def test_fault(self):
with self.assertRaises(util.NoReturn):
self.ctx.call('@fault')
pid = util.FreshBitVec('pid', dt.pid_t)
s = self.state.copy()
s.procs[s.current].killed = z3.BoolVal(True)
newstate = spec.switch_proc(s, pid)[1]
self._prove(z3.Exists([pid], spec.state_equiv(self.ctx, newstate)))
def setUp(self):
self.ctx = newctx()
self.state = dt.KernelState()
self.solver = Solver()
self.solver.set(AUTO_CONFIG=False)
self._pre_state = spec.state_equiv(self.ctx, self.state)
self.ctx.add_assumption(spec.impl_invariants(self.ctx))
self.solver.add(self._pre_state)
def _syscall_generic(self, name):
args = syscall_spec.get_syscall_args(name)
res = self.ctx.call('@' + name, *args)
cond, newstate = getattr(spec, name)(self.state, *args)
model = self._prove(z3.And(spec.state_equiv(self.ctx, newstate),
cond == (res == util.i32(0))),
pre=z3.And(self._pre_state, z3.BoolVal(True)),
return_model=INTERACTIVE)
if INTERACTIVE and model:
from ipdb import set_trace
set_trace()
def setUp(self):
self.ctx = newctx()
self.state = dt.KernelState()
self.solver = Solver()
self.solver.set(AUTO_CONFIG=False)
self._pre_state = spec.state_equiv(self.ctx, self.state) #add:setUp:(开始时),状态等价,注意,只是加入了等价条件,并没有执行验证,验证是在状态转换后一起执行的
#print "\n_pre_state: {}".format(self._pre_state)
self.ctx.add_assumption(spec.impl_invariants(self.ctx))## add:疑问?为什么删了也可以正常运行
self.solver.add(self._pre_state) #add:前置条件
def test_mmap_writable(self):
kstate = kdt.KernelState()
ustate = dt.UserState()
self.solver.add(spec.state_equiv(kstate, ustate))
self.solver.add(kspec.spec_invariants(kstate))
self.solver.add(kspec.spec_lemma_isolation(kstate))
current = kstate.current
idx1 = util.FreshBitVec('idx1', kdt.size_t)
idx2 = util.FreshBitVec('idx2', kdt.size_t)
idx3 = util.FreshBitVec('idx3', kdt.size_t)
idx4 = util.FreshBitVec('idx4', kdt.size_t)
kcond, nkstate = mmap_impl(kstate, current, (idx1, idx2, idx3, idx4),
kdt.PTE_P | kdt.PTE_W)
ucond, nustate = mmap_spec(ustate, current, (idx1, idx2, idx3, idx4),
kdt.PTE_P | kdt.PTE_W)
self._prove(
z3.Implies(z3.And(kcond == ucond),
spec.state_equiv(nkstate, nustate)))
def test_preempt(self):
with self.assertRaises(util.NoReturn):
self.ctx.call('@preempt')
pid = util.FreshBitVec('pid', dt.pid_t)
newstate = spec.switch_proc(self.state, pid)[1]
self._prove(z3.Exists([pid], spec.state_equiv(self.ctx, newstate)))