I'm using Klee 2.9, and trying to obtain branch information from stat file klee generats. I fed in a one if-else statement program, and klee reported NumBranches as 8.
Code under test is shown below,
#include <stdio.h>
#include <stdbool.h>
int main(){
int a;
int b;
klee_make_symbolic(&a,sizeof(a),"a");
klee_make_symbolic(&b,sizeof(b),"b");
if (a / b == 1) {
printf("a==b\n");
}
else {
printf("a!=b\n");
}
return 0;
}
and file output run.stats in shown below,
('Instructions','FullBranches','PartialBranches','NumBranches','UserTime','NumStates','MallocUsage','NumQueries','NumQueryConstructs','NumObjects','WallTime','CoveredInstructions','UncoveredInstructions','QueryTime','SolverTime','CexCacheTime','ForkTime','ResolveTime',)
(0,0,0,8,5.609000e-03,0,528704,0,0,0,4.196167e-05,0,78,0.000000e+00,0.000000e+00,0.000000e+00,0.000000e+00,0.000000e+00)
(32,2,0,8,9.722000e-03,0,654176,3,56,0,3.826760e-01,27,51,3.799300e-01,3.802470e-01,3.801040e-01,6.900000e-05,0.000000e+00)
Can anyone explain me how does 8 come from?
Two possible reasons:
"klee_make_symbolic" and "printf" contains conditional statements. When KLEE executes the program, it does not differentiate your functions from external functions.
If you run KLEE with "--libc=uclibc", the main function will be replaced with "__uclibc_main". "__uclibc_main" first do some initialization works and then call the original "main" function. The initialization might contain some conditional statements.
You need to check the version of KLEE and the commands you used.
Related
I am trying to make some Linux-based code run on macOS. It is the POSIX OSAL layer for NASA Core Flight System as found here: https://github.com/nasa/osal.
I am observing that the code uses POSIX conditions and in particular, there is a call like the following:
if (pthread_cond_destroy(&(sem->cv)) != 0) {
printf("pthread_cond_destroy %d %s\n", errno, strerror(errno)); // my addition
...
}
On macOS, the tests related to this code provided in the OSAL repository always fail because the call to pthread_cond_destroy always results in:
pthread_cond_destroy 78 Function not implemented
I have found an example in the Apple documentation which shows an example of Using Conditions (Threading Programming Guide / Synchronization / Using Conditions) and in that example there is no call to pthread_cond_destroy but I cannot make any conclusions on whether that call should be there or not because the example is simplified.
This is how the header looks like on my machine:
__API_AVAILABLE(macos(10.4), ios(2.0))
int pthread_cond_destroy(pthread_cond_t *);
I am wondering if pthread_cond_* functionality is simply missing on macOS and I have to implement a replacement for it or there is some way to make it work.
EDIT: The minimal example is working fine for me. The problem should be somewhere around the problematic code. What I still don't understand is why I am getting ENOSYS/78 error code, for one thing it is not mentioned on the man page man/3/pthread_cond_destroy:
#include <iostream>
#include <pthread.h>
int main() {
pthread_cond_t condition;
pthread_cond_init(&condition, NULL);
int result = pthread_cond_destroy(&condition);
assert(result == 0);
assert(errno == 0);
std::cout << "Hello, World!" << std::endl;
return 0;
}
I tried a example on Auto for variable initialization and STL in C++. For normal variable, type was printed using : typeid(var_name).name() to print i (integer) / d(float) / pi(pointer) which works fine.
But while working on STL,
`#include <iostream>
#include <vector>
using namespace std;
int main()
{
vector<string> st;
st.push_back("geeks");
st.push_back("for");
for (auto it = st.begin(); it != st.end(); it++)
cout << typeid(it).name() << "\n";
return 0;
}
`
which gives output like,
`N9__gnu_cxx17__normal_iteratorIPNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEESt6vectorIS6_SaIS6_EEEE
N9__gnu_cxx17__normal_iteratorIPNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEESt6vectorIS6_SaIS6_EEEE`
and I am unable to understand the output logic behind it, can anyone explain why it is giving output like this? and thanks in advance
That's the "name mangled" version of the name of the type of it. typeinfo::name() is not required by the standard to return a name in human-readable format (a shortcoming IMHO) and GCC doesn't do so.
To get the actual, human-readable name, you need to call the abi::__cxa_demangle() function provided by GCC, but note that this is non-portable so if your project needs to work on different compilers you'll need to wrap it appropriately.
My Code
#include<stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <sys/wait.h>
int main()
{
char * arg_list[3];
arg_list[0] = "ls";
arg_list[1] = "-l";
arg_list[2] = 0;
char *arg_list2[3];
arg_list2[0] = " ps";
arg_list2[1] = "-ef";
arg_list2[2] = 0;
for(int i=0;i<5;i++){ // loop will run n times (n=5)
if(fork() == 0) {
if (i == 0){
execvp("ls", arg_list);
}else if(i==1){
execvp("ps" , arg_list2);
}else if(i>1){
printf("[son] pid %d from [parent] pid %d\n",getpid(),getppid());
exit(0);
}
}
}
for(int i=0;i<5;i++) // loop will run n times (n=5)
wait(NULL);
}
ME trying to modify it
#include<stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <sys/wait.h>
int main()
{
for(int i=0;i<5;i++){ // loop will run n times (n=5)
if(fork() == 0) {
printf("[son] pid %d from [parent] pid %d\n",getpid(),getppid());
execlp(argv[i],argv[i],argv[i+1],(char*)NULL);
exit(0);
}
}
for(int i=0;i<5;i++) // loop will run n times (n=5)
wait(NULL);
}
-- NEED GUIDANCE AND UNDERSTANDING
I am trying to make my own tiny little shell program. When I run my first code works fine, runs all commands on the command line. But I cannot know and define all commands the user might enter. So i am trying to get a base code which could run any commands single or multiple entered by user. I tried using execlp where it does not compile saying argv is not defined which is true as i don't want to specifically define it.
I am trying to make my own tiny little shell program. When I run my first code works fine, runs all commands on the command line. But I cannot know and define all commands the user might enter.
For sure.... A shell program purpose is basically:
Read user input
Execute user input
Return result of execution.
There's nothing in your code that read user input....
So i am trying to get a base code which could run any commands single or multiple entered by user.
So read user input ;-)
I tried using execlp where it does not compile saying argv is not defined which is true as i don't want to specifically define it.
For sure ... but how would GCC guessed that `argv[]̀ must be automaticallty filled with user input ?
There's nothing automatic when coding in C language. You have to manage this manually.
Also, note that argc, argv et envp are usually reserved for main() function:
main(int argc, char **argv, char **envp)
So you may use something else to build your command array.
In pseudo code, what you must implement is:
quit=0
while (quit = 0) {
command_to_run = read_user_input();
if (command_to_run == "exit") {
quit = 1;
} else {
execute(command_to_run);
}
}
Some advices:
Try to use more functions. For example, implement a fork_and_run(char **cmd) function to fork and then execute command provided by the user. Il will make your code more readable and easy to maintain.
Read carefully manpages: everything you should know (like, for example, the fact that array provided to execvp() must be NULL-terminated) is written in it.
Your debugging messages should be printed to stderr. The result of the command run must be printed to stdin, so use fprintf() instead of printf() to write to the correct stream.
I would use a #define debug(x) fprintf(stderr, x) or something similar for debugging output so that you can easily disable later ;-)
I'm using Codeblocks 13.12 with MinGW on Winodows 10. I'm somewhat familiar with C, but haven't been coding for some while. Last time I wrote a code was with Turbo compiler. So I'm starting to code once again and this the first time I'm using GCC. So I thought of starting with a simple code to print the pattern:Pattern to print
The code I wrote is:
#include<stdio.h>
using namespace std;
int main()
{
int i=0,j=0,k=0;
for(i;i<=4;++i)
{
j=2*i+1;
for(k=1;k<=j;++k)
printf(k);
}
return 0;
}
The error I get is:Error on build attempt
Tell me, is it because of some error in my code(not logical), or there's something else.
first of all there is no space after the include.
EDIT: Tried it, and it works with no space, but it's better for further reading
second, using namespace is not C, it is C++,
third, the printf function has to look like this: printf("%i",k); there has to be placeholders for each variable you want to print. please see some turorial and don't mix C and C++. If you want to program in C++ use something like cout >> instead of printf and use the C++-Headers, #include <stdio>
That works and is good to read ;-):
#include <stdio.h>
int main()
{
int i=0,j=0,k=0;
for(i;i<=4;++i)
{
j=2*i+1;
for(k=1;k<=j;++k)
printf("%i\n",k);
}
return 0;
}
I am using gcc compiler. I am working on a code that frequently involves writing chunks of statements inside a single #define directive. For example the following :
#include<stdio.h>
#define DO_RR(x) do { \
for(i=0;i<x; i++) \
printf("%d", i); \
}while(0);
int main() {
int i=0;
DO_RR(5)
return 0;
}
Now I want to be able to single step through the statements in DO_RR. However when I try it, the control jumps directly from DO_RR statement in main to the next statement and does not single step. Is there anyway to achieve stepping inside the preprocessor blocks ?
You cannot, #defines are expanded by the preprocessor and are not present in the code.
To supplement #Angelom's answer, you can workaround this by using functions. Move whatever code you can from the #define into a function, and you will be able to step through the function call.
Ideally, and most often, you can replace the entire #define with an inline function.