Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
K
klee_tutorial
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Edvin Åkerfeldt
klee_tutorial
Commits
57bc21a3
Commit
57bc21a3
authored
4 years ago
by
Per Lindgren
Browse files
Options
Downloads
Patches
Plain Diff
array
parent
dbe6defa
No related branches found
No related tags found
No related merge requests found
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
cargo_klee_examples/examples/array.rs
+79
-0
79 additions, 0 deletions
cargo_klee_examples/examples/array.rs
with
79 additions
and
0 deletions
cargo_klee_examples/examples/array.rs
0 → 100644
+
79
−
0
View file @
57bc21a3
// get_sign.rs
// Showcase how we automatically can interface Rust to KLEE
//
#![no_std]
#![no_main]
use
klee_sys
::
klee_make_symbolic
;
use
panic_klee
as
_
;
fn
sum_first_elements
(
arr
:
&
[
u8
],
index
:
usize
)
->
u8
{
let
mut
acc
=
0
;
for
i
in
0
..
index
{
acc
+=
arr
[
i
as
usize
];
}
acc
}
#[no_mangle]
fn
main
()
{
let
arr
=
[
0u8
;
8
];
let
mut
i
:
usize
=
0
;
klee_make_symbolic!
(
&
mut
i
,
"i"
);
let
b
=
sum_first_elements
(
&
arr
,
i
);
}
// A) Array indexing is tricky to analyse at compile time.
// Thus Rust (rustc) will inject code for run-time verification
// `panic`ing on index out of range.
//
// (Compare to C/C++, where a "buffer overflow" might pass unnoticed
// causing all sorts of problems.)
//
// Compare the test generated in release `--release` (optimized) to
// test generated in debug/dev mode (un-optimized).
//
// Try to explain in your own words the difference and why?
// (Hint, even if we don't use the result `b`, Rust do optimize out the call, why?)
//
// [your answer here]
//
// B) Fix the code so that you don't get an error.
// (It should still compute the sum of the n first elements
// and return the sum of the whole array if index larger than size/length).
// The fix should be in the function (not on the caller side).
//
// [Git commit "B"]
//
// C) In the example, the array is holding only zeroes.
// Figure out a way to make the content symbolic.
// (Hint, declare as mutable, iterate and set each element symbolic)
//
// [Git commit "C"]
//
// D) Analyze the example using KLEE. Now a new (maybe unexpected) error should occur!
//
// Explain what caused the error.
//
// [your answer here]
//
// E) Make a sensible fix to the code.
// Motivate your choice.
//
// [your answer here]
//
// [Git commit "D"]
//
// F) Learning outcome.
// 70% of Microsoft security updates over the last decade is directly related to
// memory safety.
//
// Explain in your own words what Microsoft would gain by using Rust.
//
// [your answer here]
//
// Explain in your own words what Microsoft would gain by using `cargo klee`
// on their Rust code.
//
// And YES, Microsoft is rewriting core system functionality in Rust as we speak!
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
