2018-04-20 14:56:10 +00:00
|
|
|
/*
|
|
|
|
This file is part of solidity.
|
|
|
|
|
|
|
|
solidity is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
solidity is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with solidity. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <libsolidity/formal/SMTPortfolio.h>
|
|
|
|
|
|
|
|
#ifdef HAVE_Z3
|
|
|
|
#include <libsolidity/formal/Z3Interface.h>
|
|
|
|
#endif
|
|
|
|
#ifdef HAVE_CVC4
|
|
|
|
#include <libsolidity/formal/CVC4Interface.h>
|
|
|
|
#endif
|
|
|
|
#include <libsolidity/formal/SMTLib2Interface.h>
|
|
|
|
|
|
|
|
using namespace std;
|
|
|
|
using namespace dev;
|
2018-07-27 21:39:36 +00:00
|
|
|
using namespace dev::solidity;
|
2018-04-20 14:56:10 +00:00
|
|
|
using namespace dev::solidity::smt;
|
|
|
|
|
2019-12-03 13:39:47 +00:00
|
|
|
SMTPortfolio::SMTPortfolio(
|
|
|
|
map<h256, string> const& _smtlib2Responses,
|
|
|
|
SMTSolverChoice _enabledSolvers
|
|
|
|
)
|
2018-04-20 14:56:10 +00:00
|
|
|
{
|
2019-05-09 08:56:58 +00:00
|
|
|
m_solvers.emplace_back(make_unique<smt::SMTLib2Interface>(_smtlib2Responses));
|
2018-04-20 14:56:10 +00:00
|
|
|
#ifdef HAVE_Z3
|
2019-12-03 13:39:47 +00:00
|
|
|
if (_enabledSolvers.z3)
|
|
|
|
m_solvers.emplace_back(make_unique<smt::Z3Interface>());
|
2018-04-20 14:56:10 +00:00
|
|
|
#endif
|
|
|
|
#ifdef HAVE_CVC4
|
2019-12-03 13:39:47 +00:00
|
|
|
if (_enabledSolvers.cvc4)
|
|
|
|
m_solvers.emplace_back(make_unique<smt::CVC4Interface>());
|
2018-04-20 14:56:10 +00:00
|
|
|
#endif
|
2019-12-03 13:39:47 +00:00
|
|
|
(void)_enabledSolvers;
|
2018-04-20 14:56:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void SMTPortfolio::reset()
|
|
|
|
{
|
2019-05-09 08:56:58 +00:00
|
|
|
for (auto const& s: m_solvers)
|
2018-04-20 14:56:10 +00:00
|
|
|
s->reset();
|
|
|
|
}
|
|
|
|
|
|
|
|
void SMTPortfolio::push()
|
|
|
|
{
|
2019-05-09 08:56:58 +00:00
|
|
|
for (auto const& s: m_solvers)
|
2018-04-20 14:56:10 +00:00
|
|
|
s->push();
|
|
|
|
}
|
|
|
|
|
|
|
|
void SMTPortfolio::pop()
|
|
|
|
{
|
2019-05-09 08:56:58 +00:00
|
|
|
for (auto const& s: m_solvers)
|
2018-04-20 14:56:10 +00:00
|
|
|
s->pop();
|
|
|
|
}
|
|
|
|
|
2019-09-24 15:35:31 +00:00
|
|
|
void SMTPortfolio::declareVariable(string const& _name, SortPointer const& _sort)
|
2018-04-20 14:56:10 +00:00
|
|
|
{
|
2019-09-24 15:35:31 +00:00
|
|
|
solAssert(_sort, "");
|
2019-05-09 08:56:58 +00:00
|
|
|
for (auto const& s: m_solvers)
|
2018-11-21 15:57:02 +00:00
|
|
|
s->declareVariable(_name, _sort);
|
2018-04-20 14:56:10 +00:00
|
|
|
}
|
|
|
|
|
2019-09-02 12:27:35 +00:00
|
|
|
void SMTPortfolio::addAssertion(smt::Expression const& _expr)
|
2018-04-20 14:56:10 +00:00
|
|
|
{
|
2019-05-09 08:56:58 +00:00
|
|
|
for (auto const& s: m_solvers)
|
2018-04-20 14:56:10 +00:00
|
|
|
s->addAssertion(_expr);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Broadcasts the SMT query to all solvers and returns a single result.
|
|
|
|
* This comment explains how this result is decided.
|
|
|
|
*
|
|
|
|
* When a solver is queried, there are four possible answers:
|
2018-06-26 10:41:26 +00:00
|
|
|
* SATISFIABLE (SAT), UNSATISFIABLE (UNSAT), UNKNOWN, CONFLICTING, ERROR
|
2018-04-20 14:56:10 +00:00
|
|
|
* We say that a solver _answered_ the query if it returns either:
|
|
|
|
* SAT or UNSAT
|
|
|
|
* A solver did not answer the query if it returns either:
|
|
|
|
* UNKNOWN (it tried but couldn't solve it) or ERROR (crash, internal error, API error, etc).
|
|
|
|
*
|
|
|
|
* Ideally all solvers answer the query and agree on what the answer is
|
|
|
|
* (all say SAT or all say UNSAT).
|
|
|
|
*
|
|
|
|
* The actual logic as as follows:
|
|
|
|
* 1) If at least one solver answers the query, all the non-answer results are ignored.
|
|
|
|
* Here SAT/UNSAT is preferred over UNKNOWN since it's an actual answer, and over ERROR
|
|
|
|
* because one buggy solver/integration shouldn't break the portfolio.
|
|
|
|
*
|
|
|
|
* 2) If at least one solver answers SAT and at least one answers UNSAT, at least one of them is buggy
|
2018-06-26 10:41:26 +00:00
|
|
|
* and the result is CONFLICTING.
|
2018-04-20 14:56:10 +00:00
|
|
|
* In the future if we have more than 2 solvers enabled we could go with the majority.
|
|
|
|
*
|
|
|
|
* 3) If NO solver answers the query:
|
|
|
|
* If at least one solver returned UNKNOWN (where the rest returned ERROR), the result is UNKNOWN.
|
|
|
|
* This is preferred over ERROR since the SMTChecker might decide to abstract the query
|
|
|
|
* when it is told that this is a hard query to solve.
|
|
|
|
*
|
|
|
|
* If all solvers return ERROR, the result is ERROR.
|
|
|
|
*/
|
2019-09-02 12:27:35 +00:00
|
|
|
pair<CheckResult, vector<string>> SMTPortfolio::check(vector<smt::Expression> const& _expressionsToEvaluate)
|
2018-04-20 14:56:10 +00:00
|
|
|
{
|
|
|
|
CheckResult lastResult = CheckResult::ERROR;
|
|
|
|
vector<string> finalValues;
|
2019-05-09 08:56:58 +00:00
|
|
|
for (auto const& s: m_solvers)
|
2018-04-20 14:56:10 +00:00
|
|
|
{
|
|
|
|
CheckResult result;
|
|
|
|
vector<string> values;
|
|
|
|
tie(result, values) = s->check(_expressionsToEvaluate);
|
|
|
|
if (solverAnswered(result))
|
|
|
|
{
|
|
|
|
if (!solverAnswered(lastResult))
|
|
|
|
{
|
|
|
|
lastResult = result;
|
|
|
|
finalValues = std::move(values);
|
|
|
|
}
|
|
|
|
else if (lastResult != result)
|
|
|
|
{
|
2018-06-26 10:41:26 +00:00
|
|
|
lastResult = CheckResult::CONFLICTING;
|
|
|
|
break;
|
2018-04-20 14:56:10 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
else if (result == CheckResult::UNKNOWN && lastResult == CheckResult::ERROR)
|
|
|
|
lastResult = result;
|
|
|
|
}
|
|
|
|
return make_pair(lastResult, finalValues);
|
|
|
|
}
|
|
|
|
|
2019-01-23 10:22:38 +00:00
|
|
|
vector<string> SMTPortfolio::unhandledQueries()
|
|
|
|
{
|
|
|
|
// This code assumes that the constructor guarantees that
|
|
|
|
// SmtLib2Interface is in position 0.
|
|
|
|
solAssert(!m_solvers.empty(), "");
|
2019-05-09 11:17:00 +00:00
|
|
|
solAssert(dynamic_cast<smt::SMTLib2Interface*>(m_solvers.front().get()), "");
|
|
|
|
return m_solvers.front()->unhandledQueries();
|
2019-01-23 10:22:38 +00:00
|
|
|
}
|
|
|
|
|
2018-04-20 14:56:10 +00:00
|
|
|
bool SMTPortfolio::solverAnswered(CheckResult result)
|
|
|
|
{
|
|
|
|
return result == CheckResult::SATISFIABLE || result == CheckResult::UNSATISFIABLE;
|
|
|
|
}
|