cbmc/array__pool_8cpp_source.html

/*******************************************************************\


Module: String solver


Author: Romain Brenguier, romain.brenguier@diffblue.com


\*******************************************************************/


#include "array_pool.h"


#include <util/pointer_expr.h>


symbol_exprt symbol_generatort::

operator()(const irep_idt &prefix, const typet &type)

{

  std::ostringstream buf;

  buf << "string_refinement#" << prefix << "#" << ++symbol_count;

  irep_idt name(buf.str());

  symbol_exprt result(name, type);

#ifdef DEBUG

  created_symbols.push_back(result);

#endif

  return result;

}

symbol_exprt symbol_generatort:: {…}


exprt array_poolt::get_or_create_length(const array_string_exprt &s)

{

  if(const auto &if_expr = expr_try_dynamic_cast<if_exprt>((exprt)s))

  {

    return if_exprt{

      if_expr->cond(),

      get_or_create_length(to_array_string_expr(if_expr->true_case())),

      get_or_create_length(to_array_string_expr(if_expr->false_case()))};

  }


  auto emplace_result =

    length_of_array.emplace(s, symbol_exprt(s.length_type()));

  if(emplace_result.second)

  {

    emplace_result.first->second =

      fresh_symbol("string_length", s.length_type());

  }


  return emplace_result.first->second;

}

exprt array_poolt::get_or_create_length(const array_string_exprt &s) {…}


std::optional<exprt>


array_poolt::get_length_if_exists(const array_string_exprt &s) const

{

  auto find_result = length_of_array.find(s);

  if(find_result != length_of_array.end())

    return find_result->second;

  return {};

}

array_poolt::get_length_if_exists(const array_string_exprt &s) const {…}


array_string_exprt


array_poolt::fresh_string(const typet &index_type, const typet &char_type)

{

  array_typet array_type{char_type, infinity_exprt(index_type)};

  symbol_exprt content = fresh_symbol("string_content", array_type);

  array_string_exprt str = to_array_string_expr(content);

  arrays_of_pointers.emplace(

    address_of_exprt(index_exprt(str, from_integer(0, index_type))), str);


  // add length to length_of_array map

  get_or_create_length(str);


  return str;

}

array_poolt::fresh_string(const typet &index_type, const typet &char_type) {…}


array_string_exprt array_poolt::make_char_array_for_char_pointer(

  const exprt &char_pointer,

  const typet &char_array_type)

{

  PRECONDITION(char_pointer.type().id() == ID_pointer);

  PRECONDITION(char_array_type.id() == ID_array);

  PRECONDITION(

    to_array_type(char_array_type).element_type().id() == ID_unsignedbv ||

    to_array_type(char_array_type).element_type().id() == ID_signedbv);


  if(char_pointer.id() == ID_if)

  {

    const if_exprt &if_expr = to_if_expr(char_pointer);

    const array_string_exprt t =

      make_char_array_for_char_pointer(if_expr.true_case(), char_array_type);

    const array_string_exprt f =

      make_char_array_for_char_pointer(if_expr.false_case(), char_array_type);

    const array_typet array_type(

      to_array_type(char_array_type).element_type(),

      if_exprt(

        if_expr.cond(),

        to_array_type(t.type()).size(),

        to_array_type(f.type()).size()));

    // BEWARE: this expression is possibly type-inconsistent and must not be

    // used for any purposes other than passing it to concretization.

    // Array if-exprts must be replaced (using substitute_array_access) before

    // passing the lemmas to the solver.

    return to_array_string_expr(if_exprt(if_expr.cond(), t, f, array_type));

  }


  const bool is_constant_array =

    char_pointer.id() == ID_address_of &&

    to_address_of_expr(char_pointer).object().id() == ID_index &&

    to_index_expr(to_address_of_expr(char_pointer).object()).array().id() ==

      ID_array;


  if(is_constant_array)

  {

    return to_array_string_expr(

      to_index_expr(to_address_of_expr(char_pointer).object()).array());

  }

  const std::string symbol_name = "char_array_" + id2string(char_pointer.id());

  const auto array_sym =

    to_array_string_expr(fresh_symbol(symbol_name, char_array_type));

  const auto insert_result =

    arrays_of_pointers.insert({char_pointer, array_sym});


  // add length to length_of_array map

  get_or_create_length(array_sym);


  return to_array_string_expr(insert_result.first->second);

}

array_string_exprt array_poolt::make_char_array_for_char_pointer( {…}


static void attempt_assign_length_from_type(

  const array_string_exprt &array_expr,

  std::unordered_map<array_string_exprt, exprt, irep_hash> &length_of_array,

  symbol_generatort &symbol_generator)

{

  DATA_INVARIANT(

    array_expr.id() != ID_if,

    "attempt_assign_length_from_type does not handle if exprts");

  // This invariant seems always true, but I don't know why.

  // If we find a case where this is violated, try calling

  // attempt_assign_length_from_type on the true and false cases.

  const exprt &size_from_type = to_array_type(array_expr.type()).size();

  const exprt &size_to_assign =

    size_from_type != infinity_exprt(size_from_type.type())

      ? size_from_type

      : symbol_generator("string_length", array_expr.length_type());


  const auto emplace_result =

    length_of_array.emplace(array_expr, size_to_assign);

  INVARIANT(

    emplace_result.second,

    "attempt_assign_length_from_type should only be called when no entry"

    "for the array_string_exprt exists in the length_of_array map");

}

static void attempt_assign_length_from_type( {…}


void array_poolt::insert(

  const exprt &pointer_expr,

  const array_string_exprt &array_expr)

{

  const auto it_bool =

    arrays_of_pointers.insert(std::make_pair(pointer_expr, array_expr));


  INVARIANT(

    it_bool.second, "should not associate two arrays to the same pointer");


  if(length_of_array.find(array_expr) == length_of_array.end())

  {

    attempt_assign_length_from_type(array_expr, length_of_array, fresh_symbol);

  }

}

void array_poolt::insert( {…}


const std::unordered_map<array_string_exprt, exprt, irep_hash> &


array_poolt::created_strings() const

{

  return length_of_array;

}

array_poolt::created_strings() const {…}


array_string_exprt array_poolt::find(const exprt &pointer, const exprt &length)

{

  const array_typet array_type(

    to_pointer_type(pointer.type()).base_type(), length);

  const array_string_exprt array =

    make_char_array_for_char_pointer(pointer, array_type);

  return array;

}

array_string_exprt array_poolt::find(const exprt &pointer, const exprt &length) {…}


array_string_exprt of_argument(array_poolt &array_pool, const exprt &arg)

{

  const auto string_argument = expr_checked_cast<struct_exprt>(arg);

  return array_pool.find(string_argument.op1(), string_argument.op0());

}

array_string_exprt of_argument(array_poolt &array_pool, const exprt &arg) {…}


array_string_exprt get_string_expr(array_poolt &array_pool, const exprt &expr)

{

  PRECONDITION(is_refined_string_type(expr.type()));

  const refined_string_exprt &str = to_string_expr(expr);

  return array_pool.find(str.content(), str.length());

}

array_string_exprt get_string_expr(array_poolt &array_pool, const exprt &expr) {…}

from_integer
constant_exprt from_integer(const mp_integer &int_value, const typet &type)
Definition arith_tools.cpp:99

attempt_assign_length_from_type
static void attempt_assign_length_from_type(const array_string_exprt &array_expr, std::unordered_map< array_string_exprt, exprt, irep_hash > &length_of_array, symbol_generatort &symbol_generator)
Given an array_string_exprt, get the size of the underlying array.
Definition array_pool.cpp:135

of_argument
array_string_exprt of_argument(array_poolt &array_pool, const exprt &arg)
Converts a struct containing a length and pointer to an array.
Definition array_pool.cpp:193

get_string_expr
array_string_exprt get_string_expr(array_poolt &array_pool, const exprt &expr)
Fetch the string_exprt corresponding to the given refined_string_exprt.
Definition array_pool.cpp:199

array_pool.h
Associates arrays and length to pointers, so that the string refinement can transform builtin functio...

char_type
bitvector_typet char_type()
Definition c_types.cpp:106

address_of_exprt
Operator to return the address of an object.
Definition pointer_expr.h:540

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

array_poolt
Correspondance between arrays and pointers string representations.
Definition array_pool.h:42

array_poolt::arrays_of_pointers
std::unordered_map< exprt, array_string_exprt, irep_hash > arrays_of_pointers
Associate arrays to char pointers Invariant: Each array_string_exprt in this map has a corresponding ...
Definition array_pool.h:95

array_poolt::get_length_if_exists
std::optional< exprt > get_length_if_exists(const array_string_exprt &s) const
As opposed to get_length(), do not create a new symbol if the length of the array_string_exprt does n...
Definition array_pool.cpp:48

array_poolt::length_of_array
std::unordered_map< array_string_exprt, exprt, irep_hash > length_of_array
Associate length to arrays of infinite size.
Definition array_pool.h:98

array_poolt::make_char_array_for_char_pointer
array_string_exprt make_char_array_for_char_pointer(const exprt &char_pointer, const typet &char_array_type)
Helper function for find.
Definition array_pool.cpp:74

array_poolt::get_or_create_length
exprt get_or_create_length(const array_string_exprt &s)
Get the length of an array_string_exprt from the array_pool.
Definition array_pool.cpp:26

array_poolt::insert
void insert(const exprt &pointer_expr, const array_string_exprt &array)
Definition array_pool.cpp:160

array_poolt::fresh_string
array_string_exprt fresh_string(const typet &index_type, const typet &char_type)
Construct a string expression whose length and content are new variables.
Definition array_pool.cpp:57

array_poolt::find
array_string_exprt find(const exprt &pointer, const exprt &length)
Creates a new array if the pointer is not pointing to an array.
Definition array_pool.cpp:184

array_poolt::fresh_symbol
symbol_generatort & fresh_symbol
Generate fresh symbols.
Definition array_pool.h:101

array_poolt::created_strings
const std::unordered_map< array_string_exprt, exprt, irep_hash > & created_strings() const
Return a map mapping all array_string_exprt of the array_pool to their length.
Definition array_pool.cpp:179

array_string_exprt
Definition string_expr.h:68

array_string_exprt::length_type
const typet & length_type() const
Definition string_expr.h:70

array_typet
Arrays with given size.
Definition std_types.h:807

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition dstring.h:38

exprt
Base class for all expressions.
Definition expr.h:56

exprt::type
typet & type()
Return the type of the expression.
Definition expr.h:84

if_exprt
The trinary if-then-else operator.
Definition std_expr.h:2497

index_exprt
Array index operator.
Definition std_expr.h:1470

infinity_exprt
An expression denoting infinity.
Definition std_expr.h:3224

refined_string_exprt
Definition string_expr.h:110

refined_string_exprt::length
const exprt & length() const
Definition string_expr.h:129

refined_string_exprt::content
const exprt & content() const
Definition string_expr.h:139

symbol_exprt
Expression to hold a symbol (variable)
Definition std_expr.h:131

symbol_generatort
Generation of fresh symbols of a given type.
Definition array_pool.h:22

symbol_generatort::operator()
symbol_exprt operator()(const irep_idt &prefix, const typet &type=bool_typet())
Generate a new symbol expression of the given type with some prefix.
Definition array_pool.cpp:14

symbol_generatort::symbol_count
unsigned symbol_count
Definition array_pool.h:31

typet
The type of an expression, extends irept.
Definition type.h:29

id2string
const std::string & id2string(const irep_idt &d)
Definition irep.h:44

pointer_expr.h
API to expression classes for Pointers.

to_address_of_expr
const address_of_exprt & to_address_of_expr(const exprt &expr)
Cast an exprt to an address_of_exprt.
Definition pointer_expr.h:577

to_pointer_type
const pointer_typet & to_pointer_type(const typet &type)
Cast a typet to a pointer_typet.
Definition pointer_expr.h:93

is_refined_string_type
bool is_refined_string_type(const typet &type)
Definition refined_string_type.h:54

DATA_INVARIANT
#define DATA_INVARIANT(CONDITION, REASON)
This condition should be used to document that assumptions that are made on goto_functions,...
Definition invariant.h:534

PRECONDITION
#define PRECONDITION(CONDITION)
Definition invariant.h:463

INVARIANT
#define INVARIANT(CONDITION, REASON)
This macro uses the wrapper function 'invariant_violated_string'.
Definition invariant.h:423

to_index_expr
const index_exprt & to_index_expr(const exprt &expr)
Cast an exprt to an index_exprt.
Definition std_expr.h:1538

to_if_expr
const if_exprt & to_if_expr(const exprt &expr)
Cast an exprt to an if_exprt.
Definition std_expr.h:2577

to_array_type
const array_typet & to_array_type(const typet &type)
Cast a typet to an array_typet.
Definition std_types.h:888

to_array_string_expr
array_string_exprt & to_array_string_expr(exprt &expr)
Definition string_expr.h:96

to_string_expr
refined_string_exprt & to_string_expr(exprt &expr)
Definition string_expr.h:151