail.it>
|
|
|
|
configuration, TravisCI scripts and Dockerfile build appropriately.
There are a bunch of clean ups this enables but this commit doesn't
attempt them. We can do that in future commits.
|
|
Fixes klee/klee#717
delete on null pointer is always safe.
|
|
|
|
KLEE was always incremented, even if a symbolic solution was not found.
|
|
https://github.com/klee/klee/commit/db29a0bba74b672cdf4b8fef4d94ffa6ab845e6d
__fprintf_chk has a different prototype than fprintf
|
|
Request LLVM 3.4 as minimal requirement for KLEE
|
|
llvm: get rid of static_casts from iterators
|