WIP numeric fixes, solver factory

Author: Damtev

usvm-core/src/main/kotlin/org/usvm/constraints/UNumericConstraints.kt

@@ -925,18 +925,20 @@ class UNumericConstraints<Sort : UBvSort> private constructor(
         bias: KBitVecValue<Sort>,
         bound: KBitVecValue<Sort>,
     ): BoundsConstraint<Sort> {
-        val currentValue = concreteLowerBounds[bias]?.value
-        if (currentValue != null && currentValue.signedGreaterOrEqual(bound)) return this
-        return modifyConcreteLowerBounds(bias, ValueConstraint(bound, isPrimary = false))
+        val current = concreteLowerBounds[bias]
+        if (current != null && current.value.signedGreaterOrEqual(bound)) return this
+        val isPrimary = current?.isPrimary ?: false
+        return modifyConcreteLowerBounds(bias, ValueConstraint(bound, isPrimary))
     }
 
     private fun BoundsConstraint<Sort>.refineUpperBound(
         bias: KBitVecValue<Sort>,
         bound: KBitVecValue<Sort>,
     ): BoundsConstraint<Sort> {
-        val currentValue = concreteUpperBounds[bias]?.value
-        if (currentValue != null && currentValue.signedLessOrEqual(bound)) return this
-        return modifyConcreteUpperBounds(bias, ValueConstraint(bound, isPrimary = false))
+        val current = concreteUpperBounds[bias]
+        if (current != null && current.value.signedLessOrEqual(bound)) return this
+        val isPrimary = current?.isPrimary ?: false
+        return modifyConcreteUpperBounds(bias, ValueConstraint(bound, isPrimary))
     }
 
     private fun BoundsConstraint<Sort>.updateConcreteLowerBound(

usvm-core/src/test/kotlin/org/usvm/constraints/NumericConstraintsTests.kt

@@ -98,6 +98,25 @@ class NumericConstraintsTests {
         solver.checkConstraints(0)
     }
 
+    @Test
+    fun testConcreteBoundsSimplification(): Unit = with(ctx) {
+        KZ3Solver(ctx).use { solver ->
+            bvSort = ctx.mkBvSort(sizeBits = 4u)
+            constraints = UNumericConstraints(ctx, bvSort)
+            val x by bvSort
+
+            val zero = mkBv(0, bvSort)
+            val four = mkBv(4, bvSort)
+            val xMinusOne = mkBvAddExpr(x, mkBv(-1, bvSort))
+
+            addConstraint(mkBvSignedLessOrEqualExpr(zero, x))
+            addConstraint(mkBvSignedLessOrEqualExpr(x, four))
+            addConstraint(mkBvSignedLessOrEqualExpr(zero, xMinusOne))
+
+            solver.checkConstraints(0)
+        }
+    }
+
     @Test
     fun testEvalInterval(): Unit = with(ctx) {
         bvSort = ctx.mkBvSort(sizeBits = 32u)

usvm-jvm/src/main/kotlin/org/usvm/machine/JcComponents.kt

@@ -1,6 +1,8 @@
 package org.usvm.machine
 
 import io.ksmt.KContext
+import io.ksmt.solver.KSolver
+import io.ksmt.solver.KSolverConfiguration
 import io.ksmt.solver.runner.KSolverRunnerManager
 import io.ksmt.solver.yices.KYicesSolver
 import io.ksmt.solver.yices.KYicesSolverConfiguration
@@ -18,33 +20,27 @@ import org.usvm.solver.UTypeSolver
 
 class JcComponents(
     private val typeSystem: JcTypeSystem,
+    // TODO group all parameters below to the one class
     private val solverType: SolverType,
     override val useSolverForForks: Boolean,
+    private val runSolverInAnotherProcess: Boolean,
 ) : UComponents<JcType, USizeSort> {
     private val closeableResources = mutableListOf<AutoCloseable>()
-    private val solverManager: KSolverRunnerManager = KSolverRunnerManager()
-
-    init {
-        solverManager.registerSolver(YicesWithSymFpu::class, KYicesSolverUniversalConfiguration::class)
-    }
 
     override fun <Context : UContext<USizeSort>> mkSolver(ctx: Context): USolverBase<JcType> {
         val (translator, decoder) = buildTranslatorAndLazyDecoder(ctx)
 
-        val smtSolver = when (solverType) {
-            // Yices with Fp support via SymFpu
-            SolverType.YICES -> solverManager.createSolver(ctx, YicesWithSymFpu::class)
-            SolverType.Z3 -> solverManager.createSolver(ctx, KZ3Solver::class)
-        }
+        val solverFactory = SolverFactory.mkFactory(runSolverInAnotherProcess)
+        val smtSolver = solverFactory.mkSolver(ctx, solverType)
         val typeSolver = UTypeSolver(typeSystem)
         closeableResources += smtSolver
+        closeableResources += solverFactory
 
         return USolverBase(ctx, smtSolver, typeSolver, translator, decoder)
     }
 
     fun close() {
         closeableResources.forEach(AutoCloseable::close)
-        solverManager.close()
     }
 
     override fun mkTypeSystem(ctx: UContext<USizeSort>): JcTypeSystem {
@@ -54,5 +50,54 @@ class JcComponents(
     override fun <Context : UContext<USizeSort>> mkSizeExprProvider(ctx: Context): USizeExprProvider<USizeSort> =
         UBv32SizeExprProvider(ctx)
 
+}
+
+interface SolverFactory : AutoCloseable {
+    fun <Context : UContext<USizeSort>> mkSolver(
+        ctx: Context,
+        solverType: SolverType
+    ): KSolver<out KSolverConfiguration>
+
+    companion object {
+        fun mkFactory(runSolverInAnotherProcess: Boolean): SolverFactory =
+            if (runSolverInAnotherProcess) AnotherProcessSolverFactory() else SameProcessSolverFactory
+    }
+}
+
+private object SameProcessSolverFactory : SolverFactory {
+    override fun <Context : UContext<USizeSort>> mkSolver(
+        ctx: Context,
+        solverType: SolverType
+    ): KSolver<out KSolverConfiguration> = when (solverType) {
+        // Yices with Fp support via SymFpu
+        SolverType.YICES -> KSymFpuSolver(KYicesSolver(ctx), ctx)
+        SolverType.Z3 -> KZ3Solver(ctx)
+    }
+
+    override fun close() {
+        // Do nothing
+    }
+}
+
+private class AnotherProcessSolverFactory : SolverFactory {
+    private val solverManager: KSolverRunnerManager = KSolverRunnerManager()
+
+    init {
+        solverManager.registerSolver(YicesWithSymFpu::class, KYicesSolverUniversalConfiguration::class)
+    }
+
+    override fun <Context : UContext<USizeSort>> mkSolver(
+        ctx: Context,
+        solverType: SolverType
+    ): KSolver<out KSolverConfiguration> = when (solverType) {
+        // Yices with Fp support via SymFpu
+        SolverType.YICES -> solverManager.createSolver(ctx, YicesWithSymFpu::class)
+        SolverType.Z3 -> solverManager.createSolver(ctx, KZ3Solver::class)
+    }
+
+    override fun close() {
+        solverManager.close()
+    }
+
     class YicesWithSymFpu(ctx: KContext): KSymFpuSolver<KYicesSolverConfiguration>(KYicesSolver(ctx), ctx)
 }

usvm-jvm/src/main/kotlin/org/usvm/machine/JcMachine.kt

@@ -10,7 +10,6 @@ import org.usvm.StateCollectionStrategy
 import org.usvm.UMachine
 import org.usvm.UMachineOptions
 import org.usvm.api.targets.JcTarget
-import org.usvm.applySoftConstraints
 import org.usvm.forkblacklists.TargetsReachableForkBlackList
 import org.usvm.forkblacklists.UForkBlackList
 import org.usvm.machine.interpreter.JcInterpreter
@@ -45,7 +44,12 @@ class JcMachine(
     private val applicationGraph = JcApplicationGraph(cp)
 
     private val typeSystem = JcTypeSystem(cp)
-    private val components = JcComponents(typeSystem, options.solverType, options.useSolverForForks)
+    private val components = JcComponents(
+        typeSystem,
+        options.solverType,
+        options.useSolverForForks,
+        options.runSolverInAnotherProcess
+    )
     private val ctx = JcContext(cp, components)
 
     private val interpreter = JcInterpreter(ctx, applicationGraph, interpreterObserver)

usvm-jvm/src/samples/java/org/usvm/samples/arrays/PrimitiveArrays.java

@@ -59,7 +59,10 @@ public byte charArray(char[] a, char x) {
         }
         a[0] = 5;
         a[1] = x;
-        if (a[0] + a[1] > 20) {
+
+        // Note that the sum of two chars has the int type
+        int sum = a[0] + a[1];
+        if (sum > 20) {
             return 1;
         }
         return 0;

usvm-jvm/src/test/kotlin/org/usvm/samples/arrays/PrimitiveArraysTest.kt

@@ -2,6 +2,7 @@ package org.usvm.samples.arrays
 
 
 import org.junit.jupiter.api.Disabled
+import org.junit.jupiter.api.RepeatedTest
 import org.junit.jupiter.api.Test
 import org.usvm.samples.JavaMethodTestRunner
 import org.usvm.test.util.checkers.eq
@@ -68,8 +69,8 @@ internal class PrimitiveArraysTest : JavaMethodTestRunner() {
             ignoreNumberOfAnalysisResults,
             { _, a, _, r -> a == null && r.isException<NullPointerException>() },
             { _, a, _, r -> a != null && a.size != 2 && r.getOrNull() == (-1).toByte() },
-            { _, a, x, r -> a != null && a.size == 2 && x + 5 <= 20.toChar() && r.getOrNull() == 0.toByte() },
-            { _, a, x, r -> a != null && a.size == 2 && x + 5 > 20.toChar() && r.getOrNull() == 1.toByte() }
+            { _, a, x, r -> a != null && a.size == 2 && x.code + 5 <= 20 && r.getOrNull() == 0.toByte() },
+            { _, a, x, r -> a != null && a.size == 2 && x.code + 5 > 20 && r.getOrNull() == 1.toByte() }
         )
     }
 

usvm-jvm/src/test/kotlin/org/usvm/samples/functions/TestSimple.kt

@@ -22,7 +22,7 @@ class TestSimple : JavaMethodTestRunner() {
             checkDiscoveredProperties(
                 Simple::calcTwoFunctions,
                 ignoreNumberOfAnalysisResults,
-                { _, x, y, r -> r == 0 && y > 0 && x * x + y < 0 },
+                { _, x, y, r -> r == 0 && y >= 0 && x * x + y < 0 },
                 { _, x, y, r -> r == 1 && !(y > 0 && x * x + y < 0) },
             )
         }

usvm-jvm/src/test/kotlin/org/usvm/samples/types/CastExamplesTest.kt

@@ -1,6 +1,7 @@
 package org.usvm.samples.types
 
 import org.junit.jupiter.api.Test
+import org.usvm.SolverType
 import org.usvm.samples.JavaMethodTestRunner
 import org.usvm.test.util.checkers.eq
 
@@ -53,13 +54,16 @@ internal class CastExamplesTest : JavaMethodTestRunner() {
 
     @Test
     fun testFloatToInt() {
-        checkDiscoveredProperties(
-            CastExamples::floatToInt,
-            eq(3),
-            { _, x, r -> x < 0 && x.toInt() < 0 && r == 1 },
-            { _, x, r -> x < 0 && x.toInt() >= 0 && r == 2 },
-            { _, x, r -> !(x < 0) && r == 3 },
-        )
+        // TODO remove after fixing Z3 model detach in ksmt
+        withOptions(options.copy(solverType = SolverType.YICES)) {
+            checkDiscoveredProperties(
+                CastExamples::floatToInt,
+                eq(3),
+                { _, x, r -> x < 0 && x.toInt() < 0 && r == 1 },
+                { _, x, r -> x < 0 && x.toInt() >= 0 && r == 2 },
+                { _, x, r -> !(x < 0) && r == 3 },
+            )
+        }
     }
 
     @Test

usvm-util/src/main/kotlin/org/usvm/UMachineOptions.kt

@@ -181,6 +181,10 @@ data class UMachineOptions(
      * Whether we use a solver on symbolic branching to fork only with satisfiable states or keep all states.
      */
     val useSolverForForks: Boolean = true,
+    /**
+     * Whether we should run solver in another process or not.
+     */
+    val runSolverInAnotherProcess: Boolean = false,
     /**
      * Whether we should try to apply soft constraints for symbolic values.
      */