Thanks. You are right. I solved the problem.
Best regards, Qiuping Yi Parasol Laboratory Department of Computer Science and Engineering Texas A&M University College Station TX 77843 On Sat, Jan 28, 2017 at 4:12 AM, Dan Liew <d...@su-root.co.uk> wrote: > On 27 January 2017 at 04:18, Qiuping Yi <yiqiup...@gmail.com> wrote: > > Dear all, > > > > I encountered a strange problem when testing the next code snippet: > > > > 1 if (pw = getpwuid(getuid()) == NULL) > > 2 return ; > > > > 3 .. = pw->pw_dir; > > Please use the correct mailing list (klee-dev@imperial.ac.uk) instead > of the old klee-...@keeda.stanford.edu mailing list. > > It would be better if you provided a small complete example. Like this. > > ``` > #include <assert.h> > #include <pwd.h> > #include <sys/types.h> > #include <stdio.h> > #include <unistd.h> > > int main(int arc, char** argv) { > struct passwd* pw; > uid_t uid = getuid(); > printf("uid is %d\n", uid); > if (pw = getpwuid(getuid()) == NULL) { > printf("Failed\n"); > return 1; > } > assert(pw && "pw cannot be NULL"); > > char* pw_dir = pw->pw_dir; > printf("pw_dir: %s\n", pw_dir); > return 0; > } > ``` > > Your code is wrong. > > if (pw = getpwuid(getuid()) == NULL) > > is doing this > > if ( pw = ( getpwuid(getuid()) == NULL ) > > so a pointer is returned by `getpwuid()` and then we compare with NULL > which is false so then `pw` gets assigned the value zero. > > However once I fix your code to > > if ((pw = getpwuid(getuid())) == NULL) { > > then I can reproduce the problem if I just run `klee program.bc` > > I suspect it's to do with the fact `getpwuid()` returns a pointer to > "real memory" which does not point to anything in KLEE's own model of > the memory (i.e. the address space of the program under). > > To fix this you need not call `getpwuid()` as an external function but > instead call it from klee-uclibc so that it can be symbolically > executed. > > If you run > > ``` > klee -libc=uclibc program.bc > ``` > > no out of bounds access is reported. > > HTH, > Dan. >
_______________________________________________ klee-dev mailing list klee-dev@imperial.ac.uk https://mailman.ic.ac.uk/mailman/listinfo/klee-dev