void WherePostcondition::GetSkipLoopBits(Bit **base_bit, GuardBitVector *res)
{
BlockMemory *mcfg = m_frame->Memory();
*base_bit = BitConvertExitClobber(m_bit);
// TODO: is SkipClobber the best translation to do here?
// there can't be any clobbers in m_bit, just exit expressions
// which will be handled correctly by TranslateBit. needs cleanup.
GuardBitVector base_res;
mcfg->TranslateBit(TRK_SkipClobber, m_point, m_bit, &base_res);
RemoveValBit(m_frame->Id(), m_frame->Memory(), base_res, res);
}
void WhereInvariant::GetHeapBits(CheckerFrame *write_frame,
Exp *write_csu, Exp *base_csu,
Bit **base_bit, GuardBitVector *res)
{
BlockMemory *mcfg = write_frame->Memory();
Exp *old_lval = NULL;
if (m_csu) {
Variable *this_var = Variable::Make(NULL, VK_This, NULL, 0, NULL);
Exp *old_this = Exp::MakeVar(this_var);
old_lval = Exp::MakeDrf(old_this);
}
Bit *exit_bit = TranslateHeapBit(old_lval, write_csu, true, m_bit);
Assert(exit_bit);
if (old_lval)
old_lval->DecRef();
// TODO: using this to get the base bit for an invariant is fairly
// hacked up, but for now we can't do this correctly as the base bit
// needs to be relative to the CFG exit point, not the point where
// any writes occur at. for now just get the displayable point for
// the base CSU, and hope that means the same thing at exit as at
// the point of the write.
Bit *new_bit = BitConvertExitClobber(m_bit);
if (base_csu) {
*base_bit = BitReplaceExp(new_bit, old_lval, base_csu);
new_bit->DecRef();
}
else {
*base_bit = new_bit;
}
GuardBitVector base_res;
PPoint exit_point = mcfg->GetCFG()->GetExitPoint();
mcfg->TranslateBit(TRK_Exit, exit_point, exit_bit, &base_res);
exit_bit->DecRef();
RemoveValBit(write_frame->Id(), write_frame->Memory(), base_res, res);
}
// returns whether the error condition is satisfiable within frame.
bool TestErrorSatisfiable(CheckerState *state, CheckerFrame *frame, Bit *bit)
{
BlockMemory *mcfg = frame->Memory();
Solver *solver = state->GetSolver();
if (!solver->IsSatisfiable()) {
if (checker_verbose.IsSpecified())
logout << "CHECK: " << frame << ": Guard unsatisfiable: " << bit
<< " [" << bit->Hash() << "]" << endl;
return false;
}
state->PushContext();
state->AssertBaseBits();
if (!solver->IsSatisfiable()) {
if (checker_verbose.IsSpecified())
logout << "CHECK: " << frame << ": Error unsatisfiable: " << bit
<< " [" << bit->Hash() << "]" << endl;
state->PopContext();
return false;
}
if (!frame->m_checked_assertions) {
frame->m_checked_assertions = true;
// check to see if the error is contradicted by previous assertions
// in this frame. assert the previous assertions, but don't keep
// them around past this function to avoid polluting the solver
// with worthless extra checks.
BlockSummary *sum = GetBlockSummary(mcfg->GetId());
const Vector<AssertInfo> *asserts = sum->GetAsserts();
size_t assert_count = VectorSize<AssertInfo>(asserts);
for (size_t ind = 0; ind < assert_count; ind++) {
const AssertInfo &info = asserts->At(ind);
// only use the same kind of assertion to check for redundancy.
if (info.kind != state->GetAssertKind())
continue;
if (info.cls != ASC_Check)
continue;
if (info.point < frame->EndPoint()) {
// get the asserted condition relative to block entry.
Bit *assert_value;
mcfg->TranslateBit(TRK_Point, info.point, info.bit, &assert_value);
assert_value->MoveRef(&assert_value, NULL);
Bit *point_guard = mcfg->GetGuard(info.point);
point_guard->IncRef();
Bit *imply_assert =
Bit::MakeImply(point_guard, assert_value);
solver->AddConstraint(frame->Id(), imply_assert);
}
}
sum->DecRef();
if (!solver->IsSatisfiable()) {
if (checker_verbose.IsSpecified())
logout << "CHECK: " << frame
<< ": Unsatisfiable from assertions" << endl;
state->PopContext();
return false;
}
}
state->PopContext();
return true;
}
