cbmc/interval__analysis_8cpp_source.html

 /*******************************************************************\


 Module: Interval Analysis


 Author: Daniel Kroening, kroening@kroening.com


 \*******************************************************************/


 #include "interval_analysis.h"


 #include <util/find_symbols.h>


 #include "ai.h"

 #include "interval_domain.h"


 void instrument_intervals(

   const ait<interval_domaint> &interval_analysis,

   goto_functionst::goto_functiont &goto_function)

 {

   std::set<symbol_exprt> symbols;


   for(const auto &i : goto_function.body.instructions)

     i.apply([&symbols](const exprt &e) { find_symbols(e, symbols); });


   Forall_goto_program_instructions(i_it, goto_function.body)

   {

     if(i_it==goto_function.body.instructions.begin())

     {

       // first instruction, we instrument

     }

     else

     {

       goto_programt::const_targett previous = std::prev(i_it);


       if(previous->is_goto() && !previous->condition().is_true())

       {

         // we follow a branch, instrument

       }

       else if(previous->is_function_call())

       {

         // we follow a function call, instrument

       }

       else if(i_it->is_target() || i_it->is_function_call())

       {

         // we are a target or a function call, instrument

       }

       else

         continue; // don't instrument

     }


     const interval_domaint &d=interval_analysis[i_it];


     exprt::operandst assertion;


     for(const auto &symbol_expr : symbols)

     {

       exprt tmp=d.make_expression(symbol_expr);

       if(!tmp.is_true())

         assertion.push_back(tmp);

     }


     if(!assertion.empty())

     {

       goto_programt::targett t=i_it;

       goto_function.body.insert_before_swap(i_it);

       i_it++; // goes to original instruction

       *t = goto_programt::make_assumption(

         conjunction(assertion), i_it->source_location());

     }

   }

 }


 void interval_analysis(goto_modelt &goto_model)

 {

   ait<interval_domaint> interval_analysis;


   const namespacet ns(goto_model.symbol_table);

   interval_analysis(goto_model.goto_functions, ns);


   for(auto &gf_entry : goto_model.goto_functions.function_map)

     instrument_intervals(interval_analysis, gf_entry.second);

 }

ai.h
Abstract Interpretation.

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition: ai.h:562

exprt
Base class for all expressions.
Definition: expr.h:56

exprt::operandst
std::vector< exprt > operandst
Definition: expr.h:58

exprt::is_true
bool is_true() const
Return whether the expression is a constant representing true.
Definition: expr.cpp:27

exprt::source_location
const source_locationt & source_location() const
Definition: expr.h:231

goto_functionst::function_map
function_mapt function_map
Definition: goto_functions.h:29

goto_functionst::goto_functiont
::goto_functiont goto_functiont
Definition: goto_functions.h:27

goto_modelt
Definition: goto_model.h:27

goto_modelt::symbol_table
symbol_tablet symbol_table
Symbol table.
Definition: goto_model.h:31

goto_modelt::goto_functions
goto_functionst goto_functions
GOTO functions.
Definition: goto_model.h:34

goto_programt::make_assumption
static instructiont make_assumption(const exprt &g, const source_locationt &l=source_locationt::nil())
Definition: goto_program.h:945

goto_programt::targett
instructionst::iterator targett
Definition: goto_program.h:614

goto_programt::const_targett
instructionst::const_iterator const_targett
Definition: goto_program.h:615

interval_domaint
Definition: interval_domain.h:24

interval_domaint::make_expression
exprt make_expression(const symbol_exprt &) const
Definition: interval_domain.cpp:408

namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94

find_symbols
static bool find_symbols(symbol_kindt, const typet &, std::function< bool(const symbol_exprt &)>, std::unordered_set< irep_idt > &bindings, const std::vector< irep_idt > &subs_to_find)
Find identifiers with id ID_symbol of the sub expressions and the subs with ID in subs_to_find consid...
Definition: find_symbols.cpp:152

find_symbols.h

Forall_goto_program_instructions
#define Forall_goto_program_instructions(it, program)
Definition: goto_program.h:1234

interval_analysis
void interval_analysis(goto_modelt &goto_model)
Initialises the abstract interpretation over interval domain and instruments instructions using inter...
Definition: interval_analysis.cpp:90

instrument_intervals
void instrument_intervals(const ait< interval_domaint > &interval_analysis, goto_functionst::goto_functiont &goto_function)
Instruments all "post-branch" instructions with assumptions about variable intervals.
Definition: interval_analysis.cpp:30

interval_analysis.h
Interval Analysis.

interval_domain.h
Interval Domain.

conjunction
exprt conjunction(const exprt::operandst &op)
1) generates a conjunction for two or more operands 2) for one operand, returns the operand 3) return...
Definition: std_expr.cpp:83