1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
//===-- ValidatingSolver.cpp ----------------------------------------------===//
//
// The KLEE Symbolic Virtual Machine
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
#include "klee/Expr/Constraints.h"
#include "klee/Solver/Solver.h"
#include "klee/Solver/SolverImpl.h"
#include <vector>
namespace klee {
class ValidatingSolver : public SolverImpl {
private:
Solver *solver, *oracle;
bool ownsOracle;
public:
ValidatingSolver(Solver *solver, Solver *oracle, bool ownsOracle = false)
: solver(solver), oracle(oracle), ownsOracle(ownsOracle) {}
~ValidatingSolver() {
delete solver;
if (ownsOracle) {
delete oracle;
}
}
bool computeValidity(const Query &, Solver::Validity &result);
bool computeTruth(const Query &, bool &isValid);
bool computeValue(const Query &, ref<Expr> &result);
bool computeInitialValues(const Query &,
const std::vector<const Array *> &objects,
std::vector<std::vector<unsigned char>> &values,
bool &hasSolution);
SolverRunStatus getOperationStatusCode();
char *getConstraintLog(const Query &);
void setCoreSolverTimeout(time::Span timeout);
};
bool ValidatingSolver::computeTruth(const Query &query, bool &isValid) {
bool answer;
if (!solver->impl->computeTruth(query, isValid))
return false;
if (!oracle->impl->computeTruth(query, answer))
return false;
if (isValid != answer)
assert(0 && "invalid solver result (computeTruth)");
return true;
}
bool ValidatingSolver::computeValidity(const Query &query,
Solver::Validity &result) {
Solver::Validity answer;
if (!solver->impl->computeValidity(query, result))
return false;
if (!oracle->impl->computeValidity(query, answer))
return false;
if (result != answer)
assert(0 && "invalid solver result (computeValidity)");
return true;
}
bool ValidatingSolver::computeValue(const Query &query, ref<Expr> &result) {
bool answer;
if (!solver->impl->computeValue(query, result))
return false;
// We don't want to compare, but just make sure this is a legal
// solution.
if (!oracle->impl->computeTruth(
query.withExpr(NeExpr::create(query.expr, result)), answer))
return false;
if (answer)
assert(0 && "invalid solver result (computeValue)");
return true;
}
bool ValidatingSolver::computeInitialValues(
const Query &query, const std::vector<const Array *> &objects,
std::vector<std::vector<unsigned char> > &values, bool &hasSolution) {
bool answer;
if (!solver->impl->computeInitialValues(query, objects, values, hasSolution))
return false;
if (hasSolution) {
// Assert the bindings as constraints, and verify that the
// conjunction of the actual constraints is satisfiable.
ConstraintSet bindings;
for (unsigned i = 0; i != values.size(); ++i) {
const Array *array = objects[i];
assert(array);
for (unsigned j = 0; j < array->size; j++) {
unsigned char value = values[i][j];
bindings.push_back(EqExpr::create(
ReadExpr::create(UpdateList(array, 0),
ConstantExpr::alloc(j, array->getDomain())),
ConstantExpr::alloc(value, array->getRange())));
}
}
ConstraintManager tmp(bindings);
ref<Expr> constraints = Expr::createIsZero(query.expr);
for (auto const &constraint : query.constraints)
constraints = AndExpr::create(constraints, constraint);
if (!oracle->impl->computeTruth(Query(bindings, constraints), answer))
return false;
if (!answer)
assert(0 && "invalid solver result (computeInitialValues)");
} else {
if (!oracle->impl->computeTruth(query, answer))
return false;
if (!answer)
assert(0 && "invalid solver result (computeInitialValues)");
}
return true;
}
SolverImpl::SolverRunStatus ValidatingSolver::getOperationStatusCode() {
return solver->impl->getOperationStatusCode();
}
char *ValidatingSolver::getConstraintLog(const Query &query) {
return solver->impl->getConstraintLog(query);
}
void ValidatingSolver::setCoreSolverTimeout(time::Span timeout) {
solver->impl->setCoreSolverTimeout(timeout);
}
Solver *createValidatingSolver(Solver *s, Solver *oracle, bool ownsOracle) {
return new Solver(new ValidatingSolver(s, oracle, ownsOracle));
}
}
|