CBMC
field_sensitivity.h
Go to the documentation of this file.
1 /*******************************************************************\
2 
3 Module: Field-sensitive SSA
4 
5 Author: Michael Tautschnig
6 
7 \*******************************************************************/
8 
9 #ifndef CPROVER_GOTO_SYMEX_FIELD_SENSITIVITY_H
10 #define CPROVER_GOTO_SYMEX_FIELD_SENSITIVITY_H
11 
12 #include <util/ssa_expr.h>
13 
14 class namespacet;
15 class goto_symex_statet;
16 class symex_targett;
17 
18 class field_sensitive_ssa_exprt : public exprt
19 {
20 public:
21  field_sensitive_ssa_exprt(const ssa_exprt &ssa, exprt::operandst &&fields)
22  : exprt(ID_field_sensitive_ssa, ssa.type(), std::move(fields))
23  {
24  add(ID_expression, ssa);
25  }
26 
27  const ssa_exprt &get_object_ssa() const
28  {
29  return static_cast<const ssa_exprt &>(find(ID_expression));
30  }
31 };
32 
33 template <>
34 inline bool can_cast_expr<field_sensitive_ssa_exprt>(const exprt &base)
35 {
36  return base.id() == ID_field_sensitive_ssa;
37 }
38 
39 inline const field_sensitive_ssa_exprt &
40 to_field_sensitive_ssa_expr(const exprt &expr)
41 {
42  PRECONDITION(expr.id() == ID_field_sensitive_ssa);
43  const field_sensitive_ssa_exprt &ret =
44  static_cast<const field_sensitive_ssa_exprt &>(expr);
45  return ret;
46 }
47 
48 inline field_sensitive_ssa_exprt &to_field_sensitive_ssa_expr(exprt &expr)
49 {
50  PRECONDITION(expr.id() == ID_field_sensitive_ssa);
51  field_sensitive_ssa_exprt &ret =
52  static_cast<field_sensitive_ssa_exprt &>(expr);
53  return ret;
54 }
55 
116 class field_sensitivityt
117 {
118 public:
122  field_sensitivityt(std::size_t max_array_size, bool should_simplify)
123  : max_field_sensitivity_array_size(max_array_size),
124  should_simplify(should_simplify)
125  {
126  }
127 
139  void field_assignments(
140  const namespacet &ns,
141  goto_symex_statet &state,
142  const ssa_exprt &lhs,
143  const exprt &rhs,
144  symex_targett &target,
145  bool allow_pointer_unsoundness) const;
146 
160  [[nodiscard]] exprt
161  apply(const namespacet &ns, goto_symex_statet &state, exprt expr, bool write)
162  const;
164  [[nodiscard]] exprt apply(
165  const namespacet &ns,
166  goto_symex_statet &state,
167  ssa_exprt expr,
168  bool write) const;
169 
182  [[nodiscard]] exprt get_fields(
183  const namespacet &ns,
184  goto_symex_statet &state,
185  const ssa_exprt &ssa_expr,
186  bool disjoined_fields_only) const;
187 
197  [[nodiscard]] bool
198  is_divisible(const ssa_exprt &expr, bool disjoined_fields_only) const;
199 
200 private:
201  const std::size_t max_field_sensitivity_array_size;
202 
203  const bool should_simplify;
204 
205  void field_assignments_rec(
206  const namespacet &ns,
207  goto_symex_statet &state,
208  const exprt &lhs_fs,
209  const exprt &ssa_rhs,
210  symex_targett &target,
211  bool allow_pointer_unsoundness) const;
212 
213  [[nodiscard]] exprt simplify_opt(exprt e, const namespacet &ns) const;
214 };
215 
216 #endif // CPROVER_GOTO_SYMEX_FIELD_SENSITIVITY_H
exprt
Base class for all expressions.
Definition: expr.h:56
exprt::operandst
std::vector< exprt > operandst
Definition: expr.h:58
exprt::type
typet & type()
Return the type of the expression.
Definition: expr.h:84
field_sensitive_ssa_exprt
Definition: field_sensitivity.h:19
field_sensitive_ssa_exprt::field_sensitive_ssa_exprt
field_sensitive_ssa_exprt(const ssa_exprt &ssa, exprt::operandst &&fields)
Definition: field_sensitivity.h:21
field_sensitive_ssa_exprt::get_object_ssa
const ssa_exprt & get_object_ssa() const
Definition: field_sensitivity.h:27
field_sensitivityt
Control granularity of object accesses.
Definition: field_sensitivity.h:117
field_sensitivityt::should_simplify
const bool should_simplify
Definition: field_sensitivity.h:203
field_sensitivityt::simplify_opt
exprt simplify_opt(exprt e, const namespacet &ns) const
Definition: field_sensitivity.cpp:561
field_sensitivityt::max_field_sensitivity_array_size
const std::size_t max_field_sensitivity_array_size
Definition: field_sensitivity.h:201
field_sensitivityt::get_fields
exprt get_fields(const namespacet &ns, goto_symex_statet &state, const ssa_exprt &ssa_expr, bool disjoined_fields_only) const
Compute an expression representing the individual components of a field-sensitive SSA representation ...
Definition: field_sensitivity.cpp:215
field_sensitivityt::field_assignments_rec
void field_assignments_rec(const namespacet &ns, goto_symex_statet &state, const exprt &lhs_fs, const exprt &ssa_rhs, symex_targett &target, bool allow_pointer_unsoundness) const
Assign to the individual fields lhs_fs of a non-expanded symbol lhs.
Definition: field_sensitivity.cpp:343
field_sensitivityt::apply
exprt apply(const namespacet &ns, goto_symex_statet &state, exprt expr, bool write) const
Turn an expression expr into a field-sensitive SSA expression.
Definition: field_sensitivity.cpp:34
field_sensitivityt::field_assignments
void field_assignments(const namespacet &ns, goto_symex_statet &state, const ssa_exprt &lhs, const exprt &rhs, symex_targett &target, bool allow_pointer_unsoundness) const
Assign to the individual fields of a non-expanded symbol lhs.
Definition: field_sensitivity.cpp:308
field_sensitivityt::field_sensitivityt
field_sensitivityt(std::size_t max_array_size, bool should_simplify)
Definition: field_sensitivity.h:122
field_sensitivityt::is_divisible
bool is_divisible(const ssa_exprt &expr, bool disjoined_fields_only) const
Determine whether expr would translate to an atomic SSA expression (returns false) or a composite obj...
Definition: field_sensitivity.cpp:533
goto_symex_statet
Central data structure: state.
Definition: goto_symex_state.h:43
irept::find
const irept & find(const irep_idt &name) const
Definition: irep.cpp:93
irept::id
const irep_idt & id() const
Definition: irep.h:388
irept::add
irept & add(const irep_idt &name)
Definition: irep.cpp:103
namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94
ssa_exprt
Expression providing an SSA-renamed symbol of expressions.
Definition: ssa_expr.h:17
symex_targett
The interface of the target container for symbolic execution to record its symbolic steps into.
Definition: symex_target.h:25
can_cast_expr< field_sensitive_ssa_exprt >
bool can_cast_expr< field_sensitive_ssa_exprt >(const exprt &base)
Definition: field_sensitivity.h:34
to_field_sensitive_ssa_expr
const field_sensitive_ssa_exprt & to_field_sensitive_ssa_expr(const exprt &expr)
Definition: field_sensitivity.h:40
PRECONDITION
#define PRECONDITION(CONDITION)
Definition: invariant.h:463
ssa_expr.h
write
ssize_t write(int fildes, const void *buf, size_t nbyte)
Definition: unistd.c:195