cbmc/dependence__graph_8h_source.html

/*******************************************************************\


Module: Field-Sensitive Program Dependence Analysis, Litvak et al.,

        FSE 2010


Author: Michael Tautschnig


Date: August 2013


\*******************************************************************/


#ifndef CPROVER_ANALYSES_DEPENDENCE_GRAPH_H

#define CPROVER_ANALYSES_DEPENDENCE_GRAPH_H


#include <util/graph.h>

#include <util/threeval.h>


#include "ai.h"

#include "cfg_dominators.h"

#include "reaching_definitions.h"


class dependence_grapht;


class dep_edget

{

public:

  enum class kindt { NONE, CTRL, DATA, BOTH };


  void add(kindt _kind)

  {

    switch(kind)

    {

      case kindt::NONE:

        kind=_kind;

        break;

      case kindt::DATA:

      case kindt::CTRL:

        if(kind!=_kind)

          kind=kindt::BOTH;

        break;

      case kindt::BOTH:

        break;

    }

  }

  void add(kindt _kind) {…}


  kindt get() const

  {

    return kind;

  }

  kindt get() const {…}


protected:

  kindt kind;

};

class dep_edget {…};


struct dep_nodet:public graph_nodet<dep_edget>

{

  typedef graph_nodet<dep_edget>::edget edget;

  typedef graph_nodet<dep_edget>::edgest edgest;


  goto_programt::const_targett PC;

};

struct dep_nodet:public graph_nodet<dep_edget> {…};


class dep_graph_domaint:public ai_domain_baset

{

public:

  typedef grapht<dep_nodet>::node_indext node_indext;


  dep_graph_domaint(node_indext id, message_handlert &message_handler)

    : has_values(false),

      node_id(id),

      has_changed(false),

      message_handler(message_handler)

  {

  }

  dep_graph_domaint(node_indext id, message_handlert &message_handler) {…}


  bool merge(const dep_graph_domaint &src, trace_ptrt from, trace_ptrt to);


  void transform(

    const irep_idt &function_from,

    trace_ptrt trace_from,

    const irep_idt &function_to,

    trace_ptrt trace_to,

    ai_baset &ai,

    const namespacet &ns) final override;


  void output(

    std::ostream &out,

    const ai_baset &ai,

    const namespacet &ns) const final override;


  jsont output_json(

    const ai_baset &ai,

    const namespacet &ns) const override;


  void make_top() final override

  {

    DATA_INVARIANT(node_id!=std::numeric_limits<node_indext>::max(),

                   "node_id must not be valid");


    has_values=tvt(true);

    control_deps.clear();

    control_dep_candidates.clear();

    data_deps.clear();

  }

  void make_top() final override {…}


  void make_bottom() final override

  {

    DATA_INVARIANT(node_id!=std::numeric_limits<node_indext>::max(),

                   "node_id must be valid");


    has_values=tvt(false);

    control_deps.clear();

    control_dep_candidates.clear();

    data_deps.clear();


    has_changed = false;

  }

  void make_bottom() final override {…}


  void make_entry() final override

  {

    DATA_INVARIANT(

      node_id != std::numeric_limits<node_indext>::max(),

      "node_id must not be valid");


    has_values = tvt::unknown();

    control_deps.clear();

    control_dep_candidates.clear();

    data_deps.clear();


    has_changed = false;

  }

  void make_entry() final override {…}


  bool is_top() const final override

  {

    DATA_INVARIANT(node_id!=std::numeric_limits<node_indext>::max(),

                   "node_id must be valid");


    DATA_INVARIANT(

      !has_values.is_true() ||

        (control_deps.empty() && control_dep_candidates.empty() &&

         data_deps.empty()),

      "If the domain is top, it must have no dependencies");


    return has_values.is_true();

  }

  bool is_top() const final override {…}


  bool is_bottom() const final override

  {

    DATA_INVARIANT(node_id!=std::numeric_limits<node_indext>::max(),

                   "node_id must be valid");


    DATA_INVARIANT(

      !has_values.is_false() ||

        (control_deps.empty() && control_dep_candidates.empty() &&

         data_deps.empty()),

      "If the domain is bottom, it must have no dependencies");


    return has_values.is_false();

  }

  bool is_bottom() const final override {…}


  node_indext get_node_id() const

  {

    PRECONDITION(node_id != std::numeric_limits<node_indext>::max());

    return node_id;

  }

  node_indext get_node_id() const {…}


  void populate_dep_graph(

    dependence_grapht &, goto_programt::const_targett) const;


private:

  tvt has_values;

  node_indext node_id;

  bool has_changed;


  typedef std::

    set<goto_programt::const_targett, goto_programt::target_less_than>

      depst;


  // Set of locations with control instructions on which the instruction at this

  // location has a control dependency on

  depst control_deps;


  // Set of locations with control instructions from which there is a path in

  // the CFG to the current location (with the locations being in the same

  // function). The set control_deps is a subset of this set.

  depst control_dep_candidates;


  // Set of locations with instructions on which the instruction at this

  // location has a data dependency on

  depst data_deps;


  message_handlert &message_handler;


  friend const depst &

    dependence_graph_test_get_control_deps(const dep_graph_domaint &);

  friend const depst &

    dependence_graph_test_get_data_deps(const dep_graph_domaint &);


  void control_dependencies(

    const irep_idt &function_id,

    goto_programt::const_targett from,

    goto_programt::const_targett to,

    dependence_grapht &dep_graph);


  void data_dependencies(

    goto_programt::const_targett from,

    const irep_idt &function_to,

    goto_programt::const_targett to,

    dependence_grapht &dep_graph,

    const namespacet &ns);

};

class dep_graph_domaint:public ai_domain_baset {…};


class dep_graph_domain_factoryt;


class dependence_grapht:

  public ait<dep_graph_domaint>,

  public grapht<dep_nodet>

{

public:

  using ait<dep_graph_domaint>::operator[];

  using grapht<dep_nodet>::operator[];


  typedef std::map<irep_idt, cfg_post_dominatorst> post_dominators_mapt;


  dependence_grapht(const namespacet &_ns, message_handlert &);


  void initialize(const goto_functionst &goto_functions)

  {

    ait<dep_graph_domaint>::initialize(goto_functions);

    rd(goto_functions, ns);


    for(const auto &entry : goto_functions.function_map)

    {

      const goto_programt &goto_program = entry.second.body;

      if(!goto_program.empty())

      {

        end_function_map.emplace(

          entry.first, std::prev(goto_program.instructions.end()));

      }

    }

  }

  void initialize(const goto_functionst &goto_functions) {…}


  void initialize(const irep_idt &function, const goto_programt &goto_program)

  {

    ait<dep_graph_domaint>::initialize(function, goto_program);


    // The dependency graph requires that all nodes are explicitly created

    forall_goto_program_instructions(i_it, goto_program)

      get_state(i_it).make_bottom();


    if(!goto_program.empty())

    {

      cfg_post_dominatorst &pd = post_dominators[function];

      pd(goto_program);


      end_function_map.emplace(

        function, std::prev(goto_program.instructions.end()));

    }

  }

  void initialize(const irep_idt &function, const goto_programt &goto_program) {…}


  void finalize()

  {

    for(const auto &location_state :

        static_cast<location_sensitive_storaget &>(*storage).internal())

    {

      std::static_pointer_cast<dep_graph_domaint>(location_state.second)

        ->populate_dep_graph(*this, location_state.first);

    }

  }

  void finalize() {…}


  void add_dep(

    dep_edget::kindt kind,

    goto_programt::const_targett from,

    goto_programt::const_targett to);


  const post_dominators_mapt &cfg_post_dominators() const

  {

    return post_dominators;

  }

  const post_dominators_mapt &cfg_post_dominators() const {…}


  const reaching_definitions_analysist &reaching_definitions() const

  {

    return rd;

  }

  const reaching_definitions_analysist &reaching_definitions() const {…}


protected:

  friend dep_graph_domain_factoryt;

  friend dep_graph_domaint;

  const namespacet &ns;


  post_dominators_mapt post_dominators;

  reaching_definitions_analysist rd;

  std::map<irep_idt, goto_programt::const_targett> end_function_map;

};

class dependence_grapht: {…};


#endif // CPROVER_ANALYSES_DEPENDENCE_GRAPH_H

ai.h
Abstract Interpretation.

cfg_dominators.h
Compute dominators for CFG of goto_function.

ai_baset
This is the basic interface of the abstract interpreter with default implementations of the core func...
Definition ai.h:117

ai_baset::initialize
virtual void initialize(const irep_idt &function_id, const goto_programt &goto_program)
Initialize all the abstract states for a single function.
Definition ai.cpp:194

ai_domain_baset
The interface offered by a domain, allows code to manipulate domains without knowing their exact type...
Definition ai_domain.h:54

ai_domain_baset::trace_ptrt
ai_history_baset::trace_ptrt trace_ptrt
Definition ai_domain.h:73

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

ait< dep_graph_domaint >::get_state
virtual statet & get_state(locationt l)
Definition ai.h:611

ait< dep_graph_domaint >::ait
ait()
Definition ai.h:565

dep_edget
Definition dependence_graph.h:28

dep_edget::get
kindt get() const
Definition dependence_graph.h:49

dep_edget::kind
kindt kind
Definition dependence_graph.h:55

dep_edget::kindt
kindt
Definition dependence_graph.h:30

dep_edget::kindt::CTRL
@ CTRL

dep_edget::kindt::BOTH
@ BOTH

dep_edget::kindt::NONE
@ NONE

dep_edget::kindt::DATA
@ DATA

dep_edget::add
void add(kindt _kind)
Definition dependence_graph.h:32

dep_graph_domain_factoryt
This ensures that all domains are constructed with the node ID that links them to the graph part of t...
Definition dependence_graph.cpp:342

dep_graph_domaint
Definition dependence_graph.h:67

dep_graph_domaint::dependence_graph_test_get_control_deps
friend const depst & dependence_graph_test_get_control_deps(const dep_graph_domaint &)

dep_graph_domaint::is_top
bool is_top() const final override
Definition dependence_graph.h:136

dep_graph_domaint::dependence_graph_test_get_data_deps
friend const depst & dependence_graph_test_get_data_deps(const dep_graph_domaint &)

dep_graph_domaint::dep_graph_domaint
dep_graph_domaint(node_indext id, message_handlert &message_handler)
Definition dependence_graph.h:71

dep_graph_domaint::has_values
tvt has_values
Definition dependence_graph.h:174

dep_graph_domaint::control_dependencies
void control_dependencies(const irep_idt &function_id, goto_programt::const_targett from, goto_programt::const_targett to, dependence_grapht &dep_graph)
Definition dependence_graph.cpp:52

dep_graph_domaint::depst
std::set< goto_programt::const_targett, goto_programt::target_less_than > depst
Definition dependence_graph.h:180

dep_graph_domaint::data_deps
depst data_deps
Definition dependence_graph.h:193

dep_graph_domaint::get_node_id
node_indext get_node_id() const
Definition dependence_graph.h:164

dep_graph_domaint::merge
bool merge(const dep_graph_domaint &src, trace_ptrt from, trace_ptrt to)
Definition dependence_graph.cpp:22

dep_graph_domaint::is_bottom
bool is_bottom() const final override
Definition dependence_graph.h:150

dep_graph_domaint::node_id
node_indext node_id
Definition dependence_graph.h:175

dep_graph_domaint::make_bottom
void make_bottom() final override
no states
Definition dependence_graph.h:109

dep_graph_domaint::has_changed
bool has_changed
Definition dependence_graph.h:176

dep_graph_domaint::control_deps
depst control_deps
Definition dependence_graph.h:184

dep_graph_domaint::populate_dep_graph
void populate_dep_graph(dependence_grapht &, goto_programt::const_targett) const
Definition dependence_graph.cpp:393

dep_graph_domaint::output_json
jsont output_json(const ai_baset &ai, const namespacet &ns) const override
Outputs the current value of the domain.
Definition dependence_graph.cpp:311

dep_graph_domaint::transform
void transform(const irep_idt &function_from, trace_ptrt trace_from, const irep_idt &function_to, trace_ptrt trace_to, ai_baset &ai, const namespacet &ns) final override
how function calls are treated: a) there is an edge from each call site to the function head b) there...
Definition dependence_graph.cpp:217

dep_graph_domaint::control_dep_candidates
depst control_dep_candidates
Definition dependence_graph.h:189

dep_graph_domaint::data_dependencies
void data_dependencies(goto_programt::const_targett from, const irep_idt &function_to, goto_programt::const_targett to, dependence_grapht &dep_graph, const namespacet &ns)
Definition dependence_graph.cpp:154

dep_graph_domaint::make_top
void make_top() final override
all states – the analysis doesn't use this directly (see make_entry) and domains may refuse to implem...
Definition dependence_graph.h:98

dep_graph_domaint::make_entry
void make_entry() final override
Make this domain a reasonable entry-point state For most domains top is sufficient.
Definition dependence_graph.h:122

dep_graph_domaint::output
void output(std::ostream &out, const ai_baset &ai, const namespacet &ns) const final override
Definition dependence_graph.cpp:272

dep_graph_domaint::message_handler
message_handlert & message_handler
Definition dependence_graph.h:195

dep_graph_domaint::node_indext
grapht< dep_nodet >::node_indext node_indext
Definition dependence_graph.h:69

dependence_grapht
Definition dependence_graph.h:221

dependence_grapht::add_dep
void add_dep(dep_edget::kindt kind, goto_programt::const_targett from, goto_programt::const_targett to)
Definition dependence_graph.cpp:376

dependence_grapht::cfg_post_dominators
const post_dominators_mapt & cfg_post_dominators() const
Definition dependence_graph.h:279

dependence_grapht::dep_graph_domain_factoryt
friend dep_graph_domain_factoryt
Definition dependence_graph.h:290

dependence_grapht::reaching_definitions
const reaching_definitions_analysist & reaching_definitions() const
Definition dependence_graph.h:284

dependence_grapht::rd
reaching_definitions_analysist rd
Definition dependence_graph.h:295

dependence_grapht::post_dominators_mapt
std::map< irep_idt, cfg_post_dominatorst > post_dominators_mapt
Definition dependence_graph.h:226

dependence_grapht::initialize
void initialize(const goto_functionst &goto_functions)
Initialize all the abstract states for a whole program.
Definition dependence_graph.h:230

dependence_grapht::finalize
void finalize()
Override this to add a cleanup or post-processing step after fixedpoint has run.
Definition dependence_graph.h:264

dependence_grapht::end_function_map
std::map< irep_idt, goto_programt::const_targett > end_function_map
Definition dependence_graph.h:296

dependence_grapht::initialize
void initialize(const irep_idt &function, const goto_programt &goto_program)
Initialize all the abstract states for a single function.
Definition dependence_graph.h:246

dependence_grapht::dep_graph_domaint
friend dep_graph_domaint
Definition dependence_graph.h:291

dependence_grapht::post_dominators
post_dominators_mapt post_dominators
Definition dependence_graph.h:294

dependence_grapht::ns
const namespacet & ns
Definition dependence_graph.h:292

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition dstring.h:38

goto_functionst
A collection of goto functions.
Definition goto_functions.h:25

goto_functionst::function_map
function_mapt function_map
Definition goto_functions.h:29

goto_programt
A generic container class for the GOTO intermediate representation of one function.
Definition goto_program.h:72

goto_programt::instructions
instructionst instructions
The list of instructions in the goto program.
Definition goto_program.h:621

goto_programt::const_targett
instructionst::const_iterator const_targett
Definition goto_program.h:614

goto_programt::empty
bool empty() const
Is the program empty?
Definition goto_program.h:798

graph_nodet
This class represents a node in a directed graph.
Definition graph.h:35

graph_nodet::edgest
std::map< node_indext, edget > edgest
Definition graph.h:40

grapht
A generic directed graph with a parametric node type.
Definition graph.h:167

grapht::node_indext
nodet::node_indext node_indext
Definition graph.h:173

jsont
Definition json.h:27

location_sensitive_storaget
The most conventional storage; one domain per location.
Definition ai_storage.h:154

location_sensitive_storaget::internal
state_mapt & internal(void)
Definition ai_storage.h:169

message_handlert
Definition message.h:27

namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition namespace.h:91

reaching_definitions_analysist
Definition reaching_definitions.h:352

tvt
Definition threeval.h:20

tvt::is_false
bool is_false() const
Definition threeval.h:26

tvt::is_true
bool is_true() const
Definition threeval.h:25

tvt::unknown
static tvt unknown()
Definition threeval.h:33

forall_goto_program_instructions
#define forall_goto_program_instructions(it, program)
Definition goto_program.h:1228

graph.h
A Template Class for Graphs.

reaching_definitions.h
Range-based reaching definitions analysis (following Field- Sensitive Program Dependence Analysis,...

DATA_INVARIANT
#define DATA_INVARIANT(CONDITION, REASON)
This condition should be used to document that assumptions that are made on goto_functions,...
Definition invariant.h:534

PRECONDITION
#define PRECONDITION(CONDITION)
Definition invariant.h:463

dep_nodet
Definition dependence_graph.h:59

dep_nodet::edget
graph_nodet< dep_edget >::edget edget
Definition dependence_graph.h:60

dep_nodet::edgest
graph_nodet< dep_edget >::edgest edgest
Definition dependence_graph.h:61

dep_nodet::PC
goto_programt::const_targett PC
Definition dependence_graph.h:63

threeval.h