Skip to content

Lab Exercise 2

Jump to bottom
WMX66666 edited this page May 20, 2025 · 29 revisions

Lab-Exercise-2 folder layout

$tree
├── CMakeLists.txt
├── CPP
│   ├── Z3Examples.cpp
│   ├── Z3Examples.h
│   ├── Z3Mgr.cpp
│   ├── Z3Mgr.h
│   └── test.cpp
└── Python
    └── Lab2.ipynb

1. Get the latest Lab-Exercise-2 code template

* Before coding, please type cd $HOME/Software-Security-Analysis and git pull in your terminal to make sure you always have the latest version of the code template before coding.

If git pull fails due to the conflict with your local changes, type git stash to store your current code in a temporal branch and type git pull again. If you want to retrieve your code back, type git stash pop.

1.1 launch.json

For C++, please refer to this section(recommended)
For Python, please refer to this section

2. Lab-Exercise-2 task

  1. Implement methods Z3ExampleMgr::test1() through Z3ExampleMgr::test10() in class Z3ExampleMgr in Z3Examplescpp.

You can complete the implementation either:

  • In C++ by implementing the methods directly in Z3ExampleMgr.cpp, or
  • In Python using Jupyter notebook, with each test in its own code cell in Z3Examples.ipynb

The goal is to translate C code into Z3 logic expressions and solve them to prove assertions. Use the SVF Z3Mgr API (or Python-Z3-API) to help with your implementation.

For reference, we have provided implementations of test1() through test3() along with validation code in test.cpp. Use these as examples to help write validation for the remaining methods test4() through test10().

  1. Note that the validation code in test1() to test2() is not meant to be complete. Given a program prog and an assert Q, you are expected to (1) translate the negation of Q and check unsat of prog ∧ ¬Q to prove the non-existence of counterexamples, and (2) also evaluate individual variables’ values (e.g., a) if you know a’s value is 3. For example, z3Mgr->getEvalExpr(a) == 3. When we do the marking, we will also evaluate the values of some Z3 expressions given their string names, so it is better to name them consistently with the names of the C variables. We will not evaluate expressions that do not correspond to the original C variables.

  2. For closed-world programs (value initializations are fixed and there are no inputs from externals), checking sat of prog ∧ Q is the same as checking unsat prog ∧ ¬Q

Method Description Marks
test1 Code statements with simple integers 10%
test2 Code statements with single-level pointers 10%
test3 Code statements with multi-level pointers 10%
test4 Code statements with array and pointers 10%
test5 Code statements with branches 10%
test6 Code statements with comparison and pointers 10%
test7 Code statements with binary operations 10%
test8 Code statements with array and branches 10%
test9 Code statements with struct and pointers 10%
test10 Code statements with calls 10%
  1. Run ctest -R lab2 -VV to execute the test suite and ensure all assertions in test.cpp pass successfully.
    If using Jupyter notebook, execute each code cell sequentially to validate your implementation.
  2. Upload Z3Example.cpp(or Lab2.ipynb) to UNSW WebCMS for your submission when you are finished with this lab. Your implementation will be evaluated against our internal tests. You will get the full marks if your code can pass them all.

*You will be working on Z3Mgr.cpp (or test code cell) only. There is NO need to modify other files under the Lab-Exercise-2 folder.

3. Debugging

For C++, please refer to this section(recommended)
For Python, please refer to this section

Clone this wiki locally