Commit 89c4cd44 authored by jhugues's avatar jhugues

* Enhance the output of the REAL backend

	* Add new flag -real_continue_eval to continue evaluation of
	 theorems in case of failures



git-svn-id: https://tecsw.estec.esa.int/svn/taste/trunk/ocarina@3585 129961e7-ef38-4bb5-a8f7-c9a525a55882
parent e9e2838d
pok_safety execution pok_safety execution
requirement : check_error_handling requirement : check_error_handling
-------------------------------------
Evaluating theorem check_error_handling
* Iterate for variable: node.impl_part1_thr1
Content of set prs (libsafety.real:6:15) is Content of set prs (libsafety.real:6:15) is
node.impl_part1: 62 component instance model.aadl:40:01 node.impl_part1: 62 component instance model.aadl:40:01
Content of set vp (libsafety.real:8:14) is Content of set vp (libsafety.real:8:14) is
node.impl_cpu_part1: 20 component instance model.aadl:16:01 node.impl_cpu_part1: 20 component instance model.aadl:16:01
Content of set cpu (libsafety.real:10:15) is Content of set cpu (libsafety.real:10:15) is
node.impl_cpu: 13 component instance model.aadl:22:01 node.impl_cpu: 13 component instance model.aadl:22:01
-> value for errors is Not implemented yet -> value for errors is ("module_config", "module_init", "module_scheduling", "partition_scheduling", "partition_config", "partition_handler", "partition_init", "deadline_miss", "application_error", "numeric_error", "illegal_request", "stack_overflow", "memory_violation", "hardware_fault", "power_fail")
-> value for actual_errors is Not implemented yet -> value for actual_errors is ("module_config", "partition_init", "illegal_request")
libsafety.real:32:46 Backends: error : Property is false for instance 69 (node.impl_part1_thr1) libsafety.real:32:46 Backends: error : Property is false for instance 69 (node.impl_part1_thr1)
=> Result: FALSE
theorem check_error_handling is: FALSE theorem check_error_handling is: FALSE
model.aadl:118:07 Backends: fatal error : requirements are not fulfilled model.aadl:118:07 Backends: fatal error : requirements are not fulfilled
...@@ -7,58 +7,96 @@ all.aadl:197:07: warning: layer_unclassified references a component type ...@@ -7,58 +7,96 @@ all.aadl:197:07: warning: layer_unclassified references a component type
ocarina: Total: 0 error and 6 warnings ocarina: Total: 0 error and 6 warnings
pok_security execution pok_security execution
requirement : one_security_level_by_memory requirement : one_security_level_by_memory
-------------------------------------
Evaluating theorem one_security_level_by_memory
* Iterate for variable: main.i_node1_memory
Content of set p (lib.real:9:12) is Content of set p (lib.real:9:12) is
Content of set vp (lib.real:11:13) is Content of set vp (lib.real:11:13) is
Content of set b (lib.real:13:12) is Content of set b (lib.real:13:12) is
lib.real:15:23 Backends: warning : cardinal of set b is null lib.real:15:23 Backends: warning : cardinal of set b is null
lib.real:15:11 Backends: warning : use default boolean value of true for operator '=' lib.real:15:11 Backends: warning : use default boolean value of true for operator '='
=> Result: TRUE
* Iterate for variable: main.i_node1_memory_topsecret
Content of set p (lib.real:9:12) is Content of set p (lib.real:9:12) is
Content of set vp (lib.real:11:13) is Content of set vp (lib.real:11:13) is
Content of set b (lib.real:13:12) is Content of set b (lib.real:13:12) is
lib.real:15:23 Backends: warning : cardinal of set b is null lib.real:15:23 Backends: warning : cardinal of set b is null
lib.real:15:11 Backends: warning : use default boolean value of true for operator '=' lib.real:15:11 Backends: warning : use default boolean value of true for operator '='
=> Result: TRUE
* Iterate for variable: main.i_node1_memory_secret
Content of set p (lib.real:9:12) is Content of set p (lib.real:9:12) is
Content of set vp (lib.real:11:13) is Content of set vp (lib.real:11:13) is
Content of set b (lib.real:13:12) is Content of set b (lib.real:13:12) is
lib.real:15:23 Backends: warning : cardinal of set b is null lib.real:15:23 Backends: warning : cardinal of set b is null
lib.real:15:11 Backends: warning : use default boolean value of true for operator '=' lib.real:15:11 Backends: warning : use default boolean value of true for operator '='
=> Result: TRUE
* Iterate for variable: main.i_node1_memory_unclassified
Content of set p (lib.real:9:12) is Content of set p (lib.real:9:12) is
Content of set vp (lib.real:11:13) is Content of set vp (lib.real:11:13) is
Content of set b (lib.real:13:12) is Content of set b (lib.real:13:12) is
lib.real:15:23 Backends: warning : cardinal of set b is null lib.real:15:23 Backends: warning : cardinal of set b is null
lib.real:15:11 Backends: warning : use default boolean value of true for operator '=' lib.real:15:11 Backends: warning : use default boolean value of true for operator '='
=> Result: TRUE
* Iterate for variable: main.i_node1_memory_driver
Content of set p (lib.real:9:12) is Content of set p (lib.real:9:12) is
Content of set vp (lib.real:11:13) is Content of set vp (lib.real:11:13) is
Content of set b (lib.real:13:12) is Content of set b (lib.real:13:12) is
lib.real:15:23 Backends: warning : cardinal of set b is null lib.real:15:23 Backends: warning : cardinal of set b is null
lib.real:15:11 Backends: warning : use default boolean value of true for operator '=' lib.real:15:11 Backends: warning : use default boolean value of true for operator '='
=> Result: TRUE
* Iterate for variable: main.i_node2_memory
Content of set p (lib.real:9:12) is Content of set p (lib.real:9:12) is
Content of set vp (lib.real:11:13) is Content of set vp (lib.real:11:13) is
Content of set b (lib.real:13:12) is Content of set b (lib.real:13:12) is
lib.real:15:23 Backends: warning : cardinal of set b is null lib.real:15:23 Backends: warning : cardinal of set b is null
lib.real:15:11 Backends: warning : use default boolean value of true for operator '=' lib.real:15:11 Backends: warning : use default boolean value of true for operator '='
=> Result: TRUE
* Iterate for variable: main.i_node2_memory_topsecret
Content of set p (lib.real:9:12) is Content of set p (lib.real:9:12) is
Content of set vp (lib.real:11:13) is Content of set vp (lib.real:11:13) is
Content of set b (lib.real:13:12) is Content of set b (lib.real:13:12) is
lib.real:15:23 Backends: warning : cardinal of set b is null lib.real:15:23 Backends: warning : cardinal of set b is null
lib.real:15:11 Backends: warning : use default boolean value of true for operator '=' lib.real:15:11 Backends: warning : use default boolean value of true for operator '='
=> Result: TRUE
* Iterate for variable: main.i_node2_memory_secret
Content of set p (lib.real:9:12) is Content of set p (lib.real:9:12) is
Content of set vp (lib.real:11:13) is Content of set vp (lib.real:11:13) is
Content of set b (lib.real:13:12) is Content of set b (lib.real:13:12) is
lib.real:15:23 Backends: warning : cardinal of set b is null lib.real:15:23 Backends: warning : cardinal of set b is null
lib.real:15:11 Backends: warning : use default boolean value of true for operator '=' lib.real:15:11 Backends: warning : use default boolean value of true for operator '='
=> Result: TRUE
* Iterate for variable: main.i_node2_memory_unclassified
Content of set p (lib.real:9:12) is Content of set p (lib.real:9:12) is
Content of set vp (lib.real:11:13) is Content of set vp (lib.real:11:13) is
Content of set b (lib.real:13:12) is Content of set b (lib.real:13:12) is
lib.real:15:23 Backends: warning : cardinal of set b is null lib.real:15:23 Backends: warning : cardinal of set b is null
lib.real:15:11 Backends: warning : use default boolean value of true for operator '=' lib.real:15:11 Backends: warning : use default boolean value of true for operator '='
=> Result: TRUE
* Iterate for variable: main.i_node2_memory_driver
Content of set p (lib.real:9:12) is Content of set p (lib.real:9:12) is
Content of set vp (lib.real:11:13) is Content of set vp (lib.real:11:13) is
Content of set b (lib.real:13:12) is Content of set b (lib.real:13:12) is
lib.real:15:23 Backends: warning : cardinal of set b is null lib.real:15:23 Backends: warning : cardinal of set b is null
lib.real:15:11 Backends: warning : use default boolean value of true for operator '=' lib.real:15:11 Backends: warning : use default boolean value of true for operator '='
=> Result: TRUE
theorem one_security_level_by_memory is: TRUE theorem one_security_level_by_memory is: TRUE
requirement : bell_lapadula requirement : bell_lapadula
-------------------------------------
Evaluating theorem bell_lapadula
* Iterate for variable: main.i_node1_partition_topsecret
Content of set vp1 (lib.real:27:14) is Content of set vp1 (lib.real:27:14) is
main.i_node1_runtime_topsecret: 48 component instance all.aadl:156:04 main.i_node1_runtime_topsecret: 48 component instance all.aadl:156:04
Content of set b_src (lib.real:29:16) is Content of set b_src (lib.real:29:16) is
...@@ -69,6 +107,9 @@ Content of set vp2 (lib.real:33:14) is ...@@ -69,6 +107,9 @@ Content of set vp2 (lib.real:33:14) is
main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04 main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04
Content of set b_dst (lib.real:35:16) is Content of set b_dst (lib.real:35:16) is
main.i_rtbus_layer_topsecret: 727 component instance all.aadl:15:04 main.i_rtbus_layer_topsecret: 727 component instance all.aadl:15:04
=> Result: TRUE
* Iterate for variable: main.i_node1_partition_secret
Content of set vp1 (lib.real:27:14) is Content of set vp1 (lib.real:27:14) is
main.i_node1_runtime_secret: 28 component instance all.aadl:156:04 main.i_node1_runtime_secret: 28 component instance all.aadl:156:04
Content of set b_src (lib.real:29:16) is Content of set b_src (lib.real:29:16) is
...@@ -79,6 +120,9 @@ Content of set vp2 (lib.real:33:14) is ...@@ -79,6 +120,9 @@ Content of set vp2 (lib.real:33:14) is
main.i_node2_runtime_secret: 124 component instance all.aadl:156:04 main.i_node2_runtime_secret: 124 component instance all.aadl:156:04
Content of set b_dst (lib.real:35:16) is Content of set b_dst (lib.real:35:16) is
main.i_rtbus_layer_secret: 735 component instance all.aadl:10:04 main.i_rtbus_layer_secret: 735 component instance all.aadl:10:04
=> Result: TRUE
* Iterate for variable: main.i_node1_partition_unclassified
Content of set vp1 (lib.real:27:14) is Content of set vp1 (lib.real:27:14) is
main.i_node1_runtime_unclassified: 64 component instance all.aadl:156:04 main.i_node1_runtime_unclassified: 64 component instance all.aadl:156:04
Content of set b_src (lib.real:29:16) is Content of set b_src (lib.real:29:16) is
...@@ -89,6 +133,9 @@ Content of set vp2 (lib.real:33:14) is ...@@ -89,6 +133,9 @@ Content of set vp2 (lib.real:33:14) is
main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04 main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04
Content of set b_dst (lib.real:35:16) is Content of set b_dst (lib.real:35:16) is
main.i_rtbus_layer_unclassified: 743 component instance all.aadl:5:04 main.i_rtbus_layer_unclassified: 743 component instance all.aadl:5:04
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_topsecret
Content of set vp1 (lib.real:27:14) is Content of set vp1 (lib.real:27:14) is
main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04 main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04
Content of set b_src (lib.real:29:16) is Content of set b_src (lib.real:29:16) is
...@@ -96,6 +143,9 @@ Content of set b_src (lib.real:29:16) is ...@@ -96,6 +143,9 @@ Content of set b_src (lib.real:29:16) is
Content of set p_dest (lib.real:31:17) is Content of set p_dest (lib.real:31:17) is
Content of set vp2 (lib.real:33:14) is Content of set vp2 (lib.real:33:14) is
Content of set b_dst (lib.real:35:16) is Content of set b_dst (lib.real:35:16) is
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_secret
Content of set vp1 (lib.real:27:14) is Content of set vp1 (lib.real:27:14) is
main.i_node2_runtime_secret: 124 component instance all.aadl:156:04 main.i_node2_runtime_secret: 124 component instance all.aadl:156:04
Content of set b_src (lib.real:29:16) is Content of set b_src (lib.real:29:16) is
...@@ -103,6 +153,9 @@ Content of set b_src (lib.real:29:16) is ...@@ -103,6 +153,9 @@ Content of set b_src (lib.real:29:16) is
Content of set p_dest (lib.real:31:17) is Content of set p_dest (lib.real:31:17) is
Content of set vp2 (lib.real:33:14) is Content of set vp2 (lib.real:33:14) is
Content of set b_dst (lib.real:35:16) is Content of set b_dst (lib.real:35:16) is
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_unclassified
Content of set vp1 (lib.real:27:14) is Content of set vp1 (lib.real:27:14) is
main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04 main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04
Content of set b_src (lib.real:29:16) is Content of set b_src (lib.real:29:16) is
...@@ -110,8 +163,15 @@ Content of set b_src (lib.real:29:16) is ...@@ -110,8 +163,15 @@ Content of set b_src (lib.real:29:16) is
Content of set p_dest (lib.real:31:17) is Content of set p_dest (lib.real:31:17) is
Content of set vp2 (lib.real:33:14) is Content of set vp2 (lib.real:33:14) is
Content of set b_dst (lib.real:35:16) is Content of set b_dst (lib.real:35:16) is
=> Result: TRUE
theorem bell_lapadula is: TRUE theorem bell_lapadula is: TRUE
requirement : biba requirement : biba
-------------------------------------
Evaluating theorem biba
* Iterate for variable: main.i_node1_partition_topsecret
Content of set vp1 (lib.real:51:14) is Content of set vp1 (lib.real:51:14) is
main.i_node1_runtime_topsecret: 48 component instance all.aadl:156:04 main.i_node1_runtime_topsecret: 48 component instance all.aadl:156:04
Content of set b_src (lib.real:53:16) is Content of set b_src (lib.real:53:16) is
...@@ -122,6 +182,9 @@ Content of set vp2 (lib.real:57:14) is ...@@ -122,6 +182,9 @@ Content of set vp2 (lib.real:57:14) is
main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04 main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04
Content of set b_dst (lib.real:59:16) is Content of set b_dst (lib.real:59:16) is
main.i_rtbus_layer_topsecret: 727 component instance all.aadl:15:04 main.i_rtbus_layer_topsecret: 727 component instance all.aadl:15:04
=> Result: TRUE
* Iterate for variable: main.i_node1_partition_secret
Content of set vp1 (lib.real:51:14) is Content of set vp1 (lib.real:51:14) is
main.i_node1_runtime_secret: 28 component instance all.aadl:156:04 main.i_node1_runtime_secret: 28 component instance all.aadl:156:04
Content of set b_src (lib.real:53:16) is Content of set b_src (lib.real:53:16) is
...@@ -132,6 +195,9 @@ Content of set vp2 (lib.real:57:14) is ...@@ -132,6 +195,9 @@ Content of set vp2 (lib.real:57:14) is
main.i_node2_runtime_secret: 124 component instance all.aadl:156:04 main.i_node2_runtime_secret: 124 component instance all.aadl:156:04
Content of set b_dst (lib.real:59:16) is Content of set b_dst (lib.real:59:16) is
main.i_rtbus_layer_secret: 735 component instance all.aadl:10:04 main.i_rtbus_layer_secret: 735 component instance all.aadl:10:04
=> Result: TRUE
* Iterate for variable: main.i_node1_partition_unclassified
Content of set vp1 (lib.real:51:14) is Content of set vp1 (lib.real:51:14) is
main.i_node1_runtime_unclassified: 64 component instance all.aadl:156:04 main.i_node1_runtime_unclassified: 64 component instance all.aadl:156:04
Content of set b_src (lib.real:53:16) is Content of set b_src (lib.real:53:16) is
...@@ -142,6 +208,9 @@ Content of set vp2 (lib.real:57:14) is ...@@ -142,6 +208,9 @@ Content of set vp2 (lib.real:57:14) is
main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04 main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04
Content of set b_dst (lib.real:59:16) is Content of set b_dst (lib.real:59:16) is
main.i_rtbus_layer_unclassified: 743 component instance all.aadl:5:04 main.i_rtbus_layer_unclassified: 743 component instance all.aadl:5:04
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_topsecret
Content of set vp1 (lib.real:51:14) is Content of set vp1 (lib.real:51:14) is
main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04 main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04
Content of set b_src (lib.real:53:16) is Content of set b_src (lib.real:53:16) is
...@@ -149,6 +218,9 @@ Content of set b_src (lib.real:53:16) is ...@@ -149,6 +218,9 @@ Content of set b_src (lib.real:53:16) is
Content of set p_dest (lib.real:55:17) is Content of set p_dest (lib.real:55:17) is
Content of set vp2 (lib.real:57:14) is Content of set vp2 (lib.real:57:14) is
Content of set b_dst (lib.real:59:16) is Content of set b_dst (lib.real:59:16) is
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_secret
Content of set vp1 (lib.real:51:14) is Content of set vp1 (lib.real:51:14) is
main.i_node2_runtime_secret: 124 component instance all.aadl:156:04 main.i_node2_runtime_secret: 124 component instance all.aadl:156:04
Content of set b_src (lib.real:53:16) is Content of set b_src (lib.real:53:16) is
...@@ -156,6 +228,9 @@ Content of set b_src (lib.real:53:16) is ...@@ -156,6 +228,9 @@ Content of set b_src (lib.real:53:16) is
Content of set p_dest (lib.real:55:17) is Content of set p_dest (lib.real:55:17) is
Content of set vp2 (lib.real:57:14) is Content of set vp2 (lib.real:57:14) is
Content of set b_dst (lib.real:59:16) is Content of set b_dst (lib.real:59:16) is
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_unclassified
Content of set vp1 (lib.real:51:14) is Content of set vp1 (lib.real:51:14) is
main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04 main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04
Content of set b_src (lib.real:53:16) is Content of set b_src (lib.real:53:16) is
...@@ -163,8 +238,15 @@ Content of set b_src (lib.real:53:16) is ...@@ -163,8 +238,15 @@ Content of set b_src (lib.real:53:16) is
Content of set p_dest (lib.real:55:17) is Content of set p_dest (lib.real:55:17) is
Content of set vp2 (lib.real:57:14) is Content of set vp2 (lib.real:57:14) is
Content of set b_dst (lib.real:59:16) is Content of set b_dst (lib.real:59:16) is
=> Result: TRUE
theorem biba is: TRUE theorem biba is: TRUE
requirement : mils_1 requirement : mils_1
-------------------------------------
Evaluating theorem mils_1
* Iterate for variable: main.i_node1_partition_topsecret
Content of set vp1 (lib.real:73:14) is Content of set vp1 (lib.real:73:14) is
main.i_node1_runtime_topsecret: 48 component instance all.aadl:156:04 main.i_node1_runtime_topsecret: 48 component instance all.aadl:156:04
Content of set b_src (lib.real:75:16) is Content of set b_src (lib.real:75:16) is
...@@ -175,6 +257,9 @@ Content of set vp2 (lib.real:79:14) is ...@@ -175,6 +257,9 @@ Content of set vp2 (lib.real:79:14) is
main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04 main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04
Content of set b_dst (lib.real:81:16) is Content of set b_dst (lib.real:81:16) is
main.i_rtbus_layer_topsecret: 727 component instance all.aadl:15:04 main.i_rtbus_layer_topsecret: 727 component instance all.aadl:15:04
=> Result: TRUE
* Iterate for variable: main.i_node1_partition_secret
Content of set vp1 (lib.real:73:14) is Content of set vp1 (lib.real:73:14) is
main.i_node1_runtime_secret: 28 component instance all.aadl:156:04 main.i_node1_runtime_secret: 28 component instance all.aadl:156:04
Content of set b_src (lib.real:75:16) is Content of set b_src (lib.real:75:16) is
...@@ -185,6 +270,9 @@ Content of set vp2 (lib.real:79:14) is ...@@ -185,6 +270,9 @@ Content of set vp2 (lib.real:79:14) is
main.i_node2_runtime_secret: 124 component instance all.aadl:156:04 main.i_node2_runtime_secret: 124 component instance all.aadl:156:04
Content of set b_dst (lib.real:81:16) is Content of set b_dst (lib.real:81:16) is
main.i_rtbus_layer_secret: 735 component instance all.aadl:10:04 main.i_rtbus_layer_secret: 735 component instance all.aadl:10:04
=> Result: TRUE
* Iterate for variable: main.i_node1_partition_unclassified
Content of set vp1 (lib.real:73:14) is Content of set vp1 (lib.real:73:14) is
main.i_node1_runtime_unclassified: 64 component instance all.aadl:156:04 main.i_node1_runtime_unclassified: 64 component instance all.aadl:156:04
Content of set b_src (lib.real:75:16) is Content of set b_src (lib.real:75:16) is
...@@ -195,6 +283,9 @@ Content of set vp2 (lib.real:79:14) is ...@@ -195,6 +283,9 @@ Content of set vp2 (lib.real:79:14) is
main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04 main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04
Content of set b_dst (lib.real:81:16) is Content of set b_dst (lib.real:81:16) is
main.i_rtbus_layer_unclassified: 743 component instance all.aadl:5:04 main.i_rtbus_layer_unclassified: 743 component instance all.aadl:5:04
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_topsecret
Content of set vp1 (lib.real:73:14) is Content of set vp1 (lib.real:73:14) is
main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04 main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04
Content of set b_src (lib.real:75:16) is Content of set b_src (lib.real:75:16) is
...@@ -202,6 +293,9 @@ Content of set b_src (lib.real:75:16) is ...@@ -202,6 +293,9 @@ Content of set b_src (lib.real:75:16) is
Content of set p_dest (lib.real:77:17) is Content of set p_dest (lib.real:77:17) is
Content of set vp2 (lib.real:79:14) is Content of set vp2 (lib.real:79:14) is
Content of set b_dst (lib.real:81:16) is Content of set b_dst (lib.real:81:16) is
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_secret
Content of set vp1 (lib.real:73:14) is Content of set vp1 (lib.real:73:14) is
main.i_node2_runtime_secret: 124 component instance all.aadl:156:04 main.i_node2_runtime_secret: 124 component instance all.aadl:156:04
Content of set b_src (lib.real:75:16) is Content of set b_src (lib.real:75:16) is
...@@ -209,6 +303,9 @@ Content of set b_src (lib.real:75:16) is ...@@ -209,6 +303,9 @@ Content of set b_src (lib.real:75:16) is
Content of set p_dest (lib.real:77:17) is Content of set p_dest (lib.real:77:17) is
Content of set vp2 (lib.real:79:14) is Content of set vp2 (lib.real:79:14) is
Content of set b_dst (lib.real:81:16) is Content of set b_dst (lib.real:81:16) is
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_unclassified
Content of set vp1 (lib.real:73:14) is Content of set vp1 (lib.real:73:14) is
main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04 main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04
Content of set b_src (lib.real:75:16) is Content of set b_src (lib.real:75:16) is
...@@ -216,8 +313,15 @@ Content of set b_src (lib.real:75:16) is ...@@ -216,8 +313,15 @@ Content of set b_src (lib.real:75:16) is
Content of set p_dest (lib.real:77:17) is Content of set p_dest (lib.real:77:17) is
Content of set vp2 (lib.real:79:14) is Content of set vp2 (lib.real:79:14) is
Content of set b_dst (lib.real:81:16) is Content of set b_dst (lib.real:81:16) is
=> Result: TRUE
theorem mils_1 is: TRUE theorem mils_1 is: TRUE
requirement : mils_2 requirement : mils_2
-------------------------------------
Evaluating theorem mils_2
* Iterate for variable: main.i_node1_partition_topsecret
Content of set vp1 (lib.real:98:14) is Content of set vp1 (lib.real:98:14) is
main.i_node1_runtime_topsecret: 48 component instance all.aadl:156:04 main.i_node1_runtime_topsecret: 48 component instance all.aadl:156:04
Content of set b_src (lib.real:100:16) is Content of set b_src (lib.real:100:16) is
...@@ -235,6 +339,9 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null ...@@ -235,6 +339,9 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null
lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max
lib.real:120:20 Backends: warning : cardinal of set b_cnx is null lib.real:120:20 Backends: warning : cardinal of set b_cnx is null
lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max
=> Result: TRUE
* Iterate for variable: main.i_node1_partition_secret
Content of set vp1 (lib.real:98:14) is Content of set vp1 (lib.real:98:14) is
main.i_node1_runtime_secret: 28 component instance all.aadl:156:04 main.i_node1_runtime_secret: 28 component instance all.aadl:156:04
Content of set b_src (lib.real:100:16) is Content of set b_src (lib.real:100:16) is
...@@ -252,6 +359,9 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null ...@@ -252,6 +359,9 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null
lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max
lib.real:120:20 Backends: warning : cardinal of set b_cnx is null lib.real:120:20 Backends: warning : cardinal of set b_cnx is null
lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max
=> Result: TRUE
* Iterate for variable: main.i_node1_partition_unclassified
Content of set vp1 (lib.real:98:14) is Content of set vp1 (lib.real:98:14) is
main.i_node1_runtime_unclassified: 64 component instance all.aadl:156:04 main.i_node1_runtime_unclassified: 64 component instance all.aadl:156:04
Content of set b_src (lib.real:100:16) is Content of set b_src (lib.real:100:16) is
...@@ -269,6 +379,9 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null ...@@ -269,6 +379,9 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null
lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max
lib.real:120:20 Backends: warning : cardinal of set b_cnx is null lib.real:120:20 Backends: warning : cardinal of set b_cnx is null
lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_topsecret
Content of set vp1 (lib.real:98:14) is Content of set vp1 (lib.real:98:14) is
main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04 main.i_node2_runtime_topsecret: 139 component instance all.aadl:156:04
Content of set b_src (lib.real:100:16) is Content of set b_src (lib.real:100:16) is
...@@ -286,6 +399,9 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null ...@@ -286,6 +399,9 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null
lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max
lib.real:120:20 Backends: warning : cardinal of set b_cnx is null lib.real:120:20 Backends: warning : cardinal of set b_cnx is null
lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_secret
Content of set vp1 (lib.real:98:14) is Content of set vp1 (lib.real:98:14) is
main.i_node2_runtime_secret: 124 component instance all.aadl:156:04 main.i_node2_runtime_secret: 124 component instance all.aadl:156:04
Content of set b_src (lib.real:100:16) is Content of set b_src (lib.real:100:16) is
...@@ -303,6 +419,9 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null ...@@ -303,6 +419,9 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null
lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max
lib.real:120:20 Backends: warning : cardinal of set b_cnx is null lib.real:120:20 Backends: warning : cardinal of set b_cnx is null
lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max
=> Result: TRUE
* Iterate for variable: main.i_node2_partition_unclassified
Content of set vp1 (lib.real:98:14) is Content of set vp1 (lib.real:98:14) is
main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04 main.i_node2_runtime_unclassified: 154 component instance all.aadl:156:04
Content of set b_src (lib.real:100:16) is Content of set b_src (lib.real:100:16) is
...@@ -320,8 +439,28 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null ...@@ -320,8 +439,28 @@ lib.real:119:20 Backends: warning : cardinal of set b_dst is null
lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:15 Backends: warning : use default float value of 0.0 for operator Max
lib.real:120:20 Backends: warning : cardinal of set b_cnx is null lib.real:120:20 Backends: warning : cardinal of set b_cnx is null
lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max lib.real:119:62 Backends: warning : use default float value of 0.0 for operator Max
=> Result: TRUE
theorem mils_2 is: TRUE theorem mils_2 is: TRUE
requirement : scheduling_1 requirement : scheduling_1
-------------------------------------
Evaluating theorem scheduling_1
* Iterate for variable: main.i_node1
=> Result: TRUE
* Iterate for variable: main.i_node2
=> Result: TRUE
theorem scheduling_1 is: TRUE theorem scheduling_1 is: TRUE
-------------------------------------
Evaluating theorem pok_security
* Iterate for variable: main.i
=> Result: TRUE
theorem pok_security is: TRUE theorem pok_security is: TRUE
...@@ -35,6 +35,7 @@ with Namet; ...@@ -35,6 +35,7 @@ with Namet;
with Output; with Output;
with Locations; use Locations; with Locations; use Locations;
with Ocarina.Analyzer.REAL;
with Ocarina.ME_REAL.REAL_Tree.Nodes; with Ocarina.ME_REAL.REAL_Tree.Nodes;
with Ocarina.ME_REAL.REAL_Tree.Nutils; with Ocarina.ME_REAL.REAL_Tree.Nutils;
with Ocarina.ME_REAL.REAL_Tree.Utils; with Ocarina.ME_REAL.REAL_Tree.Utils;
...@@ -285,11 +286,8 @@ package body Ocarina.Backends.REAL is ...@@ -285,11 +286,8 @@ package body Ocarina.Backends.REAL is
Dummy := Apply_To_All_Elements (R); Dummy := Apply_To_All_Elements (R);
end Apply_To_All_Elements; end Apply_To_All_Elements;
---------------------------
-- Apply_To_All_Elements --
---------------------------
function Apply_To_All_Elements (R : Node_Id) return Boolean is function Apply_To_All_Elements (R : Node_Id) return Boolean is
use Ocarina.ME_AADL.AADL_Instances.Nutils;
pragma Assert (Kind (R) = K_Theorem); pragma Assert (Kind (R) = K_Theorem);
Range_Set : constant Result_Set := Set_Array Range_Set : constant Result_Set := Set_Array
...@@ -302,12 +300,23 @@ package body Ocarina.Backends.REAL is ...@@ -302,12 +300,23 @@ package body Ocarina.Backends.REAL is
(Range_Declaration (R)))))))); (Range_Declaration (R))))))));
Success : Boolean := True; Success : Boolean := True;
begin begin
-- For each element of the global ("range") set, -- For each element of the global ("range") set, we build the
-- we build the dependant sets and then -- dependant sets and then we check the verification expression
-- we check the verification expression
Write_Line ("-------------------------------------");
Write_Line ("Evaluating theorem "
& Get_Name_String (Name (Identifier (R))));
Write_Line ("");
for J in 1 .. Cardinal (Range_Set) loop for J in 1 .. Cardinal (Range_Set) loop
Current_Range_Variable := Get (Range_Set, J); Current_Range_Variable := Get (Range_Set, J);
begin
Write_Line (" * Iterate for variable: "
& Get_Name_String (Compute_Full_Name_Of_Instance
(Current_Range_Variable)));
exception
when others =>
null;
end;
Set_Var_Value Set_Var_Value
(Referenced_Var (Variable_Ref (Range_Declaration (R))), (Referenced_Var (Variable_Ref (Range_Declaration (R))),
New_Elem_Value (Current_Range_Variable)); New_Elem_Value (Current_Range_Variable));
...@@ -315,13 +324,14 @@ package body Ocarina.Backends.REAL is ...@@ -315,13 +324,14 @@ package body Ocarina.Backends.REAL is
if Success then if Success then
Success := Manage_Check_Expression (R); Success := Manage_Check_Expression (R);
end if; end if;
Write_Line (" => Result: " & Success'Img);
Write_Line ("");
exit when not Success; exit when not Success;
end loop; end loop;
Write_Line ("theorem " & Get_Name_String (Name (Identifier (R))) Write_Line ("theorem " & Get_Name_String (Name (Identifier (R)))
& " is: "& Boolean'Image (Success)); & " is: "& Boolean'Image (Success));
Write_Line ("");
return Success; return Success;
end Apply_To_All_Elements; end Apply_To_All_Elements;
...@@ -521,7 +531,8 @@ package body Ocarina.Backends.REAL is ...@@ -521,7 +531,8 @@ package body Ocarina.Backends.REAL is
Success := Apply_To_All_Elements (RNU.REAL_Root); Success := Apply_To_All_Elements (RNU.REAL_Root);
Clean_Runtime; Clean_Runtime;
exit when not Success; exit when (not Success)
and then (not Ocarina.Analyzer.REAL.Continue_Evaluation);