[PATCH] gnu: Add KLEE.

---

This is a new package for KLEE, a popular piece of academic software

in the software engineering domain. KLEE implements a technique called

symbolic execution https://en.wikipedia.org/wiki/Symbolic_execution

which allows for automated testing of software through SMT solving.

KLEE forms the basis for a lot of research in the symbolic execution

domain https://klee.github.io/publications/. Packaging KLEE and

other related tools, eases using Guix for conducting reproducible

research in this domain. I have Guix packages for other symbolic

execution tools which I also would like to upstream in the future,

I figured I would start with KLEE as it has little to no dependencies.

I tested this package by conforming that the basic upstream tutorials

work as intended, e.g. https://klee.github.io/tutorials/testing-function/.

This is my first Guix package, hence CC'ing the mentors.

gnu/packages/check.scm | 107 +++++++++++++++++++++++++++++++++++++++++

1 file changed, 107 insertions(+)

Le 6 janvier 2024 21:40:41 GMT+01:00, soeren@soeren-tempel.net a écrit :

Hi Sören,

I'm sorry nobody looked at this before. Here are a few remarks.

First, could you separate this in two patches, one per package?

Is there a reason why this is limited to the x86_64 architecture?

You have mixed native and normal inputs. In uclibc, since python is only used for the build, it should be native.

Does it make sense to propagate uclibc in klee, when it only contains a static library? Some for clang and llvm. Isn't z3 used at runtime? Shouldn't it be propagated?

Using #$klee-uclibc directly in the phase could be problematic I think, you should use this-package-inputs or similar (can't remember the exact name or syntax right now, you can leave it to me if you don't find it).

Otherwise, looks good for a first patch :)

---

gnu/packages/check.scm | 62 ++++++++++++++++++++++++++++++++++++++++++

1 file changed, 62 insertions(+)

---

gnu/packages/check.scm | 52 ++++++++++++++++++++++++++++++++++++++++++

1 file changed, 52 insertions(+)

Hi Julien,

Thanks a lot for your feedback! I send an updated revision of the

patchset based on your feedback. More information on changes below.

Julien Lepiller <julien@lepiller.eu> wrote:

Sorry, oversight on my part. Fixed!

Yes, despite operating on LLVM IR abstraction, KLEE is tightly

integrated with the host architecture. Therefore, upstream currently

only support x86_64. Packages for other package manager (e.g. Nix)

also only support KLEE on x86_64 [1].

I added a comment explaining this.

Fixed, ncurses should also be native as it is only used for menuconfig.

Sorry, I should have done a better job at explaining this: KLEE is a

symbolic analyzer for LLVM IR. Users of KLEE will need to translate

their C/C++ source to LLVM IR in order to analyze it with KLEE [2].

Furthermore, as KLEE is tightly integrated with a specific LLVM version,

it makes (at least from my point of view) sense to propagate a specific

clang toolchain so users can just run `guix shell klee` and get started

with it. However, if preferred I can also remove the propagation.

z3 isn't used at runtime, KLEE just uses the Z3 library interface and

links against z3. AFAIK, it doesn't use any binaries from z3. Does z3

still need to be propagated in this case?

uclibc does not need to be a propagated input since the KLEE build

systems generates LLVM IR from the .a archive [3]. I fixed this.

Sorry, I am new to Guix so I am not sure what you mean. Let me know if

you have more information on this but also feel free to just adjust this

as you wish :)

Greetings

Sören

[1]: https://github.com/NixOS/nixpkgs/blob/40a7b182e0a00245d69f6b8c1dfd3ea4bfc6257c/pkgs/applications/science/logic/klee/default.nix

[2]: https://klee.github.io/tutorials/testing-function/#compiling-to-llvm-bitcode

[3]: https://github.com/klee/klee/blob/v3.0/CMakeLists.txt#L473-L487

---

Changes since v2: Rebase against the current master branch, this resolves

a merge conflict in the copyright comment section. No functional changes.

gnu/packages/check.scm | 62 ++++++++++++++++++++++++++++++++++++++++++

1 file changed, 62 insertions(+)

---

Changes since v2: Switch to a non-debug build-type to workaround an

internal error being triggered in clang while building KLEE with it.

gnu/packages/check.scm | 55 ++++++++++++++++++++++++++++++++++++++++++

1 file changed, 55 insertions(+)

Hi,

What does "QA: Investigate" mean? The build should be fixed now with the

v3 revision. I don't see any build failures on the QA. Is there anything

I need to do on my end in order to have the build restarted?

Greetings

Sören

---

Change since v3: Resolve merge conflict, update KLEE website.

gnu/packages/check.scm | 62 ++++++++++++++++++++++++++++++++++++++++++

1 file changed, 62 insertions(+)

---

Change since v3: Update KLEE website.

gnu/packages/check.scm | 55 ++++++++++++++++++++++++++++++++++++++++++

1 file changed, 55 insertions(+)

Hi Sören, hi Julien

Am Donnerstag, dem 28.03.2024 um 20:20 +0100 schrieb

soeren@soeren-tempel.net:

I pushed 71634 earlier today, which adds klee, but not klee-uclibc –

would you mind taking a look at it and adding any missing bits?

Cheers