bool path_searcht::drop_state(const statet &state) const
{
// depth
if(depth_limit!=-1 && state.get_depth()>depth_limit) return true;
// context bound
if(context_bound!=-1 && state.get_no_thread_interleavings()) return true;
// unwinding limit -- loops
if(unwind_limit!=-1 && state.get_instruction()->is_backwards_goto())
{
for(path_symex_statet::unwinding_mapt::const_iterator
it=state.unwinding_map.begin();
it!=state.unwinding_map.end();
it++)
if(it->second>unwind_limit)
return true;
}
// unwinding limit -- recursion
if(unwind_limit!=-1 && state.get_instruction()->is_function_call())
{
for(path_symex_statet::recursion_mapt::const_iterator
it=state.recursion_map.begin();
it!=state.recursion_map.end();
it++)
if(it->second>unwind_limit)
return true;
}
return false;
}
/// decide whether to drop a state
bool path_searcht::drop_state(const statet &state)
{
goto_programt::const_targett pc=state.get_instruction();
// depth limit
if(depth_limit_set && state.get_depth()>depth_limit)
return true;
// context bound
if(context_bound_set && state.get_no_thread_interleavings()>context_bound)
return true;
// branch bound
if(branch_bound_set && state.get_no_branches()>branch_bound)
return true;
// unwinding limit -- loops
if(unwind_limit_set && state.get_instruction()->is_backwards_goto())
{
for(const auto &loop_info : state.unwinding_map)
if(loop_info.second>unwind_limit)
return true;
}
// unwinding limit -- recursion
if(unwind_limit_set && state.get_instruction()->is_function_call())
{
for(const auto &rec_info : state.recursion_map)
if(rec_info.second>unwind_limit)
return true;
}
if(pc->is_assume() &&
simplify_expr(pc->guard, ns).is_false())
{
debug() << "aborting path on assume(false) at "
<< pc->source_location
<< " thread " << state.get_current_thread();
const irep_idt &c=pc->source_location.get_comment();
if(!c.empty())
debug() << ": " << c;
debug() << eom;
return true;
}
return false;
}
void path_searcht::do_show_vcc(
statet &state,
const namespacet &ns)
{
// keep statistics
number_of_VCCs++;
const goto_programt::instructiont &instruction=
*state.get_instruction();
mstreamt &out=result();
if(instruction.location.is_not_nil())
out << instruction.location << "\n";
if(instruction.location.get_comment()!="")
out << instruction.location.get_comment() << "\n";
unsigned count=1;
std::vector<path_symex_step_reft> steps;
state.history.build_history(steps);
for(std::vector<path_symex_step_reft>::const_iterator
s_it=steps.begin();
s_it!=steps.end();
s_it++)
{
if((*s_it)->guard.is_not_nil())
{
std::string string_value=from_expr(ns, "", (*s_it)->guard);
out << "{-" << count << "} " << string_value << "\n";
count++;
}
if((*s_it)->ssa_rhs.is_not_nil())
{
equal_exprt equality((*s_it)->ssa_lhs, (*s_it)->ssa_rhs);
std::string string_value=from_expr(ns, "", equality);
out << "{-" << count << "} " << string_value << "\n";
count++;
}
}
out << "|--------------------------" << "\n";
exprt assertion=state.read(instruction.guard);
out << "{" << 1 << "} "
<< from_expr(ns, "", assertion) << "\n";
if(!assertion.is_true())
number_of_VCCs_after_simplification++;
out << eom;
}
void path_searcht::do_show_vcc(statet &state)
{
// keep statistics
number_of_VCCs++;
const goto_programt::instructiont &instruction=
*state.get_instruction();
mstreamt &out=result();
if(instruction.source_location.is_not_nil())
out << instruction.source_location << '\n';
if(instruction.source_location.get_comment()!="")
out << instruction.source_location.get_comment() << '\n';
unsigned count=1;
std::vector<path_symex_step_reft> steps;
state.history.build_history(steps);
for(const auto &step_ref : steps)
{
if(step_ref->guard.is_not_nil())
{
std::string string_value=from_expr(ns, "", step_ref->guard);
out << "{-" << count << "} " << string_value << '\n';
count++;
}
if(step_ref->ssa_rhs.is_not_nil())
{
equal_exprt equality(step_ref->ssa_lhs, step_ref->ssa_rhs);
std::string string_value=from_expr(ns, "", equality);
out << "{-" << count << "} " << string_value << '\n';
count++;
}
}
out << "|--------------------------" << '\n';
exprt assertion=state.read(instruction.guard);
out << "{" << 1 << "} "
<< from_expr(ns, "", assertion) << '\n';
if(!assertion.is_true())
number_of_VCCs_after_simplification++;
out << eom;
}
void path_searcht::check_assertion(
statet &state,
const namespacet &ns)
{
// keep statistics
number_of_VCCs++;
const goto_programt::instructiont &instruction=
*state.get_instruction();
irep_idt property_name=instruction.location.get_property_id();
property_entryt &property_entry=property_map[property_name];
if(property_entry.status==FAIL)
return; // already failed
else if(property_entry.status==NOT_REACHED)
property_entry.status=PASS; // well, for now!
// the assertion in SSA
exprt assertion=
state.read(instruction.guard);
if(assertion.is_true()) return; // no error, trivially
// keep statistics
number_of_VCCs_after_simplification++;
status() << "Checking property " << property_name << eom;
// take the time
absolute_timet sat_start_time=current_time();
satcheckt satcheck;
bv_pointerst bv_pointers(ns, satcheck);
satcheck.set_message_handler(get_message_handler());
bv_pointers.set_message_handler(get_message_handler());
if(!state.check_assertion(bv_pointers))
{
build_goto_trace(state, bv_pointers, property_entry.error_trace);
property_entry.status=FAIL;
number_of_failed_properties++;
}
sat_time+=current_time()-sat_start_time;
}