-
Notifications
You must be signed in to change notification settings - Fork 273
/
Copy pathparallel-properties.py
executable file
·311 lines (264 loc) · 9.95 KB
/
parallel-properties.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
#!/usr/bin/env python3
"""Parallelise checking of all properties in a GOTO binary using CBMC
This script invokes a chosen number of parallel CBMC processes to check all the
properties contained in a given GOTO binary. Each of these processes will check
just a single property, possibly permitting slicing away considerable parts of
the program. The expected benefit is that the results for some of the
properties are reported very quickly, and that checking scales with the number
of available processing cores. On the downside, however, multiple invocations
of CBMC come with overhead, such as repeated symbolic execution.
Before running this script, the following must be true:
1. "cbmc" must be in your system PATH
2. A GOTO binary has been built from source (using goto-cc)
3. The GOTO binary has been instrumented with all the required checks
(using goto-instrument)
A typical usage of this script will be:
scripts/parallel-properties.py -J 32 binary.gb --timeout 600
See --help for the list of available command-line options. Any additional
options to be passed to CBMC can be added to the command line.
"""
import argparse
import colorama
from colorama import Fore, Style
import concurrent.futures
import json
import logging
import multiprocessing
import re
import subprocess
import sys
import threading
import time
def get_logger(verbose):
# workaround for https://github.com/joblib/joblib/issues/692
LOGGER_NAME = 'parallel-cbmc'
logger = logging.getLogger(LOGGER_NAME)
logging.basicConfig()
if verbose:
logger.setLevel('DEBUG')
else:
logger.setLevel('INFO')
return logger
def add_to_stats(stats, key, value):
key_path = key.split('/')
k = key_path[0]
if len(key_path) > 1:
if not stats.get(k):
stats[k] = {}
add_to_stats(stats[k], '/'.join(key_path[1:]), value)
else:
if not stats.get(k):
stats[k] = 0
stats[k] += value
def merge_stats_rec(src, prefix, dest):
if isinstance(src, dict):
for k in src:
p = prefix + '/' + k
merge_stats_rec(src[k], p, dest)
else:
add_to_stats(dest, prefix[1:], src)
def merge_stats(src, dest):
merge_stats_rec(src, '', dest)
def print_stats(stats):
for cat in sorted(stats):
print(cat + ':')
csv = dict(stats[cat])
columns = set()
for s in csv:
if isinstance(csv[s], dict):
columns |= set(csv[s].keys())
if not columns:
print(cat + ',count')
for s in sorted(csv):
print('{},{}'.format(s, csv[s]))
else:
print(cat + ',' + ','.join(sorted(columns)))
for s in sorted(csv):
values = [s]
for c in sorted(columns):
values.append(str(csv[s].get(c, 0)))
print(','.join(values))
def run_cmd_checked(cmd, verbose):
"""
Execute `cmd` in a subprocess and check the return code. Raise an exception
if the return code is not 0.
"""
proc = subprocess.Popen(
cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE,
universal_newlines=True)
(out, err) = proc.communicate()
logger = get_logger(verbose)
if logger.getEffectiveLevel() <= logging.DEBUG:
with lock:
logger.debug("BEGIN " + str(cmd))
logger.debug(out)
logger.debug(err)
logger.debug("END " + str(cmd))
if proc.returncode != 0:
e = subprocess.CalledProcessError(proc.return_code, cmd, output=out)
e.stdout = out
e.stderr = err
raise e
return None
def run_cmd_with_timeout(cmd, timeout_sec, verbose):
# http://www.ostricher.com/2015/01/python-subprocess-with-timeout/
"""
Execute `cmd` in a subprocess and enforce timeout `timeout_sec` seconds.
Return subprocess exit code on natural completion of the subprocess.
Raise an exception if timeout expires before subprocess completes.
"""
t1 = time.time()
proc = subprocess.Popen(
cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE,
universal_newlines=True)
timer = threading.Timer(timeout_sec, proc.kill)
out = None
err = None
try:
timer.start()
(out, err) = proc.communicate()
finally:
timer.cancel()
t2 = time.time()
cnf_vars = cnf_clauses = None
m = re.search(r'(\d+) variables, (\d+) clauses', out)
if m:
cnf_vars = m[1]
cnf_clauses = m[2]
logger = get_logger(verbose)
if logger.getEffectiveLevel() <= logging.DEBUG:
with lock:
logger.debug("BEGIN " + str(cmd))
logger.debug(out)
logger.debug("END " + str(cmd))
return (proc.returncode, err, t2 - t1, cnf_vars, cnf_clauses)
C_ERROR = 'ERROR'
C_TIMEOUT = 'TIMEOUT'
C_TRUE = 'SUCCESS'
C_FALSE = 'FAILURE'
def source_location_as_string(loc):
result = ''
if loc.get('file'):
result = 'file ' + loc['file']
if loc.get('function'):
result += ' function ' + loc['function']
if loc.get('line'):
result += ' line ' + loc['line']
return result.lstrip()
def output_result(result_entry, stats, status, verbose):
prop = result_entry['property']
loc = "{}:{}".format("missing file", "missing line")
result = {
'property': prop,
'sourceLocation': loc,
'status': status,
'time': result_entry['time']
}
"""
add_to_stats(stats, 'warning type/{}/total'.format(prop), 1)
add_to_stats(stats, 'warning type/{}/{}'.format(prop, status.lower()), 1)
add_to_stats(stats, 'total time'.format(analysis), result_entry['time'])
"""
logger = get_logger(verbose)
logger.debug('p:{}, r:{}'.format(prop['name'], status))
if status == C_TRUE:
c_status = Fore.GREEN + status + Style.RESET_ALL
elif status == C_FALSE:
c_status = Fore.RED + status + Style.RESET_ALL
elif status == C_ERROR:
c_status = Fore.YELLOW + status + Style.RESET_ALL
else:
c_status = Fore.BLUE + status + Style.RESET_ALL
result_str = '[{}] {}: {}: {}'.format(
prop['name'], source_location_as_string(prop['sourceLocation']),
prop['description'], c_status)
if result_entry['variables']:
result_str += ' [{}/{}]'.format(result_entry['variables'],
result_entry['clauses'])
if status == C_ERROR:
result_str += ' stderr: ' + result_entry['stderr']
with lock:
print(result_str)
return (result, result_str)
def verify_one(goto_binary, cbmc_args, prop, verbose, timeout, stats):
# run CBMC with extended statistics
cbmc_cmd = ['cbmc', '--verbosity', '8', goto_binary,
'--property', prop['name'], '--reachability-slice',
# '--full-slice',
'--slice-formula']
cbmc_cmd.extend(cbmc_args)
(cbmc_ret, stderr_output, t, cnf_vars, cnf_clauses) = run_cmd_with_timeout(
cbmc_cmd, timeout, verbose)
result_entry = {'time': t, 'property': prop, 'variables': cnf_vars,
'clauses': cnf_clauses, 'stderr': stderr_output}
if cbmc_ret == 0:
return output_result(result_entry, stats, C_TRUE, verbose)
elif cbmc_ret == 10:
return output_result(result_entry, stats, C_FALSE, verbose)
elif cbmc_ret < 0:
return output_result(result_entry, stats, C_TIMEOUT, verbose)
else:
return output_result(result_entry, stats, C_ERROR, verbose)
def verify(goto_binary, cbmc_args, verbose, timeout, n_jobs, stats):
# find names of desired properties
show_prop_cmd = ['goto-instrument', '--verbosity', '4', '--json-ui',
'--show-properties', goto_binary]
props = subprocess.check_output(show_prop_cmd, universal_newlines=True)
json_props = json.loads(props)
if not json_props[1].get('properties'):
return {}
results = {}
global lock
lock = multiprocessing.Lock()
with concurrent.futures.ThreadPoolExecutor(max_workers=n_jobs) as e:
future_to_result = {e.submit(verify_one, goto_binary, cbmc_args,
prop, verbose, timeout, stats): prop
for prop in json_props[1]['properties']}
for future in concurrent.futures.as_completed(future_to_result):
prop = future_to_result[future]
(result_json, result_str) = future.result()
results[prop['name']] = result_json
return results
def main():
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument(
'-j', '--json',
type=str,
help='write results to chosen file with JSON formatting'),
parser.add_argument(
'-s', '--statistics',
action='store_true',
help='output overall statistics')
parser.add_argument(
'-t', '--timeout',
type=int, default=10,
help='timeout (seconds) per analysis-tool invocation ' +
'(default: 10 seconds; use more time in case of timeouts)')
parser.add_argument(
'-J', '--parallel',
type=int, default=11,
help='run a specified number of a analyses in parallel')
parser.add_argument(
'-v', '--verbose',
action='store_true',
help='enable verbose output')
parser.add_argument(
'goto_binary',
help='instrumented goto binary to verify')
args, cbmc_args = parser.parse_known_args()
logger = get_logger(args.verbose)
stats = {}
results = {}
results['results'] = verify(
args.goto_binary, cbmc_args, args.verbose, args.timeout,
args.parallel, stats)
if args.statistics:
results['statistics'] = stats
print_stats(stats)
if args.json is not None:
with open(args.json, 'w') as output_file:
json.dump(results, output_file)
if __name__ == "__main__":
colorama.init()
rc = main()
sys.exit(rc)