Merge pull request #87 from S2E/issue/xxx-tcg-8.1.2

Upgraded to TCG 8.1.2

docs/src/s2e-env.rst

@@ -33,7 +33,7 @@ Installing s2e-env
 
     python3 -m venv venv
     . venv/bin/activate
-    pip install --upgrade pip
+    pip install --upgrade pip wheel
 
     # By default, s2e-env uses https to clone repositories.
     # If you want ssh, please edit s2e_env/dat/config.yaml before running pip install.

klee/include/klee/Stats/StatisticManager.h

@@ -88,7 +88,7 @@ class StatisticManager {
     std::string getCSVLine() const;
 };
 
-StatisticManagerPtr &getStatisticManager();
+StatisticManagerPtr getStatisticManager();
 
 } // namespace stats
 } // namespace klee

klee/lib/Basic/Statistics.cpp

@@ -24,7 +24,12 @@ StatisticManager::StatisticManager() {
 StatisticManager::~StatisticManager() {
 }
 
-StatisticManagerPtr &getStatisticManager() {
+StatisticManagerPtr getStatisticManager() {
+    assert(s_statsManager);
+    return s_statsManager;
+}
+
+static StatisticManagerPtr getOrCreateStatisticManager() {
     std::unique_lock lock(s_mutex);
 
     if (s_statsManager == nullptr) {
@@ -71,7 +76,7 @@ Statistic::~Statistic() {
 StatisticPtr Statistic::create(const std::string &_name, const std::string &_shortName) {
     auto ret = StatisticPtr(new Statistic(_name, _shortName));
     if (ret != nullptr) {
-        getStatisticManager()->registerStatistic(ret);
+        getOrCreateStatisticManager()->registerStatistic(ret);
     }
 
     return ret;

klee/lib/Core/AddressSpace.cpp

@@ -398,7 +398,13 @@ bool AddressSpace::write(uintptr_t address, const ref<Expr> &data, Concretizer c
         return true;
     };
 
-    return iterateWrite(address, dataSize, cb, tr);
+    auto ce = dyn_cast<ConstantExpr>(data);
+    if (littleEndian && dataSize <= 8 && ce) {
+        auto cste = ce->getZExtValue(64);
+        return write(address, (uint8_t *) &cste, dataSize, tr);
+    } else {
+        return iterateWrite(address, dataSize, cb, tr);
+    }
 }
 
 bool AddressSpace::symbolic(uintptr_t address, size_t size, AddressTranslator tr) {

klee/lib/Module/KModule.cpp

@@ -139,12 +139,24 @@ static void injectStaticConstructorsAndDestructors(Module *m) {
     GlobalVariable *dtors = m->getNamedGlobal("llvm.global_dtors");
 
     if (ctors || dtors) {
-        Function *mainFn = m->getFunction("main");
-        assert(mainFn && "unable to find main function");
+        if (ctors) {
+            if (llvm::ArrayType *arrayType = llvm::dyn_cast<llvm::ArrayType>(ctors->getValueType())) {
+                if (arrayType->getNumElements() > 0) {
+                    Function *mainFn = m->getFunction("main");
+                    assert(mainFn && "unable to find main function");
+                    CallInst::Create(getStubFunctionForCtorList(m, ctors, "klee.ctor_stub"), "",
+                                     &*mainFn->begin()->begin());
+                } else {
+                    ctors->eraseFromParent();
+                }
+            } else {
+                assert(false && "unexpected global_ctors type");
+            }
+        }
 
-        if (ctors)
-            CallInst::Create(getStubFunctionForCtorList(m, ctors, "klee.ctor_stub"), "", &*mainFn->begin()->begin());
         if (dtors) {
+            Function *mainFn = m->getFunction("main");
+            assert(mainFn && "unable to find main function");
             Function *dtorStub = getStubFunctionForCtorList(m, dtors, "klee.dtor_stub");
             for (Function::iterator it = mainFn->begin(), ie = mainFn->end(); it != ie; ++it) {
                 if (isa<ReturnInst>(it->getTerminator()))

libcpu/CMakeLists.txt

@@ -57,6 +57,7 @@ file(WRITE ${CONFIG_TARGET_H}
 #define TARGET_PHYS_ADDR_BITS 64
 #define CONFIG_SOFTMMU 1
 #define CONFIG_I386_DIS 1
+#define CONFIG_INT128 1
 "
 )
 

libcpu/include/cpu/exec.h

@@ -26,7 +26,7 @@
 #include <cpu/softmmu_defs.h>
 #include <cpu/tb.h>
 #include <libcpu-compiler.h>
-#include <libcpu-log.h>
+#include <tcg/utils/log.h>
 
 #ifdef __cplusplus
 extern "C" {

libcpu/include/cpu/i386/cpuid.h

@@ -18,8 +18,8 @@
 #define LIBCPU_i386_CPUID
 
 #include <inttypes.h>
-#include <libcpu-log.h>
 #include <stdio.h>
+#include <tcg/utils/log.h>
 
 #ifdef __cplusplus
 extern "C" {

libcpu/include/cpu/tlb.h

@@ -23,60 +23,26 @@
 #include <cpu/config.h>
 #include <cpu/types.h>
 
+#include <tcg/tlb.h>
+
 #ifdef __cplusplus
 extern "C" {
 #endif
 
 #define CPU_TLB_BITS 10
 #define CPU_TLB_SIZE (1 << CPU_TLB_BITS)
 
-#if HOST_LONG_BITS == 32 && TARGET_LONG_BITS == 32
-#define CPU_TLB_ENTRY_BITS 6
-#else
-#define CPU_TLB_ENTRY_BITS 6
-#endif
-
-typedef struct CPUTLBEntry {
-    /* bit TARGET_LONG_BITS to TARGET_PAGE_BITS : virtual address
-       bit TARGET_PAGE_BITS-1..4  : Nonzero for accesses that should not
-                                    go directly to ram.
-       bit 3                      : indicates that the entry is invalid
-       bit 2..0                   : zero
-    */
-    target_ulong addr_read;
-    target_ulong addr_write;
-    target_ulong addr_code;
-    target_ulong pad1;
-
-    /* Addend to virtual address to get host address.  IO accesses
-       use the corresponding iotlb value.  */
-    uintptr_t addend;
-
-#ifdef CONFIG_SYMBEX
-    uintptr_t se_addend;
-    void *objectState;
-
-    /* padding to get a power of two size */
-    uint8_t dummy[(1 << CPU_TLB_ENTRY_BITS) - (sizeof(target_ulong) * 4 + 3 * sizeof(uintptr_t))];
-#else
-    uint8_t dummy[(1 << CPU_TLB_ENTRY_BITS) - (sizeof(target_ulong) * 4 + 1 * sizeof(uintptr_t))];
-#endif
-} CPUTLBEntry;
-
 #if defined(CONFIG_SYMBEX) && defined(CONFIG_SYMBEX_MP)
 #define CPU_IOTLB_CHECK target_phys_addr_t iotlb_ramaddr[NB_MMU_MODES][CPU_TLB_SIZE];
 #else
 #define CPU_IOTLB_CHECK
 #endif
 
-extern int CPUTLBEntry_wrong_size[sizeof(CPUTLBEntry) == (1 << CPU_TLB_ENTRY_BITS) ? 1 : -1];
-
 #define CPU_COMMON_TLB                                                \
     /* The meaning of the MMU modes is defined in the target code. */ \
-    CPUTLBEntry *tlb_table[NB_MMU_MODES];                             \
+    CPUTLBDescFast tlb_table[NB_MMU_MODES];                           \
     CPUTLBEntry _tlb_table[NB_MMU_MODES][CPU_TLB_SIZE];               \
     target_phys_addr_t iotlb[NB_MMU_MODES][CPU_TLB_SIZE];             \
-    uintptr_t tlb_mask[NB_MMU_MODES];                                 \
     CPU_IOTLB_CHECK                                                   \
     target_ulong tlb_flush_addr;                                      \
     target_ulong tlb_flush_mask;
@@ -93,42 +59,6 @@ typedef struct CPUTLBRAMEntry {
 #define CPU_COMMON_PHYSRAM_TLB
 #endif
 
-/* Flags stored in the low bits of the TLB virtual address.  These are
- * defined so that fast path ram access is all zeros.
- * The flags all must be between TARGET_PAGE_BITS and
- * maximum address alignment bit.
- */
-/* Zero if TLB entry is valid.  */
-#define TLB_INVALID_MASK (1 << (TARGET_PAGE_BITS - 1))
-/* Set if TLB entry references a clean RAM page.  The iotlb entry will
-   contain the page physical address.  */
-#define TLB_NOTDIRTY (1 << (TARGET_PAGE_BITS - 2))
-/* Set if TLB entry is an IO callback.  */
-#define TLB_MMIO (1 << (TARGET_PAGE_BITS - 3))
-/* Set if TLB entry must have MMU lookup repeated for every access */
-#define TLB_RECHECK (1 << (TARGET_PAGE_BITS - 4))
-
-#ifdef CONFIG_SYMBEX
-/* Set if TLB entry points to a page that has symbolic data */
-#define TLB_SYMB (1 << (TARGET_PAGE_BITS - 5))
-
-/* Set if TLB entry points to a page that does not belong to us (only for write) */
-#define TLB_NOT_OURS (1 << (TARGET_PAGE_BITS - 6))
-
-#endif
-
-/* Indicates that accesses to the page must be traced */
-#define TLB_MEM_TRACE (1 << (TARGET_PAGE_BITS - 7))
-
-/* Use this mask to check interception with an alignment mask
- * in a TCG backend.
- */
-#ifdef CONFIG_SYMBEX
-#define TLB_FLAGS_MASK (TLB_INVALID_MASK | TLB_NOTDIRTY | TLB_MMIO | TLB_SYMB | TLB_RECHECK | TLB_NOT_OURS)
-#else
-#define TLB_FLAGS_MASK (TLB_INVALID_MASK | TLB_NOTDIRTY | TLB_MMIO | TLB_RECHECK)
-#endif
-
 #ifdef __cplusplus
 }
 #endif