Пример #1
0
int main(int argc, char **argv) {
  int a, b, c, x;

  if (argc==2 && strcmp(argv[1], "initial") == 0) {
    klee_make_symbolic(&a, sizeof a, "a");
    klee_make_symbolic(&b, sizeof b, "b");
    klee_make_symbolic(&c, sizeof c, "c");
    klee_make_symbolic(&x, sizeof x, "a");

    klee_assume(a == 3);
    klee_assume(b == 4);
    klee_assume(c == 5);
    klee_assume(x == 6);
  } else {
    klee_make_symbolic(&a, sizeof a, "a");
    klee_make_symbolic(&c, sizeof c, "c");
    klee_make_symbolic(&b, sizeof b, "b");
    klee_make_symbolic(&x, sizeof x, "a");
  }

  if (a==3) printf("a==3\n");
  if (b==4) printf("b==4\n");
  if (c==5) printf("c==5\n");
  if (x==6) printf("x==6\n");

  return 0;
}
Пример #2
0
int main() {
  char buf[4];
  klee_make_symbolic(buf, sizeof buf);

  buf[1] = 'a';

  constantArr[klee_range(0, 16, "idx.0")] = buf[0];

  // Use this to trigger an interior update list usage.
  int y = constantArr[klee_range(0, 16, "idx.1")];  

  constantArr[klee_range(0, 16, "idx.2")] = buf[3];
  
  buf[klee_range(0, 4, "idx.3")] = 0;
  klee_assume(buf[0] == 'h');
  
  int x = *((int*) buf);
  klee_assume(x > 2);
  klee_assume(x == constantArr[12]);

  klee_assume(y != (1 << 5));

  assert(0);

  return 0;
}
Пример #3
0
int main(void)
{
  int a;
  
  klee_make_symbolic(&a, sizeof(int), "a");
  klee_assume(a >= 0);
  klee_assume(a <= 10);

  In = fib(a);
  return 0;
}
Пример #4
0
int main() {
  int x = klee_int("x");
  klee_assume(x > 10);
  klee_assume(x < 20);

  assert(!klee_is_symbolic(klee_get_value_i32(x)));
  assert(klee_get_value_i32(x) > 10);
  assert(klee_get_value_i32(x) < 20);

  return 0;
}
int main (int argc, char** argv) {
	int x;
	int y;

	klee_make_symbolic(&x, sizeof(x), "x");
	klee_make_symbolic(&y, sizeof(y), "y");
//	klee_assume((1.99946831462933) * x +  (1.99946259758235) * y >= 0.999016667912656);
	klee_assume (x < 0);
	klee_assume (x + y > -1);
	klee_assert (y >= 0);
	return 0;
}
Пример #6
0
void main() {  
    uint32_t na;
    uint32_t nb;
    uint32_t nc;
    klee_make_symbolic(&na, sizeof(na), "na");
    klee_make_symbolic(&nb, sizeof(nb), "nb");
    klee_make_symbolic(&nc, sizeof(nc), "nc");
    int nN = 3;
    klee_assume(na > 0);
    klee_assume(nb > 0);
    klee_assume(nc > 0);
    assert(nPow(na, nN) + nPow(nb, nN) != nPow(nc, nN));
}
int main (int argc, char** argv) {
	int x;
	int y;

	klee_make_symbolic(&x, sizeof(x), "x");
	klee_make_symbolic(&y, sizeof(y), "y");
	klee_assume(x + y > -1);
	klee_assume (x >= 0);
	x--;
	y++;
	klee_assert(x + y > -1);
	return 0;
}
Пример #8
0
static void __create_new_dfile(exe_disk_file_t *dfile, unsigned size, 
                               const char *name, struct stat64 *defaults) {
  struct stat64 *s = malloc(sizeof(*s));
  const char *sp;
  char sname[64];
  for (sp=name; *sp; ++sp)
    sname[sp-name] = *sp;
  memcpy(&sname[sp-name], "-stat", 6);

  assert(size);

  dfile->size = size;
  dfile->contents = malloc(dfile->size);
  klee_make_symbolic(dfile->contents, dfile->size, name);
  
  klee_make_symbolic(s, sizeof(*s), sname);

  /* For broken tests */
  if (!klee_is_symbolic(s->st_ino) && 
      (s->st_ino & 0x7FFFFFFF) == 0)
    s->st_ino = defaults->st_ino;
  
  /* Important since we copy this out through getdents, and readdir
     will otherwise skip this entry. For same reason need to make sure
     it fits in low bits. */
  klee_assume((s->st_ino & 0x7FFFFFFF) != 0);

  /* uclibc opendir uses this as its buffer size, try to keep
     reasonable. */
  klee_assume((s->st_blksize & ~0xFFFF) == 0);

  klee_posix_prefer_cex(s, !(s->st_mode & ~(S_IFMT | 0777)));
  klee_posix_prefer_cex(s, s->st_dev == defaults->st_dev);
  klee_posix_prefer_cex(s, s->st_rdev == defaults->st_rdev);
  klee_posix_prefer_cex(s, (s->st_mode&0700) == 0600);
  klee_posix_prefer_cex(s, (s->st_mode&0070) == 0020);
  klee_posix_prefer_cex(s, (s->st_mode&0007) == 0002);
  klee_posix_prefer_cex(s, (s->st_mode&S_IFMT) == S_IFREG);
  klee_posix_prefer_cex(s, s->st_nlink == 1);
  klee_posix_prefer_cex(s, s->st_uid == defaults->st_uid);
  klee_posix_prefer_cex(s, s->st_gid == defaults->st_gid);
  klee_posix_prefer_cex(s, s->st_blksize == 4096);
  klee_posix_prefer_cex(s, s->st_atime == defaults->st_atime);
  klee_posix_prefer_cex(s, s->st_mtime == defaults->st_mtime);
  klee_posix_prefer_cex(s, s->st_ctime == defaults->st_ctime);

  s->st_size = dfile->size;
  s->st_blocks = 8;
  dfile->stat = s;
}
Пример #9
0
int main()
{
  int a;

  /* We make a symbolic */
  /* a = 30; */

  klee_make_symbolic(&a, sizeof(int), "a");
  klee_assume(a >= 0);
  klee_assume(a <= 30);
	      
  fib(a);
  return a;
}
Пример #10
0
int main() {
	int count;
	int i;
	klee_make_symbolic(&count, sizeof(count), "count");	
	klee_make_symbolic(&i, sizeof(i), "i");	
	klee_assume(count == 0);
	klee_assume(i == 0);
	klee_abstract(i == 0); 
	klee_abstract(count == 2);
	while(i < 3){
		count++;
		i++;
	}
	klee_assert(count == 3);
}
Пример #11
0
int main() {
    int p1, p2, p3;
    klee_make_symbolic(&p1, sizeof(p1), "p1");
    klee_make_symbolic(&p2, sizeof(p2), "p2");
    klee_make_symbolic(&p3, sizeof(p3), "p3");
    klee_make_symbolic(&x, sizeof(x), "x");

    klee_assume (x <= 0);

    if (p1 > 8)
        x = x + 1;
    else
        x = x + 2;
    if (p2 > 8)
        x = x + 1;
    else
        x = x + 2;
    if (p3 > 8)
        x = x + 1;
    else
        x = x + 2;

    assert(x <= 6);

    return 0;
}
Пример #12
0
int client(void) {
  int forks = 0;

  unsigned i;
  for (i = 0; i < PRODUCERS_COUNT; i++) {
    pid_t pid = fork();
    assert(pid >= 0);

    if (pid == 0) {
      send_units(UNITS_PER_PRODUCER*i, UNITS_PER_PRODUCER);
      return 0;
    } else {
      forks++;
    }
  }

  while (forks > 0) {
    int res = wait(NULL);
    assert(res != -1);
    forks--;
  }

  int unit;
  klee_make_symbolic(&unit, sizeof(unit), "negative unit");
  klee_assume(unit < -10);
  send_unit(unit);

  return 0;
}
Пример #13
0
int main() {
  int p1,p2, x;
  klee_make_symbolic(&p1, sizeof(p1), "p1");
  klee_make_symbolic(&p2, sizeof(p2), "p2");
  klee_make_symbolic(&x, sizeof(x), "x");

  klee_assume(x == 0);

  if (p1 > 8)
    x = x; 
  else
    x = x + 1;
  if (p2 > 8)
    x = x;
  else
    x = x + 2;

  // Without the join, this example produces 4 tests, but with the
  // join just1 1.
  klee_join("dummy1", x);

  klee_assert(x <= 3);

  return x;
} 
Пример #14
0
int main() {
  unsigned char a[4] = "abc";
  unsigned i;
  int p1, p2;

  klee_make_symbolic(&i, sizeof(i), "i");
  klee_make_symbolic(&p1, sizeof(p1), "p1");
  klee_make_symbolic(&p2, sizeof(p2), "p2");

  klee_assume(i < 4);

  if (p1 < 8) {
    if (i > 0)
      a[i] = 'b';
  }

  if (p2 < 8) {
    if (i < 3)
      a[i] = 'a';
  }

  assert(a[0] == 'a');

  return 0;
}
Пример #15
0
int main(void)
{
  int n, m;
  klee_make_symbolic(&n, sizeof n, "n");
  klee_assume(n < -1);

  if (n/2 > 0)
    assert(0);

  klee_make_symbolic(&m, sizeof m, "m");
  klee_assume(m > 0);

  if (m/2 == 2)
    printf("m is 2\n");
  
  return 0;
} 
int main()
{
    int N;    
    klee_make_symbolic(&N, sizeof(N), "N");
    klee_assume(0 <= N);
    klee_assume(N <= 4);

    int x = 0, i = 0;
    while (i < N) {
	if (i % 2 == 0) {
	    x += 2;
	}
	i++;
    }
    assert(x == N || x == N + 1); // x == N if N is even, otherwise N is odd
    
    return 0;
}
Пример #17
0
int main(int argc, char** argv) {
  int x = 54;
  klee_make_symbolic(&x, sizeof(x), "x");
  klee_assume(x == ASSUME_VALUE);

#ifdef PRINT_VALUE
  printf("x=%d\n", x);
#endif

  return 0;
}
int main (int argc, char** argv) {
	int x;
	int y;
	int xa;
	int ya;
	klee_make_symbolic(&xa, sizeof(xa), "xa");
	klee_make_symbolic(&ya, sizeof(ya), "ya");
	klee_assume(xa + 2 * ya >= 0);
	klee_assert(xa + 2 * ya >= -1);
	return 0;
}
Пример #19
0
/* n_files: number of symbolic input files, excluding stdin
   file_length: size in bytes of each symbolic file, including stdin
   sym_stdout_flag: 1 if stdout should be symbolic, 0 otherwise
   save_all_writes_flag: 1 if all writes are executed as expected, 0 if 
                         writes past the initial file size are discarded 
			 (file offset is always incremented)
   max_failures: maximum number of system call failures */
void klee_init_fds(unsigned n_files, unsigned file_length, 
		   int sym_stdout_flag, int save_all_writes_flag,
		   unsigned max_failures) {
  unsigned k;
  char name[7] = "?-data";
  struct stat64 s;

  stat64(".", &s);

  __exe_fs.n_sym_files = n_files;
  __exe_fs.sym_files = malloc(sizeof(*__exe_fs.sym_files) * n_files);
  for (k=0; k < n_files; k++) {
    name[0] = 'A' + k;
    __create_new_dfile(&__exe_fs.sym_files[k], file_length, name, &s);
  }
  
  /* setting symbolic stdin */
  if (file_length) {
    __exe_fs.sym_stdin = malloc(sizeof(*__exe_fs.sym_stdin));
    __create_new_dfile(__exe_fs.sym_stdin, file_length, "stdin", &s);
    __exe_env.fds[0].dfile = __exe_fs.sym_stdin;
  }
  else __exe_fs.sym_stdin = NULL;

  __exe_fs.max_failures = max_failures;
  if (__exe_fs.max_failures) {
    __exe_fs.open_fail = malloc(sizeof(*__exe_fs.open_fail));
    __exe_fs.read_fail = malloc(sizeof(*__exe_fs.read_fail));
    __exe_fs.write_fail = malloc(sizeof(*__exe_fs.write_fail));
    __exe_fs.close_fail = malloc(sizeof(*__exe_fs.close_fail));
    __exe_fs.ftruncate_fail = malloc(sizeof(*__exe_fs.ftruncate_fail));
    __exe_fs.getcwd_fail = malloc(sizeof(*__exe_fs.getcwd_fail));

    klee_make_symbolic(__exe_fs.open_fail, sizeof(*__exe_fs.open_fail), "open_fail");
    klee_make_symbolic(__exe_fs.read_fail, sizeof(*__exe_fs.read_fail), "read_fail");
    klee_make_symbolic(__exe_fs.write_fail, sizeof(*__exe_fs.write_fail), "write_fail");
    klee_make_symbolic(__exe_fs.close_fail, sizeof(*__exe_fs.close_fail), "close_fail");
    klee_make_symbolic(__exe_fs.ftruncate_fail, sizeof(*__exe_fs.ftruncate_fail), "ftruncate_fail");
    klee_make_symbolic(__exe_fs.getcwd_fail, sizeof(*__exe_fs.getcwd_fail), "getcwd_fail");
  }

  /* setting symbolic stdout */
  if (sym_stdout_flag) {
    __exe_fs.sym_stdout = malloc(sizeof(*__exe_fs.sym_stdout));
    __create_new_dfile(__exe_fs.sym_stdout, 1024, "stdout", &s);
    __exe_env.fds[1].dfile = __exe_fs.sym_stdout;
    __exe_fs.stdout_writes = 0;
  }
  else __exe_fs.sym_stdout = NULL;
  
  __exe_env.save_all_writes = save_all_writes_flag;
  __exe_env.version = __sym_uint32("model_version");
  klee_assume(__exe_env.version == 1);
}
Пример #20
0
int main(int argc, char** argv) {
  int x = klee_range(0, BOUND_VALUE, "x");
#ifdef FORCE_VALUE
  klee_assume(x == FORCE_VALUE);
#endif

#ifdef PRINT_VALUE
  printf("x=%d\n", x);
#endif

  return 0;
}
Пример #21
0
int klee_range(int start, int end, const char* name) {
  int x;

  if (start >= end)
    klee_report_error(__FILE__, __LINE__, "invalid range", "user");

  if (start+1==end) {
    return start;
  } else {
    klee_make_symbolic(&x, sizeof x, name); 

    /* Make nicer constraint when simple... */
    if (start==0) {
      klee_assume((unsigned) x < (unsigned) end);
    } else {
      klee_assume(start <= x);
      klee_assume(x < end);
    }

    return x;
  }
}
Пример #22
0
int main() {
  char a[6] = "hello";
  unsigned i;

  klee_make_symbolic(&i, sizeof(i), "i");

  klee_assume(i <= 1);
  a[i] = 0;

  assert(a[3] != 0);

  return 0;
} 
Пример #23
0
int main (int argc, char **argv) {
  int a = 1;
  int b = 1;

  // ADVANCED ALGORITHM START
  while (b <= 10) {
    b = a;
    a = a * 2;
  }

  // Some constraint that we wish to have satisfied
  klee_assume(b <= a);

  return 0;
}
Пример #24
0
int main() {
  unsigned char k;
  
  klee_make_symbolic(&k, sizeof(k), "k");
  klee_assume(k < 10);
  
  // CHECK: Yes
  // CHECK-NEXT: No
  if (array[k] >= 1)
    printf("Yes\n");

  // CHECK: KLEE: done: completed paths = 1
  
  return 0;
}
Пример #25
0
int main() {

    int i;
    int j;
    klee_make_symbolic(&i, sizeof(i), "i");
    klee_make_symbolic(&j, sizeof(j), "j");
    klee_assume (0 <= i);
    klee_assume (i <= 10);

    int x,y;
    x=i;
    y=j;

    while (x!=0) {
        x--;
        y--;
    }

    if (i==j) {
        assert( y == 0);
    }

    return 1;
}
Пример #26
0
/*
 * This is an example to test if the dependency
 * of the assertion to z is computed correctly.
 */
int add(int p1, int p2, int p3, int x) {
  int z = 6;

  klee_assume(x <= 0);
  
  if (p1 > 8)
    x = x + 1;
  if (p2 > 8)
    x = x;
  else
    x = x + 2;
  if (p3 > 8)
    x = x + 3;

  assert(x <= z);
  return x;
}
Пример #27
0
int main() {
  unsigned char k;

  klee_make_symbolic(&k, sizeof(k), "k");
  klee_assume(k < 5);

  // CHECK: Yes
  // CHECK-NEXT: No
  if (array[array2[k]] == 7)
    printf("Yes\n");
  else
    printf("No\n");

  // CHECK: KLEE: done: completed paths = 2

  return 0;
}
Пример #28
0
int main(int argc, char *argv[]) 
{

	int length;
	if (argc < 2) {
	  length = NITEMS;
	}	
	else length = atoi(argv[1]);

	int *data = (int*) malloc(length * sizeof(int));
	int *ROM_data = (int*) malloc(length * sizeof(int)); 

	klee_make_symbolic(data, NITEMS * sizeof(int), "data_symb");

	//	for (int i = 0; i < length-1; ++i) {
	//		data[i] = i;                      //could be rand(); later
	//		ROM_data[i] = i;
	//	}

	//	devicesDump();

	klee_assume(data[0] != data[1]);
 
	// Copy all the symbolic stuff in!
	for (int i = 0; i < length; ++i)
	  {
	    ROM_data[i] = data[i];
	  }

	if (data[0] < data[1])
	  { printf("a\n");
	    cudasummer(data, length); 
	  }
	else
	  { printf("b\n");
	    cudasummer(data, length);
	  }

	if (length < 1000) 
		for (int i = 0 ; i < length; ++i)
		{
			printf("%d\n", data[i]);
		}
	verify(data, ROM_data, length);
}
Пример #29
0
static const char *__concretize_string(const char *s) {
  char *sc = __concretize_ptr(s);
  unsigned i;

  for (i=0; ; ++i) {
    char c = *sc;
    if (!(i&(i-1))) {
      if (!c) {
        *sc++ = 0;
        break;
      } else if (c=='/') {
        *sc++ = '/';
      } 
    } else {
      char cc = (char) klee_get_valuel((long)c);
      klee_assume(cc == c);
      *sc++ = cc;
      if (!cc) break;
    }
  }

  return s;
}
Пример #30
0
void __VERIFIER_assume(int expr)
{
	klee_assume(expr);
}