[klee-dev] How to Modify KLEE Source Code to Add a Maximum Call Depth Limit and Concretely Execute Over-depth Calls?
qiaosen liu
qiaosenliu98 at gmail.com
Tue Jul 29 15:18:04 BST 2025
I am using KLEE for symbolic execution of large programs, but due to the
program's complexity, KLEE explores very few paths. To optimize path
coverage, I want to modify the KLEE source code to add a maximum call depth
limit and perform concrete execution for call instructions that exceed this
depth, instead of continuing with symbolic execution. Since I am unfamiliar
with KLEE's codebase, could you provide guidance on how to implement this
functionality in KLEE?
Thank you for any hints or suggestions!
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the klee-dev
mailing list