Add mocks:

- Generation in two modes: naive and determinitic - Mocks are reproducible - Special mocks for allocators: malloc, calloc, realloc
UnitTestBot · Feb 22, 2024 · 3340a08 · 3340a08
1 parent 7f6fd2d
commit 3340a08
Show file tree

Hide file tree

Showing 32 changed files with 957 additions and 45 deletions.
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -146,6 +146,7 @@ jobs:
     runs-on: macos-latest
     env:
       BASE: /tmp
+      LLVM_VERSION: 11
       SOLVERS: STP
       UCLIBC_VERSION: 0
       USE_TCMALLOC: 0

diff --git a/include/klee/Core/Interpreter.h b/include/klee/Core/Interpreter.h
@@ -29,6 +29,7 @@ class BasicBlock;
 class Function;
 class LLVMContext;
 class Module;
+class Type;
 class raw_ostream;
 class raw_fd_ostream;
 } // namespace llvm
@@ -63,6 +64,13 @@ using FLCtoOpcode = std::unordered_map<
     std::unordered_map<
         unsigned, std::unordered_map<unsigned, std::unordered_set<unsigned>>>>;
 
+enum class MockStrategy {
+  None,          // No mocks are generated
+  Naive,         // For each function call new symbolic value is generated
+  Deterministic, // Each function is treated as uninterpreted function in SMT.
+                 // Compatible with Z3 solver only
+};
+
 class Interpreter {
 public:
   enum class GuidanceKind {
@@ -79,6 +87,8 @@ class Interpreter {
     std::string LibraryDir;
     std::string EntryPoint;
     std::string OptSuffix;
+    std::string MainCurrentName;
+    std::string MainNameAfterMock;
     bool Optimize;
     bool Simplify;
     bool CheckDivZero;
@@ -88,13 +98,16 @@ class Interpreter {
 
     ModuleOptions(const std::string &_LibraryDir,
                   const std::string &_EntryPoint, const std::string &_OptSuffix,
-                  bool _Optimize, bool _Simplify, bool _CheckDivZero,
-                  bool _CheckOvershift, bool _WithFPRuntime,
-                  bool _WithPOSIXRuntime)
+                  const std::string &_MainCurrentName,
+                  const std::string &_MainNameAfterMock, bool _Optimize,
+                  bool _Simplify, bool _CheckDivZero, bool _CheckOvershift,
+                  bool _WithFPRuntime, bool _WithPOSIXRuntime)
         : LibraryDir(_LibraryDir), EntryPoint(_EntryPoint),
-          OptSuffix(_OptSuffix), Optimize(_Optimize), Simplify(_Simplify),
-          CheckDivZero(_CheckDivZero), CheckOvershift(_CheckOvershift),
-          WithFPRuntime(_WithFPRuntime), WithPOSIXRuntime(_WithPOSIXRuntime) {}
+          OptSuffix(_OptSuffix), MainCurrentName(_MainCurrentName),
+          MainNameAfterMock(_MainNameAfterMock), Optimize(_Optimize),
+          Simplify(_Simplify), CheckDivZero(_CheckDivZero),
+          CheckOvershift(_CheckOvershift), WithFPRuntime(_WithFPRuntime),
+          WithPOSIXRuntime(_WithPOSIXRuntime) {}
   };
 
   enum LogType {
@@ -112,10 +125,11 @@ class Interpreter {
     unsigned MakeConcreteSymbolic;
     GuidanceKind Guidance;
     std::optional<SarifReport> Paths;
+    enum MockStrategy MockStrategy;
 
     InterpreterOptions(std::optional<SarifReport> Paths)
         : MakeConcreteSymbolic(false), Guidance(GuidanceKind::NoGuidance),
-          Paths(std::move(Paths)) {}
+          Paths(std::move(Paths)), MockStrategy(MockStrategy::None) {}
   };
 
 protected:
@@ -144,7 +158,11 @@ class Interpreter {
             const ModuleOptions &opts,
             std::set<std::string> &&mainModuleFunctions,
             std::set<std::string> &&mainModuleGlobals,
-            FLCtoOpcode &&origInstructions) = 0;
+            FLCtoOpcode &&origInstructions,
+            const std::set<std::string> &ignoredExternals) = 0;
+
+  virtual std::map<std::string, llvm::Type *>
+  getAllExternals(const std::set<std::string> &ignoredExternals) = 0;
 
   // supply a tree stream writer which the interpreter will use
   // to record the concrete path (as a stream of '0' and '1' bytes).

diff --git a/include/klee/Core/MockBuilder.h b/include/klee/Core/MockBuilder.h
@@ -0,0 +1,39 @@
+#ifndef KLEE_MOCKBUILDER_H
+#define KLEE_MOCKBUILDER_H
+
+#include "llvm/IR/IRBuilder.h"
+#include "llvm/IR/Module.h"
+
+#include <set>
+#include <string>
+
+namespace klee {
+
+class MockBuilder {
+private:
+  const llvm::Module *userModule;
+  std::unique_ptr<llvm::Module> mockModule;
+  std::unique_ptr<llvm::IRBuilder<>> builder;
+  std::map<std::string, llvm::Type *> externals;
+
+  const std::string mockEntrypoint, userEntrypoint;
+
+  void initMockModule();
+  void buildMockMain();
+  void buildExternalGlobalsDefinitions();
+  void buildExternalFunctionsDefinitions();
+  void buildCallKleeMakeSymbol(const std::string &klee_function_name,
+                               llvm::Value *source, llvm::Type *type,
+                               const std::string &symbol_name);
+
+public:
+  MockBuilder(const llvm::Module *initModule, std::string mockEntrypoint,
+              std::string userEntrypoint,
+              std::map<std::string, llvm::Type *> externals);
+
+  std::unique_ptr<llvm::Module> build();
+};
+
+} // namespace klee
+
+#endif // KLEE_MOCKBUILDER_H
diff --git a/include/klee/Expr/SourceBuilder.h b/include/klee/Expr/SourceBuilder.h
@@ -3,6 +3,8 @@
 
 #include "klee/Expr/SymbolicSource.h"
 
+#include "llvm/IR/Function.h"
+
 namespace klee {
 
 class KInstruction;
@@ -39,6 +41,12 @@ class SourceBuilder {
   static ref<SymbolicSource> value(const llvm::Value &_allocSite, int _index,
                                    KModule *km);
   static ref<SymbolicSource> irreproducible(const std::string &name);
+  static ref<SymbolicSource> mockNaive(const KModule *kModule,
+                                       const llvm::Function &kFunction,
+                                       unsigned version);
+  static ref<SymbolicSource>
+  mockDeterministic(const KModule *kModule, const llvm::Function &kFunction,
+                    const std::vector<ref<Expr>> &args);
   static ref<SymbolicSource> alpha(int _index);
 };
 

diff --git a/include/klee/Expr/SymbolicSource.h b/include/klee/Expr/SymbolicSource.h
@@ -20,11 +20,13 @@ DISABLE_WARNING_POP
 
 namespace klee {
 
+class Expr;
 class Array;
 class Expr;
 class ConstantExpr;
 struct KGlobalVariable;
 class KModule;
+struct KFunction;
 struct KValue;
 struct KInstruction;
 
@@ -48,6 +50,8 @@ class SymbolicSource {
     Instruction,
     Argument,
     Irreproducible,
+    MockNaive,
+    MockDeterministic,
     Alpha
   };
 
@@ -383,6 +387,58 @@ class AlphaSource : public SymbolicSource {
   }
 };
 
+class MockSource : public SymbolicSource {
+public:
+  const KModule *km;
+  const llvm::Function &function;
+  MockSource(const KModule *_km, const llvm::Function &_function)
+      : km(_km), function(_function) {}
+
+  static bool classof(const SymbolicSource *S) {
+    return S->getKind() == Kind::MockNaive ||
+           S->getKind() == Kind::MockDeterministic;
+  }
+};
+
+class MockNaiveSource : public MockSource {
+public:
+  const unsigned version;
+
+  MockNaiveSource(const KModule *km, const llvm::Function &function,
+                  unsigned _version)
+      : MockSource(km, function), version(_version) {}
+
+  Kind getKind() const override { return Kind::MockNaive; }
+  std::string getName() const override { return "mockNaive"; }
+
+  static bool classof(const SymbolicSource *S) {
+    return S->getKind() == Kind::MockNaive;
+  }
+
+  unsigned computeHash() override;
+
+  int internalCompare(const SymbolicSource &b) const override;
+};
+
+class MockDeterministicSource : public MockSource {
+public:
+  const std::vector<ref<Expr>> args;
+
+  MockDeterministicSource(const KModule *_km, const llvm::Function &_function,
+                          const std::vector<ref<Expr>> &_args);
+
+  Kind getKind() const override { return Kind::MockDeterministic; }
+  std::string getName() const override { return "mockDeterministic"; }
+
+  static bool classof(const SymbolicSource *S) {
+    return S->getKind() == Kind::MockDeterministic;
+  }
+
+  unsigned computeHash() override;
+
+  int internalCompare(const SymbolicSource &b) const override;
+};
+
 } // namespace klee
 
 #endif /* KLEE_SYMBOLICSOURCE_H */
diff --git a/include/klee/klee.h b/include/klee/klee.h
@@ -201,5 +201,6 @@ long double klee_rintl(long double d);
 // stdin/stdout
 void klee_init_env(int *argcPtr, char ***argvPtr);
 void check_stdin_read();
+void *__klee_wrapped_malloc(size_t size);
 
 #endif /* KLEE_H */
diff --git a/lib/Core/CMakeLists.txt b/lib/Core/CMakeLists.txt
@@ -22,6 +22,7 @@ add_library(kleeCore
   Memory.cpp
   MemoryManager.cpp
   PForest.cpp
+  MockBuilder.cpp
   PTree.cpp
   Searcher.cpp
   SeedInfo.cpp

diff --git a/lib/Core/ExecutionState.cpp b/lib/Core/ExecutionState.cpp
@@ -25,6 +25,7 @@ DISABLE_WARNING_DEPRECATED_DECLARATIONS
 #include "llvm/IR/Function.h"
 #include "llvm/Support/CommandLine.h"
 #include "llvm/Support/raw_ostream.h"
+#include "klee/Support/ErrorHandling.h"
 DISABLE_WARNING_POP
 
 #include <cassert>