12 #ifndef CPROVER_GOTO_CHECKER_BMC_UTIL_H
13 #define CPROVER_GOTO_CHECKER_BMC_UTIL_H
68 std::unique_ptr<memory_model_baset>
103 const std::string &cov_out,
116 std::unordered_set<irep_idt> &updated_properties,
127 std::unordered_set<irep_idt> &updated_properties);
137 std::unordered_set<irep_idt> &updated_properties);
169 std::chrono::duration<double> solver_runtime,
170 bool set_pass =
true);
176 "(show-goto-symex-steps)" \
177 "(show-points-to-sets)" \
179 "(unwinding-assertions)" \
180 "(no-unwinding-assertions)" \
181 "(no-self-loops-to-assumptions)" \
184 "(show-symex-strategies)" \
186 "(max-field-sensitivity-array-size):" \
187 "(no-array-field-sensitivity)" \
188 "(graphml-witness):" \
189 "(symex-complexity-limit):" \
190 "(symex-complexity-failed-child-loops-limit):" \
191 "(incremental-loop):" \
194 "(ignore-properties-before-unwind-min)" \
195 "(symex-cache-dereferences)" OPT_UNWINDSET
198 " {y--paths} [strategy] \t explore paths one at a time\n" \
199 " {y--show-symex-strategies} \t list strategies for use with {y--paths}\n" \
200 " {y--show-goto-symex-steps} \t show which steps symex travels, includes " \
201 "diagnostic information\n" \
202 " {y--show-points-to-sets} \t show points-to sets for pointer dereference. " \
203 "Requires {y--json-ui}.\n" \
204 " {y--program-only} \t only show program expression\n" \
205 " {y--show-byte-ops} \t show all byte extracts and updates\n" \
206 " {y--depth} {unr} \t limit search depth\n" \
207 " {y--max-field-sensitivity-array-size} {uM} \t " \
208 "maximum size {uM} of arrays for which field sensitivity will be " \
209 "applied to array, the default is 64\n" \
210 " {y--no-array-field-sensitivity} \t " \
211 "deactivate field sensitivity for arrays, this is equivalent to setting " \
212 "the maximum field sensitivity size for arrays to 0\n" HELP_UNWINDSET \
213 " {y--incremental-loop} {uL} \t " \
214 "check properties after each unwinding of loop {uL} (use {y--show-loops} " \
215 "to get the loop IDs)\n" \
216 " {y--unwind-min} {unr} \t " \
217 "start incremental-loop after {unr} unwindings but before solving that " \
218 "iteration. If for example it is 1, then the loop will be unwound once, " \
219 "and immediately checked. Note: this means for {y--unwind-min} 1 or 0 all " \
220 "properties are checked.\n" \
221 " {y--unwind-max} {unr} \t stop incremental-loop after {unr} unwindings\n" \
222 " {y--ignore-properties-before-unwind-min} \t " \
223 "do not check properties before unwind-min when using " \
224 "{y--incremental-loop}\n" \
225 " {y--show-vcc} \t show the verification conditions\n" \
226 " {y--slice-formula} \t remove assignments unrelated to property\n" \
227 " {y--unwinding-assertions} \t generate unwinding assertions (cannot be " \
228 "used with {y--cover})\n" \
229 " {y--partial-loops} \t permit paths with partial loops\n" \
230 " {y--no-self-loops-to-assumptions} \t do not simplify while(1){ {}} to " \
232 " {y--symex-complexity-limit} {uN} \t " \
233 "how complex ({uN}) a path can become before symex abandons it. Currently " \
234 "uses guard size to calculate complexity.\n" \
235 " {y--symex-complexity-failed-child-loops-limit} {uN} \t " \
236 "how many child branches ({uN}) in an iteration are allowed to fail due to " \
237 "complexity violations before the loop gets blacklisted\n" \
238 " {y--graphml-witness} {ufilename} \t write the witness in GraphML format " \
240 " {y--symex-cache-dereferences} \t enable caching of repeated " \
std::chrono::duration< double > prepare_property_decider(propertiest &properties, symex_target_equationt &equation, goto_symex_property_decidert &property_decider, ui_message_handlert &ui_message_handler)
Converts the equation and sets up the property decider, but does not call solve.
void run_property_decider(incremental_goto_checkert::resultt &result, propertiest &properties, goto_symex_property_decidert &property_decider, ui_message_handlert &ui_message_handler, std::chrono::duration< double > solver_runtime, bool set_pass=true)
Runs the property decider to solve the equation.
void slice(symex_bmct &, symex_target_equationt &symex_target_equation, const namespacet &, const optionst &, ui_message_handlert &)
void output_coverage_report(const std::string &cov_out, const abstract_goto_modelt &goto_model, const symex_bmct &symex, ui_message_handlert &ui_message_handler)
Output a coverage report as generated by symex_coveraget if cov_out is non-empty.
void setup_symex(symex_bmct &, const namespacet &, const optionst &, ui_message_handlert &)
std::unique_ptr< memory_model_baset > get_memory_model(const optionst &options, const namespacet &)
void update_status_of_unknown_properties(propertiest &properties, std::unordered_set< irep_idt > &updated_properties)
Sets the property status of UNKNOWN properties to PASS.
void output_graphml(const goto_tracet &, const namespacet &, const optionst &)
outputs an error witness in graphml format
void update_properties_status_from_symex_target_equation(propertiest &properties, std::unordered_set< irep_idt > &updated_properties, const symex_target_equationt &equation)
Sets property status to PASS for properties whose conditions are constant true in the equation.
void output_error_trace(const goto_tracet &, const namespacet &, const trace_optionst &, ui_message_handlert &)
void message_building_error_trace(messaget &)
Outputs a message that an error trace is being built.
void update_status_of_not_checked_properties(propertiest &properties, std::unordered_set< irep_idt > &updated_properties)
Sets the property status of NOT_CHECKED properties to PASS.
ssa_step_predicatet ssa_step_matches_failing_property(const irep_idt &property_id)
Returns a function that checks whether an SSA step is an assertion with property_id.
void convert_symex_target_equation(symex_target_equationt &equation, decision_proceduret &decision_procedure, message_handlert &message_handler)
void postprocess_equation(symex_bmct &symex, symex_target_equationt &equation, const optionst &options, const namespacet &ns, ui_message_handlert &ui_message_handler)
Post process the equation.
void build_error_trace(goto_tracet &, const namespacet &, const symex_target_equationt &, const decision_proceduret &, ui_message_handlert &)
std::function< bool(symex_target_equationt::SSA_stepst::const_iterator, const decision_proceduret &)> ssa_step_predicatet
Abstract interface to eager or lazy GOTO models.
An interface for a decision procedure for satisfiability problems.
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Provides management of goal variables that encode properties.
Class that provides messages with a built-in verbosity 'level'.
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Inheriting the interface of symex_targett this class represents the SSA form of the input program as ...
message_handlert * message_handler
Incremental Goto Checker Interface.
std::map< irep_idt, property_infot > propertiest
A map of property IDs to property infos.
Options for printing the trace using show_goto_trace.