void WherePostcondition::GetSkipLoopBits(Bit **base_bit, GuardBitVector *res) { BlockMemory *mcfg = m_frame->Memory(); *base_bit = BitConvertExitClobber(m_bit); // TODO: is SkipClobber the best translation to do here? // there can't be any clobbers in m_bit, just exit expressions // which will be handled correctly by TranslateBit. needs cleanup. GuardBitVector base_res; mcfg->TranslateBit(TRK_SkipClobber, m_point, m_bit, &base_res); RemoveValBit(m_frame->Id(), m_frame->Memory(), base_res, res); }
void WhereInvariant::GetHeapBits(CheckerFrame *write_frame, Exp *write_csu, Exp *base_csu, Bit **base_bit, GuardBitVector *res) { BlockMemory *mcfg = write_frame->Memory(); Exp *old_lval = NULL; if (m_csu) { Variable *this_var = Variable::Make(NULL, VK_This, NULL, 0, NULL); Exp *old_this = Exp::MakeVar(this_var); old_lval = Exp::MakeDrf(old_this); } Bit *exit_bit = TranslateHeapBit(old_lval, write_csu, true, m_bit); Assert(exit_bit); if (old_lval) old_lval->DecRef(); // TODO: using this to get the base bit for an invariant is fairly // hacked up, but for now we can't do this correctly as the base bit // needs to be relative to the CFG exit point, not the point where // any writes occur at. for now just get the displayable point for // the base CSU, and hope that means the same thing at exit as at // the point of the write. Bit *new_bit = BitConvertExitClobber(m_bit); if (base_csu) { *base_bit = BitReplaceExp(new_bit, old_lval, base_csu); new_bit->DecRef(); } else { *base_bit = new_bit; } GuardBitVector base_res; PPoint exit_point = mcfg->GetCFG()->GetExitPoint(); mcfg->TranslateBit(TRK_Exit, exit_point, exit_bit, &base_res); exit_bit->DecRef(); RemoveValBit(write_frame->Id(), write_frame->Memory(), base_res, res); }
// returns whether the error condition is satisfiable within frame. bool TestErrorSatisfiable(CheckerState *state, CheckerFrame *frame, Bit *bit) { BlockMemory *mcfg = frame->Memory(); Solver *solver = state->GetSolver(); if (!solver->IsSatisfiable()) { if (checker_verbose.IsSpecified()) logout << "CHECK: " << frame << ": Guard unsatisfiable: " << bit << " [" << bit->Hash() << "]" << endl; return false; } state->PushContext(); state->AssertBaseBits(); if (!solver->IsSatisfiable()) { if (checker_verbose.IsSpecified()) logout << "CHECK: " << frame << ": Error unsatisfiable: " << bit << " [" << bit->Hash() << "]" << endl; state->PopContext(); return false; } if (!frame->m_checked_assertions) { frame->m_checked_assertions = true; // check to see if the error is contradicted by previous assertions // in this frame. assert the previous assertions, but don't keep // them around past this function to avoid polluting the solver // with worthless extra checks. BlockSummary *sum = GetBlockSummary(mcfg->GetId()); const Vector<AssertInfo> *asserts = sum->GetAsserts(); size_t assert_count = VectorSize<AssertInfo>(asserts); for (size_t ind = 0; ind < assert_count; ind++) { const AssertInfo &info = asserts->At(ind); // only use the same kind of assertion to check for redundancy. if (info.kind != state->GetAssertKind()) continue; if (info.cls != ASC_Check) continue; if (info.point < frame->EndPoint()) { // get the asserted condition relative to block entry. Bit *assert_value; mcfg->TranslateBit(TRK_Point, info.point, info.bit, &assert_value); assert_value->MoveRef(&assert_value, NULL); Bit *point_guard = mcfg->GetGuard(info.point); point_guard->IncRef(); Bit *imply_assert = Bit::MakeImply(point_guard, assert_value); solver->AddConstraint(frame->Id(), imply_assert); } } sum->DecRef(); if (!solver->IsSatisfiable()) { if (checker_verbose.IsSpecified()) logout << "CHECK: " << frame << ": Unsatisfiable from assertions" << endl; state->PopContext(); return false; } } state->PopContext(); return true; }