//////////////////////////////////////////////////////////////////////////// public override Expression getEarliestIncarnation(ExpressionList indices, PropositionalFormula condition) { var earlyIncarnations = new List <Expression>(); PropositionalFormula c = mapAnalyzer.pathCondition & condition; Expression result = null; foreach (var p in predecessors) { PropositionalFormula pc = p.Item2 & c; if (!pc.isFalse) { if (p.Item1 == null) { result = incarnation; break; } else { earlyIncarnations.Add(p.Item1.getEarliestIncarnation(indices, c)); } } } if (result == null) { result = findEarliestSafeIncarnation(incarnation, earlyIncarnations); } return(result); }
//////////////////////////////////////////////////////////////////////////////////////////////// public static CFG <BasicBlock, BasicEdge> getFlatCFG(CFG <BasicBlock, BasicEdge> cfg, StatementId target) { /* Console.WriteLine("Slicing for [{0}] {1}: {2}", * target.basicBlock.statements[0].preState.equalityAnalyzer.pathCondition.ToString(), * target.ToString(), * target.statement.ToString() * );*/ var targetA = target.statement as Assert; var result = new CFG <BasicBlock, BasicEdge>(); int n = 0; foreach (var bb in cfg.nodes) { foreach (var s in bb.statements) { n++; } } IEnumerable <StatementId> relevant = getRelevant(cfg, target); Console.WriteLine("[{0}] Statements: {1}, relevant : {2}", target.ToString(), n, relevant.Count()); Debug.Assert(n >= relevant.Count()); BasicBlock block = result.lookupOrAddNode("start"); PropositionalFormula pathCondition = target.preStates.equalityAnalyzer.pathCondition; Expression pathConditionExpression = PF2E( target.basicBlock.getPreState(0).equalityAnalyzer.conditionVariableNames, pathCondition ); PropositionalFormula notPathCondition = !pathCondition; // Console.WriteLine("!{0} == {1}", pathCondition.ToString(), notPathCondition.ToString()); foreach (var si in relevant) { addAssumptions(block, pathCondition, notPathCondition, si); } // Console.WriteLine("Assuming path condition [{0}] {1}", pathCondition.ToString(), pathConditionExpression.ToString()); block.appendStatement( new Assume(pathConditionExpression) ); block.appendStatement(new Assert(targetA.expression, targetA.message)); block.setControlStatement(new Block(block)); result.setStartNode(block.label); result.setEndNode(block.label); return(result); }
//////////////////////////////////////////////////////////////////////////// public void join(ICollection <Tuple <BasicEdge.Guard, EqualityAnalyzer> > predecessors, StatementId si) { /* Console.WriteLine("EqualityAnalyzer.join({0})", si.ToString()); * foreach (var p in predecessors) * Console.WriteLine("\t{0} : {1}", p.Item2.statementId.ToString(), p.Item2.pathCondition.ToString()); */ statementId = si; Debug.Assert(predecessors.Count > 0); Procedure procedure = predecessors.First().Item2.procedure; Debug.Assert(procedure != null); if (predecessors.Count == 1 && si.predecessors.First().Item2.successors.Count == 1) { Debug.Assert(((predecessors.First().Item1.expression as LiteralExpression).value as BooleanValue).value); EqualityAnalyzer onlyPred = predecessors.First().Item2; database = onlyPred.database; database.statementId = si; } else { var predConditions = new List <PropositionalFormula>(); foreach (var p in predecessors) { if (!p.Item2.pathCondition.isFalse) { PropositionalFormula c = p.Item2.database.toDNF(p.Item1); PropositionalFormula a = p.Item2.pathCondition & c; predConditions.Add(a); } } // Console.WriteLine("\tEqualityAnalyzer.join({0}).pathCondition", si.ToString()); PropositionalFormula pathCondition = PropositionalFormula.or(predConditions); var preds = new List <EqualityDatabase>(); foreach (var p in predecessors) { preds.Add(p.Item2.database); } // Console.WriteLine("\tEqualityAnalyzer.join({0}).database", si.ToString()); database = new EqualityDatabase(si, procedure, pathCondition, preds); if (pathCondition.isFalse) { Console.Error.WriteLine("[{0}] Warning - path condition ({1}) is false", si.ToString(), pathCondition.ToString(conditionVariableNames)); } } // Console.WriteLine("/EqualityAnalyzer.join({0})", si.ToString()); }
public override Expression getEarliestIncarnation(ExpressionList indices, PropositionalFormula condition) { var result = incarnation; var s = indices.ToString(); if (!cache.TryGetValue(indices.ToString(), out result)) { if (mapAnalyzer.isDisjoint(indices, updatedIndices)) { result = predecessor.getEarliestIncarnation(indices, condition); //TODO:add guard/inbetween } else { result = incarnation; } cache[s] = result; } return(result); }
//////////////////////////////////////////////////////////////////////////////////////////////// private static void addAssumptions(BasicBlock block, PropositionalFormula pathCondition, PropositionalFormula notPathCondition, StatementId si) { Debug.Assert((pathCondition & notPathCondition).isFalse); Debug.Assert((pathCondition | notPathCondition).isTrue); PropositionalFormula statementPathCondition = si.basicBlock.getPreState(0).equalityAnalyzer.pathCondition; if ((statementPathCondition & pathCondition).isFalse) { // Console.WriteLine("Eliminating {0} & {1}", statementPathCondition.ToString(), pathCondition.ToString()); return; } if (!(statementPathCondition.isTrue)) { PropositionalFormula simplifiedPathCondition = statementPathCondition | notPathCondition; if (simplifiedPathCondition.size() < statementPathCondition.size()) { statementPathCondition = simplifiedPathCondition; } } var q = new Queue <Expression>(); q.Enqueue(((PredicateStatement)si.statement).expression); while (q.Count > 0) { Expression e = q.Dequeue(); var fae = e as FAE; if (fae != null && BFunction.isConjunction(fae.function)) { q.Enqueue(fae.arguments[0]); q.Enqueue(fae.arguments[1]); } else { block.appendStatement(new Assume(makeFlatExpression(si.basicBlock, statementPathCondition, e))); } } }
//////////////////////////////////////////////////////////////////////////////////////////////// private static Expression makeFlatExpression(BasicBlock bb, PropositionalFormula pathCondition, Expression e) { Expression result; if (pathCondition.isTrue) { result = e; } else { result = new BasicFAE( BFunctionTemplate.implication.getInstance(), new ExpressionList( PF2E(bb.getPreState(0).equalityAnalyzer.conditionVariableNames, pathCondition), e ) ); } //TODO:handle assume false //Debug.Assert(!(result is LiteralExpression)); return(result); }
public override Expression getEarliestIncarnation(ExpressionList indices, PropositionalFormula condition) { return(incarnation); }
//////////////////////////////////////////////////////////////////////////////////////////////// private static Expression PF2E(IDictionary <int, ProgramVariable> conditionVariableNames, PropositionalFormula f) { if (f.isTrue) { return(new BasicLiteralExpression(BooleanValue.makeBooleanValue(true))); } if (f.isFalse) { return(new BasicLiteralExpression(BooleanValue.makeBooleanValue(false))); } Debug.Assert(f.disjuncts.Count() > 0); Expression result = null; foreach (var d in f.disjuncts) { if (result == null) { result = D2E(conditionVariableNames, d); } else { result = new BasicFAE( BFunctionTemplate.or.getInstance(), new ExpressionList( result, D2E(conditionVariableNames, d) ) ); } } return(result); }
public abstract Expression getEarliestIncarnation(ExpressionList indices, PropositionalFormula conditions);
public static void analyze(Procedure procedure) { Debug.Assert(procedure != null); CFG <BasicBlock, BasicEdge> cfg = procedure.cfg; var q = new Queue <BasicBlock>(); var s = new HashSet <string>(); q.Enqueue(cfg.startNode); while (q.Count > 0) { foreach (var b in q) { Debug.Assert(b.label != null); } BasicBlock bb = q.Dequeue(); Debug.Assert(bb.getPreState(0).equalityAnalyzer != null); { if (bb.getPreState(0).equalityAnalyzer != null && bb.getPreState(0).equalityAnalyzer.pathCondition.isFalse) { //Console.WriteLine("\tDeleting - False path condition"); bb.delete(); continue; } } var cb = bb.getControlStatement() as ConditionalBranch; if (cb == null) { goto skip; } if (cb.trueBranch.target == cb.falseBranch.target) { bb.setControlStatement(new UnconditionalBranch(cb.trueBranch.source, cb.trueBranch.target)); goto skip; } if (cb.trueBranch.target.getPreState(0).equalityAnalyzer != null && cb.falseBranch.target.getPreState(0).equalityAnalyzer != null) { PropositionalFormula thenCondition = cb.trueBranch.target.getPreState(0).equalityAnalyzer.pathCondition; PropositionalFormula elseCondition = cb.falseBranch.target.getPreState(0).equalityAnalyzer.pathCondition; Debug.Assert(!thenCondition.isFalse || !elseCondition.isFalse); if (thenCondition.isFalse) { bb.setControlStatement(new UnconditionalBranch(cb.falseBranch.source, cb.falseBranch.target)); goto skip; } else if (elseCondition.isFalse) { bb.setControlStatement(new UnconditionalBranch(cb.trueBranch.source, cb.trueBranch.target)); goto skip; } } if (bb.predecessors.Count() != 2 || bb.successors.Count() != 2 || bb.getStatements().Count != 1) { goto skip; } BasicBlock pred0 = bb.predecessors.ElementAt(0).source; BasicBlock pred1 = bb.predecessors.ElementAt(1).source; BasicBlock succ0 = bb.successors.ElementAt(0).target; BasicBlock succ1 = bb.successors.ElementAt(1).target; if ( pred0.getPreState(0).equalityAnalyzer == null || pred1.getPreState(0).equalityAnalyzer == null || succ0.getPreState(0).equalityAnalyzer == null || succ1.getPreState(0).equalityAnalyzer == null ) { goto skip; } PropositionalFormula pred0pc = pred0.getPreState(0).equalityAnalyzer.pathCondition; PropositionalFormula pred1pc = pred1.getPreState(0).equalityAnalyzer.pathCondition; PropositionalFormula succ0pc = succ0.getPreState(0).equalityAnalyzer.pathCondition; PropositionalFormula succ1pc = succ1.getPreState(0).equalityAnalyzer.pathCondition; Debug.Assert(succ0.label != null); Debug.Assert(succ1.label != null); if ( (pred0pc & succ0pc).isFalse && (pred1pc & succ1pc).isFalse ) { pred0.setControlStatement(new UnconditionalBranch(pred0, succ1)); pred1.setControlStatement(new UnconditionalBranch(pred1, succ0)); if (!s.Contains(succ0.label)) { q.Enqueue(succ0); } if (!s.Contains(succ1.label)) { q.Enqueue(succ1); } s.Add(succ0.label); s.Add(succ1.label); continue; } if ( (pred0pc & succ1pc).isFalse && (pred1pc & succ0pc).isFalse ) { pred0.setControlStatement(new UnconditionalBranch(pred0, succ0)); pred1.setControlStatement(new UnconditionalBranch(pred1, succ1)); if (!s.Contains(succ0.label)) { q.Enqueue(succ0); } if (!s.Contains(succ1.label)) { q.Enqueue(succ1); } s.Add(succ0.label); s.Add(succ1.label); continue; } skip: foreach (var sc in bb.successors) { Debug.Assert(sc.target.label != null); if (!s.Contains(sc.target.label)) { q.Enqueue(sc.target); s.Add(sc.target.label); } } } }