What’s wrong with this code?

最新推荐文章于 2021-03-19 19:57:00 发布
最新推荐文章于 2021-03-19 19:57:00 发布
阅读量346 收藏
点赞数
CC 4.0 BY-SA版权
分类专栏: llvm-blog 文章标签: llvm clang
原文链接:http://blog.llvm.org
本文通过一个有趣的KLEE示例,探讨了符号执行工具如何在程序路径探索中工作。KLEE是一个复杂的工具,用于探索LLVM代码的所有可能路径。文章详细分析了一个案例,解释了为何KLEE仅找到一条路径,并展示了当条件更改为可行整数时,KLEE能正确识别两条路径。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

Wednesday, April 7, 2010

What’s wrong with this code?

A user on IRC sent me this interesting KLEE example today, which I thought was cute enough I should post it.

If you aren’t familiar with it, KLEE is a tool for symbolic execution of LLVM code. It is way too complicated to explain here, but for the purposes of this example all you need to know is that it tries to explore all possible paths through a program.

In this case, the user was actually talking to me because he thought there was a bug in KLEE, because it was only finding one path through the code. Here is the example:

$ cat t.c
#include "klee/klee.h"

int f0(int x) {
if (x * x == 1000)
return 1;
else
return 0;
}

int main() {
return f0(klee_int("x"));
}

The idea here is that klee_int("x") creates a new symbolic variable, which can be anything (well, any possible int).

The user was expecting that there would be two possible paths through this program, one returning 1 and one returning 0. But KLEE only finds one:

$ clang -I ~/public/klee/include -flto -c t.c
$ ~/public/klee.obj.64/Debug/bin/klee t.o
KLEE: output directory = "klee-out-5"

KLEE: done: total instructions = 24
KLEE: done: completed paths = 1
KLEE: done: generated tests = 1

Upon showing the example to me, I was also confused for a moment. However, since I happen to trust KLEE, I knew to look for a problem in the test case! And of course, the square root of 1000 isn’t an integer, so there is no way this code can return 1. If we change the 1000 to 100, KLEE finds two paths as we would expect:

$ cat t.c
#include "klee/klee.h"

int f0(int x) {
if (x * x == 100)
return 1;
else
return 0;
}

int main() {
return f0(klee_int("x"));
}
$ clang -I ~/public/klee/include -flto -c t.c
$ ~/public/klee.obj.64/Debug/bin/klee t.o
KLEE: output directory = "klee-out-6"

KLEE: done: total instructions = 31
KLEE: done: completed paths = 2
KLEE: done: generated tests = 2

This example shows exactly what KLEE was designed for – reasoning about code (or math) is hard, and it is great to let a machine do it for you!

Posted by Daniel Dunbar at 11:49 AM

Labels: KLEE

【AI人工智能】用于代码生成的大型语言模型 Large Language Models for Code Generation
AI天才研究院
06-09 1万+
大型语言模型通常采用Transformer等注意力机制架构,能够有效捕获输入序列中长程依赖关系。具体而言,编码器将输入序列映射为上下文表示,解码器则根据上下文和已生成的部分序列预测下一个token。代码生成任务中的输入序列可以是自然语言的问题描述、函数签名、测试用例等形式。模型通过学习大量的代码-自然语言语料对,建立两者之间的映射关系。在生成阶段,给定输入序列,解码器基于学习到的知识逐步推理和生成目标代码。
解决Deprecated Gradle features were used in this build, making it incompatible with Gradle 7.0.
逐梦人.的博客
04-24 3402
解决Deprecated Gradle features were used in this build, making it incompatible with Gradle 7.0.
What's Wrong With Hue Oozie Editor?
Laurence的技术博客
07-23 5742
First, let’s make the topic clear: Comparing with providing raw Oozie workflow/coordinator xml file, what’s disadvantages to create workflow/coordinator with Hue Oozie Editor? ( The Hue Oozie Editor ve
What is cloud computing?
u011868279的博客
03-19 2047
What is cloud computing? Have you ever wondered what cloud computing is? It's the delivery of computing services over the internet, which is otherwise known as the cloud. These services include servers, storage, databases, networking, software, analytics,
What Makes a Good Developer Culture?
简陋的小草屋
03-15 2104
There’s a lot of talk these days about what makes a good “culture”, whether you’re an engineer, a software developer, or a chef. It’s all about finding a work environment that not only is conducive to
Making Wrong Code Look Wrong
directdraw的专栏
03-23 1099
Making Wrong Code Look Wrong by Joel Spolsky Wednesday, May 11, 2005 Way back in September 1983, I started my first real job, working at Oranim, a big bread factory in Israel that made someth
让错误代码更明显-Making Wrong Code Look Wrong
Hello Mingo
12-11 2209
前言 这篇文章是在《游戏引擎架构》这本书的推荐里看到的,看完以后觉得作者的观点和我平时的想法非常接近,所以决定翻译一下。我看到了网上有这篇文章的纯中文版本,但是是机翻的。在这里你将看到的是我花费了大把时间,一句话一句话翻译过来的版本。为了方便读者理解,我将原文也拷贝了过来,如果我哪里翻译的不准确,或者让你迷糊的,可以直接看原文。 这篇文章的要讲的内容并不复杂,但是写的确实很啰嗦,或许是为了让读...
What went wrong: Execution failed for task ':compileArmv7DebugJavaWithJavac'. 问题解决办法
I_LV_XJ的博客
03-10 5120
考虑到ionic开发的app的性能问题,我们在项目打包的时候集成了crosswalk插件,集成指令如下: ionic plugin add cordova-plugin-crosswalk-webview 集成的时候出现了下面的提示: Unmet project requirements for latest version of cordova-plugin-crosswalk-webvi
Android FAILURE: Build failed with an exception.
qq_657172627的博客
09-10 2188
build 报错如下: FAILURE: Build failed with an exception. * What went wrong: Could not resolve all files for configuration ':commonlibrary:debugCompileClasspath'. > Could not resolve com.umeng.umsdk:analytics:8.0.2. Required by: project :commo...
Mysql-error code汇总
热门推荐
文学超的博客
07-03 5万+
OS error code 1: Operation not permitted OS error code 2: No such file or directory OS error code 3: No such process OS error code 4: Interrupted system call OS error code 5: In
SEH exception with code 0xc0000005 error
jfkidear的专栏
04-10 8916
EXPECT_CALL of googlemock leads to “unknown file:error: SEH exception with code 0xc0000005 thrown in the test body” [closed] up vote1down votefavorite I am
Don't Waste Time on Code Reviews
高效软件开发
09-09 5499
Less than half of development teams do code reviews and the other half are probably not getting as much out of code reviews as they should.Here’s how to not waste time on code reviews.Keep it SimpleMa
Begin to Code with Python
01-08
Test and debug your code withWhat can go wrong” sections Understand the social aspects of professional development, and build career-ready skills from the start Whether you’re a total beginner or...
Clean Code
12-28
And you will be challenged to think about what’s right about that code, and what’s wrong with it. More importantly, you will be challenged to reassess your professional values and your commitment ...
洛克力量R8.4V2电脑DSP调音软件下载
07-23
洛克力量R8.4V2电脑DSP调音软件下载
C# Socket TCP服务器端通信源码:简单实用,支持多连接与多线程处理 Socket
07-23
内容概要:本文介绍了一段从商业级物联网项目中提取的C#编写的TCP服务器端通信源码。该源码采用静态类文件形式,内置双Socket和两个数据缓冲队列,支持多连接,能够无缝集成到各种C#项目中。它主要用于接收客户端通过互联网或局域网发送的数据,不包含数据处理逻辑,但提供了数据读取接口。代码结构简单清晰,易于理解和使用,适合初学者或有紧急项目需求的人群。文中还详细解析了代码架构、数据接收与处理机制,并指出了使用场景和注意事项。 适合人群:具备基本C#编程能力的研发人员,尤其是对Socket编程感兴趣的初学者或有紧急项目需求的开发者。 使用场景及目标:① 快速集成网络通信功能到C#项目中;② 接受客户端通过互联网或局域网发送的数据;③ 需要在短时间内实现简单的服务器端通信功能。 其他说明:该代码是非异步技术实现,适用于低并发场景。对于高并发需求或复杂数据处理的情况,需谨慎评估是否适用。同时,附带详细的技术文档,便于用户理解和集成。
ABAQUS盾构隧道开挖模型详解:一环七片、毫米单位制、含螺栓与配筋设计
07-23
内容概要:本文详细介绍了基于ABAQUS软件构建的盾构隧道开挖模型,重点讲解了一环七片的管片装配方法、螺栓连接设置以及钢筋笼处理技巧。文中强调了单位制的选择(毫米)、装配逻辑、螺栓预紧力加载顺序、钢筋布置参数化建模等方面的技术要点,并分享了作者在实际操作中的经验和常见错误避免方法。此外,还讨论了开挖步骤的设置及其重要性,确保模拟结果的准确性。 适合人群:从事土木工程、岩土工程、隧道工程等领域研究和技术应用的专业人士,尤其是熟悉ABAQUS软件并希望深入了解盾构隧道开挖模型的工程师。 使用场景及目标:适用于需要进行盾构隧道施工模拟的研究项目或工程项目,帮助工程师更好地理解和掌握盾构隧道开挖过程中涉及的各种力学行为和关键技术,提高模拟精度和可靠性。 其他说明:文章不仅提供了具体的代码片段用于指导具体操作,还分享了许多实践经验,有助于读者在实践中少走弯路,提升工作效率。
Huawei S12700-V200R019SPH3b0
07-23
Huawei S12700-V200R019SPH3b0,里面包含补丁说明书和补丁安装指导书,该补丁支持哪些型号,支持哪些版本可以安装当前补丁,请参考补丁说明书和补丁安装指导书。
实现 CUPT2025 中 LatoLato 实验的仿真模拟研究
最新发布
07-23
资源下载链接为: https://pan.quark.cn/s/95f336ad1bf5 针对 Cupt2025 中的 LatoLato 实验仿真需求,现提供两种实现方案供参考: 该方案采用 Pybullet 物理引擎进行仿真开发。需要注意的是,此方案建议在 Linux 操作系统环境下运行,以确保仿真过程的稳定性和兼容性。Pybullet 作为一款开源的物理仿真引擎,具备精确的动力学计算能力,能够较好地模拟 LatoLato 实验中的物理运动状态,适合对仿真精度有较高要求的场景。 该方案采用 VPython 进行仿真开发,且为推荐方案。VPython 具有简洁易用的特点,其可视化效果直观,便于快速搭建仿真场景并实时观察实验过程。 在项目仓库中,已准备相关参考资料,这些资料来源于网络公开资源,可帮助开发者了解 LatoLato 实验的基本原理和仿真实现思路。同时,仓库中还包含本人制作的 PPT 文档,其中梳理了仿真实现的关键步骤和技术要点,可为开发过程提供具体指导。 两种方案均可实现 LatoLato 实验的仿真需求,开发者可根据自身技术熟悉程度和实际需求选择合适的方案。若追求开发效率和可视化效果,推荐优先考虑方案二;若对物理仿真精度有更高要求,且具备 Linux 环境使用经验,可选择方案一。
Job for rabbitmq-server.service failed because the control process exited with error code.
04-27
Look for any error messages or stack traces that might indicate what went wrong. Another thing to check is whether all the required dependencies are installed and running. For example, RabbitMQ ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值