What’s wrong with this code?

最新推荐文章于 2025-04-22 15:20:48 发布
转载 最新推荐文章于 2025-04-22 15:20:48 发布 · 368 阅读 · 0 ·
CC 4.0 BY-SA版权
原文链接:http://blog.llvm.org
文章标签:

#llvm #clang

本文通过一个有趣的KLEE示例,探讨了符号执行工具如何在程序路径探索中工作。KLEE是一个复杂的工具,用于探索LLVM代码的所有可能路径。文章详细分析了一个案例,解释了为何KLEE仅找到一条路径,并展示了当条件更改为可行整数时,KLEE能正确识别两条路径。

Wednesday, April 7, 2010

What’s wrong with this code?

A user on IRC sent me this interesting KLEE example today, which I thought was cute enough I should post it.

If you aren’t familiar with it, KLEE is a tool for symbolic execution of LLVM code. It is way too complicated to explain here, but for the purposes of this example all you need to know is that it tries to explore all possible paths through a program.

In this case, the user was actually talking to me because he thought there was a bug in KLEE, because it was only finding one path through the code. Here is the example:

$ cat t.c
#include "klee/klee.h"

int f0(int x) {
if (x * x == 1000)
return 1;
else
return 0;
}

int main() {
return f0(klee_int("x"));
}

The idea here is that klee_int("x") creates a new symbolic variable, which can be anything (well, any possible int).

The user was expecting that there would be two possible paths through this program, one returning 1 and one returning 0. But KLEE only finds one:

$ clang -I ~/public/klee/include -flto -c t.c
$ ~/public/klee.obj.64/Debug/bin/klee t.o
KLEE: output directory = "klee-out-5"

KLEE: done: total instructions = 24
KLEE: done: completed paths = 1
KLEE: done: generated tests = 1

Upon showing the example to me, I was also confused for a moment. However, since I happen to trust KLEE, I knew to look for a problem in the test case! And of course, the square root of 1000 isn’t an integer, so there is no way this code can return 1. If we change the 1000 to 100, KLEE finds two paths as we would expect:

$ cat t.c
#include "klee/klee.h"

int f0(int x) {
if (x * x == 100)
return 1;
else
return 0;
}

int main() {
return f0(klee_int("x"));
}
$ clang -I ~/public/klee/include -flto -c t.c
$ ~/public/klee.obj.64/Debug/bin/klee t.o
KLEE: output directory = "klee-out-6"

KLEE: done: total instructions = 31
KLEE: done: completed paths = 2
KLEE: done: generated tests = 2

This example shows exactly what KLEE was designed for – reasoning about code (or math) is hard, and it is great to let a machine do it for you!

Posted by Daniel Dunbar at 11:49 AM

Labels: KLEE

【AI人工智能】用于代码生成的大型语言模型 Large Language Models for Code Generation
AI天才研究院
06-09 1万+
大型语言模型通常采用Transformer等注意力机制架构,能够有效捕获输入序列中长程依赖关系。具体而言,编码器将输入序列映射为上下文表示,解码器则根据上下文和已生成的部分序列预测下一个token。代码生成任务中的输入序列可以是自然语言的问题描述、函数签名、测试用例等形式。模型通过学习大量的代码-自然语言语料对,建立两者之间的映射关系。在生成阶段,给定输入序列,解码器基于学习到的知识逐步推理和生成目标代码。
What's Wrong With Hue Oozie Editor?
Laurence的技术博客
07-23 5846
First, let’s make the topic clear: Comparing with providing raw Oozie workflow/coordinator xml file, what’s disadvantages to create workflow/coordinator with Hue Oozie Editor? ( The Hue Oozie Editor ve
What is cloud computing?
u011868279的博客
03-19 2121
What is cloud computing? Have you ever wondered what cloud computing is? It's the delivery of computing services over the internet, which is otherwise known as the cloud. These services include servers, storage, databases, networking, software, analytics,
What Makes a Good Developer Culture?
简陋的小草屋
03-15 2144
There’s a lot of talk these days about what makes a good “culture”, whether you’re an engineer, a software developer, or a chef. It’s all about finding a work environment that not only is conducive to
让错误代码更明显-Making Wrong Code Look Wrong
Hello Mingo
12-11 2323
前言 这篇文章是在《游戏引擎架构》这本书的推荐里看到的,看完以后觉得作者的观点和我平时的想法非常接近,所以决定翻译一下。我看到了网上有这篇文章的纯中文版本,但是是机翻的。在这里你将看到的是我花费了大把时间,一句话一句话翻译过来的版本。为了方便读者理解,我将原文也拷贝了过来,如果我哪里翻译的不准确,或者让你迷糊的,可以直接看原文。 这篇文章的要讲的内容并不复杂,但是写的确实很啰嗦,或许是为了让读...
Making Wrong Code Look Wrong
directdraw的专栏
03-23 1141
Making Wrong Code Look Wrong by Joel Spolsky Wednesday, May 11, 2005 Way back in September 1983, I started my first real job, working at Oranim, a big bread factory in Israel that made someth
What went wrong: Execution failed for task ':compileArmv7DebugJavaWithJavac'. 问题解决办法
I_LV_XJ的博客
03-10 5231
考虑到ionic开发的app的性能问题,我们在项目打包的时候集成了crosswalk插件,集成指令如下: ionic plugin add cordova-plugin-crosswalk-webview 集成的时候出现了下面的提示: Unmet project requirements for latest version of cordova-plugin-crosswalk-webvi
【LLM+Code】Claude Code Agent 0.2.9 版本Prompt&Tools最细致解读
AI蜗牛车
04-22 2275
是anthropic团队开发的一个code agent bash工具。
Mysql-error code汇总
热门推荐
文学超的博客
07-03 5万+
OS error code 1: Operation not permitted OS error code 2: No such file or directory OS error code 3: No such process OS error code 4: Interrupted system call OS error code 5: In
Android FAILURE: Build failed with an exception.
qq_657172627的博客
09-10 2225
build 报错如下: FAILURE: Build failed with an exception. * What went wrong: Could not resolve all files for configuration ':commonlibrary:debugCompileClasspath'. > Could not resolve com.umeng.umsdk:analytics:8.0.2. Required by: project :commo...
SEH exception with code 0xc0000005 error
jfkidear的专栏
04-10 8974
EXPECT_CALL of googlemock leads to “unknown file:error: SEH exception with code 0xc0000005 thrown in the test body” [closed] up vote1down votefavorite I am
Begin to Code with Python
01-08
Test and debug your code withWhat can go wrong” sections Understand the social aspects of professional development, and build career-ready skills from the start Whether you’re a total beginner or...
FAILURE: Build failed with an exception. * What went wrong: Could not resolve all dependencies for configuration 'classpath'. > Could not resolve project :gradle-plugin:settings-plugin. Required by: unspecified:unspecified:unspecified > Dependency requires at least JVM runtime version 11. This build uses a Java 8 JVM. * Try: > Run this build using a Java 11 or newer JVM. > Run with --stacktrace option to get the stack trace. > Run with --info or --debug option to get more log output. > Run with --scan to get full insights. > Get more help at https://help.gradle.org. BUILD FAILED in 2s error Failed to install the app. Command failed with exit code 1: gradlew.bat app:installDebug -PreactNativeDevServerPort=8081 FAILURE: Build failed with an exception. * What went wrong: Could not resolve all dependencies for configuration 'classpath'. > Could not resolve project :gradle-plugin:settings-plugin. Required by: unspecified:unspecified:unspecified > Dependency requires at least JVM runtime version 11. This build uses a Java 8 JVM. * Try: > Run this build using a Java 11 or newer JVM. > Run with --stacktrace option to get the stack trace. > Run with --info or --debug option to get more log output. > Run with --scan to get full insights. > Get more help at https://help.gradle.org. BUILD FAILED in 2s.
04-02
好的,我现在需要帮助用户解决Gradle构建失败的问题,具体是依赖项未解析和JVM版本不兼容。用户想从Java 8升级到Java 11。首先,我得理清楚这两个问题的解决步骤。 首先,关于依赖项未解析的问题。...
Flutter assets will be downloaded from https://storage.flutter-io.cn. Make sure you trust this source! FAILURE: Build failed with an exception. * What went wrong: Execution failed for task ':audio_session:compileReleaseKotlin'. > Inconsistent JVM-target compatibility detected for tasks 'compileReleaseJavaWithJavac' (11) and 'compileReleaseKotlin' (17). Consider using JVM Toolchain: https://kotl.in/gradle/jvm/toolchain Learn more about JVM-target validation: https://kotl.in/gradle/jvm/target-validation * Try: > Run with --stacktrace option to get the stack trace. > Run with --info or --debug option to get more log output. > Run with --scan to get full insights. > Get more help at https://help.gradle.org. BUILD FAILED in 46s Running Gradle task 'assembleRelease'... 47.0s Gradle task assembleRelease failed with exit code 1
07-13
### 解决Flutter构建过程中JVM版本不兼容导致的编译错误 当出现错误信息 `Inconsistent JVM-target compatibility detected for tasks 'compileReleaseJavaWithJavac' (11) and 'compileReleaseKotlin' (17)` 时,...
不确定发电中的交流电网中的分布式随机储备调度.zip
12-04
1.版本:matlab2014a/2019b/2024b 2.附赠案例数据可直接运行。 3.代码特点:参数化编程、参数可方便更改、代码编程思路清晰、注释明细。 4.适用对象:计算机,电子信息工程、数学等专业的大学生课程设计、期末大作业和毕业设计。
axure的chrome插件
12-04
axure的chrome插件
毕业设计基于spark的西南天气数据的分析与应用源码+演示视频.zip
最新发布
12-04
毕业设计基于spark的西南天气数据的分析与应用源码+演示视频.zip
含光热电站、有机有机朗肯循环、P2G的综合能源优化调度(Matlab代码实现)
12-04
内容概要:本文介绍了一个基于Matlab的综合能源系统优化调度仿真资源,重点实现了含光热电站、有机朗肯循环(ORC)和电含光热电站、有机有机朗肯循环、P2G的综合能源优化调度(Matlab代码实现)转气(P2G)技术的冷、热、电多能互补系统的优化调度模型。该模型充分考虑多种能源形式的协同转换与利用,通过Matlab代码构建系统架构、设定约束条件并求解优化目标,旨在提升综合能源系统的运行效率与经济性,同时兼顾灵活性供需不确定性下的储能优化配置问题。文中还提到了相关仿真技术支持,如YALMIP工具包的应用,适用于复杂能源系统的建模与求解。; 适合人群:具备一定Matlab编程基础和能源系统背景知识的科研人员、研究生及工程技术人员,尤其适合从事综合能源系统、可再生能源利用、电力系统优化等方向的研究者。; 使用场景及目标:①研究含光热、ORC和P2G的多能系统协调调度机制;②开展考虑不确定性的储能优化配置与经济调度仿真;③学习Matlab在能源系统优化中的建模与求解方法,复现高水平论文(如EI期刊)中的算法案例。; 阅读建议:建议读者结合文档提供的网盘资源,下载完整代码和案例文件,按照目录顺序逐步学习,重点关注模型构建逻辑、约束设置与求解器调用方式,并通过修改参数进行仿真实验,加深对综合能源系统优化调度的理解。
XFETeam_react-lss-autocomplete_13744_1764827764273.zip
12-04
XFETeam_react-lss-autocomplete_13744_1764827764273.zip
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值