public DoomErrorHandler(Dictionary<int, Absy> label2Absy, VerifierCallback callback)
{
Contract.Requires(label2Absy != null);
Contract.Requires(callback != null);
this.label2Absy = label2Absy;
this.callback = callback;
}
public DoomErrorHandler(Dictionary <int, Absy> label2Absy, VerifierCallback callback)
{
Contract.Requires(label2Absy != null);
Contract.Requires(callback != null);
this.label2Absy = label2Absy;
this.callback = callback;
}
/// <summary>
/// As a side effect, updates "this.parent.CumulativeAssertionCount".
/// </summary>
public void BeginCheck(Checker checker, VerifierCallback callback, ModelViewInfo mvInfo, int no, int timeout, int rlimit)
{
Contract.Requires(checker != null);
Contract.Requires(callback != null);
splitNum = no;
impl.Blocks = blocks;
this.checker = checker;
Dictionary <int, Absy> label2absy = new Dictionary <int, Absy>();
ProverContext ctx = checker.TheoremProver.Context;
Boogie2VCExprTranslator bet = ctx.BoogieExprTranslator;
var cc = new VCGen.CodeExprConversionClosure(label2absy, ctx);
bet.SetCodeExprConverter(cc.CodeExprToVerificationCondition);
var exprGen = ctx.ExprGen;
VCExpr controlFlowVariableExpr = exprGen.Integer(BigNum.ZERO);
VCExpr vc = parent.GenerateVCAux(impl, controlFlowVariableExpr, label2absy, checker.TheoremProver.Context);
Contract.Assert(vc != null);
vc = QuantifierInstantiationEngine.Instantiate(impl, exprGen, bet, vc);
VCExpr controlFlowFunctionAppl =
exprGen.ControlFlowFunctionApplication(exprGen.Integer(BigNum.ZERO), exprGen.Integer(BigNum.ZERO));
VCExpr eqExpr = exprGen.Eq(controlFlowFunctionAppl, exprGen.Integer(BigNum.FromInt(impl.Blocks[0].UniqueId)));
vc = exprGen.Implies(eqExpr, vc);
reporter = new VCGen.ErrorReporter(gotoCmdOrigins, label2absy, impl.Blocks, parent.debugInfos, callback,
mvInfo, this.Checker.TheoremProver.Context, parent.program);
if (CommandLineOptions.Clo.TraceVerify && no >= 0)
{
Console.WriteLine("-- after split #{0}", no);
Print();
}
string desc = cce.NonNull(impl.Name);
if (no >= 0)
{
desc += "_split" + no;
}
checker.BeginCheck(desc, vc, reporter, timeout, rlimit, impl.RandomSeed);
}
bool ReCheckImpl(Variable reachvar, Implementation impl, VerifierCallback callback,
out ProverInterface.Outcome outcome)
{
Contract.Requires(reachvar != null);
Contract.Requires(impl != null);
Contract.Requires(callback != null);
Checker checker = FindCheckerFor(impl, 1000);
Contract.Assert(checker != null);
DoomCheck dc = new DoomCheck(impl, this.exitBlock, checker, m_UncheckableBlocks);
dc.ErrorHandler = new DoomErrorHandler(dc.Label2Absy, callback);
outcome = ProverInterface.Outcome.Undetermined;
List <Variable> rv = new List <Variable>();
rv.Add(reachvar);
if (!dc.CheckLabel(rv, null, out outcome))
{
checker.Close();
return(false);
}
checker.Close();
return(true);
}
public abstract VC.ConditionGeneration.Outcome VerifyImpl(TransHelper.TransEnv env, VC.VCGen vcgen, Implementation impl, Program prog, VerifierCallback reporter);
private void SearchCounterexample(Implementation impl, DoomErrorHandler errh, VerifierCallback callback)
{
Contract.Requires(impl != null);
Contract.Requires(errh != null);
Contract.Requires(callback != null);
Contract.Requires(errh.m_Reachvar != null);
//if (errh.m_Reachvar==null) {
// Contract.Assert(false);throw new cce.UnreachableException();
//}
m_doomedCmds.Clear();
Dictionary<Block, List<Cmd>> cmdbackup = new Dictionary<Block, List<Cmd>>();
BruteForceCESearch(errh.m_Reachvar, impl, callback, cmdbackup, 0, impl.Blocks.Count / 2 - 1);
BruteForceCESearch(errh.m_Reachvar, impl, callback, cmdbackup, impl.Blocks.Count / 2, impl.Blocks.Count - 1);
List<Cmd> causals = CollectCausalStatements(impl.Blocks[0]);
foreach (Cmd c in causals) {
Contract.Assert(c != null);
GenerateErrorMessage(c, causals);
}
#region Undo all modifications
foreach (KeyValuePair<Block, List<Cmd>> kvp in cmdbackup) {
Contract.Assert(kvp.Key != null);
Contract.Assert(kvp.Value != null);
kvp.Key.Cmds = kvp.Value;
}
#endregion
}
bool ReCheckImpl(Variable reachvar, Implementation impl, VerifierCallback callback,
out ProverInterface.Outcome outcome)
{
Contract.Requires(reachvar != null);
Contract.Requires(impl != null);
Contract.Requires(callback != null);
Checker checker = FindCheckerFor(impl, 1000);
Contract.Assert(checker != null);
DoomCheck dc = new DoomCheck(impl, this.exitBlock, checker, m_UncheckableBlocks);
dc.ErrorHandler = new DoomErrorHandler(dc.Label2Absy, callback);
outcome = ProverInterface.Outcome.Undetermined;
List<Variable> rv = new List<Variable>();
rv.Add(reachvar);
if (!dc.CheckLabel(rv,null, out outcome)) {
checker.Close();
return false;
}
checker.Close();
return true;
}
/// <summary>
/// MSchaef:
/// - remove loops and add reach variables
/// - make it a passive program
/// - compute the wlp for each block
/// - check if |= (reach=false) => wlp.S.false holds for each reach
///
/// </summary>
public override Outcome VerifyImplementation(Implementation impl, VerifierCallback callback)
{
Contract.EnsuresOnThrow<UnexpectedProverOutputException>(true);
Console.WriteLine();
Console.WriteLine("Checking function {0}", impl.Name);
callback.OnProgress("doomdetector", 0, 0, 0);
bool restartTP = CommandLineOptions.Clo.DoomRestartTP ;
//Impl2Dot(impl, String.Format("c:/dot/{0}_orig.dot", impl.Name));
Transform4DoomedCheck(impl);
//Impl2Dot(impl, String.Format("c:/dot/{0}_fin.dot", impl.Name));
Checker checker = FindCheckerFor(1000);
Contract.Assert(checker != null);
int assertionCount;
DoomCheck dc = new DoomCheck(impl, this.exitBlock, checker, m_UncheckableBlocks, out assertionCount);
CumulativeAssertionCount += assertionCount;
//EmitImpl(impl, false);
int _totalchecks = 0;
ProverInterface.Outcome outcome;
dc.ErrorHandler = new DoomErrorHandler(dc.Label2Absy, callback);
System.TimeSpan ts = new TimeSpan();
if (_print_time) Console.WriteLine("Total number of blocks {0}", impl.Blocks.Count);
List<Block> lb;
List<Variable> lv = new List<Variable>();
while (dc.GetNextBlock(out lb))
{
Contract.Assert(lb != null);
outcome = ProverInterface.Outcome.Undetermined;
Variable v = null;
lv.Clear();
foreach (Block b_ in lb)
{
if (!m_BlockReachabilityMap.TryGetValue(b_, out v))
{
// This should cause an error
continue;
}
//Console.Write("{0}, ",b_.Label);
lv.Add(v);
}
//Console.WriteLine();
Dictionary<Expr, int> finalreachvars = m_GetPostconditionVariables(impl.Blocks,lb);
if (lv.Count < 1)
{
continue;
}
Contract.Assert(lv != null);
_totalchecks++;
if (!dc.CheckLabel(lv,finalreachvars, out outcome)) {
return Outcome.Inconclusive;
}
ts += dc.DEBUG_ProverTime.Elapsed;
if (restartTP)
{
checker.Close();
checker = FindCheckerFor(1000);
dc.RespawnChecker(impl, checker);
dc.ErrorHandler = new DoomErrorHandler(dc.Label2Absy, callback);
}
}
checker.Close();
if (_print_time)
{
Console.WriteLine("Number of Checkes / #Blocks: {0} of {1}", _totalchecks, impl.Blocks.Count);
dc.__DEBUG_PrintStatistics();
Console.WriteLine("Total time for this method: {0}", ts.ToString());
}
#region Try to produce a counter example (brute force)
if (dc.DoomedSequences.Count > 0) {
int counter = 0;
List<Block> _all = new List<Block>();
foreach (List<Block> lb_ in dc.DoomedSequences)
{
foreach (Block b_ in lb_)
{
if (!_all.Contains(b_) && !m_UncheckableBlocks.Contains(b_))
{
_all.Add(b_); counter++;
if (!_print_time) Console.WriteLine(b_.Label);
}
}
}
if (_all.Count > 0)
{
Console.WriteLine("#Dead Blocks found: {0}: ", counter);
return Outcome.Errors;
}
}
#endregion
return Outcome.Correct;
}
bool BruteForceCmd(Block b, int startidx, int endidx, Variable reachvar,
Implementation impl, VerifierCallback callback)
{
Contract.Requires(b != null);
Contract.Requires(reachvar != null);
Contract.Requires(impl != null);
Contract.Requires(callback != null);
#region Modify Cmds
List<Cmd> backup = b.Cmds;
Contract.Assert(backup != null);
List<Cmd> cs = new List<Cmd>();
for (int i = 0; i < startidx; i++) {
cs.Add(b.Cmds[i]);
}
for (int i = startidx; i <= endidx; i++) {
Cmd c = b.Cmds[i];
if (ContainsReachVariable(c)) {
cs.Add(c);
continue;
}
cs.Add(new AssertCmd(c.tok, Expr.True));
}
for (int i = endidx + 1; i < b.Cmds.Length; i++) {
cs.Add(b.Cmds[i]);
}
b.Cmds = cs;
#endregion
#region Recheck
ProverInterface.Outcome outcome = ProverInterface.Outcome.Undetermined;
if (!ReCheckImpl(reachvar, impl, callback, out outcome)) {
b.Cmds = backup;
return false;
}
#endregion
if (outcome == ProverInterface.Outcome.Valid) {
return true;
} else if (outcome == ProverInterface.Outcome.Invalid) {
b.Cmds = backup;
if (startidx >= endidx) {
if (!ContainsReachVariable(b.Cmds[endidx])) {
// Console.Write(" Witness (");
//
// ConsoleColor col = Console.ForegroundColor;
// Console.ForegroundColor = ConsoleColor.White;
// Console.Write("{0};{1}", b.Cmds[endidx].tok.line, b.Cmds[endidx].tok.col );
// Console.ForegroundColor = col;
// Console.Write("): ");
// Console.ForegroundColor = ConsoleColor.Yellow;
// b.Cmds[endidx].Emit(new TokenTextWriter("<console>", Console.Out, false), 0);
// Console.ForegroundColor = col;
m_doomedCmds.Add(b.Cmds[endidx]);
return true;
} else {
return false;
}
} else {
int mid = startidx + (endidx - startidx) / 2;
BruteForceCmd(b, startidx, mid, reachvar, impl, callback);
BruteForceCmd(b, mid + 1, endidx, reachvar, impl, callback);
return false; // This is pure random
}
} else {
b.Cmds = backup;
return false;
}
}
bool BruteForceCESearch(Variable reachvar, Implementation impl, VerifierCallback callback,
Dictionary<Block, List<Cmd>> cmdbackup, int startidx, int endidx)
{
Contract.Requires(reachvar != null);
Contract.Requires(impl != null);
Contract.Requires(callback != null);
Contract.Requires(cce.NonNullElements(cmdbackup));
#region Modify implementation
for (int i = startidx; i <= endidx; i++) {
if (_copiedBlock.Contains(impl.Blocks[i]))
continue;
List<Cmd> cs = new List<Cmd>();
cmdbackup.Add(impl.Blocks[i], impl.Blocks[i].Cmds);
foreach (Cmd c in impl.Blocks[i].Cmds) {
Contract.Assert(c != null);
if (ContainsReachVariable(c)) {
cs.Add(c);
continue;
}
AssertCmd ac = c as AssertCmd;
AssumeCmd uc = c as AssumeCmd;
if (ac != null) {
cs.Add(new AssertCmd(ac.tok, Expr.True));
} else if (uc != null) {
cs.Add(new AssertCmd(uc.tok, Expr.True));
} else {
cs.Add(c);
}
}
impl.Blocks[i].Cmds = cs;
}
#endregion
ProverInterface.Outcome outcome = ProverInterface.Outcome.Undetermined;
if (!ReCheckImpl(reachvar, impl, callback, out outcome)) {
UndoBlockModifications(impl, cmdbackup, startidx, endidx);
return false;
}
if (outcome == ProverInterface.Outcome.Valid) {
return true;
} else if (outcome == ProverInterface.Outcome.Invalid) {
UndoBlockModifications(impl, cmdbackup, startidx, endidx);
int mid = startidx + (endidx - startidx) / 2;
if (startidx >= endidx) {
// Now we found an interesting Block and we have to
// search for the interesting statements.
int cmdcount = impl.Blocks[endidx].Cmds.Length;
BruteForceCmd(impl.Blocks[endidx], 0, cmdcount / 2 - 1, reachvar, impl, callback);
BruteForceCmd(impl.Blocks[endidx], cmdcount / 2, cmdcount - 1, reachvar, impl, callback);
return true;
} else {
BruteForceCESearch(reachvar, impl, callback, cmdbackup, startidx, mid);
BruteForceCESearch(reachvar, impl, callback, cmdbackup, mid + 1, endidx);
return true;
}
} else {
UndoBlockModifications(impl, cmdbackup, startidx, endidx);
return false;
}
}
public override VC.VCGen.Outcome VerifyImplementation(Implementation impl, VerifierCallback collector)
{
var start = DateTime.Now;
if (!generated)
{
Generate();
Console.WriteLine("generate: {0}s", (DateTime.Now - start).TotalSeconds);
generated = true;
}
Procedure proc = impl.Proc;
// we verify all the impls at once, so we need to execute only once
// TODO: make sure needToCheck is true only once
bool needToCheck = false;
if (mode == Mode.OldCorral)
needToCheck = proc.FindExprAttribute("inline") == null && !(proc is LoopProcedure);
else if (mode == Mode.Corral)
needToCheck = QKeyValue.FindBoolAttribute(impl.Attributes, "entrypoint") && !(proc is LoopProcedure);
else
needToCheck = impl.Name == main_proc_name;
if (needToCheck)
{
Console.WriteLine("Verifying {0}...", impl.Name);
RPFP.Node cexroot = null;
// start = DateTime.Now;
var checkres = Check(ref cexroot);
Console.WriteLine("check: {0}s", (DateTime.Now - start).TotalSeconds);
switch (checkres)
{
case RPFP.LBool.True:
Console.WriteLine("Counterexample found.\n");
// start = DateTime.Now;
Counterexample cex = CreateBoogieCounterExample(cexroot.owner, cexroot, impl);
// cexroot.owner.DisposeDualModel();
// cex.Print(0); // just for testing
collector.OnCounterexample(cex, "assertion failure");
Console.WriteLine("cex: {0}s", (DateTime.Now - start).TotalSeconds);
return VC.ConditionGeneration.Outcome.Errors;
case RPFP.LBool.False:
Console.WriteLine("Procedure is correct.");
return Outcome.Correct;
case RPFP.LBool.Undef:
Console.WriteLine("Inconclusive result.");
return Outcome.ReachedBound;
}
}
return Outcome.Inconclusive;
}
public abstract VC.ConditionGeneration.Outcome VerifyImpl(TransHelper.TransEnv env, VC.VCGen vcgen, Implementation impl, Program prog, VerifierCallback reporter);
/// <summary>
/// As a side effect, updates "this.parent.CumulativeAssertionCount".
/// </summary>
public void BeginCheck(Checker checker, VerifierCallback callback, ModelViewInfo mvInfo, int no, int timeout, int rlimit)
{
Contract.Requires(checker != null);
Contract.Requires(callback != null);
splitNo = no;
impl.Blocks = blocks;
this.checker = checker;
Dictionary <int, Absy> label2absy = new Dictionary <int, Absy>();
ProverContext ctx = checker.TheoremProver.Context;
Boogie2VCExprTranslator bet = ctx.BoogieExprTranslator;
var cc = new VCGen.CodeExprConversionClosure(label2absy, ctx);
bet.SetCodeExprConverter(cc.CodeExprToVerificationCondition);
var exprGen = ctx.ExprGen;
VCExpr controlFlowVariableExpr = exprGen.Integer(BigNum.ZERO);
#region proofgen
TypePremiseEraserFactory typePremiseEraserFactory;
switch (CommandLineOptions.Clo.TypeEncodingMethod)
{
case CommandLineOptions.TypeEncoding.Predicates:
typePremiseEraserFactory = new TypePremiseEraserFactory(checker.VCExprGen, bet, true);
break;
case CommandLineOptions.TypeEncoding.Monomorphic:
typePremiseEraserFactory = new TypePremiseEraserFactory(checker.VCExprGen, bet, false);
break;
default:
throw new NotImplementedException();
}
ProofGenerationLayer.SetTypeEraserFactory(typePremiseEraserFactory);
#endregion
/* PROOF GEN: we pass "null" as the control flow variable expression, such that labels are not produced as they are
* not relevant for proof generation of programs that verify */
VCExpr vc = parent.GenerateVCAux(impl, null, label2absy, checker.TheoremProver.Context);
Contract.Assert(vc != null);
#region proofgen
if (!(ctx is DeclFreeProverContext))
{
throw new NotImplementedException("Proof Generation only supports DeclFreeProverContext as context.");
}
var declFreeProverContext = ctx as DeclFreeProverContext;
var premiseEraserProvider = typePremiseEraserFactory?.NewEraser();
VCExpr eraseVC(VCExpr vc, int polarity)
{
return(!premiseEraserProvider.ProgramIsPolymorphic ? vc : premiseEraserProvider.EraseAndSortLet(vc, polarity));
}
VCExpr erasedVC = eraseVC(vc, 1);
VCExpr erasedAxioms = eraseVC(declFreeProverContext.Axioms, -1);
VCExpr typeAxioms = null;
List <VCAxiomInfo> vcAxiomsInfo = null;
if (premiseEraserProvider.ProgramIsPolymorphic)
{
typeAxioms = premiseEraserProvider.AxiomBuilder.GetNewAxiomsAndInfo(out vcAxiomsInfo);
}
ProofGenerationLayer.VCGenerateAllProofs(
erasedVC,
erasedAxioms,
typeAxioms,
vcAxiomsInfo,
checker.TheoremProver.VCExprGen,
checker.TheoremProver.Context.BoogieExprTranslator,
premiseEraserProvider?.AxiomBuilder);
#endregion
/* PROOF GEN: comment out label specific parts
* VCExpr controlFlowFunctionAppl =
* exprGen.ControlFlowFunctionApplication(exprGen.Integer(BigNum.ZERO), exprGen.Integer(BigNum.ZERO));
* VCExpr eqExpr = exprGen.Eq(controlFlowFunctionAppl, exprGen.Integer(BigNum.FromInt(impl.Blocks[0].UniqueId)));
* vc = exprGen.Implies(eqExpr, vc);
*/
reporter = new VCGen.ErrorReporter(gotoCmdOrigins, label2absy, impl.Blocks, parent.debugInfos, callback,
mvInfo, this.Checker.TheoremProver.Context, parent.program);
if (CommandLineOptions.Clo.TraceVerify && no >= 0)
{
Console.WriteLine("-- after split #{0}", no);
Print();
}
string desc = cce.NonNull(impl.Name);
if (no >= 0)
{
desc += "_split" + no;
}
checker.BeginCheck(desc, vc, reporter, timeout, rlimit, impl.RandomSeed);
}
bool BruteForceCmd(Block b, int startidx, int endidx, Variable reachvar,
Implementation impl, VerifierCallback callback)
{
Contract.Requires(b != null);
Contract.Requires(reachvar != null);
Contract.Requires(impl != null);
Contract.Requires(callback != null);
#region Modify Cmds
List <Cmd> backup = b.Cmds;
Contract.Assert(backup != null);
List <Cmd> cs = new List <Cmd>();
for (int i = 0; i < startidx; i++)
{
cs.Add(b.Cmds[i]);
}
for (int i = startidx; i <= endidx; i++)
{
Cmd c = b.Cmds[i];
if (ContainsReachVariable(c))
{
cs.Add(c);
continue;
}
cs.Add(new AssertCmd(c.tok, Expr.True));
}
for (int i = endidx + 1; i < b.Cmds.Length; i++)
{
cs.Add(b.Cmds[i]);
}
b.Cmds = cs;
#endregion
#region Recheck
ProverInterface.Outcome outcome = ProverInterface.Outcome.Undetermined;
if (!ReCheckImpl(reachvar, impl, callback, out outcome))
{
b.Cmds = backup;
return(false);
}
#endregion
if (outcome == ProverInterface.Outcome.Valid)
{
return(true);
}
else if (outcome == ProverInterface.Outcome.Invalid)
{
b.Cmds = backup;
if (startidx >= endidx)
{
if (!ContainsReachVariable(b.Cmds[endidx]))
{
// Console.Write(" Witness (");
//
// ConsoleColor col = Console.ForegroundColor;
// Console.ForegroundColor = ConsoleColor.White;
// Console.Write("{0};{1}", b.Cmds[endidx].tok.line, b.Cmds[endidx].tok.col );
// Console.ForegroundColor = col;
// Console.Write("): ");
// Console.ForegroundColor = ConsoleColor.Yellow;
// b.Cmds[endidx].Emit(new TokenTextWriter("<console>", Console.Out, false), 0);
// Console.ForegroundColor = col;
m_doomedCmds.Add(b.Cmds[endidx]);
return(true);
}
else
{
return(false);
}
}
else
{
int mid = startidx + (endidx - startidx) / 2;
BruteForceCmd(b, startidx, mid, reachvar, impl, callback);
BruteForceCmd(b, mid + 1, endidx, reachvar, impl, callback);
return(false); // This is pure random
}
}
else
{
b.Cmds = backup;
return(false);
}
}
bool BruteForceCESearch(Variable reachvar, Implementation impl, VerifierCallback callback,
Dictionary <Block, List <Cmd> > cmdbackup, int startidx, int endidx)
{
Contract.Requires(reachvar != null);
Contract.Requires(impl != null);
Contract.Requires(callback != null);
Contract.Requires(cce.NonNullElements(cmdbackup));
#region Modify implementation
for (int i = startidx; i <= endidx; i++)
{
if (_copiedBlock.Contains(impl.Blocks[i]))
{
continue;
}
List <Cmd> cs = new List <Cmd>();
cmdbackup.Add(impl.Blocks[i], impl.Blocks[i].Cmds);
foreach (Cmd c in impl.Blocks[i].Cmds)
{
Contract.Assert(c != null);
if (ContainsReachVariable(c))
{
cs.Add(c);
continue;
}
AssertCmd ac = c as AssertCmd;
AssumeCmd uc = c as AssumeCmd;
if (ac != null)
{
cs.Add(new AssertCmd(ac.tok, Expr.True));
}
else if (uc != null)
{
cs.Add(new AssertCmd(uc.tok, Expr.True));
}
else
{
cs.Add(c);
}
}
impl.Blocks[i].Cmds = cs;
}
#endregion
ProverInterface.Outcome outcome = ProverInterface.Outcome.Undetermined;
if (!ReCheckImpl(reachvar, impl, callback, out outcome))
{
UndoBlockModifications(impl, cmdbackup, startidx, endidx);
return(false);
}
if (outcome == ProverInterface.Outcome.Valid)
{
return(true);
}
else if (outcome == ProverInterface.Outcome.Invalid)
{
UndoBlockModifications(impl, cmdbackup, startidx, endidx);
int mid = startidx + (endidx - startidx) / 2;
if (startidx >= endidx)
{
// Now we found an interesting Block and we have to
// search for the interesting statements.
int cmdcount = impl.Blocks[endidx].Cmds.Length;
BruteForceCmd(impl.Blocks[endidx], 0, cmdcount / 2 - 1, reachvar, impl, callback);
BruteForceCmd(impl.Blocks[endidx], cmdcount / 2, cmdcount - 1, reachvar, impl, callback);
return(true);
}
else
{
BruteForceCESearch(reachvar, impl, callback, cmdbackup, startidx, mid);
BruteForceCESearch(reachvar, impl, callback, cmdbackup, mid + 1, endidx);
return(true);
}
}
else
{
UndoBlockModifications(impl, cmdbackup, startidx, endidx);
return(false);
}
}
private void SearchCounterexample(Implementation impl, DoomErrorHandler errh, VerifierCallback callback)
{
Contract.Requires(impl != null);
Contract.Requires(errh != null);
Contract.Requires(callback != null);
Contract.Requires(errh.m_Reachvar != null);
//if (errh.m_Reachvar==null) {
// Contract.Assert(false);throw new cce.UnreachableException();
//}
m_doomedCmds.Clear();
Dictionary <Block, List <Cmd> > cmdbackup = new Dictionary <Block, List <Cmd> >();
BruteForceCESearch(errh.m_Reachvar, impl, callback, cmdbackup, 0, impl.Blocks.Count / 2 - 1);
BruteForceCESearch(errh.m_Reachvar, impl, callback, cmdbackup, impl.Blocks.Count / 2, impl.Blocks.Count - 1);
List <Cmd> causals = CollectCausalStatements(impl.Blocks[0]);
foreach (Cmd c in causals)
{
Contract.Assert(c != null);
GenerateErrorMessage(c, causals);
}
#region Undo all modifications
foreach (KeyValuePair <Block, List <Cmd> > kvp in cmdbackup)
{
Contract.Assert(kvp.Key != null);
Contract.Assert(kvp.Value != null);
kvp.Key.Cmds = kvp.Value;
}
#endregion
}
/// <summary>
/// MSchaef:
/// - remove loops and add reach variables
/// - make it a passive program
/// - compute the wlp for each block
/// - check if |= (reach=false) => wlp.S.false holds for each reach
///
/// </summary>
public override Outcome VerifyImplementation(Implementation impl, VerifierCallback callback)
{
Contract.EnsuresOnThrow <UnexpectedProverOutputException>(true);
Console.WriteLine();
Console.WriteLine("Checking function {0}", impl.Name);
callback.OnProgress("doomdetector", 0, 0, 0);
bool restartTP = CommandLineOptions.Clo.DoomRestartTP;
//Impl2Dot(impl, String.Format("c:/dot/{0}_orig.dot", impl.Name));
Transform4DoomedCheck(impl);
//Impl2Dot(impl, String.Format("c:/dot/{0}_fin.dot", impl.Name));
Checker checker = FindCheckerFor(1000);
Contract.Assert(checker != null);
int assertionCount;
DoomCheck dc = new DoomCheck(impl, this.exitBlock, checker, m_UncheckableBlocks, out assertionCount);
CumulativeAssertionCount += assertionCount;
//EmitImpl(impl, false);
int _totalchecks = 0;
ProverInterface.Outcome outcome;
dc.ErrorHandler = new DoomErrorHandler(dc.Label2Absy, callback);
System.TimeSpan ts = new TimeSpan();
if (_print_time)
{
Console.WriteLine("Total number of blocks {0}", impl.Blocks.Count);
}
List <Block> lb;
List <Variable> lv = new List <Variable>();
while (dc.GetNextBlock(out lb))
{
Contract.Assert(lb != null);
outcome = ProverInterface.Outcome.Undetermined;
Variable v = null;
lv.Clear();
foreach (Block b_ in lb)
{
if (!m_BlockReachabilityMap.TryGetValue(b_, out v))
{
// This should cause an error
continue;
}
//Console.Write("{0}, ",b_.Label);
lv.Add(v);
}
//Console.WriteLine();
Dictionary <Expr, int> finalreachvars = m_GetPostconditionVariables(impl.Blocks, lb);
if (lv.Count < 1)
{
continue;
}
Contract.Assert(lv != null);
_totalchecks++;
if (!dc.CheckLabel(lv, finalreachvars, out outcome))
{
return(Outcome.Inconclusive);
}
ts += dc.DEBUG_ProverTime.Elapsed;
if (restartTP)
{
checker.Close();
checker = FindCheckerFor(1000);
dc.RespawnChecker(impl, checker);
dc.ErrorHandler = new DoomErrorHandler(dc.Label2Absy, callback);
}
}
checker.Close();
if (_print_time)
{
Console.WriteLine("Number of Checkes / #Blocks: {0} of {1}", _totalchecks, impl.Blocks.Count);
dc.__DEBUG_PrintStatistics();
Console.WriteLine("Total time for this method: {0}", ts.ToString());
}
#region Try to produce a counter example (brute force)
if (dc.DoomedSequences.Count > 0)
{
int counter = 0;
List <Block> _all = new List <Block>();
foreach (List <Block> lb_ in dc.DoomedSequences)
{
foreach (Block b_ in lb_)
{
if (!_all.Contains(b_) && !m_UncheckableBlocks.Contains(b_))
{
_all.Add(b_); counter++;
if (!_print_time)
{
Console.WriteLine(b_.Label);
}
}
}
}
if (_all.Count > 0)
{
Console.WriteLine("#Dead Blocks found: {0}: ", counter);
return(Outcome.Errors);
}
}
#endregion
return(Outcome.Correct);
}
