cbmc/goto__symex__property__decider_8cpp_source.html

 /*******************************************************************\


 Module: Property Decider for Goto-Symex


 Author: Daniel Kroening, Peter Schrammel


 \*******************************************************************/


 #include "goto_symex_property_decider.h"


 #include <util/ui_message.h>


 #include <goto-symex/solver_hardness.h>

 #include <solvers/prop/prop.h> // IWYU pragma: keep


 goto_symex_property_decidert::goto_symex_property_decidert(

   const optionst &options,

   ui_message_handlert &ui_message_handler,

   symex_target_equationt &equation,

   const namespacet &ns)

   : options(options), ui_message_handler(ui_message_handler), equation(equation)

 {

   solver_factoryt solvers(

     options,

     ns,

     ui_message_handler,

     ui_message_handler.get_ui() == ui_message_handlert::uit::XML_UI);

   solver = solvers.get_solver();

 }


 exprt goto_symex_property_decidert::goalt::as_expr() const

 {

   exprt::operandst conjuncts;

   conjuncts.reserve(instances.size());

   for(const auto &inst : instances)

     conjuncts.push_back(inst->cond_handle);

   return conjunction(conjuncts);

 }


 void goto_symex_property_decidert::

   update_properties_goals_from_symex_target_equation(propertiest &properties)

 {

   goal_map.clear();


   for(symex_target_equationt::SSA_stepst::iterator it =

         equation.SSA_steps.begin();

       it != equation.SSA_steps.end();

       ++it)

   {

     if(it->is_assert())

     {

       const irep_idt &property_id = it->property_id;

       CHECK_RETURN(!property_id.empty());


       // consider goal instance if it is in the given properties

       auto property_pair_it = properties.find(property_id);

       if(

         property_pair_it != properties.end() &&

         is_property_to_check(property_pair_it->second.status))

       {

         // it's going to be checked, but we don't know the status yet

         property_pair_it->second.status |= property_statust::UNKNOWN;

         goal_map[property_id].instances.push_back(it);

       }

     }

   }

 }


 void goto_symex_property_decidert::convert_goals()

 {

   for(auto &goal_pair : goal_map)

   {

     // Our goal is to falsify a property, i.e., we will

     // add the negation of the property as goal.

     goal_pair.second.condition = solver->decision_procedure().handle(

       not_exprt(goal_pair.second.as_expr()));

   }

 }


 void goto_symex_property_decidert::add_constraint_from_goals(

   std::function<bool(const irep_idt &)> select_property)

 {

   exprt::operandst disjuncts;

   decision_proceduret &decision_procedure = solver->decision_procedure();


   for(const auto &goal_pair : goal_map)

   {

     if(

       select_property(goal_pair.first) &&

       !goal_pair.second.condition.is_false())

     {

       disjuncts.push_back(goal_pair.second.condition);

     }

   }


   // this is 'false' if there are no disjuncts

   exprt goal_disjunction = disjunction(disjuncts);

   decision_procedure.set_to_true(goal_disjunction);


   with_solver_hardness(decision_procedure, [](solver_hardnesst &hardness) {

     // SSA expr and involved steps have already been collected

     // in symex_target_equationt::convert_assertions

     exprt ssa_expr_unused;

     std::vector<goto_programt::const_targett> involved_steps_unused;

     hardness.register_assertion_ssas(ssa_expr_unused, involved_steps_unused);

   });

 }


 decision_proceduret::resultt goto_symex_property_decidert::solve()

 {

   return solver->decision_procedure()();

 }


 stack_decision_proceduret &

 goto_symex_property_decidert::get_decision_procedure() const

 {

   return solver->decision_procedure();

 }


 boolbvt &goto_symex_property_decidert::get_boolbv_decision_procedure() const

 {

   return solver->boolbv_decision_procedure();

 }


 symex_target_equationt &goto_symex_property_decidert::get_equation() const

 {

   return equation;

 }


 void goto_symex_property_decidert::update_properties_status_from_goals(

   propertiest &properties,

   std::unordered_set<irep_idt> &updated_properties,

   decision_proceduret::resultt dec_result,

   bool set_pass) const

 {

   switch(dec_result)

   {

   case decision_proceduret::resultt::D_SATISFIABLE:

     for(auto &goal_pair : goal_map)

     {

       auto &status = properties.at(goal_pair.first).status;

       if(

         solver->decision_procedure()

           .get(goal_pair.second.condition)

           .is_true() &&

         status != property_statust::FAIL)

       {

         status |= property_statust::FAIL;

         updated_properties.insert(goal_pair.first);

       }

     }

     break;

   case decision_proceduret::resultt::D_UNSATISFIABLE:

     if(!set_pass)

       break;


     for(auto &property_pair : properties)

     {

       if(property_pair.second.status == property_statust::UNKNOWN)

       {

         property_pair.second.status |= property_statust::PASS;

         updated_properties.insert(property_pair.first);

       }

     }

     break;

   case decision_proceduret::resultt::D_ERROR:

     for(auto &property_pair : properties)

     {

       if(property_pair.second.status == property_statust::UNKNOWN)

       {

         property_pair.second.status |= property_statust::ERROR;

         updated_properties.insert(property_pair.first);

       }

     }

     break;

   }

 }

boolbvt
Definition: boolbv.h:46

decision_proceduret
An interface for a decision procedure for satisfiability problems.
Definition: decision_procedure.h:22

decision_proceduret::resultt
resultt
Result of running the decision procedure.
Definition: decision_procedure.h:45

decision_proceduret::resultt::D_ERROR
@ D_ERROR

decision_proceduret::resultt::D_UNSATISFIABLE
@ D_UNSATISFIABLE

decision_proceduret::resultt::D_SATISFIABLE
@ D_SATISFIABLE

decision_proceduret::set_to_true
void set_to_true(const exprt &)
For a Boolean expression expr, add the constraint 'expr'.
Definition: decision_procedure.cpp:31

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38

dstringt::empty
bool empty() const
Definition: dstring.h:89

exprt
Base class for all expressions.
Definition: expr.h:56

exprt::operandst
std::vector< exprt > operandst
Definition: expr.h:58

goto_symex_property_decidert::get_equation
symex_target_equationt & get_equation() const
Return the equation associated with this instance.
Definition: goto_symex_property_decider.cpp:128

goto_symex_property_decidert::options
const optionst & options
Definition: goto_symex_property_decider.h:69

goto_symex_property_decidert::get_boolbv_decision_procedure
boolbvt & get_boolbv_decision_procedure() const
Returns the solver instance.
Definition: goto_symex_property_decider.cpp:123

goto_symex_property_decidert::goto_symex_property_decidert
goto_symex_property_decidert(const optionst &options, ui_message_handlert &ui_message_handler, symex_target_equationt &equation, const namespacet &ns)
Definition: goto_symex_property_decider.cpp:19

goto_symex_property_decidert::ui_message_handler
ui_message_handlert & ui_message_handler
Definition: goto_symex_property_decider.h:70

goto_symex_property_decidert::get_decision_procedure
stack_decision_proceduret & get_decision_procedure() const
Returns the solver instance.
Definition: goto_symex_property_decider.cpp:118

goto_symex_property_decidert::solve
decision_proceduret::resultt solve()
Calls solve() on the solver instance.
Definition: goto_symex_property_decider.cpp:112

goto_symex_property_decidert::solver
std::unique_ptr< solver_factoryt::solvert > solver
Definition: goto_symex_property_decider.h:72

goto_symex_property_decidert::equation
symex_target_equationt & equation
Definition: goto_symex_property_decider.h:71

goto_symex_property_decidert::update_properties_goals_from_symex_target_equation
void update_properties_goals_from_symex_target_equation(propertiest &properties)
Get the conditions for the properties from the equation and collect all 'instances' of the properties...
Definition: goto_symex_property_decider.cpp:44

goto_symex_property_decidert::update_properties_status_from_goals
void update_properties_status_from_goals(propertiest &properties, std::unordered_set< irep_idt > &updated_properties, decision_proceduret::resultt dec_result, bool set_pass=true) const
Update the property status from the truth value of the goal variable.
Definition: goto_symex_property_decider.cpp:133

goto_symex_property_decidert::add_constraint_from_goals
void add_constraint_from_goals(std::function< bool(const irep_idt &property_id)> select_property)
Add disjunction of negated selected properties to the equation.
Definition: goto_symex_property_decider.cpp:83

goto_symex_property_decidert::convert_goals
void convert_goals()
Convert the instances of a property into a goal variable.
Definition: goto_symex_property_decider.cpp:72

goto_symex_property_decidert::goal_map
std::map< irep_idt, goalt > goal_map
Maintains the relation between a property ID and the corresponding goal variable that encodes the neg...
Definition: goto_symex_property_decider.h:88

namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94

not_exprt
Boolean negation.
Definition: std_expr.h:2332

optionst
Definition: options.h:23

solver_factoryt
Definition: solver_factory.h:27

solver_factoryt::get_solver
virtual std::unique_ptr< solvert > get_solver()
Returns a solvert object.
Definition: solver_factory.cpp:101

stack_decision_proceduret
Definition: stack_decision_procedure.h:58

symex_target_equationt
Inheriting the interface of symex_targett this class represents the SSA form of the input program as ...
Definition: symex_target_equation.h:34

symex_target_equationt::SSA_steps
SSA_stepst SSA_steps
Definition: symex_target_equation.h:251

ui_message_handlert
Definition: ui_message.h:22

ui_message_handlert::get_ui
virtual uit get_ui() const
Definition: ui_message.h:33

ui_message_handlert::uit::XML_UI
@ XML_UI

goto_symex_property_decider.h
Property Decider for Goto-Symex.

prop.h

is_property_to_check
bool is_property_to_check(property_statust status)
Return true if the status is NOT_CHECKED or UNKNOWN.
Definition: properties.cpp:175

property_statust::UNKNOWN
@ UNKNOWN
The checker was unable to determine the status of the property.

property_statust::PASS
@ PASS
The property was not violated.

property_statust::ERROR
@ ERROR
An error occurred during goto checking.

property_statust::FAIL
@ FAIL
The property was violated.

propertiest
std::map< irep_idt, property_infot > propertiest
A map of property IDs to property infos.
Definition: properties.h:76

solver_hardness.h

with_solver_hardness
static void with_solver_hardness(decision_proceduret &maybe_hardness_collector, std::function< void(solver_hardnesst &hardness)> handler)
Definition: solver_hardness.h:161

CHECK_RETURN
#define CHECK_RETURN(CONDITION)
Definition: invariant.h:495

conjunction
exprt conjunction(const exprt::operandst &op)
1) generates a conjunction for two or more operands 2) for one operand, returns the operand 3) return...
Definition: std_expr.cpp:83

disjunction
exprt disjunction(const exprt::operandst &op)
1) generates a disjunction for two or more operands 2) for one operand, returns the operand 3) return...
Definition: std_expr.cpp:71

goto_symex_property_decidert::goalt::instances
std::vector< symex_target_equationt::SSA_stepst::iterator > instances
A property holds if all instances of it are true.
Definition: goto_symex_property_decider.h:77

goto_symex_property_decidert::goalt::as_expr
exprt as_expr() const
Definition: goto_symex_property_decider.cpp:34

solver_hardnesst
A structure that facilitates collecting the complexity statistics from a decision procedure.
Definition: solver_hardness.h:40

solver_hardnesst::register_assertion_ssas
void register_assertion_ssas(const exprt &ssa_expression, const std::vector< goto_programt::const_targett > &pcs)
Called from the symtex_target_equationt::convert_assertions, this function associates the disjunction...
Definition: solver_hardness.cpp:75

ui_message.h