123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269(** Incremental/interactive terminating top-down solver, which supports space-efficiency and caching ([td3]).
@see <https://doi.org/10.1017/S0960129521000499> Seidl, H., Vogler, R. Three improvements to the top-down solver.
@see <https://arxiv.org/abs/2209.10445> Interactive Abstract Interpretation: Reanalyzing Whole Programs for Cheap. *)(** Incremental terminating top down solver that optionally only keeps values at widening points and restores other values afterwards. *)(* Incremental: see paper 'Incremental Abstract Interpretation' https://link.springer.com/chapter/10.1007/978-3-030-41103-9_5 *)(* TD3: see paper 'Three Improvements to the Top-Down Solver' https://dl.acm.org/doi/10.1145/3236950.3236967
* Option solvers.td3.* (default) ? true : false (solver in paper):
* - term (true) ? use phases for widen+narrow (TDside) : use box (TDwarrow)
* - space (false) ? only keep values at widening points (TDspace + side) in rho : keep all values in rho
* - space_cache (true) ? local cache l for eval calls in each solve (TDcombined) : no cache
* - space_restore (true) ? eval each rhs and store all in rho : do not restore missing values
* For simpler (but unmaintained) versions without the incremental parts see the paper or topDown{,_space_cache_term}.ml. *)openBatteriesopenGoblint_constraint.ConstrSysopenGoblint_constraint.SolverTypesopenGoblint_constraint.TranslatorsopenMessagesmoduleM=MessagesmoduletypeHooks=sigmoduleS:DemandEqConstrSysmoduleHM:Hashtbl.Swithtypekey=S.vvalprint_data:unit->unit(** Print additional solver data statistics. *)valsystem:S.v->((S.v->S.d)->(S.v->S.d->unit)->(S.v->unit)->S.d)option(** Wrap [S.system]. Always use this hook instead of [S.system]! *)valdelete_marked:S.vlist->unit(** Incrementally delete additional solver data. *)valstable_remove:S.v->unit(** Remove additional solver data when variable removed from [stable]. *)valprune:reachable:unitHM.t->unit(** Prune unreachable additional solver data. *)endmoduleBase=functor(Arg:IncrSolverArg)->functor(S:DemandEqConstrSys)->functor(HM:Hashtbl.Swithtypekey=S.v)->functor(Hooks:HookswithmoduleS=SandmoduleHM=HM)->functor(UpdateRule:Td3UpdateRule.S)->structopenSolverBox.Warrow(S.Dom)moduleEqS0=EqConstrSysFromDemandConstrSys(S)includeGeneric.SolverStats(EqS0)(HM)moduleVS=Set.Make(S.Var)moduleUpdateRule=UpdateRule(EqS0)(HM)(VS)letexists_keyfhm=HM.exists(funk_->fk)hmletassert_can_receive_sidex=ifHooks.systemx<>Nonethen(failwith("side-effect to unknown w/ rhs: "^GobPretty.sprintS.Var.pretty_tracex);)typesolver_data={st:(S.Var.t*S.Dom.t)list;(* needed to destabilize start functions if their start state changed because of some changed global initializer *)infl:VS.tHM.t;sides:VS.tHM.t;update_rule_data:UpdateRule.data;rho:S.Dom.tHM.t;wpoint_gas:intHM.t;(** Tracks the widening gas of both side-effected and non-side-effected variables. Although they may have different gas budgets, they can be in the same map since no side-effected variable may ever have a rhs.*)stable:unitHM.t;side_dep:VS.tHM.t;(** Dependencies of side-effected variables. Knowing these allows restarting them and re-triggering all side effects. *)side_infl:VS.tHM.t;(** Influences to side-effected variables. Not normally in [infl], but used for restarting them. *)var_messages:Message.tHM.t;(** Messages from right-hand sides of variables. Used for incremental postsolving. *)rho_write:S.Dom.tHM.tHM.t;(** Side effects from variables to write-only variables with values. Used for fast incremental restarting of write-only variables. *)dep:VS.tHM.t;(** Dependencies of variables. Inverse of [infl]. Used for fast pre-reachable pruning in incremental postsolving. *)weak_dep:VS.tHM.t;(** Weak dependencies of variables via [demand] (if enabled). *)}typemarshal=solver_dataletcreate_empty_data()={st=[];infl=HM.create10;sides=HM.create10;update_rule_data=UpdateRule.create_empty_data();rho=HM.create10;wpoint_gas=HM.create10;stable=HM.create10;side_dep=HM.create10;side_infl=HM.create10;var_messages=HM.create10;rho_write=HM.create10;dep=HM.create10;weak_dep=HM.create10;}letprint_datadata=Logs.debug"|rho|=%d"(HM.lengthdata.rho);Logs.debug"|stable|=%d"(HM.lengthdata.stable);Logs.debug"|infl|=%d"(HM.lengthdata.infl);Logs.debug"|wpoint_gas|=%d"(HM.lengthdata.wpoint_gas);Logs.debug"|sides|=%d"(HM.lengthdata.sides);Logs.debug"|side_dep|=%d"(HM.lengthdata.side_dep);Logs.debug"|side_infl|=%d"(HM.lengthdata.side_infl);Logs.debug"|var_messages|=%d"(HM.lengthdata.var_messages);Logs.debug"|rho_write|=%d"(HM.lengthdata.rho_write);Logs.debug"|dep|=%d"(HM.lengthdata.dep);Hooks.print_data()letprint_data_verbosedatastr=ifLogs.Level.should_logDebugthen(Logs.debug"%s:"str;print_datadata)letverify_datadata=ifGobConfig.get_bool"solvers.td3.verify"then((* every variable in (pruned) rho should be stable *)HM.iter(funx_->ifnot(HM.memdata.stablex)then(Logs.warn"unstable in rho: %a"S.Var.pretty_tracex;assertfalse))data.rho(* vice versa doesn't currently hold, because stable is not pruned *))letcopy_marshal(data:marshal):marshal={rho=HM.copydata.rho;stable=HM.copydata.stable;wpoint_gas=HM.copydata.wpoint_gas;infl=HM.copydata.infl;sides=HM.copydata.sides;update_rule_data=UpdateRule.copy_marshaldata.update_rule_data;side_infl=HM.copydata.side_infl;side_dep=HM.copydata.side_dep;st=data.st;(* data.st is immutable *)var_messages=HM.copydata.var_messages;rho_write=HM.map(funxw->HM.copyw)data.rho_write;(* map copies outer HM *)dep=HM.copydata.dep;weak_dep=HM.copydata.weak_dep;}(* The following hack is for fixing hashconsing.
If hashcons is enabled now, then it also was for the loaded values (otherwise it would crash). If it is off, we don't need to do anything.
HashconsLifter uses BatHashcons.hashcons on Lattice operations like join, so we call join (with bot) to make sure that the old values will populate the empty hashcons table via side-effects and at the same time get new tags that are conform with its state.
The tags are used for `equals` and `compare` to avoid structural comparisons. TODO could this be replaced by `==` (if values are shared by hashcons they should be physically equal)?
We have to replace all tags since they are not derived from the value (like hash) but are incremented starting with 1, i.e. dependent on the order in which lattice operations for different values are called, which will very likely be different for an incremental run.
If we didn't do this, during solve, a rhs might give the same value as from the old rho but it wouldn't be detected as equal since the tags would be different.
In the worst case, every rhs would yield the same value, but we would destabilize for every var in rho until we replaced all values (just with new tags).
The other problem is that we would likely use more memory since values from old rho would not be shared with the same values in the hashcons table. So we would keep old values in memory until they are replace in rho and eventually garbage collected. *)(* Another problem are the tags for the context part of a S.Var.t.
This will cause problems when old and new vars interact or when new S.Dom values are used as context:
- reachability is a problem since it marks vars reachable with a new tag, which will remove vars with the same context but old tag from rho.
- If we destabilized a node with a call, we will also destabilize all vars of the called function. However, if we end up with the same state at the caller node, without hashcons we would only need to go over all vars in the function once to restabilize them since we have
the old values, whereas with hashcons, we would get a context with a different tag, could not find the old value for that var, and have to recompute all vars in the function (without access to old values). *)letrelift_marshal(data:marshal):marshal=letrho=HM.create(HM.lengthdata.rho)inHM.iter(funkv->(* call hashcons on contexts and abstract values; results in new tags *)letk'=S.Var.reliftkinletv'=S.Dom.reliftvinHM.replacerhok'v';)data.rho;letstable=HM.create(HM.lengthdata.stable)inHM.iter(funkv->HM.replacestable(S.Var.reliftk)v)data.stable;letwpoint_gas=HM.create(HM.lengthdata.wpoint_gas)inHM.iter(funkv->HM.replacewpoint_gas(S.Var.reliftk)v)data.wpoint_gas;letinfl=HM.create(HM.lengthdata.infl)inHM.iter(funkv->HM.replaceinfl(S.Var.reliftk)(VS.mapS.Var.reliftv))data.infl;letsides=HM.create(HM.lengthdata.sides)inHM.iter(funkv->HM.replacesides(S.Var.reliftk)(VS.mapS.Var.reliftv))data.sides;letupdate_rule_data=UpdateRule.relift_marshaldata.update_rule_datainletside_infl=HM.create(HM.lengthdata.side_infl)inHM.iter(funkv->HM.replaceside_infl(S.Var.reliftk)(VS.mapS.Var.reliftv))data.side_infl;letside_dep=HM.create(HM.lengthdata.side_dep)inHM.iter(funkv->HM.replaceside_dep(S.Var.reliftk)(VS.mapS.Var.reliftv))data.side_dep;letst=List.map(fun(k,v)->S.Var.reliftk,S.Dom.reliftv)data.stinletvar_messages=HM.create(HM.lengthdata.var_messages)inHM.iter(funkv->HM.addvar_messages(S.Var.reliftk)v(* var_messages contains duplicate keys, so must add not replace! *))data.var_messages;letrho_write=HM.create(HM.lengthdata.rho_write)inHM.iter(funxw->letw'=HM.create(HM.lengthw)inHM.iter(funyd->HM.addw'(S.Var.relifty)(S.Dom.reliftd)(* w contains duplicate keys, so must add not replace! *))w;HM.replacerho_write(S.Var.reliftx)w';)data.rho_write;letdep=HM.create(HM.lengthdata.dep)inHM.iter(funkv->HM.replacedep(S.Var.reliftk)(VS.mapS.Var.reliftv))data.dep;letweak_dep=HM.create(HM.lengthdata.weak_dep)inHM.iter(funkv->HM.replaceweak_dep(S.Var.reliftk)(VS.mapS.Var.reliftv))data.weak_dep;{st;infl;sides;update_rule_data;rho;wpoint_gas;stable;side_dep;side_infl;var_messages;rho_write;dep;weak_dep}typephase=Widen|Narrow[@@derivingshow](* used in inner solve *)moduleCurrentVarS=Goblint_constraint.ConstrSys.CurrentVarDemandEqConstrSys(S)moduleS=CurrentVarS.SmoduleEqS=EqConstrSysFromDemandConstrSys(S)(* new S, so must construct new EqS *)letsolvestvsmarshal=letreuse_stable=GobConfig.get_bool"incremental.stable"inletreuse_wpoint=GobConfig.get_bool"incremental.wpoint"inletdata=matchmarshalwith|Somedata->ifnotreuse_stablethen(Logs.info"Destabilizing everything!";HM.cleardata.stable;HM.cleardata.infl);ifnotreuse_wpointthen(HM.cleardata.wpoint_gas;HM.cleardata.sides);data|None->create_empty_data()inletterm=GobConfig.get_bool"solvers.td3.term"inletdefault_side_widen_gas=GobConfig.get_int"solvers.td3.side_widen_gas"inletdefault_widen_gas=GobConfig.get_int"solvers.td3.widen_gas"inletspace=GobConfig.get_bool"solvers.td3.space"inletcache=GobConfig.get_bool"solvers.td3.space_cache"inletcalled=HM.create10inletinfl=data.inflinletsides=data.sidesinletupdate_rule_data=data.update_rule_datainletrho=data.rhoinletwpoint_gas=data.wpoint_gasinletstable=data.stableinletnarrow_reuse=GobConfig.get_bool"solvers.td3.narrow-reuse"inletremove_wpoint=GobConfig.get_bool"solvers.td3.remove-wpoint"inletweak_deps_handling=GobConfig.get_string"solvers.td3.weak-deps"inletside_dep=data.side_depinletside_infl=data.side_inflinletrestart_sided=GobConfig.get_bool"incremental.restart.sided.enabled"inletrestart_vars=GobConfig.get_string"incremental.restart.sided.vars"inletrestart_wpoint=GobConfig.get_bool"solvers.td3.restart.wpoint.enabled"inletrestart_once=GobConfig.get_bool"solvers.td3.restart.wpoint.once"inletrestarted_wpoint=HM.create10inletincr_verify=GobConfig.get_bool"incremental.postsolver.enabled"inletconsider_superstable_reached=GobConfig.get_bool"incremental.postsolver.superstable-reached"in(* In incremental load, initially stable nodes, which are never destabilized.
These don't have to be re-verified and warnings can be reused. *)letsuperstable=HM.copystableinletreluctant=GobConfig.get_bool"incremental.reluctant.enabled"inletvar_messages=data.var_messagesinletrho_write=data.rho_writeinletdep=data.depinletweak_dep=data.weak_depinlet(moduleWPS)=SideWPointSelect.choose_impl()inletmoduleWPS=structincludeWPS(EqS)(HM)(VS)endinlet()=print_solver_stats:=fun()->print_datadata;Logs.info"|called|=%d"(HM.lengthcalled);print_context_statsrhoinifGobConfig.get_bool"incremental.load"then(print_data_verbosedata"Loaded data for incremental analysis";verify_datadata);letcache_sizes=ref[]inletadd_inflyx=iftracingthentrace"sol2""add_infl %a %a"S.Var.pretty_traceyS.Var.pretty_tracex;HM.replaceinfly(VS.addx(tryHM.findinflywithNot_found->VS.empty));HM.replacedepx(VS.addy(HM.find_defaultdepxVS.empty));inletadd_sidesyx=HM.replacesidesy(VS.addx(tryHM.findsidesywithNot_found->VS.empty))inletdestabilize_ref:(S.v->unit)ref=ref(fun_->failwith"no destabilize yet")inletdestabilizex=!destabilize_refxin(* must be eta-expanded to use changed destabilize_ref *)letpretty_wpoint()x=matchHM.find_optionwpoint_gasxwith|None->Pretty.text"false"|Somex->Pretty.dprintf"true (gas: %d)"xinletmark_wpointxdefault_gas=ifnot(HM.memwpoint_gasx)then(HM.replacewpoint_gasxdefault_gas)inletreduce_gasx=matchHM.find_optionwpoint_gasxwith|Someold_gas->letdecremented_gas=old_gas-1inifdecremented_gas>=0then(iftracingthentrace"widengas""reducing gas of %a: %d -> %d"S.Var.pretty_tracexold_gasdecremented_gas;HM.replacewpoint_gasxdecremented_gas)|None->((* Not a widening point *))inletshould_widenx=HM.find_optionwpoint_gasx=Some0inletwps_data=WPS.create_data(funx->HM.memstablex)add_inflin(* Same as destabilize, but returns true if it destabilized a called var, or a var in vs which was stable. *)letrecdestabilize_vsx=(* TODO remove? Only used for side_widen cycle. *)iftracingthentrace"sol2""destabilize_vs %a"S.Var.pretty_tracex;letw=HM.find_defaultinflxVS.emptyinHM.replaceinflxVS.empty;VS.fold(funyb->letwas_stable=HM.memstableyinHM.removestabley;HM.removesuperstabley;Hooks.stable_removey;ifnot(HM.memcalledy)thendestabilize_vsy||b||was_stable&&List.mem_cmpS.Var.compareyvselsetrue)wfalse(* nosemgrep: fold-exists *)(* does side effects *)andeq_wrapperxeqx=((UpdateRule.get_wrapper~solve_widen:(funx->solvexWiden)~init~stable~data:update_rule_data~sides~add_sides~rho~destabilize~side~assert_can_receive_side):UpdateRule.eq_wrapper)xeqxandsolve?reuse_eqxphase=iftracingthentrace"sol2""solve %a, phase: %s, called: %b, stable: %b, wpoint: %a"S.Var.pretty_tracex(show_phasephase)(HM.memcalledx)(HM.memstablex)pretty_wpointx;initx;assert(Hooks.systemx<>None);ifnot(HM.memcalledx||HM.memstablex)then(iftracingthentrace"sol2""stable add %a"S.Var.pretty_tracex;HM.replacestablex();HM.replacecalledx();(* Here we cache should_widen x before eq. If during eq eval makes x wpoint (with config widen_gas = 0), then be still don't apply widening the first time, but just overwrite.
It means that the first iteration at wpoint is still precise.
This doesn't matter during normal solving (?), because old would be bot.
This matters during incremental loading, when wpoints have been removed (or not marshaled) and are redetected.
Then the previous local wpoint value is discarded automagically and not joined/widened, providing limited restarting of local wpoints. (See eval for more complete restarting.) *)letwp=should_widenxin(* if x becomes a wpoint (with gas = 0) during eq, checking this will delay widening until next solve *)letl=HM.create10in(* local cache *)leteqd=(* d from equation/rhs *)matchreuse_eqwith|Somedwhennarrow_reuse->(* Do not reset deps for reuse of eq *)iftracingthentrace"sol2""eq reused %a"S.Var.pretty_tracex;incrSolverStats.narrow_reuses;d|_->(* The RHS is re-evaluated, all deps are re-trigerred *)HM.replacedepxVS.empty;eq_wrapperx(funside->eqx(evallx)side(demandlx))inHM.removecalledx;letold=HM.findrhoxin(* d from older solve *)(* find old value after eq since wpoint restarting in eq/eval might have changed it meanwhile *)(* if value has changed, reduce gas (only applies to marked widening points) *)ifnot(term&&phase=Narrow)&¬(S.Dom.equaleqdold)thenreduce_gasx;letwpd=(* d after widen/narrow (if wp) *)ifnotwptheneqdelseiftermthenmatchphasewith|Widen->S.Dom.widenold(S.Dom.joinoldeqd)|NarrowwhenGobConfig.get_bool"exp.no-narrow"->old(* no narrow *)|Narrow->(* assert S.Dom.(leq eqd old || not (leq old eqd)); (* https://github.com/goblint/analyzer/pull/490#discussion_r875554284 *) *)S.Dom.narrowoldeqdelseboxoldeqdiniftracingthentrace"sol""Var: %a (wp: %b)\nOld value: %a\nEqd: %a\nNew value: %a"S.Var.pretty_tracexwpS.Dom.prettyoldS.Dom.prettyeqdS.Dom.prettywpd;ifcachethen(iftracingthentrace"cache""cache size %d for %a"(HM.lengthl)S.Var.pretty_tracex;cache_sizes:=HM.lengthl::!cache_sizes;);ifnot(Timing.wrap"S.Dom.equal"(fun()->S.Dom.equaloldwpd)())then((* value changed *)iftracingthentrace"sol""Changed";(* if tracing && not (S.Dom.is_bot old) && wp then trace "solchange" "%a (wpx: %a): %a -> %a" S.Var.pretty_trace x pretty_wpoint x S.Dom.pretty old S.Dom.pretty wpd; *)iftracing&¬(S.Dom.is_botold)&&wpthentrace"solchange""%a (wpx: %a): %a"S.Var.pretty_tracexpretty_wpointxS.Dom.pretty_diff(wpd,old);update_var_eventxoldwpd;HM.replacerhoxwpd;destabilizex;(solve[@tailcall])xphase)else((* TODO: why non-equal and non-stable checks in switched order compared to TD3 paper? *)ifnot(HM.memstablex)then((* value unchanged, but not stable, i.e. destabilized itself during rhs *)iftracingthentrace"sol2""solve still unstable %a"S.Var.pretty_tracex;(solve[@tailcall])xWiden)else(ifterm&&phase=Widen&&HM.memwpoint_gasxthen((* TODO: or use wp? *)iftracingthentrace"sol2""solve switching to narrow %a"S.Var.pretty_tracex;iftracingthentrace"sol2""stable remove %a"S.Var.pretty_tracex;HM.removestablex;HM.removesuperstablex;Hooks.stable_removex;(solve[@tailcall])~reuse_eq:eqdxNarrow)elseifremove_wpoint&¬space&&(notterm||phase=Narrow)then((* this makes e.g. nested loops precise, ex. tests/regression/34-localization/01-nested.c - if we do not remove wpoint, the inner loop head will stay a wpoint and widen the outer loop variable. *)iftracingthentrace"sol2""solve removing wpoint %a (%a)"S.Var.pretty_tracexpretty_wpointx;HM.removewpoint_gasx;))))andeqxgetsetdemand=iftracingthentrace"sol2""eq %a"S.Var.pretty_tracex;matchHooks.systemxwith|None->S.Dom.bot()|Somef->fgetsetdemandandsimple_solvelxy=iftracingthentrace"sol2""simple_solve %a (rhs: %b)"S.Var.pretty_tracey(Hooks.systemy<>None);ifHooks.systemy=Nonethen(inity;HM.replacestabley();HM.findrhoy)else(* TODO: should td_space store information for widening points with remaining gas? *)ifnotspace||HM.memwpoint_gasythen(solveyWiden;HM.findrhoy)elseifHM.memcalledythen(inity;HM.removely;HM.findrhoy)else(* TODO: [HM.mem called y] is not in the TD3 paper, what is it for? optimization? *)(* if HM.mem called y then (init y; let y' = HM.find_default l y (S.Dom.bot ()) in HM.replace rho y y'; HM.remove l y; y') else *)ifcache&&HM.memlythenHM.findlyelse(HM.replacecalledy();leteqd=(* We check in maingoblint that `solvers.td3.space` and `solvers.td3.narrow-globs.enabled` are not on at the same time *)(* Narrowing on for globals ('solvers.td3.narrow-globs.enabled') would require enhancing this to work withe Narrow update rule *)eqy(evallx)(side~x)(demandlx)inHM.removecalledy;ifHM.memwpoint_gasythen(HM.removely;solveyWiden;HM.findrhoy)else(ifcachethenHM.replacelyeqd;eqd))andevallxy=iftracingthentrace"sol2""eval %a ## %a"S.Var.pretty_tracexS.Var.pretty_tracey;get_var_eventy;ifHM.memcalledythen(ifrestart_wpoint&¬(HM.memwpoint_gasy)then((* Even though solve cleverly restarts redetected wpoints during incremental load, the loop body would be calculated based on the old wpoint value.
The loop body might then side effect the old value, see tests/incremental/06-local-wpoint-read.
Here we avoid this, by setting it to bottom for the loop body eval. *)ifnot(restart_once&&HM.memrestarted_wpointy)then(iftracingthentrace"sol2""wpoint restart %a ## %a"S.Var.pretty_traceyS.Dom.pretty(HM.find_defaultrhoy(S.Dom.bot()));HM.replacerhoy(S.Dom.bot());ifrestart_oncethen(* avoid populating hashtable unnecessarily *)HM.replacerestarted_wpointy();));iftracingthentrace"sol2""eval adding wpoint %a from %a"S.Var.pretty_traceyS.Var.pretty_tracex;mark_wpointydefault_widen_gas;);lettmp=simple_solvelxyinifHM.memrhoythenadd_inflyx;iftracingthentrace"sol2""eval %a ## %a -> %a"S.Var.pretty_tracexS.Var.pretty_traceyS.Dom.prettytmp;tmpandside?xyd=(* side from x to y; only to variables y w/o rhs; x only used for trace *)iftracingthentrace"sol2""side to %a (wpx: %a) from %a ## value: %a"S.Var.pretty_traceypretty_wpointy(Pretty.docOpt(S.Var.pretty_trace()))xS.Dom.prettyd;assert_can_receive_sidey;inity;WPS.notify_sidewps_dataxy;letwidenab=ifM.tracingthenM.traceli"sol2""side widen %a %a"S.Dom.prettyaS.Dom.prettyb;letr=S.Dom.widena(S.Dom.joinab)inifM.tracingthenM.traceu"sol2""-> %a"S.Dom.prettyr;rinletold_sides=HM.find_defaultsidesyVS.emptyinletvetoed_widen=WPS.veto_widenwps_datacalledold_sidesxyinletopab=(* If y still has widening gas, widening will not be performed. *)ifvetoed_widen||not(should_wideny)thenS.Dom.joinabelsewidenabinletold=HM.findrhoyinlettmp=opolddiniftracingthentrace"sol2""stable add %a"S.Var.pretty_tracey;HM.replacestabley();ifnot(S.Dom.leqtmpold)then(iftracing&¬(S.Dom.is_botold)thentrace"solside""side to %a (wpx: %a) from %a: %a -> %a"S.Var.pretty_traceypretty_wpointy(Pretty.docOpt(S.Var.pretty_trace()))xS.Dom.prettyoldS.Dom.prettytmp;iftracing&¬(S.Dom.is_botold)thentrace"solchange""side to %a (wpx: %a) from %a: %a"S.Var.pretty_traceypretty_wpointy(Pretty.docOpt(S.Var.pretty_trace()))xS.Dom.pretty_diff(tmp,old);(matchxwith|Somex->ifnot(VS.memxold_sides)thenadd_sidesyx;|None->());(* HM.replace rho y ((if HM.mem wpoint y then S.Dom.widen old else identity) (S.Dom.join old d)); *)HM.replacerhoytmp;letdestabilized_vs:booloption=ifWPS.record_destabilized_vsthen(destabilizey;None)elseSome(destabilize_vsy)in(* make y a widening point if ... This will only matter for the next side _ y. *)ifWPS.should_mark_wpointwps_datacalledold_sidesxydestabilized_vsthen(iftracingthentrace"sol2""side adding wpoint %a from %a"S.Var.pretty_tracey(Pretty.docOpt(S.Var.pretty_trace()))x;mark_wpointydefault_side_widen_gas);(* y has grown. Reduce widening gas! *)ifnotvetoed_widenthenreduce_gasy;)anddemandlxy=iftracingthentrace"sol2""demand weak dep %a from %a"S.Var.pretty_traceyS.Var.pretty_tracex;matchweak_deps_handlingwith|"none"->ignore(evallxy)|"eager"->HM.replaceweak_depx(VS.addy(tryHM.findweak_depxwithNot_found->VS.empty));solveyWiden|"lazy"->HM.replaceweak_depx(VS.addy(tryHM.findweak_depxwithNot_found->VS.empty))|_->assertfalseandinitx=iftracingthentrace"sol2""init %a"S.Var.pretty_tracex;ifnot(HM.memrhox)then(new_var_eventx;HM.replacerhox(S.Dom.bot()))inletset_start(x,d)=iftracingthentrace"sol2""set_start %a ## %a"S.Var.pretty_tracexS.Dom.prettyd;initx;UpdateRule.register_startupdate_rule_dataxd;HM.replacerhoxd;HM.replacestablex();(* solve x Widen *)inletrecdestabilize_normalx=iftracingthentrace"sol2""destabilize %a"S.Var.pretty_tracex;letw=HM.find_defaultinflxVS.emptyinHM.replaceinflxVS.empty;VS.iter(funy->iftracingthentrace"sol2""stable remove %a"S.Var.pretty_tracey;HM.removestabley;HM.removesuperstabley;Hooks.stable_removey;ifnot(HM.memcalledy)thendestabilize_normaly)winstart_event();(* reluctantly unchanged return nodes to additionally query for postsolving to get warnings, etc. *)letreluctant_vs:S.Var.tlistref=ref[]inletrestart_write_only=GobConfig.get_bool"incremental.restart.write-only"inifGobConfig.get_bool"incremental.load"then(letrestart_leafx=iftracingthentrace"sol2""Restarting to bot %a"S.Var.pretty_tracex;Logs.debug"Restarting to bot %a"S.Var.pretty_tracex;HM.replacerhox(S.Dom.bot());(* HM.remove rho x; *)HM.removewpoint_gasx;(* otherwise gets immediately widened during resolve *)HM.removesidesx;(* just in case *)(* immediately redo "side effect" from st *)matchGobList.assoc_eq_optS.Var.equalxstwith|Somed->HM.replacerhoxd;|None->()inletrestart_fuel_only_globals=GobConfig.get_bool"incremental.restart.sided.fuel-only-global"in(* destabilize which restarts side-effected vars *)(* side_fuel specifies how many times (in recursion depth) to destabilize side_infl, None means infinite *)letrecdestabilize_with_side~side_fuelx=iftracingthentrace"sol2""destabilize_with_side %a %a"S.Var.pretty_tracex(Pretty.docOpt(Pretty.dprintf"%d"))side_fuel;(* retrieve and remove (side-effect) dependencies/influences *)letw_side_dep=HM.find_defaultside_depxVS.emptyinHM.removeside_depx;letw_infl=HM.find_defaultinflxVS.emptyinHM.replaceinflxVS.empty;letw_side_infl=HM.find_defaultside_inflxVS.emptyinHM.removeside_inflx;letshould_restart=matchrestart_write_only,S.Var.is_write_onlyxwith|true,true->false(* prefer efficient write-only restarting during postsolving *)|_,is_write_only->matchrestart_varswith|"all"->true|"global"->Node.equal(S.Var.nodex)(FunctionGoblintCil.dummyFunDec)(* non-function entry node *)|"write-only"->is_write_only|_->assertfalsein(* is side-effected var (global/function entry)? *)ifnot(VS.is_emptyw_side_dep)&&should_restartthen((* restart side-effected var *)restart_leafx;(* destabilize side dep to redo side effects *)VS.iter(funy->iftracingthentrace"sol2""destabilize_with_side %a side_dep %a"S.Var.pretty_tracexS.Var.pretty_tracey;iftracingthentrace"sol2""stable remove %a"S.Var.pretty_tracey;HM.removestabley;HM.removesuperstabley;Hooks.stable_removey;destabilize_with_side~side_fuely)w_side_dep;);(* destabilize eval infl *)VS.iter(funy->iftracingthentrace"sol2""destabilize_with_side %a infl %a"S.Var.pretty_tracexS.Var.pretty_tracey;iftracingthentrace"sol2""stable remove %a"S.Var.pretty_tracey;HM.removestabley;HM.removesuperstabley;Hooks.stable_removey;destabilize_with_side~side_fuely)w_infl;(* destabilize side infl *)ifside_fuel<>Some0then((* non-0 or infinite fuel is fine *)letside_fuel'=ifnotrestart_fuel_only_globals||Node.equal(S.Var.nodex)(FunctionGoblintCil.dummyFunDec)thenOption.mapInt.predside_fuelelseside_fuel(* don't decrease fuel for function entry side effect *)in(* TODO: should this also be conditional on restart_only_globals? right now goes through function entry side effects, but just doesn't restart them *)VS.iter(funy->iftracingthentrace"sol2""destabilize_with_side %a side_infl %a"S.Var.pretty_tracexS.Var.pretty_tracey;iftracingthentrace"sol2""stable remove %a"S.Var.pretty_tracey;HM.removestabley;HM.removesuperstabley;Hooks.stable_removey;destabilize_with_side~side_fuel:side_fuel'y)w_side_infl)indestabilize_ref:=ifrestart_sidedthen(letside_fuel=matchGobConfig.get_int"incremental.restart.sided.fuel"with|fuelwhenfuel>=0->Somefuel|_->None(* infinite *)indestabilize_with_side~side_fuel)elsedestabilize_normal;letsys_change=S.sys_change(funv->tryHM.findrhovwithNot_found->S.Dom.bot())inletold_ret=HM.create103inifreluctantthen((* save entries of changed functions in rho for the comparison whether the result has changed after a function specific solve *)List.iter(funk->ifHM.memrhokthen(letold_rho=HM.findrhokinletold_infl=HM.find_defaultinflkVS.emptyinHM.replaceold_retk(old_rho,old_infl)))sys_change.reluctant;);ifsys_change.obsolete<>[]thenLogs.debug"Destabilizing changed functions and primary old nodes ...";List.iter(funk->ifHM.memstablekthendestabilizek)sys_change.obsolete;(* We remove all unknowns for program points in changed or removed functions from rho, stable, infl and wpoint *)Logs.debug"Removing data for changed and removed functions...";letdelete_markeds=List.iter(funk->HM.removesk)sys_change.deleteindelete_markedrho;delete_markedinfl;(* TODO: delete from inner sets? *)delete_markedwpoint_gas;delete_markeddep;Hooks.delete_markedsys_change.delete;(* destabilize_with_side doesn't have all infl to follow anymore, so should somewhat work with reluctant *)ifrestart_sidedthen((* restarts old copies of functions and their (removed) side effects *)Logs.debug"Destabilizing sides of changed functions, primary old nodes and removed functions ...";List.iter(funk->ifHM.memstablekthen(Logs.debug"marked %a"S.Var.pretty_tracek;destabilizek))sys_change.delete);(* [destabilize_leaf] is meant for restarting of globals selected by the user. *)(* Must be called on a leaf! *)letdestabilize_leaf(x:S.v)=letdestab_side_dep(x:S.v)=letw=HM.find_defaultside_depxVS.emptyinifnot(VS.is_emptyw)then(HM.removeside_depx;(* destabilize side dep to redo side effects *)VS.iter(funy->iftracingthentrace"sol2""destabilize_leaf %a side_dep %a"S.Var.pretty_tracexS.Var.pretty_tracey;iftracingthentrace"sol2""stable remove %a"S.Var.pretty_tracey;HM.removestabley;HM.removesuperstabley;Hooks.stable_removey;destabilize_normaly)w)inrestart_leafx;destab_side_depx;destabilize_normalxinList.iter(funv->ifHooks.systemv<>NonethenLogs.warn"Trying to restart non-leaf unknown %a. This has no effect."S.Var.pretty_tracevelseifHM.memstablevthendestabilize_leafv)sys_change.restart;letrestart_and_destabilizex=(* destabilize_with_side doesn't restart x itself *)restart_leafx;destabilizexinletshould_restart_start=restart_sided&&restart_vars<>"write-only"in(* assuming start vars are not write-only *)(* TODO: should this distinguish non-global (function entry) and global (earlyglobs) start vars? *)(* Call side on all globals and functions in the start variables to make sure that changes in the initializers are propagated.
* This also destabilizes start functions if their start state changes because of globals that are neither in the start variables nor in the contexts *)List.iter(fun(v,d)->ifshould_restart_startthen(matchGobList.assoc_eq_optS.Var.equalvdata.stwith|Someold_dwhennot(S.Dom.equalold_dd)->Logs.debug"Destabilizing and restarting changed start var %a"S.Var.pretty_tracev;restart_and_destabilizev(* restart side effect from start *)|_->(* don't restart unchanged start global *)(* no need to restart added start global (implicit bot before) *)(* restart removed start global below *)());sidevd)st;ifshould_restart_startthen(List.iter(fun(v,_)->matchGobList.assoc_eq_optS.Var.equalvstwith|None->(* restart removed start global to allow it to be pruned from incremental solution *)(* this gets rid of its warnings and makes comparing with from scratch sensible *)Logs.debug"Destabilizing and restarting removed start var %a"S.Var.pretty_tracev;restart_and_destabilizev|_->())data.st);delete_markedstable;delete_markedside_dep;(* TODO: delete from inner sets? *)delete_markedside_infl;(* TODO: delete from inner sets? *)(* delete from incremental postsolving/warning structures to remove spurious warnings *)delete_markedsuperstable;delete_markedvar_messages;ifrestart_write_onlythen((* restart write-only *)(* before delete_marked because we also want to restart write-only side effects from deleted nodes *)HM.iter(funxw->HM.iter(funyd->Logs.debug"Restarting write-only to bot %a"S.Var.pretty_tracey;HM.replacerhoy(S.Dom.bot());)w)rho_write);delete_markedrho_write;HM.iter(funxw->delete_markedw)rho_write;print_data_verbosedata"Data after clean-up";(* TODO: reluctant doesn't call destabilize on removed functions or old copies of modified functions (e.g. after removing write), so those globals don't get restarted *)ifreluctantthen((* solve on the return node of changed functions. Only destabilize the function's return node if the analysis result changed *)Logs.debug"Separately solving changed functions...";HM.iter(funx(old_rho,old_infl)->HM.replacerhoxold_rho;HM.replaceinflxold_infl)old_ret;HM.iter(funx(old_rho,old_infl)->Logs.debug"test for %a"Node.pretty_trace(S.Var.nodex);solvexWiden;ifnot(S.Dom.equal(HM.findrhox)old_rho)then(Logs.debug"Further destabilization happened ...";)else(Logs.debug"Destabilization not required...";reluctant_vs:=x::!reluctant_vs))old_ret;Logs.debug"Final solve...");)else(List.iterset_startst;);destabilize_ref:=destabilize_normal;(* always use normal destabilize during actual solve *)List.iterinitvs;(* If we have multiple start variables vs, we might solve v1, then while solving v2 we side some global which v1 depends on with a new value. Then v1 is no longer stable and we have to solve it again. *)leti=ref0inletrecsolver()=(* as while loop in paper *)incri;letweak_dep_vs=HM.to_seq_valuesweak_dep|>Seq.concat_mapVS.to_seq|>List.of_seqinletall_vs=vs@weak_dep_vsin(* vs is singleton for us, so it's cheap to prepend *)letunstable_vs=List.filter(neg(HM.memstable))all_vsinifunstable_vs<>[]then(ifLogs.Level.should_logDebugthen(if!i=1thenLogs.newline();Logs.debug"Unstable solver start vars in %d. phase:"!i;List.iter(funv->Logs.debug"\t%a"S.Var.pretty_tracev)unstable_vs;Logs.newline();flush_all(););List.iter(funx->solvexWiden)unstable_vs;solver();)insolver();(* Before we solved all unstable vars in rho with a rhs in a loop. This is unneeded overhead since it also solved unreachable vars (reachability only removes those from rho further down). *)(* After termination, only those variables are stable which are
* - reachable from any of the queried variables vs, or
* - effected by side-effects and have no constraints on their own (this should be the case for all of our analyses). *)(* verifies values at widening points and adds values for variables in-between *)letvisited=HM.create10inletcheck_sidexyd=HM.replacevisitedy();letmem=HM.memrhoyinletd'=tryHM.findrhoywithNot_found->S.Dom.bot()inifnot(S.Dom.leqdd')thenLogs.error"TDFP Fixpoint not reached in restore step at side-effected variable (mem: %b) %a from %a: %a not leq %a"memS.Var.pretty_traceyS.Var.pretty_tracexS.Dom.prettydS.Dom.prettyd'inletreceqcheckx=HM.replacevisitedx();matchHooks.systemxwith|None->ifHM.memrhoxthenHM.findrhoxelse(Logs.warn"TDFP Found variable %a w/o rhs and w/o value in rho"S.Var.pretty_tracex;S.Dom.bot())|Somef->f(get~check)(check_sidex)(demand~check)andget?(check=false)x=ifHM.memvisitedxthen(HM.findrhox)elseifHM.memrhoxthen((* `vs` are in `rho`, so to restore others we need to skip to `eq`. *)letd1=HM.findrhoxinletd2=eqcheckxin(* just to reach unrestored variables *)ifcheckthen(ifnot(HM.memstablex)&&Hooks.systemx<>NonethenLogs.error"TDFP Found an unknown in rho that should be stable: %a"S.Var.pretty_tracex;ifnot(S.Dom.leqd2d1)thenLogs.error"TDFP Fixpoint not reached in restore step at %a\n @[Variable:\n%a\nRight-Hand-Side:\n%a\nCalculating one more step changes: %a\n@]"S.Var.pretty_tracexS.Dom.prettyd1S.Dom.prettyd2S.Dom.pretty_diff(d1,d2););d1)else(letd=eqcheckxinHM.replacerhoxd;d)anddemand?checkx=ignore(get?checkx)in(* restore values for non-widening-points *)ifspace&&GobConfig.get_bool"solvers.td3.space_restore"then(Logs.debug"Restoring missing values.";letrestore()=letgetx=letd=get~check:truexiniftracingthentrace"sol2""restored var %a ## %a"S.Var.pretty_tracexS.Dom.prettydinList.itergetvs;HM.filteri_inplace(funx_->HM.memvisitedx)rhoinTiming.wrap"restore"restore();Logs.debug"Solved %d vars. Total of %d vars after restore."!SolverStats.vars(HM.lengthrho);letavgxs=ifList.is_empty!cache_sizesthen0.0elsefloat_of_int(BatList.sumxs)/.float_of_int(List.lengthxs)iniftracing&&cachethentrace"cache""#caches: %d, max: %d, avg: %.2f"(List.length!cache_sizes)(List.max!cache_sizes)(avg!cache_sizes););stop_event();print_data_verbosedata"Data after solve completed";ifGobConfig.get_bool"dbg.print_wpoints"then(Logs.newline();Logs.debug"Widening points:";HM.iter(funkgas->Logs.debug"%a (gas: %d)"S.Var.pretty_tracekgas)wpoint_gas;Logs.newline(););letmoduleS=EqSin(* TODO: expose demand to postsolvers? *)(* Prune other data structures than rho with reachable.
These matter for the incremental data. *)letmoduleIncrPrune:PostSolver.SwithmoduleS=SandmoduleVH=HM=structincludePostSolver.Unit(S)(HM)letfinalize~vh~reachable=VH.filteri_inplace(funx_->VH.memreachablex)stable;(* filter both keys and value sets of a VS.t HM.t *)letfilter_vs_hmhm=VH.filter_map_inplace(funxvs->ifVH.memreachablexthenSome(VS.filter(VH.memreachable)vs)elseNone)hminfilter_vs_hminfl;filter_vs_hmside_infl;filter_vs_hmside_dep;filter_vs_hmdep;VH.filteri_inplace(funxw->ifVH.memreachablexthen(VH.filteri_inplace(funy_->VH.memreachabley)w;true)elsefalse)rho_write(* TODO: prune other data structures? *)endin(* postsolver also populates side_dep, side_infl, and dep *)letmoduleSideInfl:PostSolver.SwithmoduleS=SandmoduleVH=HM=structincludePostSolver.Unit(S)(HM)(* TODO: We should be able to reset side_infl before executing the RHS, as all relevant side-effects should happen here again *)(* However, this currently breaks some tests https://github.com/goblint/analyzer/pull/713#issuecomment-1114764937 *)letone_side~vh~x~y~d=(* Also record side-effects caused by post-solver *)HM.replaceside_depy(VS.addx(tryHM.findside_depywithNot_found->VS.empty));HM.replaceside_inflx(VS.addy(tryHM.findside_inflxwithNot_found->VS.empty));endinletstable_reluctant_vs=List.filter(funx->HM.memstablex)!reluctant_vsinletreachable_and_superstable=ifincr_verify&¬consider_superstable_reachedthen(* Perform reachability on whole constraint system, but cheaply by using logged dependencies *)(* This only works if the other reachability has been performed before, so dependencies created only during postsolve are recorded *)letreachable'=HM.create(HM.lengthrho)inletreachable_and_superstable=HM.create(HM.lengthrho)inletrecone_var'x=ifnot(HM.memreachable'x)then(ifHM.memsuperstablexthenHM.replacereachable_and_superstablex();HM.replacereachable'x();Option.may(VS.iterone_var')(HM.find_optiondepx);Option.may(VS.iterone_var')(HM.find_optionside_inflx))in(Timing.wrap"cheap_full_reach"(List.iterone_var'))(vs@stable_reluctant_vs);reachable_and_superstable(* consider superstable reached if it is still reachable: stop recursion (evaluation) and keep from being pruned *)elseifincr_verifythensuperstableelseHM.create0(* doesn't matter, not used *)inifincr_verifythen(HM.filteri_inplace(funx_->HM.memreachable_and_superstablex)var_messages;HM.filteri_inplace(funx_->HM.memreachable_and_superstablex)rho_write)else(HM.clearvar_messages;HM.clearrho_write);letinit_reachable=reachable_and_superstableinletmoduleIncrWarn:PostSolver.SwithmoduleS=SandmoduleVH=HM=structincludePostSolver.Warn(S)(HM)letinit()=init();(* enable warning like standard Warn *)(* replay superstable messages from unknowns that are still reachable *)ifincr_verifythen(HM.iter(fun_m->Messages.addm)var_messages;);(* hook to collect new messages *)Messages.Table.add_hook:=(funm->match!CurrentVarS.current_varwith|Somex->HM.addvar_messagesxm|None->())letfinalize~vh~reachable=finalize~vh~reachable;(* disable warning like standard Warn *)(* unhook to avoid accidental var_messages modifications *)Messages.Table.add_hook:=(fun_->())endin(** Incremental write-only side effect restart handling:
retriggers superstable ones (after restarting above) and collects new (non-superstable) ones. *)letmoduleIncrWrite:PostSolver.SwithmoduleS=SandmoduleVH=HM=structincludePostSolver.Unit(S)(HM)letinit()=(* retrigger superstable side writes from unknowns that are still reachable *)ifincr_verifythen(HM.iter(funxw->HM.iter(funyd->letold_d=tryHM.findrhoywithNot_found->S.Dom.bot()in(* Logs.debug "rho_write retrigger %a %a %a %a" S.Var.pretty_trace x S.Var.pretty_trace y S.Dom.pretty old_d S.Dom.pretty d; *)HM.replacerhoy(S.Dom.joinold_dd);HM.replaceinit_reachabley();HM.replacestabley();(* make stable just in case, so following incremental load would have in superstable *))w)rho_write)letone_side~vh~x~y~d=ifS.Var.is_write_onlyythen((* Logs.debug "rho_write collect %a %a %a" S.Var.pretty_trace x S.Var.pretty_trace y S.Dom.pretty d; *)HM.replacestabley();(* make stable just in case, so following incremental load would have in superstable *)letw=tryVH.findrho_writexwithNot_found->letw=VH.create1in(* only create on demand, modify_def would eagerly allocate *)VH.replacerho_writexw;winVH.addwyd(* intentional add *))endinletmoduleMakeIncrListArg=structmoduleArg=structincludeArgletshould_warn=false(* disable standard Warn in favor of IncrWarn *)endincludePostSolver.ListArgFromStdArg(S)(HM)(Arg)(* Only put postsolvers defined in here with [S] from [CurrentVarEqConstrSys]! *)letpostsolvers=(moduleIncrPrune:M)::(moduleSideInfl:M)::(moduleIncrWrite:M)::(moduleIncrWarn:M)::postsolversletinit_reachable~vh=ifincr_verifytheninit_reachableelseHM.create(HM.lengthvh)endinletmodulePost=PostSolver.MakeIncrList(MakeIncrListArg)inPost.postst(stable_reluctant_vs@vs)rho;print_data_verbosedata"Data after postsolve";verify_datadata;(rho,{st;infl;sides;update_rule_data;rho;wpoint_gas;stable;side_dep;side_infl;var_messages;rho_write;dep;weak_dep})end(** TD3 with no hooks. *)moduleBasic(UpdateRule:Td3UpdateRule.S):DemandEqIncrSolver=functor(Arg:IncrSolverArg)->functor(S:DemandEqConstrSys)->functor(HM:Hashtbl.Swithtypekey=S.v)->structincludeGeneric.SolverStats(EqConstrSysFromDemandConstrSys(S))(HM)moduleHooks=structmoduleS=SmoduleHM=HMletprint_data()=()letsystemx=matchS.systemxwith|None->None|Somef->letf'getsetdemand=eval_rhs_eventx;fgetsetdemandinSomef'letdelete_marked_=()letstable_remove_=()letprune~reachable=()endincludeBase(Arg)(S)(HM)(Hooks)(UpdateRule)end(** TD3 with eval skipping using [dep_vals]. *)moduleDepVals(UpdateRule:Td3UpdateRule.S):DemandEqIncrSolver=functor(Arg:IncrSolverArg)->functor(S:DemandEqConstrSys)->functor(HM:Hashtbl.Swithtypekey=S.v)->structincludeGeneric.SolverStats(EqConstrSysFromDemandConstrSys(S))(HM)(* TODO: more efficient inner data structure than assoc list, https://github.com/goblint/analyzer/pull/738#discussion_r876016079 *)typedep_vals=(S.Dom.t*(S.Var.t*S.Dom.t)list)HM.tletcurrent_dep_vals:dep_valsref=ref(HM.create0)(** Reference to current [dep_vals] in hooks. *)moduleHooks=structmoduleS=SmoduleHM=HMletprint_data()=Logs.debug"|dep_vals|=%d"(HM.length!current_dep_vals)letsystemx=matchS.systemxwith|None->None|Somef->letdep_vals=!current_dep_valsinletf'getsetdemand=letall_deps_unchanged=matchHM.find_optiondep_valsxwith|None->None|Some(oldv,deps)->(* TODO: is this reversal necessary? https://github.com/goblint/analyzer/pull/738#discussion_r876703516 *)letdeps_inorder=List.revdepsinifList.for_all(fun(var,value)->S.Dom.equal(getvar)value)deps_inorderthenSomeoldvelseNoneinmatchall_deps_unchangedwith|Someoldv->ifM.tracingthenM.trace"sol2""All deps unchanged for %a, not evaluating RHS"S.Var.pretty_tracex;oldv|None->(* This needs to be done here as a local wrapper around get to avoid polluting dep_vals during earlier checks *)letgety=lettmp=getyinlet(oldv,curr_dep_vals)=HM.finddep_valsxinHM.replacedep_valsx(oldv,((y,tmp)::curr_dep_vals));tmpineval_rhs_eventx;(* Reset dep_vals to [] *)HM.replacedep_valsx(S.Dom.bot(),[]);letres=fgetsetdemandin(* TODO: also need to wrap demand? *)(* Insert old value of last RHS evaluation *)HM.replacedep_valsx(res,snd(HM.finddep_valsx));resinSomef'letdelete_markeddelete=(* very basic fix for incremental runs with aborting such that unknowns of function
return nodes with changed rhs but same id are actually evaluated and not looked up
(this is probably not sufficient / desirable for inefficient matchings) *)List.iter(HM.remove!current_dep_vals)deleteletstable_removex=HM.remove!current_dep_valsxletprune~reachable=HM.filteri_inplace(funx_->HM.memreachablex)!current_dep_valsendmoduleBase=Base(Arg)(S)(HM)(Hooks)(UpdateRule)typemarshal={base:Base.marshal;dep_vals:dep_vals;(** Dependencies of variables and values encountered at last eval of RHS. *)}letcopy_marshal{base;dep_vals}={base=Base.copy_marshalbase;dep_vals=HM.copydep_vals;}letrelift_marshal{base;dep_vals}=letbase'=Base.relift_marshalbaseinletdep_vals'=HM.create(HM.lengthdep_vals)inHM.iter(funk(value,deps)->HM.replacedep_vals'(S.Var.reliftk)(S.Dom.reliftvalue,List.map(fun(var,value)->(S.Var.reliftvar,S.Dom.reliftvalue))deps))dep_vals;{base=base';dep_vals=dep_vals'}letsolvestvsmarshal=letbase_marshal=matchmarshalwith|Some{base;dep_vals}->current_dep_vals:=dep_vals;Somebase|None->current_dep_vals:=HM.create10;Noneinlet(rho,base_marshal')=Base.solvestvsbase_marshalin(rho,{base=base_marshal';dep_vals=!current_dep_vals})endletafter_config()=letrestart_sided=GobConfig.get_bool"incremental.restart.sided.enabled"inletrestart_wpoint=GobConfig.get_bool"solvers.td3.restart.wpoint.enabled"inletrestart_once=GobConfig.get_bool"solvers.td3.restart.wpoint.once"inletskip_unchanged_rhs=GobConfig.get_bool"solvers.td3.skip-unchanged-rhs"inletmoduleUpdateRule=(valTd3UpdateRule.choose())inifskip_unchanged_rhsthen(ifrestart_sided||restart_wpoint||restart_oncethen(M.warn"restarting active, ignoring solvers.td3.skip-unchanged-rhs";(* TODO: fix DepVals with restarting, https://github.com/goblint/analyzer/pull/738#discussion_r876005821 *)Selector.add_solver("td3",(moduleBasic(UpdateRule):DemandEqIncrSolver)))elseSelector.add_solver("td3",(moduleDepVals(UpdateRule):DemandEqIncrSolver)))elseSelector.add_solver("td3",(moduleBasic(UpdateRule):DemandEqIncrSolver))let()=AfterConfig.registerafter_config