bool
HeapSnapshot::saveStackFrame(const protobuf::StackFrame& frame,
StackFrameId& outFrameId)
{
// NB: de-duplicated string properties must be read in the same order here as
// they are written in `CoreDumpWriter::getProtobufStackFrame` or else indices
// in references to already serialized strings will be off.
if (frame.has_ref()) {
// We should only get a reference to the previous frame if we have already
// seen the previous frame.
if (!frames.has(frame.ref()))
return false;
outFrameId = frame.ref();
return true;
}
// Incomplete message.
if (!frame.has_data())
return false;
auto data = frame.data();
if (!data.has_id())
return false;
StackFrameId id = data.id();
// This should be the first and only time we see this frame.
if (frames.has(id))
return false;
if (!data.has_line())
return false;
uint32_t line = data.line();
if (!data.has_column())
return false;
uint32_t column = data.column();
if (!data.has_issystem())
return false;
bool isSystem = data.issystem();
if (!data.has_isselfhosted())
return false;
bool isSelfHosted = data.isselfhosted();
Maybe<StringOrRef> sourceOrRef = GET_STRING_OR_REF(data, source);
auto source = getOrInternString<char16_t>(internedTwoByteStrings, sourceOrRef);
if (!source)
return false;
const char16_t* functionDisplayName = nullptr;
if (data.FunctionDisplayNameOrRef_case() !=
protobuf::StackFrame_Data::FUNCTIONDISPLAYNAMEORREF_NOT_SET)
{
Maybe<StringOrRef> nameOrRef = GET_STRING_OR_REF(data, functiondisplayname);
functionDisplayName = getOrInternString<char16_t>(internedTwoByteStrings, nameOrRef);
if (!functionDisplayName)
return false;
}
Maybe<StackFrameId> parent;
if (data.has_parent()) {
StackFrameId parentId = 0;
if (!saveStackFrame(data.parent(), parentId))
return false;
parent = Some(parentId);
}
if (!frames.putNew(id, DeserializedStackFrame(id, parent, line, column,
source, functionDisplayName,
isSystem, isSelfHosted, *this)))
{
return false;
}
outFrameId = id;
return true;
}
// == Add Parent ==
// Adds parent_id to the list of node's parents, up to max_parents, as long as
// parent_id is not already in the list.
void add_parent(node_t * node, int parent_id, int max_parents) {
if (node->num_parents < max_parents && !has_parent(node, parent_id))
node->parents[node->num_parents++] = parent_id;
}
bool
HeapSnapshot::saveStackFrame(const protobuf::StackFrame& frame,
StackFrameId& outFrameId)
{
if (frame.has_ref()) {
// We should only get a reference to the previous frame if we have already
// seen the previous frame.
if (!frames.has(frame.ref()))
return false;
outFrameId = frame.ref();
return true;
}
// Incomplete message.
if (!frame.has_data())
return false;
auto data = frame.data();
if (!data.has_id())
return false;
StackFrameId id = data.id();
// This should be the first and only time we see this frame.
if (frames.has(id))
return false;
Maybe<StackFrameId> parent;
if (data.has_parent()) {
StackFrameId parentId = 0;
if (!saveStackFrame(data.parent(), parentId))
return false;
parent = Some(parentId);
}
if (!data.has_line())
return false;
uint32_t line = data.line();
if (!data.has_column())
return false;
uint32_t column = data.column();
auto duplicatedSource = reinterpret_cast<const char16_t*>(
data.source().data());
size_t sourceLength = data.source().length() / sizeof(char16_t);
const char16_t* source = borrowUniqueString(duplicatedSource, sourceLength);
if (!source)
return false;
const char16_t* functionDisplayName = nullptr;
if (data.has_functiondisplayname() && data.functiondisplayname().length() > 0) {
auto duplicatedName = reinterpret_cast<const char16_t*>(
data.functiondisplayname().data());
size_t nameLength = data.functiondisplayname().length() / sizeof(char16_t);
functionDisplayName = borrowUniqueString(duplicatedName, nameLength);
if (!functionDisplayName)
return false;
}
MOZ_ASSERT(!!functionDisplayName == (data.has_functiondisplayname() &&
data.functiondisplayname().length() > 0));
if (!data.has_issystem())
return false;
bool isSystem = data.issystem();
if (!data.has_isselfhosted())
return false;
bool isSelfHosted = data.isselfhosted();
if (!frames.putNew(id, DeserializedStackFrame(id, parent, line, column,
source, functionDisplayName,
isSystem, isSelfHosted, *this)))
{
return false;
}
outFrameId = id;
return true;
}
expr::term_ref ic3_engine::get_parent(expr::term_ref l) const {
assert(has_parent(l));
expr::term_ref_map<frame_formula_parent_info>::const_iterator find = d_frame_formula_parent_info.find(l);
return find->second.parent;
}
void ic3_engine::extend_induction_failure(expr::term_ref f) {
const reachability::cex_type& cex = d_reachability.get_cex();
assert(cex.size() > 0);
// !F
// depth |
// cex ****************
// ******************* | |
// .......................................................
// G | |
// !G!G !G!G | |
// FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
// |
// frame
// We have a counter-example to inductiveness of f at frame cex_depth + induction_size
// and cex d_counterexample has its generalization at the back.
assert(cex.size() - 1 + d_induction_frame_depth > d_induction_frame_index);
// Solver for checking
smt::solver_scope solver_scope;
d_smt->ensure_counterexample_solver_depth(d_induction_frame_index+1); // Smalleet depth needed
d_smt->get_counterexample_solver(solver_scope);
solver_scope.push();
smt::solver* solver = solver_scope.get_solver();
assert(cex.size() - 1 <= d_smt->get_counterexample_solver_depth());
// Assert all the generalizations
size_t k = 0;
for (; k < cex.size(); ++ k) {
// Add the generalization to frame k
expr::term_ref G_k = d_trace->get_state_formula(cex[k], k);
solver->add(G_k, smt::solver::CLASS_A);
}
// Move to where f is false
k = cex.size() - 1 + d_induction_frame_depth;
// Assert f at next frame
d_smt->ensure_counterexample_solver_depth(k);
solver->add(d_trace->get_state_formula(tm().mk_term(expr::TERM_NOT, f), k), smt::solver::CLASS_A);
// Should be SAT
smt::solver::result r = solver->check();
assert(r == smt::solver::SAT);
expr::model::ref model = solver->get_model();
d_trace->set_model(model, k+1);
if (ctx().get_options().get_bool("ic3-dont-extend")) {
return;
}
// Try to extend it
for (;;) {
// We know there is a counterexample to induction of f: 0, ..., k-1, with f
// being false at k. We try to extend it to falsify the reason we
// introduced f. We introduced f to refute the counterexample to induction
// of parent(f), which is witnessed by generalization refutes(f). We are
// therefore looking to satisfy refutes(f) at k.
assert(is_invalid(f));
d_stats.max_cex_depth->get_value() = std::max((int) k, d_stats.max_cex_depth->get_value());
// Bump the assertion
bump_induction_obligation(f, 1);
// If no more parents, we're done
if (!has_parent(f)) {
// If this is a counter-example to the property itself => full counterexample
if (d_properties.find(f) != d_properties.end()) {
MSG(1) << "ic3: CEX found at depth " << d_smt->get_counterexample_solver_depth() << " (with induction frame at " << d_induction_frame_index << ")" << std::endl;
}
break;
}
// Try to extend
k = k + get_refutes_depth(f);
f = get_parent(f);
// If invalid already, done
if (is_invalid(f)) {
break;
}
// Check at frame of the parent
d_smt->ensure_counterexample_solver_depth(k);
solver->add(d_trace->get_state_formula(tm().mk_term(expr::TERM_NOT, f), k), smt::solver::CLASS_A);
// If not a generalization we need to check
r = solver->check();
// If not sat, we can't extend any more
if (r != smt::solver::SAT) {
break;
}
// We're sat (either by knowing, or by checking), so we extend further
set_invalid(f, k);
model = solver->get_model();
d_trace->set_model(model, k+1);
}
}
void UIWidget::bring_to_front()
{
if (!has_parent()) return;
get_parent()->bring_child_to_front(this);
}
