- Bit masking was incorrect: & binds less strong than == !

This caused many of the --experimental switches not to work.
2006-02-28 13:41:36 +00:00 · 2006-02-28 13:41:36 +00:00 · 00616e45ed
commit 00616e45ed
parent cf832ca1b1
5 changed files with 112 additions and 63 deletions
--- a/src/arachne.c
+++ b/src/arachne.c
@ -1645,7 +1645,7 @@ bind_goal_all_options (const Binding b)
 		}
 	    }

-	  if (switches.experimental & 4 == 0)
+	  if (switches.experimental & 4)
 	    {
 	      // Keylevel lemmas: improves on the previous one
 	      if (!isPossiblySent (b->term))
--- a/src/prune_bounds.c
+++ b/src/prune_bounds.c
@ -108,7 +108,7 @@ prune_bounds (const System sys)
  /**
   * This should be removed once the hidelevel lemma works correctly
   */
-  if (switches.experimental & 4 == 0)
+  if (switches.experimental & 4)
    {
      if ((switches.match < 2)
 	  && (num_intruder_runs >
--- a/src/prune_theorems.c
+++ b/src/prune_theorems.c
@ -12,6 +12,7 @@
 #include "switches.h"
 #include "binding.h"
 #include "specialterm.h"
+#include "hidelevel.h"

 extern Protocol INTRUDER;
 extern int proofDepth;
@ -25,6 +26,8 @@ extern int max_encryption_level;
 int
 correctLocalOrder (const System sys)
 {
+  int flag;
+
  int checkRun (int r1)
  {
    int checkTerm (Term t)
@ -37,31 +40,42 @@ correctLocalOrder (const System sys)
 	  // t is a term from r2 that occurs in r1
 	  r2 = TermRunid (t);
 	  e1 = firstOccurrence (sys, r1, t, READ);
-	  e2 = firstOccurrence (sys, r2, t, SEND);
-
-	  // thus, it should not be the case that e1 occurs before e2
-	  if (isDependEvent (r1, e1, r2, e2))
+	  if (e1 >= 0)
 	    {
-	      // That's not good!
-	      if (switches.output == PROOF)
+	      e2 = firstOccurrence (sys, r2, t, SEND);
+	      if (e2 >= 0)
 		{
-		  indentPrint ();
-		  eprintf ("Pruned because ordering for term ");
-		  termSubstPrint (t);
-		  eprintf
-		    (" cannot be correct: the first send r%ii%i occurs after the read r%ii%i.\n",
-		     r2, e2, r1, e1);
+
+		  // thus, it should not be the case that e1 occurs before e2
+		  if (isDependEvent (r1, e1, r2, e2))
+		    {
+		      // That's not good!
+		      if (switches.output == PROOF)
+			{
+			  indentPrint ();
+			  eprintf ("Pruned because ordering for term ");
+			  termSubstPrint (t);
+			  eprintf
+			    (" cannot be correct: the first send r%ii%i occurs after the read r%ii%i.\n",
+			     r2, e2, r1, e1);
+			}
+		      flag = false;
+		      return false;
+		    }
 		}
-	      return false;
 	    }
 	}
      return true;

    }
+
    return iterateLocalToOther (sys, r1, checkTerm);
  }

-  return iterateRegularRuns (sys, checkRun);
+  flag = true;
+  iterateRegularRuns (sys, checkRun);
+
+  return flag;
 }

 //! Check initiator roles
@ -119,7 +133,7 @@ prune_theorems (const System sys)
 	  eprintf
 	    ("Pruned because some local variable was incorrectly subsituted.\n");
 	}
-      return 1;
+      return true;
    }

  // Check if all actors are agents for responders (initiators come next)
@ -140,7 +154,7 @@ prune_theorems (const System sys)
 		  termPrint (actor);
 		  eprintf (" of run %i is not of a compatible type.\n", run);
 		}
-	      return 1;
+	      return true;
 	    }
 	}
      run++;
@ -179,7 +193,7 @@ prune_theorems (const System sys)
 			  // Still need to fix proof output for this
 			  //
 			  // Pruning because some agents are equal for this role.
-			  return 1;
+			  return true;
 			}
 		      tlscan = tlscan->next;
 		    }
@ -199,7 +213,7 @@ prune_theorems (const System sys)
 	  eprintf
 	    ("Pruned: an initiator role does not have the correct type for one of its agents.\n");
 	}
-      return 1;
+      return true;
    }

  // Check if all agents of the main run are valid
@ -211,7 +225,7 @@ prune_theorems (const System sys)
 	  eprintf
 	    ("Pruned because all agents of the claim run must be trusted.\n");
 	}
-      return 1;
+      return true;
    }

  // Check if the actors of all other runs are not untrusted
@ -242,7 +256,7 @@ prune_theorems (const System sys)
 			    ("Pruned because the actor of run %i is untrusted.\n",
 			     run);
 			}
-		      return 1;
+		      return true;
 		    }
 		}
 	      else
@ -259,7 +273,7 @@ prune_theorems (const System sys)
 		  eprintf ("\n");
 		  error ("Aborting.");
 		  globalError--;
-		  return 1;
+		  return true;
 		}
 	    }
 	  run++;
@ -275,16 +289,25 @@ prune_theorems (const System sys)
 	    indentPrint ();
 	    eprintf ("Pruned because this is not <=c-minimal.\n");
 	  }
-	return 1;
+	return true;
      }
  }

  /*
   * Check for correct orderings involving local constants
   */
-  if (switches.experimental & 8 != 0)
+  if (switches.experimental & 8)
    {
-      correctLocalOrder (sys);
+      if (!correctLocalOrder (sys))
+	{
+	  if (switches.output == PROOF)
+	    {
+	      indentPrint ();
+	      eprintf
+		("Pruned because this does not have the correct local order.\n");
+	    }
+	  return true;
+	}
    }

  /**
@ -297,7 +320,7 @@ prune_theorems (const System sys)

      b = bl->data;

-      if (switches.experimental & 4 == 0)
+      if (switches.experimental & 4)
 	{
 	  // Check for "Hidden" interm goals
 	  //!@TODO in the future, this can be subsumed by adding TERM_Hidden to the hidelevel constructs
@ -311,35 +334,11 @@ prune_theorems (const System sys)
 		  termPrint (b->term);
 		  eprintf ("\n");
 		}
-	      return 1;
+	      return true;
 	    }
 	}

-      // Check for encryption levels
-      /*
-       * if (switches.match < 2
-       *!@TODO Doesn't work yet as desired for Tickets. Prove lemma first.
-       */
-      if (switches.experimental & 2 > 0)
-	{
-	  if (!hasTicketSubterm (b->term))
-	    {
-	      if (term_encryption_level (b->term) > max_encryption_level)
-		{
-		  // Prune: we do not need to construct such terms
-		  if (switches.output == PROOF)
-		    {
-		      indentPrint ();
-		      eprintf ("Pruned because the encryption level of ");
-		      termPrint (b->term);
-		      eprintf (" is too high.\n");
-		    }
-		  return 1;
-		}
-	    }
-	}
-
-      if (switches.experimental & 4 == 0)
+      if (switches.experimental & 4)
 	{
 	  // Check for SK-type function occurrences
 	  //!@todo Needs a LEMMA, although this seems to be quite straightforward to prove.
@ -357,11 +356,51 @@ prune_theorems (const System sys)
 		      termPrint (b->term);
 		      eprintf (" is not known initially to the intruder.\n");
 		    }
-		  return 1;
+		  return true;
 		}
 	    }
 	}

+      // Check for encryption levels
+      /*
+       * if (switches.match < 2
+       *!@TODO Doesn't work yet as desired for Tickets. Prove lemma first.
+       */
+      if (switches.experimental & 2)
+	{
+	  if (!hasTicketSubterm (b->term))
+	    {
+	      if (term_encryption_level (b->term) > max_encryption_level)
+		{
+		  // Prune: we do not need to construct such terms
+		  if (switches.output == PROOF)
+		    {
+		      indentPrint ();
+		      eprintf ("Pruned because the encryption level of ");
+		      termPrint (b->term);
+		      eprintf (" is too high.\n");
+		    }
+		  return true;
+		}
+	    }
+	}
+
+      /**
+       * Prune on the basis of hidelevel lemma
+       */
+      if (hidelevelImpossible (sys, b->term))
+	{
+	  // Prune: we do not need to construct such terms
+	  if (switches.output == PROOF)
+	    {
+	      indentPrint ();
+	      eprintf ("Pruned because the hidelevel of ");
+	      termPrint (b->term);
+	      eprintf (" is impossible to satisfy.\n");
+	    }
+	  return true;
+	}
+
      bl = bl->next;
    }

@ -393,7 +432,7 @@ prune_theorems (const System sys)
 		      termPrint (rolename);
 		      eprintf (" occurs more than once in the semitrace.\n");
 		    }
-		  return 1;
+		  return true;
 		}
 	      run2++;
 	    }
@ -401,5 +440,5 @@ prune_theorems (const System sys)
      run++;
    }

-  return 0;
+  return false;
 }
--- a/src/system.c
+++ b/src/system.c
@ -1598,6 +1598,7 @@ iterateLocalToOther (const System sys, const int myrun,
 		     int (*callback) (Term tlocal))
 {
  Termlist tlo, tls;
+  int flag;

  int addOther (Term t)
  {
@ -1605,24 +1606,31 @@ iterateLocalToOther (const System sys, const int myrun,
    return true;
  }

+  flag = true;
  tlo = NULL;
  // construct all others occuring in the reads
  for (tls = sys->runs[myrun].locals; tls != NULL; tls = tls->next)
    {
-      iterateTermOther (myrun, tls->term, addOther);
+      Term tt;
+
+      tt = tls->term;
+      if (realTermVariable (tt) && tt->subst != NULL);
+      {
+	iterateTermOther (myrun, tt->subst, addOther);
+      }
    }
  // now iterate over all of them
-  for (tls = tlo; tls != NULL; tls = tls->next)
+  for (tls = tlo; flag && (tls != NULL); tls = tls->next)
    {
      if (!callback (tls->term))
 	{
-	  return false;
+	  flag = false;
 	}
    }

  // clean up
  termlistDelete (tlo);
-  return true;
+  return flag;
 }

 //! Get first read/send occurrence (event index) of term t in run r
--- a/src/term.c
+++ b/src/term.c
@ -992,14 +992,14 @@ term_iterate_deVar (Term term, int (*leaf) (Term t), int (*nodel) (Term t),
 	    }
 	  else
 	    {
-	      return 1;
+	      return true;
 	    }
 	}
      else
 	{
 	  int flag;

-	  flag = 1;
+	  flag = true;

 	  if (nodel != NULL)
 	    flag = flag && nodel (term);
@ -1015,6 +1015,8 @@ term_iterate_deVar (Term term, int (*leaf) (Term t), int (*nodel) (Term t),
 	      &&
 	      (term_iterate_deVar (TermOp (term), leaf, nodel, nodem, noder));

+	  // Center
+
 	  if (nodem != NULL)
 	    flag = flag && nodem (term);

@ -1036,7 +1038,7 @@ term_iterate_deVar (Term term, int (*leaf) (Term t), int (*nodel) (Term t),
 	  return flag;
 	}
    }
-  return 1;
+  return true;
 }

 //! Iterate over the leaves in a term