Hi, I've been testing KLEE on core-utils (6.11) recently and I've found a bug in KLEE. When running on "sort.bc"[1] with the following arguments KLEE segfaults.
$ klee --posix-runtime --libc=uclibc sort.bc --sym-args 0 1 10 --sym-args 0 2 2 --sym-files 1 8 --sym-stdout A truncated backtrace is available here [2]. It appears that "klee::STPBuilder::getArrayForUpdate()" is called a lot recursively. I've truncated the backtrace because in the backtrace "klee::STPBuilder::getArrayForUpdate()" repeats a lot (after about 37,000 calls I gave up printing output... it seemed to just go on and on and on...). My suspicion is that this bug is related to the stack being so huge, but I'm not really an expert. Any idea what is wrong? Thanks, Dan Liew. [1] http://www.doc.ic.ac.uk/~dsl11/sort.bc [2] http://www.doc.ic.ac.uk/~dsl11/gdb-segfault-sort-crash.txt
_______________________________________________ klee-dev mailing list [email protected] http://keeda.Stanford.EDU/mailman/listinfo/klee-dev
