Implement state initialization by fuzzing #312
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CaelmBleidd
requested changes
Jun 27, 2022
utbot-framework/src/main/kotlin/org/utbot/engine/UtBotSymbolicEngine.kt
Outdated
Show resolved
Hide resolved
utbot-framework/src/main/kotlin/org/utbot/engine/UtBotSymbolicEngine.kt
Outdated
Show resolved
Hide resolved
utbot-framework/src/main/kotlin/org/utbot/engine/UtBotSymbolicEngine.kt
Outdated
Show resolved
Hide resolved
utbot-framework/src/main/kotlin/org/utbot/engine/UtBotSymbolicEngine.kt
Outdated
Show resolved
Hide resolved
utbot-framework/src/main/kotlin/org/utbot/engine/UtBotSymbolicEngine.kt
Outdated
Show resolved
Hide resolved
utbot-framework/src/main/kotlin/org/utbot/engine/mvisitors/ConstraintModelVisitor.kt
Outdated
Show resolved
Hide resolved
SBOne-Kenobi
force-pushed
the
sbone/fuzzing-in-symbolic-engine
branch
5 times, most recently
from
2e0e8d4 to
a1db2de
Compare
SBOne-Kenobi
force-pushed
the
sbone/fuzzing-in-symbolic-engine
branch
from
a1db2de to
90e85f4
Compare
Markoutte
requested changes
Jul 21, 2022
CaelmBleidd
requested changes
Jul 21, 2022
|
|
||
| // create new state initialized by fuzzing if it is the last identity stmt for parameter | ||
| val initializedStateByFuzzing = if ( | ||
| UtSettings.useFuzzingInitialization && |
There was a problem hiding this comment.
Can you extract these variables into separate variables with meaningful names?
| constraints += mkNot(mkEq(value.addr, nullObjectAddr)) | ||
| val arrayLength = traverser.memory.findArrayLength(value.addr) | ||
| constraints += mkEq(arrayLength.align(), model.length.primitiveToSymbolic()) | ||
| val type = model.classId.toType() as ArrayType |
There was a problem hiding this comment.
same about finding a soot class and then .arrayType
| } | ||
|
|
||
| override fun visitAssemble(model: UtAssembleModel): List<UtBoolExpression> { | ||
| // TODO: not supported |
| val constraints = mutableListOf<UtBoolExpression>() | ||
| val type = model.classId.toType() as RefType | ||
| val typeStorage = traverser.typeResolver.constructTypeStorage(type, useConcreteType = true) | ||
| constraints += traverser.typeRegistry.typeConstraint(value.addr, typeStorage).isConstraint() |
There was a problem hiding this comment.
Why don't we need a correctness constraint?
| * Call check of SMT Solver with [initialConstraints]. Used to initialize SMT Solver by fuzzing. | ||
| */ | ||
| fun checkWithInitialConstraints(initialConstraints: List<UtBoolExpression>): UtSolverStatus { | ||
| check(respectSoft = false).let { statusHolder -> |
There was a problem hiding this comment.
Why do we ignore soft constraints by default here? Wouldn't it be better to check with them?
| } | ||
| } | ||
| val translatedConstraints = initialConstraints.translate() | ||
| val statusHolder = when (val status = check(translatedConstraints, mutableMapOf())) { |
Damtev
requested changes
Jul 21, 2022
Comment on lines
+150
to
+151
| val ordinal = traverser.memory.findOrdinal(model.classId.toSoot().type, value.addr) | ||
| listOf(mkEq(ordinal.expr, model.value.ordinal.primitiveToLiteral())) |
There was a problem hiding this comment.
Are you sure this one constraint is enough? I guess we need to use the name field too to avoid two constructed enums with different ordinal but the same name.
Markoutte
reviewed
Jul 22, 2022
Markoutte
approved these changes
Jul 22, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Closes #217
Idea was described in issue. Briefly we use fuzzing as seed for SMT Solver to avoid bad initialization.
Implementation details
Now this feature is turning off. To turn on look at UtSettings::useFuzzingInitialization.
Type of Change
New feature (non-breaking change which adds functionality)
How Has This Been Tested?
Autotesting
All CI tests passed with this feature turning on.
Manual Scenario
I tested it using IDEA plugin on guava project. Generate tests several times with turning on this feature and without it then compare results (coverage).
Checklist (remove irrelevant options):