From dhoff749 at gmail.com  Sat Jun  3 18:26:26 2023
From: dhoff749 at gmail.com (Dan Hoffman)
Date: Sat, 3 Jun 2023 10:26:26 -0700
Subject: [klee-dev] adding setjmp/longjmp support?
Message-ID: <CAFXChK+Sn+fApzNgRKEhZ+LYoRnKOVND2D4dLx4J-Wq7P2R1Pw@mail.gmail.com>

I'm looking to apply KLEE to a program that heavily uses co-routines.
These syscalls aren't implemented, so I'm investigating whether a
patch can be written/upstreamed. This is my first patch for KLEE (but
I have written patches for other large open-source projects). A few
questions:
  1. Are there any hard/technical reasons why this is
impossible/impractical? Threading is impractical because the
scheduling is another set of variables, but co-routines have
deterministic scheduling by definition, so that shouldn't be an issue.
  2. What are some good small/beginner issues to familiarize myself
with the code and patch submission process? I'm somewhat familiar with
LLVM internals from previous projects/my job.

Thanks!


From c.cadar at imperial.ac.uk  Wed Jun  7 21:50:40 2023
From: c.cadar at imperial.ac.uk (Cristian Cadar)
Date: Wed, 7 Jun 2023 21:50:40 +0100
Subject: [klee-dev] KLEE 3.0 is released!
Message-ID: <a693a21d-e20f-ab51-bc39-413dd4e74354@imperial.ac.uk>

Hi all,

KLEE 3.0 is released! KLEE now has a purposely-designed deterministic 
memory allocator (KDAlloc), improved detection of use-after-free errors, 
ability to handle UBSan checks, support for concrete inline assembly, 
better statistics, compatibility with newer LLVM versions & more!

Big thanks to all contributors, particularly @MartinNowack and @251 as 
both contributors and co-maintainers; and @danielschemmel, 
@operasfantom, @mishok2503, and @jbuening for co-authoring several of 
the major new features in this release.

The new version (our 10th!), release notes and full list of contributors 
can be found at:
https://github.com/klee/klee/releases/tag/v3.0

Enjoy!
Cristian


From m.nowack at imperial.ac.uk  Fri Jun  9 23:37:29 2023
From: m.nowack at imperial.ac.uk (Nowack, Martin)
Date: Fri, 9 Jun 2023 22:37:29 +0000
Subject: [klee-dev] adding setjmp/longjmp support?
In-Reply-To: <CAFXChK+Sn+fApzNgRKEhZ+LYoRnKOVND2D4dLx4J-Wq7P2R1Pw@mail.gmail.com>
References: <CAFXChK+Sn+fApzNgRKEhZ+LYoRnKOVND2D4dLx4J-Wq7P2R1Pw@mail.gmail.com>
Message-ID: <45BF49CF-63CA-4646-97F6-A70F86534C40@imperial.ac.uk>

Hi Dan,

We are always looking for contributors and contributions ;)

A good starting point for KLEE development is: https://klee.github.io/docs/developers-guide/

>From a technical perspective, it is not trivial but not too hard either.
The main function you are interested in is `Executor::executeCall`: https://github.com/klee/klee/blob/b926b3d49d7650ba76c81f4dfe0fd9aad44150d2/lib/Core/Executor.cpp#L1679
Familiarise yourself with it to get an idea how it works.

In a nutshell for your project:
* Handle the `Setjmp` function call
	- resolve the buffer argument to a valid memory object
	- save the current ExectionState::prevPc into that buffer
	- save the current stack depth into this buffer
	- set the target value to `0`
* Handle the `Longjmp` function call:
	- resolve the buffer argument to a valid memory object
	- preserve the longmp value
	- load `prevPC`
	- load the targeted stack depth
	- unroll the stack by using the stack depth
	- set the PC to the loaded prevPC
	- set the result of the `Setjmp` argument to the longjmp argument value 
	

Those are all quite some steps but all this functionality should happen inside of this single function mentioned above.

I hope those will get you started.
Let us know, if anything is unclear.

All the best,
Martin



> On 3. Jun 2023, at 18:26, Dan Hoffman <dhoff749 at gmail.com> wrote:
> 
> I'm looking to apply KLEE to a program that heavily uses co-routines.
> These syscalls aren't implemented, so I'm investigating whether a
> patch can be written/upstreamed. This is my first patch for KLEE (but
> I have written patches for other large open-source projects). A few
> questions:
>  1. Are there any hard/technical reasons why this is
> impossible/impractical? Threading is impractical because the
> scheduling is another set of variables, but co-routines have
> deterministic scheduling by definition, so that shouldn't be an issue.
>  2. What are some good small/beginner issues to familiarize myself
> with the code and patch submission process? I'm somewhat familiar with
> LLVM internals from previous projects/my job.
> 
> Thanks!
> 
> _______________________________________________
> klee-dev mailing list
> klee-dev at imperial.ac.uk
> https://mailman.ic.ac.uk/mailman/listinfo/klee-dev



From ocelaiwo at gmail.com  Fri Jun 16 12:45:48 2023
From: ocelaiwo at gmail.com (Alex Babushkin)
Date: Fri, 16 Jun 2023 14:45:48 +0300
Subject: [klee-dev] About TestComp-specific KLEE command-line options.
Message-ID: <CAKD=OeOj8UkVsKcFj+oHdUt0U5rCEEBMkKNDR4gTL2YYOj5ABA@mail.gmail.com>

Hello,

In the KLEE Wrapper used for TestComp there are some command-line options
that are not present in the KLEE repository. The following options are
missing:

-write-xml-tests
-tc-orig
-tc-hash
--tc-type
-dump-test-case-type
-coverage-on-the-fly

The first three are present in the following PR:
https://github.com/klee/klee/pull/1181

What do the last three options do? Is there a publicly available version of
KLEE that has them?

Best regards,
Alex.
-------------- next part --------------
HTML attachment scrubbed and removed

From m.nowack at imperial.ac.uk  Thu Jun 22 06:31:34 2023
From: m.nowack at imperial.ac.uk (Nowack, Martin)
Date: Thu, 22 Jun 2023 05:31:34 +0000
Subject: [klee-dev] About TestComp-specific KLEE command-line options.
In-Reply-To: <CAKD=OeOj8UkVsKcFj+oHdUt0U5rCEEBMkKNDR4gTL2YYOj5ABA@mail.gmail.com>
References: <CAKD=OeOj8UkVsKcFj+oHdUt0U5rCEEBMkKNDR4gTL2YYOj5ABA@mail.gmail.com>
Message-ID: <80FB8B0C-542C-48AD-92F5-1251863A460A@imperial.ac.uk>

Hi Alex,

The remaining patches are not submitted yet and need some cleaning.
But in a nutshell, `-tc-type` is set based on type of goal the test has: bug finding vs. coverage.
They are slightly different in both cases, please refer to the TestComp documentation (categories).
`-dump-test-case-type` prints them as well.

`-coverage-on-the-fly` generates test cases as soon as new code has been covered.
Especially this code needs cleaning up but will be opened as PR eventually.

Best,
Martin

> On 16. Jun 2023, at 12:45, Alex Babushkin <ocelaiwo at gmail.com> wrote:
> 
> Hello,
> 
> In the KLEE Wrapper used for TestComp there are some command-line options that are not present in the KLEE repository. The following options are missing:
> 
> -write-xml-tests
> -tc-orig
> -tc-hash
> --tc-type
> -dump-test-case-type
> -coverage-on-the-fly
> 
> The first three are present in the following PR:
> https://github.com/klee/klee/pull/1181
> 
> What do the last three options do? Is there a publicly available version of KLEE that has them?
> 
> Best regards,
> Alex.
> _______________________________________________
> klee-dev mailing list
> klee-dev at imperial.ac.uk
> https://mailman.ic.ac.uk/mailman/listinfo/klee-dev