Example 1 with InvalidProperty
use of jkind.results.InvalidProperty in project AMASE by loonwerks.
the class FaultsVerifyAllHandler method doFaultPropagationInjection.
protected Program doFaultPropagationInjection(JKindResult result, Program program) {
List<JKindResult> childVerifications = getChildContractResults(result);
// com.rockwellcollins.atc.agree.analysis.VerifyHandler#wrapVerificationResult(ComponentInstance, CompositeAnalysisResult)
if ("Contract Guarantees".equals(result.getName())) {
for (JKindResult childResult : childVerifications) {
AgreeRenaming childRenaming = (AgreeRenaming) linker.getRenaming(childResult);
for (PropertyResult propertyResult : childResult.getPropertyResults()) {
// where it is protected and we need to duplicate the literal here.
if (propertyResult.getProperty() instanceof InvalidProperty && childRenaming.getRefMap().get(propertyResult.getProperty().getName()) instanceof GuaranteeStatement) {
String guaranteeName = propertyResult.getProperty().getName();
String lustreVarName = childRenaming.getLustreNameFromAgreeVar(guaranteeName);
// WARNING: Here we assume that the subnode id of interest is named as given below.
// We need to introduce this literal "_TOP__" here because the computation is hidden in AGREE
// literals in com.rockwellcollins.atc.agree.analysis.LustreAstBuilder#getAssumeGuaranteeLustreProgram(AgreeProgram)
// WARNING: the string literal "Verification for " in the line below needs to match that in
// com.rockwellcollins.atc.agree.analysis.handlers.VerifyHandler#runJob(Element, IProgressMonitor) and
// com.rockwellcollins.atc.agree.analysis.handlers.VerifyHandler#buildAnalysisResult(String, ComponentInstance)
String subnodeName = "_TOP__" + childResult.getParent().getName().replaceFirst("Verification for ", "");
// TODO: The string concatenation is also done in the AddFaultDriverVisitor; unify them
program = new AddFaultDriverVisitor(subnodeName, lustreVarName).visit(program);
} else if (propertyResult.getProperty() instanceof ValidProperty && propertyResult.getProperty().getName().contains(childRenaming.forceRename(AddPairwiseFaultDriverWitnesses.FAULT_DRIVER_PAIR_WITNESS_BASENAME)) && pairwiseFaultDriverProperties.containsKey(childResult) && pairwiseFaultDriverProperties.get(childResult).containsKey(propertyResult.getName()) && // invalidated and have corresponding fault drivers that are present in this verification
pairwiseFaultDriverProperties.get(childResult).get(propertyResult.getName()).entrySet().stream().allMatch(e -> {
PropertyResult p = childResult.getPropertyResult(childRenaming.rename(e.getKey()));
return (p != null) ? p.getProperty() instanceof InvalidProperty : false;
})) {
program = new AddFaultDriverGuardAssertionVisitor(program.main, pairwiseFaultDriverProperties.get(childResult).get(propertyResult.getName()).values().stream().collect(Collectors.toList())).visit(program);
}
}
}
/* If not the top analysis, that is the parent of the composite parent of the composite parent of this result is not null */
if (result.getParent().getParent().getParent() != null) {
Map<PropertyResult, String> accumulatedGuarantees = Maps.newLinkedHashMap();
for (PropertyResult propertyResult : result.getPropertyResults()) {
AgreeRenaming renaming = (AgreeRenaming) linker.getRenaming(result);
if (renaming.getRefMap().get(propertyResult.getName()) instanceof GuaranteeStatement) {
String guaranteeName = propertyResult.getName();
String lustreVarName = renaming.getLustreNameFromAgreeVar(guaranteeName);
accumulatedGuarantees.put(propertyResult, lustreVarName);
}
}
AddPairwiseFaultDriverWitnesses pairwiseFaultVisitor = new AddPairwiseFaultDriverWitnesses(Lists.newArrayList(accumulatedGuarantees.values()));
program = pairwiseFaultVisitor.visit(program);
result.addProperties(pairwiseFaultVisitor.getProperties());
// WARNING: the string literal "Verification for " in the line below needs to match that in
// com.rockwellcollins.atc.agree.analysis.handlers.VerifyHandler#runJob(Element, IProgressMonitor) and
// com.rockwellcollins.atc.agree.analysis.handlers.VerifyHandler#buildAnalysisResult(String, ComponentInstance)
// TODO: the concatenation of nodeName with fault driver is done elsewhere too, unify
String nodeName = "_TOP__" + result.getParent().getName().replaceFirst("Verification for ", "");
pairwiseFaultDriverProperties.put(result, pairwiseFaultVisitor.getPairwiseWitnesses().entrySet().stream().collect(Collectors.toMap(e -> ((AgreeRenaming) linker.getRenaming(result)).forceRename(e.getKey()), e -> e.getValue().stream().collect(Collectors.toMap(id -> id, id -> nodeName + AddFaultDriverVisitor.getFaultDriverId(id))))));
}
}
return program;
}
Also used :
GuaranteeStatement(com.rockwellcollins.atc.agree.agree.GuaranteeStatement)
AgreeRenaming(com.rockwellcollins.atc.agree.analysis.AgreeRenaming)
ValidProperty(jkind.results.ValidProperty)
AddFaultDriverGuardAssertionVisitor(edu.umn.cs.crisys.safety.analysis.ast.visitors.AddFaultDriverGuardAssertionVisitor)
AddFaultDriverVisitor(edu.umn.cs.crisys.safety.analysis.ast.visitors.AddFaultDriverVisitor)
InvalidProperty(jkind.results.InvalidProperty)
PropertyResult(jkind.api.results.PropertyResult)
AddPairwiseFaultDriverWitnesses(edu.umn.cs.crisys.safety.analysis.ast.visitors.AddPairwiseFaultDriverWitnesses)
SafetyJKindResult(edu.umn.cs.crisys.safety.analysis.results.SafetyJKindResult)
JKindResult(jkind.api.results.JKindResult)
Example 2 with InvalidProperty
use of jkind.results.InvalidProperty in project AGREE by loonwerks.
the class AgreeMenuListener method addViewCounterexampleMenu.
private void addViewCounterexampleMenu(IMenuManager manager, AnalysisResult original) {
AnalysisResult result = transformResult(original);
final List<Counterexample> cexs = getCounterexamples(result);
final Property property = getProperty(result);
CexExtractorRegistry cexReg = (CexExtractorRegistry) ExtensionRegistry.getRegistry(ExtensionRegistry.CEX_EXTRACTOR_EXT_ID);
List<CexExtractor> extractors = cexReg.getCexExtractors();
if (cexs != null) {
for (Counterexample cex : cexs) {
final String cexType = getCounterexampleType(result);
Map<String, EObject> tempRefMap = linker.getReferenceMap(result.getParent());
if (tempRefMap == null) {
tempRefMap = linker.getReferenceMap(result);
}
Layout tempLayout = linker.getLayout(result.getParent());
if (tempLayout == null) {
tempLayout = linker.getLayout(result);
}
Renaming tempRenaming = linker.getRenaming(result.getParent());
if (tempRenaming == null) {
tempRenaming = linker.getRenaming(result);
}
final Layout layout = tempLayout;
final Map<String, EObject> refMap = tempRefMap;
final AgreeRenaming renaming = (AgreeRenaming) tempRenaming;
final Counterexample translatedCex = translateCounterexampleArrayIndices(cex);
MenuManager sub = new MenuManager("View " + cexType + "Counterexample in");
manager.add(sub);
sub.add(new Action("Console") {
@Override
public void run() {
viewCexConsole(translatedCex, layout, refMap, renaming);
}
});
sub.add(new Action("Eclipse") {
@Override
public void run() {
viewCexEclipse(translatedCex, layout, refMap);
}
});
sub.add(new Action("Spreadsheet") {
@Override
public void run() {
viewCexSpreadsheet(translatedCex, layout);
}
});
InvalidProperty invalid = findInvalidProperty(original);
if (invalid != null) {
String report = invalid.getReport();
if (report != null) {
sub.add(new Action("Web Browser") {
@Override
public void run() {
viewCexBrowser(report);
}
});
}
}
// send counterexamples to external plugins
EObject agreeProperty = refMap.get(result.getName());
ComponentImplementation compImpl = linker.getComponent(result.getParent());
for (CexExtractor ex : extractors) {
sub.add(new Action(ex.getDisplayText()) {
@Override
public void run() {
ex.receiveCex(compImpl, property, agreeProperty, cex, refMap);
}
});
}
}
}
}
Also used :
ComponentImplementation(org.osate.aadl2.ComponentImplementation)
IAction(org.eclipse.jface.action.IAction)
Action(org.eclipse.jface.action.Action)
AgreeRenaming(com.rockwellcollins.atc.agree.analysis.AgreeRenaming)
CexExtractorRegistry(com.rockwellcollins.atc.agree.analysis.extentions.CexExtractorRegistry)
CexExtractor(com.rockwellcollins.atc.agree.analysis.extentions.CexExtractor)
Counterexample(jkind.results.Counterexample)
AnalysisResult(jkind.api.results.AnalysisResult)
AgreeRenaming(com.rockwellcollins.atc.agree.analysis.AgreeRenaming)
Renaming(jkind.api.results.Renaming)
Layout(jkind.results.layout.Layout)
EObject(org.eclipse.emf.ecore.EObject)
MenuManager(org.eclipse.jface.action.MenuManager)
IMenuManager(org.eclipse.jface.action.IMenuManager)
ValidProperty(jkind.results.ValidProperty)
Property(jkind.results.Property)
InvalidProperty(jkind.results.InvalidProperty)
UnknownProperty(jkind.results.UnknownProperty)
InvalidProperty(jkind.results.InvalidProperty)
Example 3 with InvalidProperty
use of jkind.results.InvalidProperty in project AGREE by loonwerks.
the class Simulation method executeFrame.
private SimulationFrameResults executeFrame(final List<Expr> assertions, final Set<SimulationProperty> disabledProperties) throws InterruptedException {
assert assertions != null;
// Build the final constrained lustre specification for the frame.
final ProgramBuilder programBuilder = new ProgramBuilder(program.getLustreProgram());
programBuilder.clearNodes();
final NodeBuilder nodeBuilder = new NodeBuilder(program.getLustreProgram().getMainNode());
// Add assignments for the sim assertions signal
// Actual assertions are not used because they can result in an inconsistent Lustre program which will prevent
// the set of support from being generated when using yices.
Expr prevSimAssertionExpr = new BoolExpr(true);
for (int assertionIndex = 0; assertionIndex < assertions.size(); assertionIndex++) {
final String simAssertionSignalId = CreateSimulationGuarantee.SIMULATION_ASSERTIONS_ID + assertionIndex;
final IdExpr simAssertionExpr = new IdExpr(simAssertionSignalId);
nodeBuilder.addLocal(new VarDecl(simAssertionSignalId, NamedType.BOOL));
nodeBuilder.addEquation(new Equation(simAssertionExpr, new BinaryExpr(prevSimAssertionExpr, BinaryOp.AND, assertions.get(assertionIndex))));
prevSimAssertionExpr = simAssertionExpr;
}
nodeBuilder.addEquation(new Equation(new IdExpr(CreateSimulationGuarantee.SIMULATION_ASSERTIONS_ID), prevSimAssertionExpr));
// Add assignments for property enablement variables
for (final SimulationProperty simProp : program.getSimulationProperties()) {
if (simProp.getEnablementVariableId() != null) {
nodeBuilder.addEquation(new Equation(new IdExpr(simProp.getEnablementVariableId()), new BoolExpr(disabledProperties.contains(simProp) ? false : true)));
}
}
// Build the lustre program for the frame
programBuilder.addNode(nodeBuilder.build());
final Program constrainedLustreProgram = programBuilder.build();
// Prepare to execute JKind
final KindApi api = PreferencesUtil.getKindApi();
// Enable IVC Reduction capability if using JKind
if (api instanceof JKindApi) {
final JKindApi jkindApi = (JKindApi) api;
jkindApi.setIvcReduction();
}
// Execute JKind
final JKindResult result = new JKindResult("Simulation");
// Lucas: This seems to be needed. If we do not add properties to the result explicitly,
// it looks like the result will grab the main property name with the main node prepended.
// This is causing an error when retrieving the property result in the
// if/then/else block structure below.
constrainedLustreProgram.getMainNode().properties.forEach(p -> result.addProperty(p));
System.out.println(constrainedLustreProgram.toString());
try {
final IProgressMonitor currentMonitor = new NullProgressMonitor();
api.execute(constrainedLustreProgram, result, currentMonitor);
// Create a model state from the results.
String simulationGuaranteeId = CreateSimulationGuarantee.SIMULATION_GUARANTEE_ID;
final PropertyResult propertyResult = result.getPropertyResult(simulationGuaranteeId);
final Property property = propertyResult.getProperty();
if (property == null) {
throw new AGREESimulatorException("Unexpected case. Unable to read property results", constrainedLustreProgram);
} else if (property instanceof InvalidProperty) {
final InvalidProperty invalidProperty = (InvalidProperty) property;
final Counterexample counterexample = invalidProperty.getCounterexample();
if (counterexample.getLength() != 1) {
throw new AGREESimulatorException("Unexpected case. Counterexample has " + counterexample.getLength() + " steps", constrainedLustreProgram);
}
SimulationState newState = SimulationState.WAITING_FOR_COMMANDS;
// and a counterexample will not have been generated. This should only occur when a disabled property, lemma, top-level guarantee, or a non-top-level assumption is false.
for (final SimulationProperty simulationProp : program.getSimulationProperties()) {
if (!disabledProperties.contains(simulationProp)) {
for (final String propLustreId : simulationProp.getLustreIds()) {
final Signal<BooleanValue> signal = counterexample.getBooleanSignal(propLustreId);
if (signal == null) {
throw new AGREESimulatorException("Unable to get signal for guarantee property: " + propLustreId, constrainedLustreProgram);
} else {
if (!signal.getValue(0).value) {
newState = SimulationState.WARNING_PROPERTY_NOT_SATISFIED;
break;
}
}
}
}
}
return new SimulationFrameResults(constrainedLustreProgram, counterexample, disabledProperties, newState);
} else if (property instanceof UnknownProperty) {
return new SimulationFrameResults(constrainedLustreProgram, assertions, disabledProperties, SimulationState.HALTED_UNABLE_TO_SATISFY_CONSTRAINTS);
} else if (property instanceof ValidProperty) {
return new SimulationFrameResults(constrainedLustreProgram, assertions, disabledProperties, ((ValidProperty) property).getIvc(), SimulationState.HALTED_UNABLE_TO_SATISFY_CONSTRAINTS);
} else {
throw new AGREESimulatorException("Unhandled case. Property is of type: " + property.getClass(), constrainedLustreProgram);
}
} catch (JKindException ex) {
if (ex.getCause() instanceof InterruptedException) {
throw (InterruptedException) ex.getCause();
}
throw new AGREESimulatorException(constrainedLustreProgram, ex, result.getText());
}
}
Also used :
BoolExpr(jkind.lustre.BoolExpr)
NullProgressMonitor(org.eclipse.core.runtime.NullProgressMonitor)
UnknownProperty(jkind.results.UnknownProperty)
ValidProperty(jkind.results.ValidProperty)
NodeBuilder(jkind.lustre.builders.NodeBuilder)
Counterexample(jkind.results.Counterexample)
PropertyResult(jkind.api.results.PropertyResult)
JKindApi(jkind.api.JKindApi)
Signal(jkind.results.Signal)
VarDecl(jkind.lustre.VarDecl)
SimulationProperty(edu.uah.rsesc.aadlsimulator.agree.SimulationProperty)
KindApi(jkind.api.KindApi)
JKindApi(jkind.api.JKindApi)
SimulationProperty(edu.uah.rsesc.aadlsimulator.agree.SimulationProperty)
ValidProperty(jkind.results.ValidProperty)
Property(jkind.results.Property)
UnknownProperty(jkind.results.UnknownProperty)
InvalidProperty(jkind.results.InvalidProperty)
InvalidProperty(jkind.results.InvalidProperty)
Program(jkind.lustre.Program)
SimulationProgram(edu.uah.rsesc.aadlsimulator.agree.SimulationProgram)
JKindException(jkind.JKindException)
IdExpr(jkind.lustre.IdExpr)
ProgramBuilder(jkind.lustre.builders.ProgramBuilder)
BinaryExpr(jkind.lustre.BinaryExpr)
Equation(jkind.lustre.Equation)
JKindResult(jkind.api.results.JKindResult)
IProgressMonitor(org.eclipse.core.runtime.IProgressMonitor)
BoolExpr(jkind.lustre.BoolExpr)
BinaryExpr(jkind.lustre.BinaryExpr)
Expr(jkind.lustre.Expr)
IdExpr(jkind.lustre.IdExpr)
Example 4 with InvalidProperty
use of jkind.results.InvalidProperty in project AGREE by loonwerks.
the class TestSuiteUtils method testSuiteFromJKindResult.
public static TestSuite testSuiteFromJKindResult(JKindResult result, String implUnderTest, String name, String description, TcgRenaming tcgRenaming) {
List<TestCase> tests = new ArrayList<>();
for (PropertyResult pr : result.getPropertyResults()) {
if (pr.getProperty() instanceof InvalidProperty) {
InvalidProperty invalidProp = (InvalidProperty) pr.getProperty();
Set<Obligation> satisfiedObligations = tcgRenaming.statisfiedObligations(pr.getName());
tests.add(new TestCase(pr.getName(), "", invalidProp.getCounterexample(), satisfiedObligations));
}
}
return new TestSuite(implUnderTest, name, description, tests, TestSuite.State.INSTANTIATED);
}
Also used :
Obligation(com.rockwellcollins.atc.tcg.obligations.ufc.Obligation)
ArrayList(java.util.ArrayList)
InvalidProperty(jkind.results.InvalidProperty)
PropertyResult(jkind.api.results.PropertyResult)
Aggregations
InvalidProperty (jkind.results.InvalidProperty)4
PropertyResult (jkind.api.results.PropertyResult)3
ValidProperty (jkind.results.ValidProperty)3
AgreeRenaming (com.rockwellcollins.atc.agree.analysis.AgreeRenaming)2
JKindResult (jkind.api.results.JKindResult)2
Counterexample (jkind.results.Counterexample)2
Property (jkind.results.Property)2
UnknownProperty (jkind.results.UnknownProperty)2
GuaranteeStatement (com.rockwellcollins.atc.agree.agree.GuaranteeStatement)1
CexExtractor (com.rockwellcollins.atc.agree.analysis.extentions.CexExtractor)1
CexExtractorRegistry (com.rockwellcollins.atc.agree.analysis.extentions.CexExtractorRegistry)1
Obligation (com.rockwellcollins.atc.tcg.obligations.ufc.Obligation)1
SimulationProgram (edu.uah.rsesc.aadlsimulator.agree.SimulationProgram)1
SimulationProperty (edu.uah.rsesc.aadlsimulator.agree.SimulationProperty)1
AddFaultDriverGuardAssertionVisitor (edu.umn.cs.crisys.safety.analysis.ast.visitors.AddFaultDriverGuardAssertionVisitor)1
AddFaultDriverVisitor (edu.umn.cs.crisys.safety.analysis.ast.visitors.AddFaultDriverVisitor)1
AddPairwiseFaultDriverWitnesses (edu.umn.cs.crisys.safety.analysis.ast.visitors.AddPairwiseFaultDriverWitnesses)1
SafetyJKindResult (edu.umn.cs.crisys.safety.analysis.results.SafetyJKindResult)1
ArrayList (java.util.ArrayList)1
JKindException (jkind.JKindException)1
