private YieldingProcInstrumentation(
CivlTypeChecker civlTypeChecker,
LinearTypeChecker linearTypeChecker,
LinearPermissionInstrumentation linearPermissionInstrumentation,
int layerNum,
Dictionary <Absy, Absy> absyMap,
Dictionary <CallCmd, Block> refinementBlocks)
{
this.civlTypeChecker = civlTypeChecker;
this.linearTypeChecker = linearTypeChecker;
this.layerNum = layerNum;
this.absyMap = absyMap;
this.linearPermissionInstrumentation = linearPermissionInstrumentation;
this.refinementBlocks = refinementBlocks;
parallelCallAggregators = new Dictionary <string, Procedure>();
noninterferenceCheckerDecls = new List <Declaration>();
List <Variable> inputs = new List <Variable>();
foreach (string domainName in linearTypeChecker.linearDomains.Keys)
{
inputs.Add(linearTypeChecker.LinearDomainInFormal(domainName));
}
foreach (Variable g in civlTypeChecker.GlobalVariables)
{
inputs.Add(OldGlobalFormal(g));
}
wrapperNoninterferenceCheckerProc = new Procedure(Token.NoToken,
$"Wrapper_NoninterferenceChecker_{layerNum}", new List <TypeVariable>(),
inputs, new List <Variable>(), new List <Requires>(), new List <IdentifierExpr>(), new List <Ensures>());
CivlUtil.AddInlineAttribute(wrapperNoninterferenceCheckerProc);
}
private YieldingProcInstrumentation(
CivlTypeChecker civlTypeChecker,
LinearTypeChecker linearTypeChecker,
int layerNum,
Dictionary <Absy, Absy> absyMap,
Dictionary <Implementation, Implementation> implMap,
HashSet <Procedure> yieldingProcs)
{
this.civlTypeChecker = civlTypeChecker;
this.linearTypeChecker = linearTypeChecker;
this.layerNum = layerNum;
this.absyMap = absyMap;
this.implMap = implMap;
this.yieldingProcs = yieldingProcs;
asyncAndParallelCallDesugarings = new Dictionary <string, Procedure>();
yieldCheckerDecls = new List <Declaration>();
List <Variable> inputs = new List <Variable>();
foreach (string domainName in linearTypeChecker.linearDomains.Keys)
{
inputs.Add(linearTypeChecker.LinearDomainInFormal(domainName));
}
foreach (Variable g in civlTypeChecker.sharedVariables)
{
inputs.Add(OldGlobalFormal(g));
}
yieldProc = new Procedure(Token.NoToken, $"og_yield_{layerNum}", new List <TypeVariable>(),
inputs, new List <Variable>(), new List <Requires>(), new List <IdentifierExpr>(), new List <Ensures>());
CivlUtil.AddInlineAttribute(yieldProc);
}
public override List <Cmd> CreateUpdatesToRefinementVars(bool isMarkedCall)
{
var cmds = new List <Cmd>();
var pcOkUpdateLHS = new List <IdentifierExpr> {
Expr.Ident(pc), Expr.Ident(ok)
};
if (isMarkedCall)
{
// assert !pc;
// pc, ok := true, true;
cmds.Add(CmdHelper.AssertCmd(tok, Expr.Not(Expr.Ident(pc)), $"Layer-{layerNum + 1} state modified before marked call"));
var pcOkUpdateRHS = new List <Expr> {
Expr.True, Expr.True
};
cmds.Add(CmdHelper.AssignCmd(pcOkUpdateLHS, pcOkUpdateRHS));
}
else
{
// pc, ok := g_old == g ==> pc, transitionRelation(i, g_old, o, g) || (o_old == o && ok);
var pcOkUpdateRHS = new List <Expr> {
Expr.Imp(OldEqualityExprForGlobals(), Expr.Ident(pc)),
Expr.Or(transitionRelation, Expr.And(OldEqualityExprForOutputs(), Expr.Ident(ok))),
};
cmds.Add(CmdHelper.AssignCmd(pcOkUpdateLHS, pcOkUpdateRHS));
}
CivlUtil.ResolveAndTypecheck(cmds);
return(cmds);
}
public AtomicAction(Procedure proc, Implementation impl, MoverType moverType, LayerRange layerRange)
{
this.proc = proc;
this.impl = impl;
this.moverType = moverType;
this.layerRange = layerRange;
CivlUtil.AddInlineAttribute(proc);
CivlUtil.AddInlineAttribute(impl);
// The gate of an atomic action is represented as asserts at the beginning of the procedure body.
this.gate = impl.Blocks[0].cmds.TakeWhile((c, i) => c is AssertCmd).Cast <AssertCmd>().ToList();
impl.Blocks[0].cmds.RemoveRange(0, gate.Count);
gateUsedGlobalVars = new HashSet <Variable>(VariableCollector.Collect(gate).Where(x => x is GlobalVariable));
actionUsedGlobalVars = new HashSet <Variable>(VariableCollector.Collect(impl).Where(x => x is GlobalVariable));
modifiedGlobalVars = new HashSet <Variable>(AssignedVariables().Where(x => x is GlobalVariable));
// We usually declare the Boogie procedure and implementation of an atomic action together.
// Since Boogie only stores the supplied attributes (in particular linearity) in the procedure parameters,
// we copy them into the implementation parameters here.
for (int i = 0; i < proc.InParams.Count; i++)
{
impl.InParams[i].Attributes = proc.InParams[i].Attributes;
}
for (int i = 0; i < proc.OutParams.Count; i++)
{
impl.OutParams[i].Attributes = proc.OutParams[i].Attributes;
}
AtomicActionDuplicator.SetupCopy(this, ref firstGate, ref firstImpl, "first_");
AtomicActionDuplicator.SetupCopy(this, ref secondGate, ref secondImpl, "second_");
DeclareTriggerFunctions();
}
public static void AddCheckers(CivlTypeChecker ctc)
{
foreach (var action in ctc.AllAtomicActions.Where(a => a.HasPendingAsyncs))
{
var requires = action.gate.Select(g => new Requires(false, g.Expr)).ToList();
var cmds = new List <Cmd>
{
CmdHelper.CallCmd(
action.proc,
action.impl.InParams.Select(Expr.Ident).ToList <Expr>(),
action.impl.OutParams.Select(Expr.Ident).ToList())
};
var blocks = new List <Block>()
{
new Block(Token.NoToken, "init", cmds, CmdHelper.ReturnCmd)
};
var PAs = Expr.Ident(action.impl.OutParams.Last(p => p.TypedIdent.Type.Equals(ctc.pendingAsyncMultisetType)));
var paBound = VarHelper.BoundVariable("pa", ctc.pendingAsyncType);
var pa = Expr.Ident(paBound);
var nonnegativeExpr =
new ForallExpr(Token.NoToken, new List <Variable> {
paBound
},
Expr.Ge(Expr.Select(PAs, pa), Expr.Literal(0)));
var correctTypeExpr = new ForallExpr(Token.NoToken, new List <Variable> {
paBound
},
Expr.Imp(
Expr.Gt(Expr.Select(PAs, pa), Expr.Literal(0)),
Expr.Or(action.pendingAsyncs.Select(a => ExprHelper.FunctionCall(a.pendingAsyncCtor.membership, pa)))));
var ensures = new List <Ensures>
{
new Ensures(false, nonnegativeExpr)
{
ErrorData = $"Action {action.proc.Name} might create negative pending asyncs"
},
new Ensures(false, correctTypeExpr)
{
ErrorData = $"Action {action.proc.Name} might create undeclared pending asyncs"
},
};
CivlUtil.ResolveAndTypecheck(ensures);
var proc = new Procedure(Token.NoToken, $"PendingAsyncChecker_{action.proc.Name}", new List <TypeVariable>(),
action.impl.InParams, action.impl.OutParams,
requires, action.proc.Modifies, ensures);
var impl = new Implementation(Token.NoToken, proc.Name, proc.TypeParameters,
proc.InParams, proc.OutParams, new List <Variable>(), blocks)
{
Proc = proc
};
ctc.program.AddTopLevelDeclaration(proc);
ctc.program.AddTopLevelDeclaration(impl);
}
}
private Implementation WrapperNoninterferenceCheckerImpl()
{
var linearTypeChecker = civlTypeChecker.linearTypeChecker;
List <Variable> inputs = new List <Variable>();
foreach (string domainName in linearTypeChecker.linearDomains.Keys)
{
inputs.Add(linearTypeChecker.LinearDomainInFormal(domainName));
}
foreach (Variable g in civlTypeChecker.GlobalVariables)
{
inputs.Add(OldGlobalFormal(g));
}
List <Block> blocks = new List <Block>();
TransferCmd transferCmd = new ReturnCmd(Token.NoToken);
if (noninterferenceCheckerDecls.Count > 0)
{
List <Block> blockTargets = new List <Block>();
List <String> labelTargets = new List <String>();
int labelCount = 0;
foreach (Procedure proc in noninterferenceCheckerDecls.OfType <Procedure>())
{
List <Expr> exprSeq = new List <Expr>();
foreach (Variable v in inputs)
{
exprSeq.Add(Expr.Ident(v));
}
CallCmd callCmd = new CallCmd(Token.NoToken, proc.Name, exprSeq, new List <IdentifierExpr>());
callCmd.Proc = proc;
string label = $"L_{labelCount++}";
Block block = new Block(Token.NoToken, label, new List <Cmd> {
callCmd
},
new ReturnCmd(Token.NoToken));
labelTargets.Add(label);
blockTargets.Add(block);
blocks.Add(block);
}
transferCmd = new GotoCmd(Token.NoToken, labelTargets, blockTargets);
}
blocks.Insert(0, new Block(Token.NoToken, "enter", new List <Cmd>(), transferCmd));
var yieldImpl = new Implementation(Token.NoToken, wrapperNoninterferenceCheckerProc.Name,
new List <TypeVariable>(), inputs,
new List <Variable>(), new List <Variable>(), blocks);
yieldImpl.Proc = wrapperNoninterferenceCheckerProc;
CivlUtil.AddInlineAttribute(yieldImpl);
return(yieldImpl);
}
public static void AddCheckers(CivlTypeChecker civlTypeChecker)
{
foreach (var action in civlTypeChecker.AllAtomicActions.Where(a => a.HasPendingAsyncs))
{
var requires = action.gate.Select(g => new Requires(false, g.Expr)).ToList();
var PAs = Expr.Ident(action.impl.OutParams.Last(p => p.TypedIdent.Type.Equals(civlTypeChecker.pendingAsyncMultisetType)));
var paBound = civlTypeChecker.BoundVariable("pa", civlTypeChecker.pendingAsyncType);
var pa = Expr.Ident(paBound);
var nonnegativeExpr =
ExprHelper.ForallExpr(new List <Variable> {
paBound
},
Expr.Ge(Expr.Select(PAs, pa), Expr.Literal(0)));
var correctTypeExpr = ExprHelper.ForallExpr(new List <Variable> {
paBound
},
Expr.Imp(
Expr.Gt(Expr.Select(PAs, pa), Expr.Literal(0)),
Expr.Or(action.pendingAsyncs.Select(a => ExprHelper.FunctionCall(a.pendingAsyncCtor.membership, pa)))));
CivlUtil.ResolveAndTypecheck(nonnegativeExpr);
CivlUtil.ResolveAndTypecheck(correctTypeExpr);
var cmds = new List <Cmd>
{
CmdHelper.CallCmd(
action.proc,
action.impl.InParams.Select(Expr.Ident).ToList <Expr>(),
action.impl.OutParams.Select(Expr.Ident).ToList()),
CmdHelper.AssertCmd(
action.proc.tok,
nonnegativeExpr,
$"Action {action.proc.Name} might create negative pending asyncs"),
CmdHelper.AssertCmd(
action.proc.tok,
correctTypeExpr,
$"Action {action.proc.Name} might create undeclared pending asyncs")
};
var blocks = new List <Block>()
{
BlockHelper.Block("init", cmds)
};
var proc = DeclHelper.Procedure(civlTypeChecker.AddNamePrefix($"PendingAsyncChecker_{action.proc.Name}"),
action.impl.InParams, action.impl.OutParams,
requires, action.proc.Modifies, new List <Ensures>());
var impl = DeclHelper.Implementation(proc, proc.InParams, proc.OutParams, new List <Variable>(), blocks);
civlTypeChecker.program.AddTopLevelDeclaration(proc);
civlTypeChecker.program.AddTopLevelDeclaration(impl);
}
}
public static void AddCheckers(LinearTypeChecker linearTypeChecker, CivlTypeChecker civlTypeChecker, List <Declaration> decls)
{
Program program = linearTypeChecker.program;
// Skip procedures do not completely disappear (because of output parameters).
// We create dummy implementations with empty body.
Dictionary <Procedure, Procedure> procToSkipProcDummy = new Dictionary <Procedure, Procedure>();
foreach (SkipProc skipProc in civlTypeChecker.procToYieldingProc.Values.OfType <SkipProc>())
{
Procedure proc = (Procedure)skipProc.proc.Clone();
proc.Name = $"skip_dummy_{proc.Name}";
proc.Requires = new List <Requires>();
proc.Ensures = new List <Ensures>();
proc.Modifies = new List <IdentifierExpr>();
Block newInitBlock = new Block(Token.NoToken, "_init", new List <Cmd>(), new ReturnCmd(Token.NoToken));
List <Block> newBlocks = new List <Block> {
newInitBlock
};
Implementation impl = new Implementation(Token.NoToken, proc.Name, proc.TypeParameters, proc.InParams, proc.OutParams, new List <Variable>(), newBlocks);
impl.Proc = proc;
CivlUtil.AddInlineAttribute(proc);
CivlUtil.AddInlineAttribute(impl);
decls.Add(proc);
decls.Add(impl);
procToSkipProcDummy.Add(skipProc.proc, proc);
}
// Generate the refinement checks for every layer
foreach (int layerNum in civlTypeChecker.allRefinementLayers)
{
if (CommandLineOptions.Clo.TrustLayersDownto <= layerNum || layerNum <= CommandLineOptions.Clo.TrustLayersUpto)
{
continue;
}
YieldingProcDuplicator duplicator = new YieldingProcDuplicator(civlTypeChecker, linearTypeChecker, layerNum, procToSkipProcDummy);
// We can not simply call VisitProgram, because it does some resolving of calls
// that is not necessary here (and actually fails).
foreach (Procedure proc in program.Procedures)
{
duplicator.VisitProcedure(proc);
}
foreach (Implementation impl in program.Implementations)
{
duplicator.VisitImplementation(impl);
}
decls.AddRange(duplicator.Collect());
}
}
private YieldingProcInstrumentation(
CivlTypeChecker civlTypeChecker,
LinearPermissionInstrumentation linearPermissionInstrumentation,
int layerNum,
AbsyMap absyMap,
Dictionary <CallCmd, Block> refinementBlocks)
{
this.civlTypeChecker = civlTypeChecker;
this.layerNum = layerNum;
this.absyMap = absyMap;
this.linearPermissionInstrumentation = linearPermissionInstrumentation;
this.refinementBlocks = refinementBlocks;
parallelCallAggregators = new Dictionary <string, Procedure>();
noninterferenceCheckerDecls = new List <Declaration>();
var linearTypeChecker = civlTypeChecker.linearTypeChecker;
List <Variable> inputs = new List <Variable>();
foreach (string domainName in linearTypeChecker.linearDomains.Keys)
{
inputs.Add(linearTypeChecker.LinearDomainInFormal(domainName));
}
foreach (Variable g in civlTypeChecker.GlobalVariables)
{
inputs.Add(OldGlobalFormal(g));
}
wrapperNoninterferenceCheckerProc = new Procedure(Token.NoToken,
civlTypeChecker.AddNamePrefix($"Wrapper_NoninterferenceChecker_{layerNum}"), new List <TypeVariable>(),
inputs, new List <Variable>(), new List <Requires>(), new List <IdentifierExpr>(), new List <Ensures>());
CivlUtil.AddInlineAttribute(wrapperNoninterferenceCheckerProc);
// initialize globalSnapshotInstrumentation
globalSnapshotInstrumentation = new GlobalSnapshotInstrumentation(civlTypeChecker);
// initialize noninterferenceInstrumentation
if (CommandLineOptions.Clo.TrustNoninterference)
{
noninterferenceInstrumentation = new NoneNoninterferenceInstrumentation();
}
else
{
noninterferenceInstrumentation = new SomeNoninterferenceInstrumentation(
civlTypeChecker,
linearTypeChecker,
linearPermissionInstrumentation,
globalSnapshotInstrumentation.OldGlobalMap,
wrapperNoninterferenceCheckerProc);
}
}
public override List <Cmd> CreateUnchangedAssertCmds()
{
AssertCmd globalsAssertCmd = CmdHelper.AssertCmd(
tok,
Expr.And(this.oldGlobalMap.Select(kvPair => Expr.Eq(Expr.Ident(kvPair.Key), Expr.Ident(kvPair.Value)))),
$"A yield-to-yield fragment illegally modifies layer-{layerNum + 1} globals");
CivlUtil.ResolveAndTypecheck(globalsAssertCmd);
// assert pc ==> o_old == o;
AssertCmd outputsAssertCmd = CmdHelper.AssertCmd(
tok,
Expr.Imp(Expr.Ident(pc), OldEqualityExprForOutputs()),
$"A yield-to-yield fragment illegally modifies layer-{layerNum + 1} outputs");
CivlUtil.ResolveAndTypecheck(outputsAssertCmd);
return(new List <Cmd> {
globalsAssertCmd, outputsAssertCmd
});
}
public override List <Cmd> CreateAssertCmds()
{
// assert pc || g_old == g || transitionRelation(i, g_old, o, g);
var skipOrTransitionRelationAssertCmd = CmdHelper.AssertCmd(
tok,
Expr.Or(Expr.Ident(pc), Expr.Or(OldEqualityExprForGlobals(), transitionRelation)),
$"A yield-to-yield fragment modifies layer-{layerNum + 1} state in a way that does not match the refined atomic action");
CivlUtil.ResolveAndTypecheck(skipOrTransitionRelationAssertCmd);
// assert pc ==> g_old == g && o_old == o;
AssertCmd skipAssertCmd = CmdHelper.AssertCmd(
tok,
Expr.Imp(Expr.Ident(pc), Expr.And(OldEqualityExprForGlobals(), OldEqualityExprForOutputs())),
$"A yield-to-yield fragment modifies layer-{layerNum + 1} state subsequent to a yield-to-yield fragment that already modified layer-{layerNum + 1} state");
CivlUtil.ResolveAndTypecheck(skipAssertCmd);
return(new List <Cmd> {
skipOrTransitionRelationAssertCmd, skipAssertCmd
});
}
public static List <Declaration> CreateNoninterferenceCheckers(
CivlTypeChecker civlTypeChecker,
int layerNum,
AbsyMap absyMap,
DeclWithFormals decl,
List <Variable> declLocalVariables)
{
var linearTypeChecker = civlTypeChecker.linearTypeChecker;
Dictionary <string, Variable> domainNameToHoleVar = new Dictionary <string, Variable>();
Dictionary <Variable, Variable> localVarMap = new Dictionary <Variable, Variable>();
Dictionary <Variable, Expr> map = new Dictionary <Variable, Expr>();
List <Variable> locals = new List <Variable>();
List <Variable> inputs = new List <Variable>();
foreach (var domainName in linearTypeChecker.linearDomains.Keys)
{
var inParam = linearTypeChecker.LinearDomainInFormal(domainName);
inputs.Add(inParam);
domainNameToHoleVar[domainName] = inParam;
}
foreach (Variable local in declLocalVariables.Union(decl.InParams).Union(decl.OutParams))
{
var copy = CopyLocal(local);
locals.Add(copy);
localVarMap[local] = copy;
map[local] = Expr.Ident(copy);
}
Dictionary <Variable, Expr> oldLocalMap = new Dictionary <Variable, Expr>();
Dictionary <Variable, Expr> assumeMap = new Dictionary <Variable, Expr>(map);
foreach (Variable g in civlTypeChecker.GlobalVariables)
{
var copy = OldGlobalLocal(civlTypeChecker, g);
locals.Add(copy);
oldLocalMap[g] = Expr.Ident(copy);
Formal f = SnapshotGlobalFormal(civlTypeChecker, g);
inputs.Add(f);
assumeMap[g] = Expr.Ident(f);
}
var linearPermissionInstrumentation = new LinearPermissionInstrumentation(civlTypeChecker,
layerNum, absyMap, domainNameToHoleVar, localVarMap);
List <YieldInfo> yieldInfos = null;
string noninterferenceCheckerName = null;
if (decl is Implementation impl)
{
noninterferenceCheckerName = $"impl_{absyMap.Original(impl).Name}_{layerNum}";
yieldInfos = CollectYields(civlTypeChecker, absyMap, layerNum, impl).Select(kv =>
new YieldInfo(linearPermissionInstrumentation.DisjointnessAssumeCmds(kv.Key, false), kv.Value)).ToList();
}
else if (decl is Procedure proc)
{
yieldInfos = new List <YieldInfo>();
if (civlTypeChecker.procToYieldInvariant.ContainsKey(proc))
{
noninterferenceCheckerName = $"yield_{proc.Name}";
if (proc.Requires.Count > 0)
{
var disjointnessCmds = linearPermissionInstrumentation.ProcDisjointnessAssumeCmds(proc, true);
var yieldPredicates = proc.Requires.Select(requires =>
requires.Free
? (PredicateCmd) new AssumeCmd(requires.tok, requires.Condition)
: (PredicateCmd) new AssertCmd(requires.tok, requires.Condition)).ToList();
yieldInfos.Add(new YieldInfo(disjointnessCmds, yieldPredicates));
}
}
else
{
noninterferenceCheckerName = $"proc_{absyMap.Original(proc).Name}_{layerNum}";
if (proc.Requires.Count > 0)
{
var entryDisjointnessCmds =
linearPermissionInstrumentation.ProcDisjointnessAssumeCmds(proc, true);
var entryYieldPredicates = proc.Requires.Select(requires =>
requires.Free
? (PredicateCmd) new AssumeCmd(requires.tok, requires.Condition)
: (PredicateCmd) new AssertCmd(requires.tok, requires.Condition)).ToList();
yieldInfos.Add(new YieldInfo(entryDisjointnessCmds, entryYieldPredicates));
}
if (proc.Ensures.Count > 0)
{
var exitDisjointnessCmds =
linearPermissionInstrumentation.ProcDisjointnessAssumeCmds(proc, false);
var exitYieldPredicates = proc.Ensures.Select(ensures =>
ensures.Free
? (PredicateCmd) new AssumeCmd(ensures.tok, ensures.Condition)
: (PredicateCmd) new AssertCmd(ensures.tok, ensures.Condition)).ToList();
yieldInfos.Add(new YieldInfo(exitDisjointnessCmds, exitYieldPredicates));
}
}
}
else
{
Debug.Assert(false);
}
var filteredYieldInfos = yieldInfos.Where(info =>
info.invariantCmds.Any(predCmd => new GlobalAccessChecker().AccessesGlobal(predCmd.Expr)));
if (filteredYieldInfos.Count() == 0)
{
return(new List <Declaration>());
}
Substitution assumeSubst = Substituter.SubstitutionFromDictionary(assumeMap);
Substitution oldSubst = Substituter.SubstitutionFromDictionary(oldLocalMap);
Substitution subst = Substituter.SubstitutionFromDictionary(map);
List <Block> noninterferenceCheckerBlocks = new List <Block>();
List <Block> labelTargets = new List <Block>();
Block noninterferenceCheckerBlock = BlockHelper.Block("exit", new List <Cmd>());
labelTargets.Add(noninterferenceCheckerBlock);
noninterferenceCheckerBlocks.Add(noninterferenceCheckerBlock);
int yieldCount = 0;
foreach (var kv in filteredYieldInfos)
{
var newCmds = new List <Cmd>(kv.disjointnessCmds);
foreach (var predCmd in kv.invariantCmds)
{
var newExpr = Substituter.ApplyReplacingOldExprs(assumeSubst, oldSubst, predCmd.Expr);
newCmds.Add(new AssumeCmd(predCmd.tok, newExpr));
}
foreach (var predCmd in kv.invariantCmds)
{
if (predCmd is AssertCmd)
{
var newExpr = Substituter.ApplyReplacingOldExprs(subst, oldSubst, predCmd.Expr);
AssertCmd assertCmd = new AssertCmd(predCmd.tok, newExpr, predCmd.Attributes);
assertCmd.ErrorData = "Non-interference check failed";
newCmds.Add(assertCmd);
}
}
newCmds.Add(CmdHelper.AssumeCmd(Expr.False));
noninterferenceCheckerBlock = BlockHelper.Block("L" + yieldCount++, newCmds);
labelTargets.Add(noninterferenceCheckerBlock);
noninterferenceCheckerBlocks.Add(noninterferenceCheckerBlock);
}
noninterferenceCheckerBlocks.Insert(0, BlockHelper.Block("enter", new List <Cmd>(), labelTargets));
// Create the yield checker procedure
noninterferenceCheckerName = civlTypeChecker.AddNamePrefix($"NoninterferenceChecker_{noninterferenceCheckerName}");
var noninterferenceCheckerProc = DeclHelper.Procedure(noninterferenceCheckerName,
inputs, new List <Variable>(), new List <Requires>(), new List <IdentifierExpr>(), new List <Ensures>());
CivlUtil.AddInlineAttribute(noninterferenceCheckerProc);
// Create the yield checker implementation
var noninterferenceCheckerImpl = DeclHelper.Implementation(noninterferenceCheckerProc,
inputs, new List <Variable>(), locals, noninterferenceCheckerBlocks);
CivlUtil.AddInlineAttribute(noninterferenceCheckerImpl);
return(new List <Declaration> {
noninterferenceCheckerProc, noninterferenceCheckerImpl
});
}
public List <Declaration> CreateYieldCheckerProcImpl(
Implementation impl,
IEnumerable <List <PredicateCmd> > yields)
{
Dictionary <Variable, Expr> map = new Dictionary <Variable, Expr>();
List <Variable> locals = new List <Variable>();
List <Variable> inputs = new List <Variable>();
foreach (Variable local in impl.LocVars.Union(impl.InParams).Union(impl.OutParams))
{
var copy = CopyLocal(local);
locals.Add(copy);
map[local] = Expr.Ident(copy);
}
foreach (var domainName in linearTypeChecker.linearDomains.Keys)
{
var inParam = linearTypeChecker.LinearDomainInFormal(domainName);
inputs.Add(inParam);
map[linearTypeChecker.domainNameToHoleVar[domainName]] = Expr.Ident(inParam);
}
Dictionary <Variable, Expr> oldLocalMap = new Dictionary <Variable, Expr>();
Dictionary <Variable, Expr> assumeMap = new Dictionary <Variable, Expr>(map);
foreach (Variable g in civlTypeChecker.sharedVariables)
{
var copy = OldLocalLocal(g);
locals.Add(copy);
oldLocalMap[g] = Expr.Ident(copy);
Formal f = OldGlobalFormal(g);
inputs.Add(f);
assumeMap[g] = Expr.Ident(f);
}
Substitution assumeSubst = Substituter.SubstitutionFromHashtable(assumeMap);
Substitution oldSubst = Substituter.SubstitutionFromHashtable(oldLocalMap);
Substitution subst = Substituter.SubstitutionFromHashtable(map);
List <Block> yieldCheckerBlocks = new List <Block>();
List <String> labels = new List <String>();
List <Block> labelTargets = new List <Block>();
Block yieldCheckerBlock = new Block(Token.NoToken, "exit", new List <Cmd>(), new ReturnCmd(Token.NoToken));
labels.Add(yieldCheckerBlock.Label);
labelTargets.Add(yieldCheckerBlock);
yieldCheckerBlocks.Add(yieldCheckerBlock);
int yieldCount = 0;
foreach (var cs in yields)
{
List <Cmd> newCmds = new List <Cmd>();
foreach (var predCmd in cs)
{
var newExpr = Substituter.ApplyReplacingOldExprs(assumeSubst, oldSubst, predCmd.Expr);
newCmds.Add(new AssumeCmd(Token.NoToken, newExpr));
}
foreach (var predCmd in cs)
{
if (predCmd is AssertCmd)
{
var newExpr = Substituter.ApplyReplacingOldExprs(subst, oldSubst, predCmd.Expr);
AssertCmd assertCmd = new AssertCmd(predCmd.tok, newExpr, predCmd.Attributes);
assertCmd.ErrorData = "Non-interference check failed";
newCmds.Add(assertCmd);
}
/*
* Disjointness assumes injected by LinearTypeChecker are dropped now because the
* previous loop has already substituted the old global state in these assumes.
* It would be unsound to have these assumes on the current global state.
*/
}
newCmds.Add(new AssumeCmd(Token.NoToken, Expr.False));
yieldCheckerBlock = new Block(Token.NoToken, "L" + yieldCount++, newCmds, new ReturnCmd(Token.NoToken));
labels.Add(yieldCheckerBlock.Label);
labelTargets.Add(yieldCheckerBlock);
yieldCheckerBlocks.Add(yieldCheckerBlock);
}
yieldCheckerBlocks.Insert(0,
new Block(Token.NoToken, "enter", new List <Cmd>(), new GotoCmd(Token.NoToken, labels, labelTargets)));
// Create the yield checker procedure
var yieldCheckerName = $"Impl_YieldChecker_{impl.Name}";
var yieldCheckerProc = new Procedure(Token.NoToken, yieldCheckerName, impl.TypeParameters, inputs,
new List <Variable>(), new List <Requires>(), new List <IdentifierExpr>(), new List <Ensures>());
CivlUtil.AddInlineAttribute(yieldCheckerProc);
// Create the yield checker implementation
var yieldCheckerImpl = new Implementation(Token.NoToken, yieldCheckerName, impl.TypeParameters, inputs,
new List <Variable>(), locals, yieldCheckerBlocks);
yieldCheckerImpl.Proc = yieldCheckerProc;
CivlUtil.AddInlineAttribute(yieldCheckerImpl);
return(new List <Declaration> {
yieldCheckerProc, yieldCheckerImpl
});
}
private static void AddChecker(CivlTypeChecker civlTypeChecker, Action action, List<Declaration> decls)
{
var linearTypeChecker = civlTypeChecker.linearTypeChecker;
// Note: The implementation should be used as the variables in the
// gate are bound to implementation and not to the procedure.
Implementation impl = action.impl;
List<Variable> inputs = impl.InParams;
List<Variable> outputs = impl.OutParams;
List<Variable> locals = new List<Variable>(2);
var paLocal1 = civlTypeChecker.LocalVariable("pa1", civlTypeChecker.pendingAsyncType);
var paLocal2 = civlTypeChecker.LocalVariable("pa2", civlTypeChecker.pendingAsyncType);
var pa1 = Expr.Ident(paLocal1);
var pa2 = Expr.Ident(paLocal2);
if (civlTypeChecker.pendingAsyncType != null)
{
locals.Add(paLocal1);
locals.Add(paLocal2);
}
List<Requires> requires = action.gate.Select(a => new Requires(false, a.Expr)).ToList();
List<LinearityCheck> linearityChecks = new List<LinearityCheck>();
foreach (var domain in linearTypeChecker.linearDomains.Values)
{
// Linear in vars
var inVars = inputs.Union(action.modifiedGlobalVars)
.Where(x => linearTypeChecker.FindDomainName(x) == domain.domainName)
.Where(x => InKinds.Contains(linearTypeChecker.FindLinearKind(x)))
.Select(Expr.Ident)
.ToList();
// Linear out vars
var outVars = inputs.Union(outputs).Union(action.modifiedGlobalVars)
.Where(x => linearTypeChecker.FindDomainName(x) == domain.domainName)
.Where(x => OutKinds.Contains(linearTypeChecker.FindLinearKind(x)))
.Select(Expr.Ident)
.ToList();
// First kind
// Permissions in linear output variables are a subset of permissions in linear input variables.
if (outVars.Count > 0)
{
linearityChecks.Add(new LinearityCheck(
null,
OutPermsSubsetInPerms(domain, inVars, outVars),
$"Potential linearity violation in outputs for domain {domain.domainName}.",
"variables"));
}
if (action is AtomicAction atomicAction && atomicAction.HasPendingAsyncs)
{
var PAs = Expr.Ident(atomicAction.impl.OutParams.Last());
foreach (var pendingAsync in atomicAction.pendingAsyncs)
{
var pendingAsyncLinearParams = PendingAsyncLinearParams(linearTypeChecker, domain, pendingAsync, pa1);
if (pendingAsyncLinearParams.Count == 0) continue;
// Second kind
// Permissions in linear output variables + linear inputs of a single pending async
// are a subset of permissions in linear input variables.
var exactlyOnePA = Expr.And(
ExprHelper.FunctionCall(pendingAsync.pendingAsyncCtor.membership, pa1),
Expr.Eq(Expr.Select(PAs, pa1), Expr.Literal(1)));
var outSubsetInExpr = OutPermsSubsetInPerms(domain, inVars, pendingAsyncLinearParams.Union(outVars));
linearityChecks.Add(new LinearityCheck(
exactlyOnePA,
outSubsetInExpr,
$"Potential linearity violation in outputs and pending async of {pendingAsync.proc.Name} for domain {domain.domainName}.",
$"single_{pendingAsync.proc.Name}"));
// Third kind
// If there are two identical pending asyncs, then their input permissions mut be empty.
var twoIdenticalPAs = Expr.And(
ExprHelper.FunctionCall(pendingAsync.pendingAsyncCtor.membership, pa1),
Expr.Ge(Expr.Select(PAs, pa1), Expr.Literal(2)));
var emptyPerms = OutPermsSubsetInPerms(domain, Enumerable.Empty<Expr>(), pendingAsyncLinearParams);
linearityChecks.Add(new LinearityCheck(
twoIdenticalPAs,
emptyPerms,
$"Potential linearity violation in identical pending asyncs of {pendingAsync.proc.Name} for domain {domain.domainName}.",
$"identical_{pendingAsync.proc.Name}"));
}
var pendingAsyncs = atomicAction.pendingAsyncs.ToList();
for (int i = 0; i < pendingAsyncs.Count; i++)
{
var pendingAsync1 = pendingAsyncs[i];
for (int j = i; j < pendingAsyncs.Count; j++)
{
var pendingAsync2 = pendingAsyncs[j];
var pendingAsyncLinearParams1 = PendingAsyncLinearParams(linearTypeChecker, domain, pendingAsync1, pa1);
var pendingAsyncLinearParams2 = PendingAsyncLinearParams(linearTypeChecker, domain, pendingAsync2, pa2);
if (pendingAsyncLinearParams1.Count == 0 || pendingAsyncLinearParams2.Count == 0) continue;
// Fourth kind
// Input permissions of two non-identical pending asyncs (possibly of the same action)
// are a subset of permissions in linear input variables.
var membership = Expr.And(
Expr.Neq(pa1, pa2),
Expr.And(
ExprHelper.FunctionCall(pendingAsync1.pendingAsyncCtor.membership, pa1),
ExprHelper.FunctionCall(pendingAsync2.pendingAsyncCtor.membership, pa2)));
var existing = Expr.And(
Expr.Ge(Expr.Select(PAs, pa1), Expr.Literal(1)),
Expr.Ge(Expr.Select(PAs, pa2), Expr.Literal(1)));
var noDuplication = OutPermsSubsetInPerms(domain, inVars, pendingAsyncLinearParams1.Union(pendingAsyncLinearParams2));
linearityChecks.Add(new LinearityCheck(
Expr.And(membership, existing),
noDuplication,
$"Potential lnearity violation in pending asyncs of {pendingAsync1.proc.Name} and {pendingAsync2.proc.Name} for domain {domain.domainName}.",
$"distinct_{pendingAsync1.proc.Name}_{pendingAsync2.proc.Name}"));
}
}
}
}
if (linearityChecks.Count == 0) return;
// Create checker blocks
List<Block> checkerBlocks = new List<Block>(linearityChecks.Count);
foreach (var lc in linearityChecks)
{
List<Cmd> cmds = new List<Cmd>(2);
if (lc.assume != null)
{
cmds.Add(CmdHelper.AssumeCmd(lc.assume));
}
cmds.Add(new AssertCmd(action.proc.tok, lc.assert) { ErrorData = lc.message });
var block = new Block(Token.NoToken, lc.name, cmds, CmdHelper.ReturnCmd);
CivlUtil.ResolveAndTypecheck(block, ResolutionContext.State.Two);
checkerBlocks.Add(block);
}
// Create init blocks
List<Block> blocks = new List<Block>(linearityChecks.Count + 1);
blocks.Add(
new Block(
Token.NoToken,
"init",
new List<Cmd> { CmdHelper.CallCmd(action.proc, inputs, outputs) },
new GotoCmd(Token.NoToken, checkerBlocks)));
blocks.AddRange(checkerBlocks);
// Create the whole check procedure
string checkerName = civlTypeChecker.AddNamePrefix($"LinearityChecker_{action.proc.Name}");
Procedure linCheckerProc = new Procedure(Token.NoToken, checkerName, new List<TypeVariable>(),
inputs, outputs, requires, action.proc.Modifies, new List<Ensures>());
Implementation linCheckImpl = new Implementation(Token.NoToken, checkerName,
new List<TypeVariable>(), inputs, outputs, locals, blocks);
linCheckImpl.Proc = linCheckerProc;
decls.Add(linCheckImpl);
decls.Add(linCheckerProc);
}
public static List <Declaration> CreateNoninterferenceCheckers(
CivlTypeChecker civlTypeChecker,
LinearTypeChecker linearTypeChecker,
int layerNum,
Dictionary <Absy, Absy> absyMap,
Implementation impl,
Dictionary <YieldCmd, List <PredicateCmd> > yields)
{
Dictionary <string, Variable> domainNameToHoleVar = new Dictionary <string, Variable>();
Dictionary <Variable, Variable> localVarMap = new Dictionary <Variable, Variable>();
Dictionary <Variable, Expr> map = new Dictionary <Variable, Expr>();
List <Variable> locals = new List <Variable>();
List <Variable> inputs = new List <Variable>();
foreach (var domainName in linearTypeChecker.linearDomains.Keys)
{
var inParam = linearTypeChecker.LinearDomainInFormal(domainName);
inputs.Add(inParam);
domainNameToHoleVar[domainName] = inParam;
}
foreach (Variable local in impl.LocVars.Union(impl.InParams).Union(impl.OutParams))
{
var copy = CopyLocal(local);
locals.Add(copy);
localVarMap[local] = copy;
map[local] = Expr.Ident(copy);
}
Dictionary <Variable, Expr> oldLocalMap = new Dictionary <Variable, Expr>();
Dictionary <Variable, Expr> assumeMap = new Dictionary <Variable, Expr>(map);
foreach (Variable g in civlTypeChecker.GlobalVariables)
{
var copy = OldLocalLocal(g);
locals.Add(copy);
oldLocalMap[g] = Expr.Ident(copy);
Formal f = OldGlobalFormal(g);
inputs.Add(f);
assumeMap[g] = Expr.Ident(f);
}
var linearPermissionInstrumentation = new LinearPermissionInstrumentation(civlTypeChecker, linearTypeChecker, layerNum, absyMap, domainNameToHoleVar, localVarMap);
Substitution assumeSubst = Substituter.SubstitutionFromHashtable(assumeMap);
Substitution oldSubst = Substituter.SubstitutionFromHashtable(oldLocalMap);
Substitution subst = Substituter.SubstitutionFromHashtable(map);
List <Block> noninterferenceCheckerBlocks = new List <Block>();
List <String> labels = new List <String>();
List <Block> labelTargets = new List <Block>();
Block noninterferenceCheckerBlock = new Block(Token.NoToken, "exit", new List <Cmd>(), new ReturnCmd(Token.NoToken));
labels.Add(noninterferenceCheckerBlock.Label);
labelTargets.Add(noninterferenceCheckerBlock);
noninterferenceCheckerBlocks.Add(noninterferenceCheckerBlock);
int yieldCount = 0;
foreach (var kv in yields)
{
var yieldCmd = kv.Key;
var yieldPredicates = kv.Value;
List <Cmd> newCmds = linearPermissionInstrumentation.DisjointnessAssumeCmds(yieldCmd, false);
foreach (var predCmd in yieldPredicates)
{
var newExpr = Substituter.ApplyReplacingOldExprs(assumeSubst, oldSubst, predCmd.Expr);
newCmds.Add(new AssumeCmd(Token.NoToken, newExpr));
}
foreach (var predCmd in yieldPredicates)
{
if (predCmd is AssertCmd)
{
var newExpr = Substituter.ApplyReplacingOldExprs(subst, oldSubst, predCmd.Expr);
AssertCmd assertCmd = new AssertCmd(predCmd.tok, newExpr, predCmd.Attributes);
assertCmd.ErrorData = "Non-interference check failed";
newCmds.Add(assertCmd);
}
}
newCmds.Add(new AssumeCmd(Token.NoToken, Expr.False));
noninterferenceCheckerBlock = new Block(Token.NoToken, "L" + yieldCount++, newCmds, new ReturnCmd(Token.NoToken));
labels.Add(noninterferenceCheckerBlock.Label);
labelTargets.Add(noninterferenceCheckerBlock);
noninterferenceCheckerBlocks.Add(noninterferenceCheckerBlock);
}
noninterferenceCheckerBlocks.Insert(0,
new Block(Token.NoToken, "enter", new List <Cmd>(), new GotoCmd(Token.NoToken, labels, labelTargets)));
// Create the yield checker procedure
var noninterferenceCheckerName = $"NoninterferenceChecker_{impl.Name}";
var noninterferenceCheckerProc = new Procedure(Token.NoToken, noninterferenceCheckerName, impl.TypeParameters, inputs,
new List <Variable>(), new List <Requires>(), new List <IdentifierExpr>(), new List <Ensures>());
CivlUtil.AddInlineAttribute(noninterferenceCheckerProc);
// Create the yield checker implementation
var noninterferenceCheckerImpl = new Implementation(Token.NoToken, noninterferenceCheckerName, impl.TypeParameters, inputs,
new List <Variable>(), locals, noninterferenceCheckerBlocks);
noninterferenceCheckerImpl.Proc = noninterferenceCheckerProc;
CivlUtil.AddInlineAttribute(noninterferenceCheckerImpl);
return(new List <Declaration> {
noninterferenceCheckerProc, noninterferenceCheckerImpl
});
}
public static List <Declaration> CreateNoninterferenceCheckers(
CivlTypeChecker civlTypeChecker,
LinearTypeChecker linearTypeChecker,
int layerNum,
Dictionary <Absy, Absy> absyMap,
DeclWithFormals decl,
List <Variable> declLocalVariables)
{
Dictionary <string, Variable> domainNameToHoleVar = new Dictionary <string, Variable>();
Dictionary <Variable, Variable> localVarMap = new Dictionary <Variable, Variable>();
Dictionary <Variable, Expr> map = new Dictionary <Variable, Expr>();
List <Variable> locals = new List <Variable>();
List <Variable> inputs = new List <Variable>();
foreach (var domainName in linearTypeChecker.linearDomains.Keys)
{
var inParam = linearTypeChecker.LinearDomainInFormal(domainName);
inputs.Add(inParam);
domainNameToHoleVar[domainName] = inParam;
}
foreach (Variable local in declLocalVariables.Union(decl.InParams).Union(decl.OutParams))
{
var copy = CopyLocal(local);
locals.Add(copy);
localVarMap[local] = copy;
map[local] = Expr.Ident(copy);
}
Dictionary <Variable, Expr> oldLocalMap = new Dictionary <Variable, Expr>();
Dictionary <Variable, Expr> assumeMap = new Dictionary <Variable, Expr>(map);
foreach (Variable g in civlTypeChecker.GlobalVariables)
{
var copy = OldLocalLocal(g);
locals.Add(copy);
oldLocalMap[g] = Expr.Ident(copy);
Formal f = OldGlobalFormal(g);
inputs.Add(f);
assumeMap[g] = Expr.Ident(f);
}
var linearPermissionInstrumentation = new LinearPermissionInstrumentation(civlTypeChecker, linearTypeChecker, layerNum, absyMap, domainNameToHoleVar, localVarMap);
List <Tuple <List <Cmd>, List <PredicateCmd> > > yieldInfo = null;
if (decl is Implementation impl)
{
yieldInfo = CollectYields(civlTypeChecker, absyMap, layerNum, impl).Select(kv => new Tuple <List <Cmd>, List <PredicateCmd> >(linearPermissionInstrumentation.DisjointnessAssumeCmds(kv.Key, false), kv.Value)).ToList();
}
else if (decl is Procedure proc)
{
yieldInfo = new List <Tuple <List <Cmd>, List <PredicateCmd> > >();
if (civlTypeChecker.procToYieldInvariant.ContainsKey(proc))
{
if (proc.Requires.Count > 0)
{
var disjointnessCmds = linearPermissionInstrumentation.ProcDisjointnessAssumeCmds(proc, true);
var yieldPredicates = proc.Requires.Select(requires =>
requires.Free
? (PredicateCmd) new AssumeCmd(requires.tok, requires.Condition)
: (PredicateCmd) new AssertCmd(requires.tok, requires.Condition)).ToList();
yieldInfo.Add(new Tuple <List <Cmd>, List <PredicateCmd> >(disjointnessCmds, yieldPredicates));
}
}
else
{
if (proc.Requires.Count > 0)
{
var entryDisjointnessCmds =
linearPermissionInstrumentation.ProcDisjointnessAssumeCmds(proc, true);
var entryYieldPredicates = proc.Requires.Select(requires =>
requires.Free
? (PredicateCmd) new AssumeCmd(requires.tok, requires.Condition)
: (PredicateCmd) new AssertCmd(requires.tok, requires.Condition)).ToList();
yieldInfo.Add(
new Tuple <List <Cmd>, List <PredicateCmd> >(entryDisjointnessCmds, entryYieldPredicates));
}
if (proc.Ensures.Count > 0)
{
var exitDisjointnessCmds =
linearPermissionInstrumentation.ProcDisjointnessAssumeCmds(proc, false);
var exitYieldPredicates = proc.Ensures.Select(ensures =>
ensures.Free
? (PredicateCmd) new AssumeCmd(ensures.tok, ensures.Condition)
: (PredicateCmd) new AssertCmd(ensures.tok, ensures.Condition)).ToList();
yieldInfo.Add(
new Tuple <List <Cmd>, List <PredicateCmd> >(exitDisjointnessCmds, exitYieldPredicates));
}
}
}
else
{
Debug.Assert(false);
}
Substitution assumeSubst = Substituter.SubstitutionFromHashtable(assumeMap);
Substitution oldSubst = Substituter.SubstitutionFromHashtable(oldLocalMap);
Substitution subst = Substituter.SubstitutionFromHashtable(map);
List <Block> noninterferenceCheckerBlocks = new List <Block>();
List <String> labels = new List <String>();
List <Block> labelTargets = new List <Block>();
Block noninterferenceCheckerBlock = new Block(Token.NoToken, "exit", new List <Cmd>(), new ReturnCmd(Token.NoToken));
labels.Add(noninterferenceCheckerBlock.Label);
labelTargets.Add(noninterferenceCheckerBlock);
noninterferenceCheckerBlocks.Add(noninterferenceCheckerBlock);
int yieldCount = 0;
foreach (var kv in yieldInfo)
{
var disjointnessCmds = kv.Item1;
var yieldPredicates = kv.Item2;
var newCmds = new List <Cmd>(disjointnessCmds);
foreach (var predCmd in yieldPredicates)
{
var newExpr = Substituter.ApplyReplacingOldExprs(assumeSubst, oldSubst, predCmd.Expr);
newCmds.Add(new AssumeCmd(Token.NoToken, newExpr));
}
foreach (var predCmd in yieldPredicates)
{
if (predCmd is AssertCmd)
{
var newExpr = Substituter.ApplyReplacingOldExprs(subst, oldSubst, predCmd.Expr);
AssertCmd assertCmd = new AssertCmd(predCmd.tok, newExpr, predCmd.Attributes);
assertCmd.ErrorData = "Non-interference check failed";
newCmds.Add(assertCmd);
}
}
newCmds.Add(new AssumeCmd(Token.NoToken, Expr.False));
noninterferenceCheckerBlock = new Block(Token.NoToken, "L" + yieldCount++, newCmds, new ReturnCmd(Token.NoToken));
labels.Add(noninterferenceCheckerBlock.Label);
labelTargets.Add(noninterferenceCheckerBlock);
noninterferenceCheckerBlocks.Add(noninterferenceCheckerBlock);
}
noninterferenceCheckerBlocks.Insert(0,
new Block(Token.NoToken, "enter", new List <Cmd>(), new GotoCmd(Token.NoToken, labels, labelTargets)));
// Create the yield checker procedure
var noninterferenceCheckerName = decl is Procedure ? $"NoninterferenceChecker_proc_{decl.Name}" : $"NoninterferenceChecker_impl_{decl.Name}";
var noninterferenceCheckerProc = new Procedure(Token.NoToken, noninterferenceCheckerName, decl.TypeParameters, inputs,
new List <Variable>(), new List <Requires>(), new List <IdentifierExpr>(), new List <Ensures>());
CivlUtil.AddInlineAttribute(noninterferenceCheckerProc);
// Create the yield checker implementation
var noninterferenceCheckerImpl = new Implementation(Token.NoToken, noninterferenceCheckerName, decl.TypeParameters, inputs,
new List <Variable>(), locals, noninterferenceCheckerBlocks);
noninterferenceCheckerImpl.Proc = noninterferenceCheckerProc;
CivlUtil.AddInlineAttribute(noninterferenceCheckerImpl);
return(new List <Declaration> {
noninterferenceCheckerProc, noninterferenceCheckerImpl
});
}
