CBMC
ssa_step.cpp
Go to the documentation of this file.
1 /*******************************************************************\
2 
3 Module: Symbolic Execution
4 
5 Author: Romain Brenguier <romain.brenguier@diffblue.com>
6 
7 *******************************************************************/
8 
9 #include "ssa_step.h"
10 
11 #include <util/format_expr.h>
12 #include <util/namespace.h>
13 
14 void SSA_stept::output(std::ostream &out) const
15 {
16  out << "Thread " << source.thread_nr;
17 
18  if(source.pc->source_location().is_not_nil())
19  out << " " << source.pc->source_location() << '\n';
20  else
21  out << '\n';
22 
23  switch(type)
24  {
25  case goto_trace_stept::typet::ASSERT:
26  out << "ASSERT " << format(cond_expr) << '\n';
27  break;
28  case goto_trace_stept::typet::ASSUME:
29  out << "ASSUME " << format(cond_expr) << '\n';
30  break;
31  case goto_trace_stept::typet::LOCATION:
32  out << "LOCATION" << '\n';
33  break;
34  case goto_trace_stept::typet::INPUT:
35  out << "INPUT" << '\n';
36  break;
37  case goto_trace_stept::typet::OUTPUT:
38  out << "OUTPUT" << '\n';
39  break;
40 
41  case goto_trace_stept::typet::DECL:
42  out << "DECL" << '\n';
43  out << format(ssa_lhs) << '\n';
44  break;
45 
46  case goto_trace_stept::typet::ASSIGNMENT:
47  out << "ASSIGNMENT (";
48  switch(assignment_type)
49  {
50  case symex_targett::assignment_typet::HIDDEN:
51  out << "HIDDEN";
52  break;
53  case symex_targett::assignment_typet::STATE:
54  out << "STATE";
55  break;
56  case symex_targett::assignment_typet::VISIBLE_ACTUAL_PARAMETER:
57  out << "VISIBLE_ACTUAL_PARAMETER";
58  break;
59  case symex_targett::assignment_typet::HIDDEN_ACTUAL_PARAMETER:
60  out << "HIDDEN_ACTUAL_PARAMETER";
61  break;
62  case symex_targett::assignment_typet::PHI:
63  out << "PHI";
64  break;
65  case symex_targett::assignment_typet::GUARD:
66  out << "GUARD";
67  break;
68  default:
69  {
70  }
71  }
72 
73  out << ")\n";
74  break;
75 
76  case goto_trace_stept::typet::DEAD:
77  out << "DEAD\n";
78  break;
79  case goto_trace_stept::typet::FUNCTION_CALL:
80  out << "FUNCTION_CALL\n";
81  break;
82  case goto_trace_stept::typet::FUNCTION_RETURN:
83  out << "FUNCTION_RETURN\n";
84  break;
85  case goto_trace_stept::typet::CONSTRAINT:
86  out << "CONSTRAINT\n";
87  break;
88  case goto_trace_stept::typet::SHARED_READ:
89  out << "SHARED READ\n";
90  break;
91  case goto_trace_stept::typet::SHARED_WRITE:
92  out << "SHARED WRITE\n";
93  break;
94  case goto_trace_stept::typet::ATOMIC_BEGIN:
95  out << "ATOMIC_BEGIN\n";
96  break;
97  case goto_trace_stept::typet::ATOMIC_END:
98  out << "AUTOMIC_END\n";
99  break;
100  case goto_trace_stept::typet::SPAWN:
101  out << "SPAWN\n";
102  break;
103  case goto_trace_stept::typet::MEMORY_BARRIER:
104  out << "MEMORY_BARRIER\n";
105  break;
106  case goto_trace_stept::typet::GOTO:
107  out << "IF " << format(cond_expr) << " GOTO\n";
108  break;
109 
110  case goto_trace_stept::typet::NONE:
111  UNREACHABLE;
112  }
113 
114  if(is_assert() || is_assume() || is_assignment() || is_constraint())
115  out << format(cond_expr) << '\n';
116 
117  if(is_assert() || is_constraint())
118  out << comment << '\n';
119 
120  if(is_shared_read() || is_shared_write())
121  out << format(ssa_lhs) << '\n';
122 
123  out << "Guard: " << format(guard) << '\n';
124 }
125 
129 void SSA_stept::validate(const namespacet &ns, const validation_modet vm) const
130 {
131  validate_full_expr(guard, ns, vm);
132 
133  switch(type)
134  {
135  case goto_trace_stept::typet::ASSERT:
136  DATA_CHECK(vm, !property_id.empty(), "missing property id in assert step");
137  case goto_trace_stept::typet::ASSUME:
138  case goto_trace_stept::typet::GOTO:
139  case goto_trace_stept::typet::CONSTRAINT:
140  validate_full_expr(cond_expr, ns, vm);
141  break;
142  case goto_trace_stept::typet::DECL:
143  validate_full_expr(ssa_lhs, ns, vm);
144  validate_full_expr(ssa_full_lhs, ns, vm);
145  validate_full_expr(original_full_lhs, ns, vm);
146  break;
147  case goto_trace_stept::typet::ASSIGNMENT:
148  validate_full_expr(ssa_lhs, ns, vm);
149  validate_full_expr(ssa_full_lhs, ns, vm);
150  validate_full_expr(original_full_lhs, ns, vm);
151  validate_full_expr(ssa_rhs, ns, vm);
152  DATA_CHECK(
153  vm,
154  ssa_lhs.get_original_expr().type() == ssa_rhs.type(),
155  "Type inequality in SSA assignment\nlhs-type: " +
156  ssa_lhs.get_original_expr().type().id_string() +
157  "\nrhs-type: " + ssa_rhs.type().id_string());
158  break;
159  case goto_trace_stept::typet::INPUT:
160  case goto_trace_stept::typet::OUTPUT:
161  for(const auto &expr : io_args)
162  validate_full_expr(expr, ns, vm);
163  break;
164  case goto_trace_stept::typet::FUNCTION_CALL:
165  for(const auto &expr : ssa_function_arguments)
166  validate_full_expr(expr, ns, vm);
167  case goto_trace_stept::typet::FUNCTION_RETURN:
168  {
169  const symbolt *symbol;
170  DATA_CHECK(
171  vm,
172  called_function.empty() || !ns.lookup(called_function, symbol),
173  "unknown function identifier " + id2string(called_function));
174  }
175  break;
176  case goto_trace_stept::typet::NONE:
177  case goto_trace_stept::typet::LOCATION:
178  case goto_trace_stept::typet::DEAD:
179  case goto_trace_stept::typet::SHARED_READ:
180  case goto_trace_stept::typet::SHARED_WRITE:
181  case goto_trace_stept::typet::SPAWN:
182  case goto_trace_stept::typet::MEMORY_BARRIER:
183  case goto_trace_stept::typet::ATOMIC_BEGIN:
184  case goto_trace_stept::typet::ATOMIC_END:
185  break;
186  }
187 }
188 
189 SSA_assignment_stept::SSA_assignment_stept(
190  symex_targett::sourcet source,
191  exprt _guard,
192  ssa_exprt _ssa_lhs,
193  exprt _ssa_full_lhs,
194  exprt _original_full_lhs,
195  exprt _ssa_rhs,
196  symex_targett::assignment_typet _assignment_type)
197  : SSA_stept(source, goto_trace_stept::typet::ASSIGNMENT)
198 {
199  guard = std::move(_guard);
200  ssa_lhs = std::move(_ssa_lhs);
201  ssa_full_lhs = std::move(_ssa_full_lhs);
202  original_full_lhs = std::move(_original_full_lhs);
203  ssa_rhs = std::move(_ssa_rhs);
204  assignment_type = _assignment_type;
205  cond_expr = equal_exprt{ssa_lhs, ssa_rhs};
206  hidden = assignment_type != symex_targett::assignment_typet::STATE &&
207  assignment_type !=
208  symex_targett::assignment_typet::VISIBLE_ACTUAL_PARAMETER;
209 }
SSA_assignment_stept::SSA_assignment_stept
SSA_assignment_stept(symex_targett::sourcet source, exprt guard, ssa_exprt ssa_lhs, exprt ssa_full_lhs, exprt original_full_lhs, exprt ssa_rhs, symex_targett::assignment_typet assignment_type)
Definition: ssa_step.cpp:189
SSA_stept
Single SSA step in the equation.
Definition: ssa_step.h:47
SSA_stept::called_function
irep_idt called_function
Definition: ssa_step.h:163
SSA_stept::is_assume
bool is_assume() const
Definition: ssa_step.h:57
SSA_stept::validate
void validate(const namespacet &ns, const validation_modet vm) const
Check that the SSA step is well-formed.
Definition: ssa_step.cpp:129
SSA_stept::ssa_function_arguments
std::vector< exprt > ssa_function_arguments
Definition: ssa_step.h:166
SSA_stept::cond_expr
exprt cond_expr
Definition: ssa_step.h:145
SSA_stept::assignment_type
symex_targett::assignment_typet assignment_type
Definition: ssa_step.h:142
SSA_stept::ssa_full_lhs
exprt ssa_full_lhs
Definition: ssa_step.h:140
SSA_stept::type
goto_trace_stept::typet type
Definition: ssa_step.h:50
SSA_stept::hidden
bool hidden
Definition: ssa_step.h:133
SSA_stept::is_constraint
bool is_constraint() const
Definition: ssa_step.h:72
SSA_stept::guard
exprt guard
Definition: ssa_step.h:135
SSA_stept::is_shared_write
bool is_shared_write() const
Definition: ssa_step.h:107
SSA_stept::ssa_rhs
exprt ssa_rhs
Definition: ssa_step.h:141
SSA_stept::comment
std::string comment
Definition: ssa_step.h:147
SSA_stept::source
symex_targett::sourcet source
Definition: ssa_step.h:49
SSA_stept::original_full_lhs
exprt original_full_lhs
Definition: ssa_step.h:140
SSA_stept::is_shared_read
bool is_shared_read() const
Definition: ssa_step.h:102
SSA_stept::property_id
irep_idt property_id
Definition: ssa_step.h:149
SSA_stept::io_args
std::list< exprt > io_args
Definition: ssa_step.h:159
SSA_stept::output
void output(std::ostream &out) const
Definition: ssa_step.cpp:14
SSA_stept::is_assignment
bool is_assignment() const
Definition: ssa_step.h:62
SSA_stept::ssa_lhs
ssa_exprt ssa_lhs
Definition: ssa_step.h:139
SSA_stept::is_assert
bool is_assert() const
Definition: ssa_step.h:52
dstringt::empty
bool empty() const
Definition: dstring.h:89
equal_exprt
Equality.
Definition: std_expr.h:1361
exprt
Base class for all expressions.
Definition: expr.h:56
exprt::type
typet & type()
Return the type of the expression.
Definition: expr.h:84
goto_trace_stept
Step of the trace of a GOTO program.
Definition: goto_trace.h:50
goto_trace_stept::typet::SPAWN
@ SPAWN
goto_trace_stept::typet::ASSERT
@ ASSERT
goto_trace_stept::typet::ATOMIC_END
@ ATOMIC_END
goto_trace_stept::typet::GOTO
@ GOTO
goto_trace_stept::typet::OUTPUT
@ OUTPUT
goto_trace_stept::typet::MEMORY_BARRIER
@ MEMORY_BARRIER
goto_trace_stept::typet::SHARED_WRITE
@ SHARED_WRITE
goto_trace_stept::typet::SHARED_READ
@ SHARED_READ
goto_trace_stept::typet::LOCATION
@ LOCATION
goto_trace_stept::typet::DECL
@ DECL
goto_trace_stept::typet::ASSIGNMENT
@ ASSIGNMENT
goto_trace_stept::typet::INPUT
@ INPUT
goto_trace_stept::typet::NONE
@ NONE
goto_trace_stept::typet::DEAD
@ DEAD
goto_trace_stept::typet::FUNCTION_RETURN
@ FUNCTION_RETURN
goto_trace_stept::typet::ASSUME
@ ASSUME
goto_trace_stept::typet::CONSTRAINT
@ CONSTRAINT
goto_trace_stept::typet::ATOMIC_BEGIN
@ ATOMIC_BEGIN
goto_trace_stept::typet::FUNCTION_CALL
@ FUNCTION_CALL
irept::id_string
const std::string & id_string() const
Definition: irep.h:391
namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94
namespacet::lookup
bool lookup(const irep_idt &name, const symbolt *&symbol) const override
See documentation for namespace_baset::lookup().
Definition: namespace.cpp:148
ssa_exprt
Expression providing an SSA-renamed symbol of expressions.
Definition: ssa_expr.h:17
ssa_exprt::get_original_expr
const exprt & get_original_expr() const
Definition: ssa_expr.h:33
symbolt
Symbol table entry.
Definition: symbol.h:28
symex_targett::assignment_typet
assignment_typet
Definition: symex_target.h:69
symex_targett::assignment_typet::STATE
@ STATE
symex_targett::assignment_typet::HIDDEN
@ HIDDEN
symex_targett::assignment_typet::GUARD
@ GUARD
symex_targett::assignment_typet::VISIBLE_ACTUAL_PARAMETER
@ VISIBLE_ACTUAL_PARAMETER
symex_targett::assignment_typet::HIDDEN_ACTUAL_PARAMETER
@ HIDDEN_ACTUAL_PARAMETER
symex_targett::assignment_typet::PHI
@ PHI
typet
The type of an expression, extends irept.
Definition: type.h:29
format
static format_containert< T > format(const T &o)
Definition: format.h:37
format_expr.h
id2string
const std::string & id2string(const irep_idt &d)
Definition: irep.h:44
UNREACHABLE
#define UNREACHABLE
This should be used to mark dead code.
Definition: invariant.h:525
ssa_step.h
symex_targett::sourcet
Identifies source in the context of symbolic execution.
Definition: symex_target.h:37
symex_targett::sourcet::thread_nr
unsigned thread_nr
Definition: symex_target.h:38
symex_targett::sourcet::pc
goto_programt::const_targett pc
Definition: symex_target.h:42
DATA_CHECK
#define DATA_CHECK(vm, condition, message)
This macro takes a condition which denotes a well-formedness criterion on goto programs,...
Definition: validate.h:22
validate_full_expr
void validate_full_expr(const exprt &expr, const namespacet &ns, const validation_modet vm)
Check that the given expression is well-formed (full check, including checks of all subexpressions an...
Definition: validate_expressions.cpp:114
validation_modet
validation_modet
Definition: validation_mode.h:13