SMT2 back-end: report error when invoking solver fails

[tautschnig]

Our previous attempt at reporting errors was dead code for run never returns a negative value. When the executable isn't found the return code was 1, else failures will depend on the solver's return code. Also, propagate the messages produced by run on stderr to the error-logging output.

Fixes: #8362

• Each commit message has a non-empty body, explaining why the change was made.
• n/a Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
• n/a The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
• Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
• n/a My commit message includes data points confirming performance improvements (if claimed).
• My PR is restricted to a single feature or bugfix.
• n/a White-space or formatting changes outside the feature-related changed lines are in commits of their own.

[codecov]

Codecov Report

Attention: Patch coverage is 33.33333% with 4 lines in your changes missing coverage. Please review.

Project coverage is 78.34%. Comparing base (629dbcd) to head (7fd93be).

Files	Patch %	Lines
src/solvers/smt2/smt2_dec.cpp	33.33%	4 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #8378      +/-   ##
===========================================
- Coverage    78.35%   78.34%   -0.01%     
===========================================
  Files         1726     1726              
  Lines       188424   188443      +19     
  Branches     18248    18248              
===========================================
- Hits        147631   147630       -1     
- Misses       40793    40813      +20     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[rod-chapman]

Thanks for this one. Have you tested it in the three obvious use cases:

1. On the command line (i.e. just running "cbmc" from a Makefile...)
2. with cbmc-starter-kit using litani to run the tools.
3. In a GitHub action
   In all three cases, it is new error message clearly visible and obvious to the user?

[rod-chapman]

OK... build this branch and tried it on the command-line. Issues:

1. The error message "error running SMT2 solver: execvp z3 failed: Permission denied" appears near the top of over 1600 lines of output, so it's impossible to see it. Suggest you just terminate the run, so this one error message is the only thing the user sees.
2. The message itself is a little misleading. As a newbie user, I have no idea what "execvp" is, so there's no point having that there. It also says "Permission denied" which is wrong because it gives the user the impression that Z3 is installed but they don't have "permission" to run it... Surely something like "Error running SMT2 solver. Z3 is not installed" would be clearer for the user?

[rod-chapman]

I tried this using cbmc-starter-kit and running the tools with litani. With no Z3 installed, the run ends with:

[15/16] scalar_signed_to_unsigned_q_16: checking safety properties                                                                                                                                                                                                     FAILED: /Users/rodchap/Desktop/rod/projects/crypto/pqcp/aarch64-rod-main/cbmc/proofs/scalar_signed_to_unsigned_q_16/logs/result.xml /var/folders/83/zx9jk1g53wjcr2xvycvs7xjh0000gr/T/litani/runs/80b617ed-9a01-44db-9b3f-86047e38539d/status/35f0d968-1a2c-47a0-85f9-9d402bb86066.json 

/opt/homebrew/Cellar/litani/1.29.0/libexec/litani exec --command 'cbmc  --smt2 --flush --object-bits 8 --unwinding-assertions  --bounds-check --conversion-check --div-by-zero-check --float-overflow-check --nan-check --pointer-check --pointer-overflow-check --pointer-primitive-check --signed-overflow-check --undefined-shift-check --unsigned-overflow-check --trace --xml-ui /Users/rodchap/Desktop/rod/projects/crypto/pqcp/aarch64-rod-main/cbmc/proofs/scalar_signed_to_unsigned_q_16/gotos/scalar_signed_to_unsigned_q_16_harness.goto' --pipeline-name scalar_signed_to_unsigned_q_16 --ci-stage test --job-id 35f0d968-1a2c-47a0-85f9-9d402bb86066 --stdout-file /Users/rodchap/Desktop/rod/projects/crypto/pqcp/aarch64-rod-main/cbmc/proofs/scalar_signed_to_unsigned_q_16/logs/result.xml --stderr-file /Users/rodchap/Desktop/rod/projects/crypto/pqcp/aarch64-rod-main/cbmc/proofs/scalar_signed_to_unsigned_q_16/logs/result-err-log.txt --description 'scalar_signed_to_unsigned_q_16: checking safety properties' --timeout 21600 --status-file /var/folders/83/zx9jk1g53wjcr2xvycvs7xjh0000gr/T/litani/runs/80b617ed-9a01-44db-9b3f-86047e38539d/status/35f0d968-1a2c-47a0-85f9-9d402bb86066.json --profile-memory-interval 10 --inputs /Users/rodchap/Desktop/rod/projects/crypto/pqcp/aarch64-rod-main/cbmc/proofs/scalar_signed_to_unsigned_q_16/gotos/scalar_signed_to_unsigned_q_16_harness.goto --outputs /Users/rodchap/Desktop/rod/projects/crypto/pqcp/aarch64-rod-main/cbmc/proofs/scalar_signed_to_unsigned_q_16/logs/result.xml --ignore-returns 10 --tags 'stats-group:safety checks'

ninja: build stopped: cannot make progress due to previous errors.


Report was rendered at file:///var/folders/83/zx9jk1g53wjcr2xvycvs7xjh0000gr/T/litani/runs/latest/html/index.html

so nothing there about Z3 missing. Secondly, no "report" directory has been created, so nothing to find there in HTML either.

The error messages does appear in logs/result.xml but buried on line 45 of a 6000 line file.

[tautschnig]

We should likely work on the starter kit to do a better job at testing for dependencies and extracting useful information. This PR enables such work by making CBMC present the information rather than hiding it.

[kroening]

Should run not rather return a proper result?