cbmc/string__constraint__generator__comparison_8cpp_source.html

/*******************************************************************\


Module: Generates string constraints for function comparing strings,

        such as: equals, equalsIgnoreCase, compareTo, hashCode, intern


Author: Romain Brenguier, romain.brenguier@diffblue.com


\*******************************************************************/


#include "string_constraint_generator.h"


#include <util/mathematical_expr.h>


std::pair<exprt, string_constraintst>


string_constraint_generatort::add_axioms_for_equals(

  const function_application_exprt &f)

{

  PRECONDITION(f.type() == bool_typet() || f.type().id() == ID_c_bool);

  PRECONDITION(f.arguments().size() == 2);


  string_constraintst constraints;

  array_string_exprt s1 = get_string_expr(array_pool, f.arguments()[0]);

  array_string_exprt s2 = get_string_expr(array_pool, f.arguments()[1]);

  symbol_exprt eq = fresh_symbol("equal");

  typecast_exprt tc_eq(eq, f.type());


  typet index_type = s1.length_type();


  // Axiom 1.

  constraints.existential.push_back(implies_exprt(

    eq,

    equal_exprt(

      array_pool.get_or_create_length(s1),

      array_pool.get_or_create_length(s2))));


  // Axiom 2.

  constraints.universal.push_back([&] {

    const symbol_exprt qvar = fresh_symbol("QA_equal", index_type);

    return string_constraintt(

      qvar,

      zero_if_negative(array_pool.get_or_create_length(s1)),

      implies_exprt(eq, equal_exprt(s1[qvar], s2[qvar])),

      message_handler);

  }());


  // Axiom 3.

  constraints.existential.push_back([&] {

    const symbol_exprt witness = fresh_symbol("witness_unequal", index_type);

    const exprt zero = from_integer(0, index_type);

    const and_exprt bound_witness(

      binary_relation_exprt(

        witness, ID_lt, array_pool.get_or_create_length(s1)),

      binary_relation_exprt(witness, ID_ge, zero));

    const and_exprt witnessing(

      bound_witness, notequal_exprt(s1[witness], s2[witness]));

    const and_exprt diff_length(

      notequal_exprt(

        array_pool.get_or_create_length(s1),

        array_pool.get_or_create_length(s2)),

      equal_exprt(witness, from_integer(-1, index_type)));

    return implies_exprt(not_exprt(eq), or_exprt(diff_length, witnessing));

  }());


  return {tc_eq, std::move(constraints)};

}

string_constraint_generatort::add_axioms_for_equals( {…}


static exprt character_equals_ignore_case(

  const exprt &char1,

  const exprt &char2,

  const exprt &char_a,

  const exprt &char_A,

  const exprt &char_Z)

{

  const and_exprt is_upper_case_1(

    binary_relation_exprt(char_A, ID_le, char1),

    binary_relation_exprt(char1, ID_le, char_Z));

  const and_exprt is_upper_case_2(

    binary_relation_exprt(char_A, ID_le, char2),

    binary_relation_exprt(char2, ID_le, char_Z));


  // Three possibilities:

  // p1 : char1=char2

  // p2 : (is_up1&&'a'-'A'+char1=char2)

  // p3 : (is_up2&&'a'-'A'+char2=char1)

  const equal_exprt p1(char1, char2);

  const minus_exprt diff(char_a, char_A);


  // Overflow is not a problem here because is_upper_case conditions

  // ensure that we are within a safe range.

  const exprt p2 =

    and_exprt(is_upper_case_1, equal_exprt(plus_exprt(diff, char1), char2));

  const exprt p3 =

    and_exprt(is_upper_case_2, equal_exprt(plus_exprt(diff, char2), char1));

  return or_exprt(p1, p2, p3);

}

static exprt character_equals_ignore_case( {…}


std::pair<exprt, string_constraintst>


string_constraint_generatort::add_axioms_for_equals_ignore_case(

  const function_application_exprt &f)

{

  PRECONDITION(f.type() == bool_typet() || f.type().id() == ID_c_bool);

  PRECONDITION(f.arguments().size() == 2);

  string_constraintst constraints;

  const symbol_exprt eq = fresh_symbol("equal_ignore_case");

  const array_string_exprt s1 = get_string_expr(array_pool, f.arguments()[0]);

  const array_string_exprt s2 = get_string_expr(array_pool, f.arguments()[1]);

  const typet char_type = to_type_with_subtype(s1.content().type()).subtype();

  const exprt char_a = from_integer('a', char_type);

  const exprt char_A = from_integer('A', char_type);

  const exprt char_Z = from_integer('Z', char_type);

  const typet index_type = s1.length_type();


  const implies_exprt a1(

    eq,

    equal_exprt(

      array_pool.get_or_create_length(s1),

      array_pool.get_or_create_length(s2)));

  constraints.existential.push_back(a1);


  const symbol_exprt qvar = fresh_symbol("QA_equal_ignore_case", index_type);

  const exprt constr2 =

    character_equals_ignore_case(s1[qvar], s2[qvar], char_a, char_A, char_Z);

  const string_constraintt a2(

    qvar,

    zero_if_negative(array_pool.get_or_create_length(s1)),

    implies_exprt(eq, constr2),

    message_handler);

  constraints.universal.push_back(a2);


  const symbol_exprt witness =

    fresh_symbol("witness_unequal_ignore_case", index_type);

  const exprt zero = from_integer(0, witness.type());

  const and_exprt bound_witness(

    binary_relation_exprt(witness, ID_lt, array_pool.get_or_create_length(s1)),

    binary_relation_exprt(witness, ID_ge, zero));

  const exprt witness_eq = character_equals_ignore_case(

    s1[witness], s2[witness], char_a, char_A, char_Z);

  const not_exprt witness_diff(witness_eq);

  const implies_exprt a3(

    not_exprt(eq),

    or_exprt(

      notequal_exprt(

        array_pool.get_or_create_length(s1),

        array_pool.get_or_create_length(s2)),

      and_exprt(bound_witness, witness_diff)));

  constraints.existential.push_back(a3);


  return {typecast_exprt(eq, f.type()), std::move(constraints)};

}

string_constraint_generatort::add_axioms_for_equals_ignore_case( {…}


std::pair<exprt, string_constraintst>


string_constraint_generatort::add_axioms_for_compare_to(

  const function_application_exprt &f)

{

  PRECONDITION(f.arguments().size() == 2);

  const typet &return_type = f.type();

  PRECONDITION(return_type.id() == ID_signedbv);

  string_constraintst constraints;

  const array_string_exprt &s1 = get_string_expr(array_pool, f.arguments()[0]);

  const array_string_exprt &s2 = get_string_expr(array_pool, f.arguments()[1]);

  const symbol_exprt res = fresh_symbol("compare_to", return_type);

  const typet &index_type = s1.length_type();


  const equal_exprt res_null(res, from_integer(0, return_type));

  const implies_exprt a1(

    res_null,

    equal_exprt(

      array_pool.get_or_create_length(s1),

      array_pool.get_or_create_length(s2)));

  constraints.existential.push_back(a1);


  const symbol_exprt i = fresh_symbol("QA_compare_to", index_type);

  const string_constraintt a2(

    i,

    zero_if_negative(array_pool.get_or_create_length(s1)),

    implies_exprt(res_null, equal_exprt(s1[i], s2[i])),

    message_handler);

  constraints.universal.push_back(a2);


  const symbol_exprt x = fresh_symbol("index_compare_to", index_type);

  const equal_exprt ret_char_diff(

    res,

    minus_exprt(

      typecast_exprt(s1[x], return_type), typecast_exprt(s2[x], return_type)));

  const equal_exprt ret_length_diff(

    res,

    minus_exprt(

      typecast_exprt(array_pool.get_or_create_length(s1), return_type),

      typecast_exprt(array_pool.get_or_create_length(s2), return_type)));

  const or_exprt guard1(

    and_exprt(

      less_than_or_equal_to(

        array_pool.get_or_create_length(s1),

        array_pool.get_or_create_length(s2)),

      greater_than(array_pool.get_or_create_length(s1), x)),

    and_exprt(

      greater_or_equal_to(

        array_pool.get_or_create_length(s1),

        array_pool.get_or_create_length(s2)),

      greater_than(array_pool.get_or_create_length(s2), x)));

  const and_exprt cond1(ret_char_diff, guard1);

  const or_exprt guard2(

    and_exprt(

      greater_than(

        array_pool.get_or_create_length(s2),

        array_pool.get_or_create_length(s1)),

      equal_to(array_pool.get_or_create_length(s1), x)),

    and_exprt(

      greater_than(

        array_pool.get_or_create_length(s1),

        array_pool.get_or_create_length(s2)),

      equal_to(array_pool.get_or_create_length(s2), x)));

  const and_exprt cond2(ret_length_diff, guard2);


  const implies_exprt a3(

    not_exprt(res_null),

    and_exprt(

      binary_relation_exprt(x, ID_ge, from_integer(0, return_type)),

      or_exprt(cond1, cond2)));

  constraints.existential.push_back(a3);


  const symbol_exprt i2 = fresh_symbol("QA_compare_to", index_type);

  const string_constraintt a4(

    i2,

    zero_if_negative(x),

    implies_exprt(not_exprt(res_null), equal_exprt(s1[i2], s2[i2])),

    message_handler);

  constraints.universal.push_back(a4);


  return {res, std::move(constraints)};

}

string_constraint_generatort::add_axioms_for_compare_to( {…}

from_integer
constant_exprt from_integer(const mp_integer &int_value, const typet &type)
Definition arith_tools.cpp:99

get_string_expr
array_string_exprt get_string_expr(array_poolt &array_pool, const exprt &expr)
Fetch the string_exprt corresponding to the given refined_string_exprt.
Definition array_pool.cpp:199

char_type
bitvector_typet char_type()
Definition c_types.cpp:106

ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition ai.h:562

and_exprt
Boolean AND.
Definition std_expr.h:2125

array_poolt::get_or_create_length
exprt get_or_create_length(const array_string_exprt &s)
Get the length of an array_string_exprt from the array_pool.
Definition array_pool.cpp:26

array_string_exprt
Definition string_expr.h:68

binary_relation_exprt
A base class for relations, i.e., binary predicates whose two operands have the same type.
Definition std_expr.h:762

bool_typet
The Boolean type.
Definition std_types.h:36

equal_exprt
Equality.
Definition std_expr.h:1366

exprt
Base class for all expressions.
Definition expr.h:56

exprt::type
typet & type()
Return the type of the expression.
Definition expr.h:84

function_application_exprt
Application of (mathematical) function.
Definition mathematical_expr.h:213

function_application_exprt::arguments
argumentst & arguments()
Definition mathematical_expr.h:234

implies_exprt
Boolean implication.
Definition std_expr.h:2225

irept::id
const irep_idt & id() const
Definition irep.h:388

minus_exprt
Binary minus.
Definition std_expr.h:1061

not_exprt
Boolean negation.
Definition std_expr.h:2454

notequal_exprt
Disequality.
Definition std_expr.h:1425

or_exprt
Boolean OR.
Definition std_expr.h:2270

plus_exprt
The plus expression Associativity is not specified.
Definition std_expr.h:1002

string_constraint_generatort::add_axioms_for_compare_to
std::pair< exprt, string_constraintst > add_axioms_for_compare_to(const function_application_exprt &f)
Lexicographic comparison of two strings.
Definition string_constraint_generator_comparison.cpp:209

string_constraint_generatort::add_axioms_for_equals_ignore_case
std::pair< exprt, string_constraintst > add_axioms_for_equals_ignore_case(const function_application_exprt &f)
Equality of the content ignoring case of characters.
Definition string_constraint_generator_comparison.cpp:136

string_constraint_generatort::add_axioms_for_equals
std::pair< exprt, string_constraintst > add_axioms_for_equals(const function_application_exprt &f)
Equality of the content of two strings.
Definition string_constraint_generator_comparison.cpp:31

string_constraint_generatort::message_handler
message_handlert & message_handler
Definition string_constraint_generator.h:75

string_constraint_generatort::fresh_symbol
symbol_generatort fresh_symbol
Definition string_constraint_generator.h:61

string_constraint_generatort::array_pool
array_poolt array_pool
Definition string_constraint_generator.h:63

string_constraintt
Definition string_constraint.h:56

symbol_exprt
Expression to hold a symbol (variable)
Definition std_expr.h:131

typecast_exprt
Semantic type conversion.
Definition std_expr.h:2073

typet
The type of an expression, extends irept.
Definition type.h:29

mathematical_expr.h
API to expression classes for 'mathematical' expressions.

PRECONDITION
#define PRECONDITION(CONDITION)
Definition invariant.h:463

string_constraint_generator.h
Generates string constraints to link results from string functions with their arguments.

zero_if_negative
exprt zero_if_negative(const exprt &expr)
Returns a non-negative version of the argument.
Definition string_constraint_generator_main.cpp:412

character_equals_ignore_case
static exprt character_equals_ignore_case(const exprt &char1, const exprt &char2, const exprt &char_a, const exprt &char_A, const exprt &char_Z)
Returns an expression which is true when the two given characters are equal when ignoring case for AS...
Definition string_constraint_generator_comparison.cpp:92

less_than_or_equal_to
binary_relation_exprt less_than_or_equal_to(exprt lhs, exprt rhs)
Definition string_expr.h:37

greater_or_equal_to
binary_relation_exprt greater_or_equal_to(exprt lhs, exprt rhs)
Definition string_expr.h:20

greater_than
binary_relation_exprt greater_than(exprt lhs, exprt rhs)
Definition string_expr.h:26

equal_to
equal_exprt equal_to(exprt lhs, exprt rhs)
Definition string_expr.h:55

string_constraintst
Collection of constraints of different types: existential formulas, universal formulas,...
Definition string_constraint_generator.h:39

string_constraintst::existential
std::vector< exprt > existential
Definition string_constraint_generator.h:40

string_constraintst::universal
std::vector< string_constraintt > universal
Definition string_constraint_generator.h:41

to_type_with_subtype
const type_with_subtypet & to_type_with_subtype(const typet &type)
Definition type.h:208