CBMC
expr_util.cpp
Go to the documentation of this file.
1 /*******************************************************************\
2 
3 Module:
4 
5 Author: Daniel Kroening, kroening@kroening.com
6 
7 \*******************************************************************/
8 
9 #include "expr_util.h"
10 
11 #include "arith_tools.h"
12 #include "bitvector_expr.h"
13 #include "byte_operators.h"
14 #include "c_types.h"
15 #include "config.h"
16 #include "expr_iterator.h"
17 #include "namespace.h"
18 #include "pointer_expr.h"
19 #include "pointer_offset_size.h"
20 
21 #include <algorithm>
22 #include <unordered_set>
23 
24 bool is_assignable(const exprt &expr)
25 {
26  if(expr.id() == ID_index)
27  return is_assignable(to_index_expr(expr).array());
28  else if(expr.id() == ID_member)
29  return is_assignable(to_member_expr(expr).compound());
30  else if(expr.id() == ID_dereference)
31  return true;
32  else if(expr.id() == ID_symbol)
33  return true;
34  else
35  return false;
36 }
37 
38 exprt make_binary(const exprt &expr)
39 {
40  const exprt::operandst &operands=expr.operands();
41 
42  if(operands.size()<=2)
43  return expr;
44 
45  // types must be identical for make_binary to be safe to use
46  const typet &type=expr.type();
47 
48  exprt previous=operands.front();
49  PRECONDITION(previous.type()==type);
50 
51  for(exprt::operandst::const_iterator
52  it=++operands.begin();
53  it!=operands.end();
54  ++it)
55  {
56  PRECONDITION(it->type()==type);
57 
58  exprt tmp=expr;
59  tmp.operands().clear();
60  tmp.operands().resize(2);
61  to_binary_expr(tmp).op0().swap(previous);
62  to_binary_expr(tmp).op1() = *it;
63  previous.swap(tmp);
64  }
65 
66  return previous;
67 }
68 
69 with_exprt make_with_expr(const update_exprt &src)
70 {
71  const exprt::operandst &designator=src.designator();
72  PRECONDITION(!designator.empty());
73 
74  with_exprt result{exprt{}, exprt{}, exprt{}};
75  exprt *dest=&result;
76 
77  for(const auto &expr : designator)
78  {
79  with_exprt tmp{exprt{}, exprt{}, exprt{}};
80 
81  if(expr.id() == ID_index_designator)
82  {
83  tmp.where() = to_index_designator(expr).index();
84  }
85  else if(expr.id() == ID_member_designator)
86  {
87  // irep_idt component_name=
88  // to_member_designator(*it).get_component_name();
89  }
90  else
91  UNREACHABLE;
92 
93  *dest=tmp;
94  dest=&to_with_expr(*dest).new_value();
95  }
96 
97  return result;
98 }
99 
100 exprt is_not_zero(
101  const exprt &src,
102  const namespacet &ns)
103 {
104  // We frequently need to check if a numerical type is not zero.
105  // We replace (_Bool)x by x!=0; use ieee_float_notequal for floats.
106  // Note that this returns a proper bool_typet(), not a C/C++ boolean.
107  // To get a C/C++ boolean, add a further typecast.
108 
109  const typet &src_type = src.type().id() == ID_c_enum_tag
110  ? ns.follow_tag(to_c_enum_tag_type(src.type()))
111  : src.type();
112 
113  if(src_type.id()==ID_bool) // already there
114  return src; // do nothing
115 
116  irep_idt id=
117  src_type.id()==ID_floatbv?ID_ieee_float_notequal:ID_notequal;
118 
119  exprt zero=from_integer(0, src_type);
120  // Use tag type if applicable:
121  zero.type() = src.type();
122 
123  binary_relation_exprt comparison(src, id, std::move(zero));
124  comparison.add_source_location()=src.source_location();
125 
126  return std::move(comparison);
127 }
128 
129 exprt boolean_negate(const exprt &src)
130 {
131  if(src.id() == ID_not)
132  return to_not_expr(src).op();
133  else if(src.is_true())
134  return false_exprt();
135  else if(src.is_false())
136  return true_exprt();
137  else
138  return not_exprt(src);
139 }
140 
141 bool has_subexpr(
142  const exprt &expr,
143  const std::function<bool(const exprt &)> &pred)
144 {
145  const auto it = std::find_if(expr.depth_begin(), expr.depth_end(), pred);
146  return it != expr.depth_end();
147 }
148 
149 bool has_subexpr(const exprt &src, const irep_idt &id)
150 {
151  return has_subexpr(
152  src, [&](const exprt &subexpr) { return subexpr.id() == id; });
153 }
154 
155 bool has_subtype(
156  const typet &type,
157  const std::function<bool(const typet &)> &pred,
158  const namespacet &ns)
159 {
160  std::vector<std::reference_wrapper<const typet>> stack;
161  std::unordered_set<typet, irep_hash> visited;
162 
163  const auto push_if_not_visited = [&](const typet &t) {
164  if(visited.insert(t).second)
165  stack.emplace_back(t);
166  };
167 
168  push_if_not_visited(type);
169  while(!stack.empty())
170  {
171  const typet &top = stack.back().get();
172  stack.pop_back();
173 
174  if(pred(top))
175  return true;
176  else if(top.id() == ID_c_enum_tag)
177  push_if_not_visited(ns.follow_tag(to_c_enum_tag_type(top)));
178  else if(top.id() == ID_struct_tag)
179  push_if_not_visited(ns.follow_tag(to_struct_tag_type(top)));
180  else if(top.id() == ID_union_tag)
181  push_if_not_visited(ns.follow_tag(to_union_tag_type(top)));
182  else if(top.id() == ID_struct || top.id() == ID_union)
183  {
184  for(const auto &comp : to_struct_union_type(top).components())
185  push_if_not_visited(comp.type());
186  }
187  else
188  {
189  for(const auto &subtype : to_type_with_subtypes(top).subtypes())
190  push_if_not_visited(subtype);
191  }
192  }
193 
194  return false;
195 }
196 
197 bool has_subtype(const typet &type, const irep_idt &id, const namespacet &ns)
198 {
199  return has_subtype(
200  type, [&](const typet &subtype) { return subtype.id() == id; }, ns);
201 }
202 
203 if_exprt lift_if(const exprt &src, std::size_t operand_number)
204 {
205  PRECONDITION(operand_number<src.operands().size());
206  PRECONDITION(src.operands()[operand_number].id()==ID_if);
207 
208  const if_exprt if_expr=to_if_expr(src.operands()[operand_number]);
209  const exprt true_case=if_expr.true_case();
210  const exprt false_case=if_expr.false_case();
211 
212  if_exprt result(if_expr.cond(), src, src);
213  result.true_case().operands()[operand_number]=true_case;
214  result.false_case().operands()[operand_number]=false_case;
215 
216  return result;
217 }
218 
219 const exprt &skip_typecast(const exprt &expr)
220 {
221  if(expr.id()!=ID_typecast)
222  return expr;
223 
224  return skip_typecast(to_typecast_expr(expr).op());
225 }
226 
229 bool can_forward_propagatet::is_constant(const exprt &expr) const
230 {
231  if(
232  expr.id() == ID_symbol || expr.id() == ID_nondet_symbol ||
233  expr.id() == ID_side_effect)
234  {
235  return false;
236  }
237 
238  if(expr.id() == ID_address_of)
239  {
240  return is_constant_address_of(to_address_of_expr(expr).object());
241  }
242  else if(auto index = expr_try_dynamic_cast<index_exprt>(expr))
243  {
244  if(!is_constant(index->array()) || !index->index().is_constant())
245  return false;
246 
247  const auto &array_type = to_array_type(index->array().type());
248  if(!array_type.size().is_constant())
249  return false;
250 
251  const mp_integer size =
252  numeric_cast_v<mp_integer>(to_constant_expr(array_type.size()));
253  const mp_integer index_int =
254  numeric_cast_v<mp_integer>(to_constant_expr(index->index()));
255 
256  return index_int >= 0 && index_int < size;
257  }
258  else if(auto be = expr_try_dynamic_cast<byte_extract_exprt>(expr))
259  {
260  if(!is_constant(be->op()) || !be->offset().is_constant())
261  return false;
262 
263  const auto op_bits = pointer_offset_bits(be->op().type(), ns);
264  if(!op_bits.has_value())
265  return false;
266 
267  const auto extract_bits = pointer_offset_bits(be->type(), ns);
268  if(!extract_bits.has_value())
269  return false;
270 
271  const mp_integer offset_bits =
272  numeric_cast_v<mp_integer>(to_constant_expr(be->offset())) *
273  be->get_bits_per_byte();
274 
275  return offset_bits >= 0 && offset_bits + *extract_bits <= *op_bits;
276  }
277  else if(auto eb = expr_try_dynamic_cast<extractbits_exprt>(expr))
278  {
279  if(
280  !is_constant(eb->src()) || !eb->lower().is_constant() ||
281  !eb->upper().is_constant())
282  {
283  return false;
284  }
285 
286  const auto src_bits = pointer_offset_bits(eb->src().type(), ns);
287  if(!src_bits.has_value())
288  return false;
289 
290  const mp_integer lower_bound =
291  numeric_cast_v<mp_integer>(to_constant_expr(eb->lower()));
292  const mp_integer upper_bound =
293  numeric_cast_v<mp_integer>(to_constant_expr(eb->upper()));
294 
295  return lower_bound >= 0 && lower_bound <= upper_bound &&
296  upper_bound < src_bits;
297  }
298  else
299  {
300  // std::all_of returns true when there are no operands
301  return std::all_of(
302  expr.operands().begin(), expr.operands().end(), [this](const exprt &e) {
303  return is_constant(e);
304  });
305  }
306 }
307 
309 bool can_forward_propagatet::is_constant_address_of(const exprt &expr) const
310 {
311  if(expr.id() == ID_symbol)
312  {
313  return true;
314  }
315  else if(expr.id() == ID_index)
316  {
317  const index_exprt &index_expr = to_index_expr(expr);
318 
319  return is_constant_address_of(index_expr.array()) &&
320  is_constant(index_expr.index());
321  }
322  else if(expr.id() == ID_member)
323  {
324  return is_constant_address_of(to_member_expr(expr).compound());
325  }
326  else if(expr.id() == ID_dereference)
327  {
328  const dereference_exprt &deref = to_dereference_expr(expr);
329 
330  return is_constant(deref.pointer());
331  }
332  else if(expr.id() == ID_string_constant)
333  return true;
334 
335  return false;
336 }
337 
338 constant_exprt make_boolean_expr(bool value)
339 {
340  if(value)
341  return true_exprt();
342  else
343  return false_exprt();
344 }
345 
346 exprt make_and(exprt a, exprt b)
347 {
348  PRECONDITION(a.is_boolean() && b.is_boolean());
349  if(b.is_constant())
350  {
351  if(b.get(ID_value) == ID_false)
352  return false_exprt{};
353  return a;
354  }
355  if(a.is_constant())
356  {
357  if(a.get(ID_value) == ID_false)
358  return false_exprt{};
359  return b;
360  }
361  if(b.id() == ID_and)
362  {
363  b.add_to_operands(std::move(a));
364  return b;
365  }
366  return and_exprt{std::move(a), std::move(b)};
367 }
368 
369 bool is_null_pointer(const constant_exprt &expr)
370 {
371  if(expr.type().id() != ID_pointer)
372  return false;
373 
374  if(expr.get_value() == ID_NULL)
375  return true;
376 
377  // We used to support "0" (when NULL_is_zero), but really front-ends should
378  // resolve this and generate ID_NULL instead.
379 #if 0
380  return config.ansi_c.NULL_is_zero && expr.value_is_zero_string();
381 #else
382  INVARIANT(
383  !expr.value_is_zero_string() || !config.ansi_c.NULL_is_zero,
384  "front-end should use ID_NULL");
385  return false;
386 #endif
387 }
config
configt config
Definition: config.cpp:25
from_integer
constant_exprt from_integer(const mp_integer &int_value, const typet &type)
Definition: arith_tools.cpp:100
arith_tools.h
bitvector_expr.h
API to expression classes for bitvectors.
byte_operators.h
Expression classes for byte-level operators.
c_types.h
to_union_tag_type
const union_tag_typet & to_union_tag_type(const typet &type)
Cast a typet to a union_tag_typet.
Definition: c_types.h:224
to_c_enum_tag_type
const c_enum_tag_typet & to_c_enum_tag_type(const typet &type)
Cast a typet to a c_enum_tag_typet.
Definition: c_types.h:377
and_exprt
Boolean AND.
Definition: std_expr.h:2120
binary_exprt::op1
exprt & op1()
Definition: expr.h:136
binary_exprt::op0
exprt & op0()
Definition: expr.h:133
binary_relation_exprt
A base class for relations, i.e., binary predicates whose two operands have the same type.
Definition: std_expr.h:762
can_forward_propagatet::is_constant_address_of
virtual bool is_constant_address_of(const exprt &) const
this function determines which reference-typed expressions are constant
Definition: expr_util.cpp:309
can_forward_propagatet::is_constant
virtual bool is_constant(const exprt &) const
This function determines what expressions are to be propagated as "constants".
Definition: expr_util.cpp:229
can_forward_propagatet::ns
const namespacet & ns
Definition: expr_util.h:102
configt::ansi_c
struct configt::ansi_ct ansi_c
constant_exprt
A constant literal expression.
Definition: std_expr.h:2987
constant_exprt::get_value
const irep_idt & get_value() const
Definition: std_expr.h:2995
constant_exprt::value_is_zero_string
bool value_is_zero_string() const
Definition: std_expr.cpp:18
dereference_exprt
Operator to dereference a pointer.
Definition: pointer_expr.h:834
dereference_exprt::pointer
exprt & pointer()
Definition: pointer_expr.h:847
dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38
exprt
Base class for all expressions.
Definition: expr.h:56
exprt::operandst
std::vector< exprt > operandst
Definition: expr.h:58
exprt::is_true
bool is_true() const
Return whether the expression is a constant representing true.
Definition: expr.cpp:27
exprt::depth_end
depth_iteratort depth_end()
Definition: expr.cpp:249
exprt::add_source_location
source_locationt & add_source_location()
Definition: expr.h:236
exprt::is_boolean
bool is_boolean() const
Return whether the expression represents a Boolean.
Definition: expr.h:224
exprt::depth_begin
depth_iteratort depth_begin()
Definition: expr.cpp:247
exprt::source_location
const source_locationt & source_location() const
Definition: expr.h:231
exprt::is_false
bool is_false() const
Return whether the expression is a constant representing false.
Definition: expr.cpp:34
exprt::type
typet & type()
Return the type of the expression.
Definition: expr.h:84
exprt::is_constant
bool is_constant() const
Return whether the expression is a constant.
Definition: expr.h:212
exprt::operands
operandst & operands()
Definition: expr.h:94
exprt::add_to_operands
void add_to_operands(const exprt &expr)
Add the given argument to the end of exprt's operands.
Definition: expr.h:170
false_exprt
The Boolean constant false.
Definition: std_expr.h:3064
if_exprt
The trinary if-then-else operator.
Definition: std_expr.h:2370
if_exprt::true_case
exprt & true_case()
Definition: std_expr.h:2397
if_exprt::false_case
exprt & false_case()
Definition: std_expr.h:2407
if_exprt::cond
exprt & cond()
Definition: std_expr.h:2387
index_designatort::index
const exprt & index() const
Definition: std_expr.h:2558
index_exprt
Array index operator.
Definition: std_expr.h:1465
index_exprt::array
exprt & array()
Definition: std_expr.h:1495
index_exprt::index
exprt & index()
Definition: std_expr.h:1505
irept::get
const irep_idt & get(const irep_idt &name) const
Definition: irep.cpp:44
irept::id
const irep_idt & id() const
Definition: irep.h:384
irept::swap
void swap(irept &irep)
Definition: irep.h:430
namespace_baset::follow_tag
const union_typet & follow_tag(const union_tag_typet &) const
Follow type tag of union type.
Definition: namespace.cpp:63
namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94
not_exprt
Boolean negation.
Definition: std_expr.h:2327
true_exprt
The Boolean constant true.
Definition: std_expr.h:3055
typet
The type of an expression, extends irept.
Definition: type.h:29
unary_exprt::op
const exprt & op() const
Definition: std_expr.h:391
update_exprt
Operator to update elements in structs and arrays.
Definition: std_expr.h:2655
update_exprt::designator
exprt::operandst & designator()
Definition: std_expr.h:2681
with_exprt
Operator to update elements in structs and arrays.
Definition: std_expr.h:2471
with_exprt::new_value
exprt & new_value()
Definition: std_expr.h:2501
expr_iterator.h
Forward depth-first search iterators These iterators' copy operations are expensive,...
make_boolean_expr
constant_exprt make_boolean_expr(bool value)
returns true_exprt if given true and false_exprt otherwise
Definition: expr_util.cpp:338
make_with_expr
with_exprt make_with_expr(const update_exprt &src)
converts an update expr into a (possibly nested) with expression
Definition: expr_util.cpp:69
is_not_zero
exprt is_not_zero(const exprt &src, const namespacet &ns)
converts a scalar/float expression to C/C++ Booleans
Definition: expr_util.cpp:100
is_assignable
bool is_assignable(const exprt &expr)
Returns true iff the argument is one of the following:
Definition: expr_util.cpp:24
make_binary
exprt make_binary(const exprt &expr)
splits an expression with >=3 operands into nested binary expressions
Definition: expr_util.cpp:38
skip_typecast
const exprt & skip_typecast(const exprt &expr)
find the expression nested inside typecasts, if any
Definition: expr_util.cpp:219
has_subexpr
bool has_subexpr(const exprt &expr, const std::function< bool(const exprt &)> &pred)
returns true if the expression has a subexpression that satisfies pred
Definition: expr_util.cpp:141
lift_if
if_exprt lift_if(const exprt &src, std::size_t operand_number)
lift up an if_exprt one level
Definition: expr_util.cpp:203
make_and
exprt make_and(exprt a, exprt b)
Conjunction of two expressions.
Definition: expr_util.cpp:346
boolean_negate
exprt boolean_negate(const exprt &src)
negate a Boolean expression, possibly removing a not_exprt, and swapping false and true
Definition: expr_util.cpp:129
is_null_pointer
bool is_null_pointer(const constant_exprt &expr)
Returns true if expr has a pointer type and a value NULL; it also returns true when expr has value ze...
Definition: expr_util.cpp:369
has_subtype
bool has_subtype(const typet &type, const std::function< bool(const typet &)> &pred, const namespacet &ns)
returns true if any of the contained types satisfies pred
Definition: expr_util.cpp:155
expr_util.h
Deprecated expression utility functions.
pointer_expr.h
API to expression classes for Pointers.
to_dereference_expr
const dereference_exprt & to_dereference_expr(const exprt &expr)
Cast an exprt to a dereference_exprt.
Definition: pointer_expr.h:890
to_address_of_expr
const address_of_exprt & to_address_of_expr(const exprt &expr)
Cast an exprt to an address_of_exprt.
Definition: pointer_expr.h:577
pointer_offset_bits
std::optional< mp_integer > pointer_offset_bits(const typet &type, const namespacet &ns)
Definition: pointer_offset_size.cpp:102
pointer_offset_size.h
Pointer Logic.
mp_integer
BigInt mp_integer
Definition: smt_terms.h:17
UNREACHABLE
#define UNREACHABLE
This should be used to mark dead code.
Definition: invariant.h:525
PRECONDITION
#define PRECONDITION(CONDITION)
Definition: invariant.h:463
INVARIANT
#define INVARIANT(CONDITION, REASON)
This macro uses the wrapper function 'invariant_violated_string'.
Definition: invariant.h:423
to_index_designator
const index_designatort & to_index_designator(const exprt &expr)
Cast an exprt to an index_designatort.
Definition: std_expr.h:2586
to_if_expr
const if_exprt & to_if_expr(const exprt &expr)
Cast an exprt to an if_exprt.
Definition: std_expr.h:2450
to_constant_expr
const constant_exprt & to_constant_expr(const exprt &expr)
Cast an exprt to a constant_exprt.
Definition: std_expr.h:3037
to_typecast_expr
const typecast_exprt & to_typecast_expr(const exprt &expr)
Cast an exprt to a typecast_exprt.
Definition: std_expr.h:2102
to_not_expr
const not_exprt & to_not_expr(const exprt &expr)
Cast an exprt to an not_exprt.
Definition: std_expr.h:2352
to_with_expr
const with_exprt & to_with_expr(const exprt &expr)
Cast an exprt to a with_exprt.
Definition: std_expr.h:2533
to_binary_expr
const binary_exprt & to_binary_expr(const exprt &expr)
Cast an exprt to a binary_exprt.
Definition: std_expr.h:715
to_member_expr
const member_exprt & to_member_expr(const exprt &expr)
Cast an exprt to a member_exprt.
Definition: std_expr.h:2933
to_index_expr
const index_exprt & to_index_expr(const exprt &expr)
Cast an exprt to an index_exprt.
Definition: std_expr.h:1533
to_array_type
const array_typet & to_array_type(const typet &type)
Cast a typet to an array_typet.
Definition: std_types.h:888
to_struct_union_type
const struct_union_typet & to_struct_union_type(const typet &type)
Cast a typet to a struct_union_typet.
Definition: std_types.h:214
to_struct_tag_type
const struct_tag_typet & to_struct_tag_type(const typet &type)
Cast a typet to a struct_tag_typet.
Definition: std_types.h:518
configt::ansi_ct::NULL_is_zero
bool NULL_is_zero
Definition: config.h:224
to_type_with_subtypes
const type_with_subtypest & to_type_with_subtypes(const typet &type)
Definition: type.h:252