cbmc/ai__storage_8h_source.html

/*******************************************************************\


Module: Abstract Interpretation


Author: Martin Brain, martin.brain@cs.ox.ac.uk


\*******************************************************************/


#ifndef CPROVER_ANALYSES_AI_STORAGE_H

#define CPROVER_ANALYSES_AI_STORAGE_H


#include <util/deprecate.h>


#include <goto-programs/goto_program.h>


#include "ai_domain.h"

#include "ai_history.h"


class ai_storage_baset

{

protected:


  ai_storage_baset()

  {

  }

  ai_storage_baset() {…}


public:


  virtual ~ai_storage_baset()

  {

  }

  virtual ~ai_storage_baset() {…}


  typedef ai_domain_baset statet;

  typedef std::shared_ptr<statet> state_ptrt;

  typedef std::shared_ptr<const statet> cstate_ptrt;

  typedef ai_history_baset tracet;

  typedef ai_history_baset::trace_ptrt trace_ptrt;

  typedef ai_history_baset::trace_sett trace_sett;

  typedef std::shared_ptr<trace_sett> trace_set_ptrt;

  typedef std::shared_ptr<const trace_sett> ctrace_set_ptrt;

  typedef goto_programt::const_targett locationt;


  virtual ctrace_set_ptrt abstract_traces_before(locationt l) const = 0;


  virtual cstate_ptrt abstract_state_before(

    trace_ptrt p,

    const ai_domain_factory_baset &fac) const = 0;


  virtual cstate_ptrt abstract_state_before(

    locationt l,

    const ai_domain_factory_baset &fac) const = 0;


  virtual statet &

  get_state(trace_ptrt p, const ai_domain_factory_baset &fac) = 0;


  virtual void clear()

  {

    return;

  }

  virtual void clear() {…}


  virtual void prune(locationt l)

  {

    return;

  }

  virtual void prune(locationt l) {…}

};

class ai_storage_baset {…};


// There are a number of options for how to store the history objects.

// This implements a simple one.  It is not in ai_storage_baset so that

// storage implementations can implement their own, more specific, approaches


class trace_map_storaget : public ai_storage_baset

{

protected:

  typedef std::map<locationt, trace_set_ptrt, goto_programt::target_less_than>

    trace_mapt;

  trace_mapt trace_map;


  // This retains one part of a shared_ptr to the history object


  void register_trace(trace_ptrt p)

  {

    // Save the trace_ptrt

    trace_mapt::iterator it = trace_map.find(p->current_location());

    if(it == trace_map.end())

    {

      trace_set_ptrt s(new trace_sett());

      auto ins = trace_map.emplace(p->current_location(), s);

      CHECK_RETURN(ins.second);

      it = ins.first;

    }

    // Strictly this should be "it->second points to a trace_set"

    POSTCONDITION(it->second != nullptr);


    it->second->insert(p);


    return;

  }

  void register_trace(trace_ptrt p) {…}


public:


  ctrace_set_ptrt abstract_traces_before(locationt l) const override

  {

    trace_mapt::const_iterator it = trace_map.find(l);

    if(it == trace_map.end())

      return trace_set_ptrt(new trace_sett());


    // Strictly this should be "it->second points to a trace_set"

    POSTCONDITION(it->second != nullptr);

    return it->second;

  }

  ctrace_set_ptrt abstract_traces_before(locationt l) const override {…}


  void clear() override

  {

    ai_storage_baset::clear();

    trace_map.clear();

    return;

  }

  void clear() override {…}

};

class trace_map_storaget : public ai_storage_baset {…};


// A couple of older domains make direct use of the state map

class invariant_propagationt;

class dependence_grapht;

class variable_sensitivity_dependence_grapht;


class location_sensitive_storaget : public trace_map_storaget

{

protected:

  typedef std::unordered_map<

    locationt,

    state_ptrt,

    const_target_hash,

    pointee_address_equalt>

    state_mapt;

  state_mapt state_map;


  // Support some older domains that explicitly iterate across the state map

  friend invariant_propagationt;

  friend dependence_grapht;

  friend variable_sensitivity_dependence_grapht; // Based on dependence_grapht


  state_mapt &internal(void)

  {

    return state_map;

  }

  state_mapt &internal(void) {…}


public:


  cstate_ptrt abstract_state_before(

    trace_ptrt p,

    const ai_domain_factory_baset &fac) const override

  {

    return abstract_state_before(p->current_location(), fac);

  }

  cstate_ptrt abstract_state_before( {…}


  cstate_ptrt abstract_state_before(

    locationt l,

    const ai_domain_factory_baset &fac) const override

  {

    typename state_mapt::const_iterator it = state_map.find(l);

    if(it == state_map.end())

      return fac.make(l);


    return it->second;

  }

  cstate_ptrt abstract_state_before( {…}


  statet &get_state(trace_ptrt p, const ai_domain_factory_baset &fac) override

  {

    register_trace(p);

    return get_state(p->current_location(), fac);

  }

  statet &get_state(trace_ptrt p, const ai_domain_factory_baset &fac) override {…}


  // For backwards compatability

  // Care should be exercised in using this.  It is possible to create domains

  // without any corresponding history object(s).  This can lead to somewhat

  // unexpected behaviour depending on which APIs you use.

  DEPRECATED(SINCE(2019, 08, 01, "use get_state(trace_ptrt p) instead"))


  statet &get_state(locationt l, const ai_domain_factory_baset &fac)

  {

    typename state_mapt::const_iterator it = state_map.find(l);

    if(it == state_map.end())

    {

      std::shared_ptr<statet> d(fac.make(l));

      auto p = state_map.emplace(l, d);

      CHECK_RETURN(p.second);

      it = p.first;

    }


    return *(it->second);

  }

  statet &get_state(locationt l, const ai_domain_factory_baset &fac) {…}


  void clear() override

  {

    trace_map_storaget::clear();

    state_map.clear();

    return;

  }

  void clear() override {…}

};

class location_sensitive_storaget : public trace_map_storaget {…};


// The most precise form of storage


class history_sensitive_storaget : public trace_map_storaget

{

protected:

  typedef std::map<trace_ptrt, state_ptrt, ai_history_baset::compare_historyt>

    domain_mapt;

  domain_mapt domain_map;


public:


  cstate_ptrt abstract_state_before(

    trace_ptrt p,

    const ai_domain_factory_baset &fac) const override

  {

    auto it = domain_map.find(p);

    if(it == domain_map.end())

      return fac.make(p->current_location());


    return it->second;

  }

  cstate_ptrt abstract_state_before( {…}


  cstate_ptrt abstract_state_before(

    locationt t,

    const ai_domain_factory_baset &fac) const override

  {

    auto traces = abstract_traces_before(t);


    if(traces->size() == 0)

    {

      return fac.make(t);

    }

    else if(traces->size() == 1)

    {

      auto it = domain_map.find(*(traces->begin()));

      DATA_INVARIANT(

        it != domain_map.end(), "domain_map must be in sync with trace_map");

      return it->second;

    }

    else

    {

      // Need to merge all of the traces that reach this location

      auto res = fac.make(t);


      for(auto p : *traces)

      {

        auto it = domain_map.find(p);

        DATA_INVARIANT(

          it != domain_map.end(), "domain_map must be in sync with trace_map");

        fac.merge(*res, *(it->second), p, p);

      }


      return cstate_ptrt(res.release());

    }

  }

  cstate_ptrt abstract_state_before( {…}


  statet &get_state(trace_ptrt p, const ai_domain_factory_baset &fac) override

  {

    register_trace(p);


    auto it = domain_map.find(p);

    if(it == domain_map.end())

    {

      std::shared_ptr<statet> d(fac.make(p->current_location()));

      auto jt = domain_map.emplace(p, d);

      CHECK_RETURN(jt.second);

      it = jt.first;

    }


    return *(it->second);

  }

  statet &get_state(trace_ptrt p, const ai_domain_factory_baset &fac) override {…}


  void clear() override

  {

    trace_map_storaget::clear();

    domain_map.clear();

    return;

  }

  void clear() override {…}

};

class history_sensitive_storaget : public trace_map_storaget {…};


#endif

ai_domain.h
Abstract Interpretation Domain.

ai_history.h
Abstract Interpretation history.

ai_baset::merge
virtual bool merge(const statet &src, trace_ptrt from, trace_ptrt to)
Merge the state src, flowing from tracet from to tracet to, into the state currently stored for trace...
Definition ai.h:498

ai_domain_baset
The interface offered by a domain, allows code to manipulate domains without knowing their exact type...
Definition ai_domain.h:54

ai_domain_factory_baset
Definition ai_domain.h:171

ai_history_baset
A history object is an abstraction / representation of the control-flow part of a set of traces.
Definition ai_history.h:37

ai_history_baset::trace_ptrt
std::shared_ptr< const ai_history_baset > trace_ptrt
History objects are intended to be immutable so they can be shared to reduce memory overhead.
Definition ai_history.h:43

ai_history_baset::trace_sett
std::set< trace_ptrt, compare_historyt > trace_sett
Definition ai_history.h:79

ai_storage_baset
This is the basic interface for storing domains.
Definition ai_storage.h:36

ai_storage_baset::ai_storage_baset
ai_storage_baset()
Definition ai_storage.h:38

ai_storage_baset::clear
virtual void clear()
Reset the abstract state.
Definition ai_storage.h:80

ai_storage_baset::get_state
virtual statet & get_state(trace_ptrt p, const ai_domain_factory_baset &fac)=0
Look up the analysis state for a given history, instantiating a new domain if required.

ai_storage_baset::~ai_storage_baset
virtual ~ai_storage_baset()
Definition ai_storage.h:43

ai_storage_baset::locationt
goto_programt::const_targett locationt
Definition ai_storage.h:55

ai_storage_baset::abstract_state_before
virtual cstate_ptrt abstract_state_before(trace_ptrt p, const ai_domain_factory_baset &fac) const =0
Non-modifying access to the stored domains, used in the ai_baset public interface.

ai_storage_baset::trace_set_ptrt
std::shared_ptr< trace_sett > trace_set_ptrt
Definition ai_storage.h:53

ai_storage_baset::trace_sett
ai_history_baset::trace_sett trace_sett
Definition ai_storage.h:52

ai_storage_baset::prune
virtual void prune(locationt l)
Notifies the storage that the user will not need the domain object(s) for this location.
Definition ai_storage.h:91

ai_storage_baset::ctrace_set_ptrt
std::shared_ptr< const trace_sett > ctrace_set_ptrt
Definition ai_storage.h:54

ai_storage_baset::trace_ptrt
ai_history_baset::trace_ptrt trace_ptrt
Definition ai_storage.h:51

ai_storage_baset::abstract_state_before
virtual cstate_ptrt abstract_state_before(locationt l, const ai_domain_factory_baset &fac) const =0

ai_storage_baset::tracet
ai_history_baset tracet
Definition ai_storage.h:50

ai_storage_baset::state_ptrt
std::shared_ptr< statet > state_ptrt
Definition ai_storage.h:48

ai_storage_baset::abstract_traces_before
virtual ctrace_set_ptrt abstract_traces_before(locationt l) const =0
Returns all of the histories that have reached the start of the instruction.

ai_storage_baset::cstate_ptrt
std::shared_ptr< const statet > cstate_ptrt
Definition ai_storage.h:49

ai_storage_baset::statet
ai_domain_baset statet
Definition ai_storage.h:47

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

dependence_grapht
Definition dependence_graph.h:221

goto_programt::const_targett
instructionst::const_iterator const_targett
Definition goto_program.h:615

history_sensitive_storaget
Definition ai_storage.h:228

history_sensitive_storaget::clear
void clear() override
Reset the abstract state.
Definition ai_storage.h:296

history_sensitive_storaget::abstract_state_before
cstate_ptrt abstract_state_before(trace_ptrt p, const ai_domain_factory_baset &fac) const override
Non-modifying access to the stored domains, used in the ai_baset public interface.
Definition ai_storage.h:235

history_sensitive_storaget::domain_map
domain_mapt domain_map
Definition ai_storage.h:232

history_sensitive_storaget::domain_mapt
std::map< trace_ptrt, state_ptrt, ai_history_baset::compare_historyt > domain_mapt
Definition ai_storage.h:231

history_sensitive_storaget::get_state
statet & get_state(trace_ptrt p, const ai_domain_factory_baset &fac) override
Look up the analysis state for a given history, instantiating a new domain if required.
Definition ai_storage.h:280

history_sensitive_storaget::abstract_state_before
cstate_ptrt abstract_state_before(locationt t, const ai_domain_factory_baset &fac) const override
Definition ai_storage.h:246

invariant_propagationt
Definition invariant_propagation.h:23

location_sensitive_storaget
The most conventional storage; one domain per location.
Definition ai_storage.h:154

location_sensitive_storaget::abstract_state_before
cstate_ptrt abstract_state_before(trace_ptrt p, const ai_domain_factory_baset &fac) const override
Non-modifying access to the stored domains, used in the ai_baset public interface.
Definition ai_storage.h:175

location_sensitive_storaget::variable_sensitivity_dependence_grapht
friend variable_sensitivity_dependence_grapht
Definition ai_storage.h:168

location_sensitive_storaget::get_state
statet & get_state(trace_ptrt p, const ai_domain_factory_baset &fac) override
Look up the analysis state for a given history, instantiating a new domain if required.
Definition ai_storage.h:193

location_sensitive_storaget::dependence_grapht
friend dependence_grapht
Definition ai_storage.h:167

location_sensitive_storaget::state_map
state_mapt state_map
Definition ai_storage.h:163

location_sensitive_storaget::internal
state_mapt & internal(void)
Definition ai_storage.h:169

location_sensitive_storaget::abstract_state_before
cstate_ptrt abstract_state_before(locationt l, const ai_domain_factory_baset &fac) const override
Definition ai_storage.h:182

location_sensitive_storaget::invariant_propagationt
friend invariant_propagationt
Definition ai_storage.h:166

location_sensitive_storaget::clear
void clear() override
Reset the abstract state.
Definition ai_storage.h:218

location_sensitive_storaget::state_mapt
std::unordered_map< locationt, state_ptrt, const_target_hash, pointee_address_equalt > state_mapt
This is location sensitive so we store one domain per location.
Definition ai_storage.h:162

trace_map_storaget
Definition ai_storage.h:101

trace_map_storaget::abstract_traces_before
ctrace_set_ptrt abstract_traces_before(locationt l) const override
Returns all of the histories that have reached the start of the instruction.
Definition ai_storage.h:128

trace_map_storaget::trace_mapt
std::map< locationt, trace_set_ptrt, goto_programt::target_less_than > trace_mapt
Definition ai_storage.h:104

trace_map_storaget::register_trace
void register_trace(trace_ptrt p)
Definition ai_storage.h:108

trace_map_storaget::trace_map
trace_mapt trace_map
Definition ai_storage.h:105

trace_map_storaget::clear
void clear() override
Reset the abstract state.
Definition ai_storage.h:139

variable_sensitivity_dependence_grapht
Definition variable_sensitivity_dependence_graph.h:219

deprecate.h

SINCE
#define SINCE(year, month, day, msg)
Definition deprecate.h:26

DEPRECATED
#define DEPRECATED(msg)
Definition deprecate.h:23

goto_program.h
Concrete Goto Program.

CHECK_RETURN
#define CHECK_RETURN(CONDITION)
Definition invariant.h:495

DATA_INVARIANT
#define DATA_INVARIANT(CONDITION, REASON)
This condition should be used to document that assumptions that are made on goto_functions,...
Definition invariant.h:534

POSTCONDITION
#define POSTCONDITION(CONDITION)
Definition invariant.h:479

const_target_hash
Definition goto_program.h:1185

pointee_address_equalt
Functor to check whether iterators from different collections point at the same object.
Definition goto_program.h:1197