cbmc/fatal__assertions_8cpp_source.html

 /*******************************************************************\


 Module: Fatal Assertions


 Author: Daniel Kroening, dkr@amazon.com


 \*******************************************************************/


 #include "fatal_assertions.h"


 #include <util/irep_hash.h>


 #include <goto-programs/goto_functions.h>


 #include <stack>

 #include <unordered_set>


 struct function_loc_pairt

 {

   using function_itt = goto_functionst::function_mapt::const_iterator;

   function_loc_pairt(

     function_itt __function_it,

     goto_programt::const_targett __target)

     : function_it(__function_it), target(__target)

   {

   }

   function_itt function_it;

   goto_programt::const_targett target;

   bool operator==(const function_loc_pairt &other) const

   {

     return function_it->first == other.function_it->first &&

            target == other.target;

   }

 };


 struct function_itt_hasht

 {

   using function_itt = goto_functionst::function_mapt::const_iterator;

   std::size_t operator()(const function_itt &function_it) const

   {

     return function_it->first.hash();

   }

 };


 struct function_loc_pair_hasht

 {

   std::size_t operator()(const function_loc_pairt &p) const

   {

     auto h1 = p.function_it->first.hash();

     auto h2 = const_target_hash{}(p.target);

     return hash_combine(h1, h2);

   }

 };


 using loc_sett =

   std::unordered_set<function_loc_pairt, function_loc_pair_hasht>;


 static loc_sett

 reachable_fixpoint(const loc_sett &locs, const goto_functionst &goto_functions)

 {

   // frontier set

   std::stack<function_loc_pairt> working;


   for(auto loc : locs)

     working.push(loc);


   loc_sett fixpoint;


   while(!working.empty())

   {

     auto loc = working.top();

     working.pop();


     auto insertion_result = fixpoint.insert(loc);

     if(!insertion_result.second)

       continue; // seen already


     if(loc.target->is_function_call())

     {

       // get the callee

       auto &function = loc.target->call_function();

       if(function.id() == ID_symbol)

       {

         // add the callee to the working set

         auto &function_identifier = to_symbol_expr(function).get_identifier();

         auto function_iterator =

           goto_functions.function_map.find(function_identifier);

         CHECK_RETURN(function_iterator != goto_functions.function_map.end());

         working.emplace(

           function_iterator,

           function_iterator->second.body.instructions.begin());

       }


       // add the next location to the working set

       working.emplace(loc.function_it, std::next(loc.target));

     }

     else

     {

       auto &body = loc.function_it->second.body;


       for(auto successor : body.get_successors(loc.target))

         working.emplace(loc.function_it, successor);

     }

   }


   return fixpoint;

 }


 void propagate_fatal_to_proven(

   propertiest &properties,

   const goto_functionst &goto_functions)

 {

   // Iterate to find refuted fatal assertions. Anything reachalble

   // from there is a 'fatal loc'.

   loc_sett fatal_locs;


   for(auto function_it = goto_functions.function_map.begin();

       function_it != goto_functions.function_map.end();

       function_it++)

   {

     auto &body = function_it->second.body;

     for(auto target = body.instructions.begin();

         target != body.instructions.end();

         target++)

     {

       if(target->is_assert() && target->source_location().property_fatal())

       {

         auto id = target->source_location().get_property_id();

         auto property = properties.find(id);

         CHECK_RETURN(property != properties.end());


         // Status?

         if(property->second.status == property_statust::FAIL)

         {

           fatal_locs.emplace(function_it, target);

         }

       }

     }

   }


   // Saturate fixpoint.

   auto fixpoint = reachable_fixpoint(fatal_locs, goto_functions);


   // Now mark PASS assertions as UNKNOWN.

   for(auto &loc : fixpoint)

   {

     if(loc.target->is_assert())

     {

       auto id = loc.target->source_location().get_property_id();

       auto property = properties.find(id);

       CHECK_RETURN(property != properties.end());


       // Status?

       if(property->second.status == property_statust::PASS)

       {

         property->second.status = property_statust::UNKNOWN;

       }

     }

   }

 }


 void propagate_fatal_assertions(

   propertiest &properties,

   const goto_functionst &goto_functions)

 {

   propagate_fatal_to_proven(properties, goto_functions);

 }

goto_functionst
A collection of goto functions.
Definition: goto_functions.h:25

goto_functionst::function_map
function_mapt function_map
Definition: goto_functions.h:29

goto_programt::const_targett
instructionst::const_iterator const_targett
Definition: goto_program.h:615

symbol_exprt::get_identifier
const irep_idt & get_identifier() const
Definition: std_expr.h:160

reachable_fixpoint
static loc_sett reachable_fixpoint(const loc_sett &locs, const goto_functionst &goto_functions)
Definition: fatal_assertions.cpp:62

loc_sett
std::unordered_set< function_loc_pairt, function_loc_pair_hasht > loc_sett
Definition: fatal_assertions.cpp:59

propagate_fatal_assertions
void propagate_fatal_assertions(propertiest &properties, const goto_functionst &goto_functions)
Proven assertions after refuted fatal assertions are marked as UNKNOWN.
Definition: fatal_assertions.cpp:167

propagate_fatal_to_proven
void propagate_fatal_to_proven(propertiest &properties, const goto_functionst &goto_functions)
Proven assertions after refuted fatal assertions are marked as UNKNOWN.
Definition: fatal_assertions.cpp:114

fatal_assertions.h
Fatal Assertions.

goto_functions.h
Goto Programs with Functions.

irep_hash.h
irep hash functions

hash_combine
#define hash_combine(h1, h2)
Definition: irep_hash.h:121

property_statust::UNKNOWN
@ UNKNOWN
The checker was unable to determine the status of the property.

property_statust::PASS
@ PASS
The property was not violated.

property_statust::FAIL
@ FAIL
The property was violated.

propertiest
std::map< irep_idt, property_infot > propertiest
A map of property IDs to property infos.
Definition: properties.h:76

CHECK_RETURN
#define CHECK_RETURN(CONDITION)
Definition: invariant.h:495

to_symbol_expr
const symbol_exprt & to_symbol_expr(const exprt &expr)
Cast an exprt to a symbol_exprt.
Definition: std_expr.h:272

const_target_hash
Definition: goto_program.h:1185

function_itt_hasht
Definition: fatal_assertions.cpp:40

function_itt_hasht::operator()
std::size_t operator()(const function_itt &function_it) const
Definition: fatal_assertions.cpp:42

function_itt_hasht::function_itt
goto_functionst::function_mapt::const_iterator function_itt
Definition: fatal_assertions.cpp:41

function_loc_pair_hasht
Definition: fatal_assertions.cpp:49

function_loc_pair_hasht::operator()
std::size_t operator()(const function_loc_pairt &p) const
Definition: fatal_assertions.cpp:50

function_loc_pairt
Definition: fatal_assertions.cpp:22

function_loc_pairt::target
goto_programt::const_targett target
Definition: fatal_assertions.cpp:31

function_loc_pairt::function_it
function_itt function_it
Definition: fatal_assertions.cpp:30

function_loc_pairt::function_loc_pairt
function_loc_pairt(function_itt __function_it, goto_programt::const_targett __target)
Definition: fatal_assertions.cpp:24

function_loc_pairt::operator==
bool operator==(const function_loc_pairt &other) const
Definition: fatal_assertions.cpp:32

function_loc_pairt::function_itt
goto_functionst::function_mapt::const_iterator function_itt
Definition: fatal_assertions.cpp:23