cbmc/string__constraint__instantiation_8cpp_source.html

 /*******************************************************************\


 Module: Defines functions related to string constraints.


 Author: Jesse Sigal, jesse.sigal@diffblue.com


 \*******************************************************************/


 #include "string_constraint_instantiation.h"


 #include <util/arith_tools.h>

 #include <util/expr_iterator.h>

 #include <util/format_expr.h>


 #include "string_constraint.h"


 #include <algorithm>

 #include <list>

 #include <unordered_set>


 static bool contains(const exprt &index, const symbol_exprt &qvar)

 {

   return std::find(index.depth_begin(), index.depth_end(), qvar) !=

          index.depth_end();

 }


 static std::unordered_set<exprt, irep_hash>

 find_indexes(const exprt &expr, const exprt &str, const symbol_exprt &qvar)

 {

   decltype(find_indexes(expr, str, qvar)) result;

   auto index_str_containing_qvar = [&](const exprt &e) {

     if(auto index_expr = expr_try_dynamic_cast<index_exprt>(e))

     {

       const auto &arr = index_expr->array();

       const auto str_it = std::find(arr.depth_begin(), arr.depth_end(), str);

       return str_it != arr.depth_end() && contains(index_expr->index(), qvar);

     }

     return false;

   };


   std::for_each(expr.depth_begin(), expr.depth_end(), [&](const exprt &e) {

     if(index_str_containing_qvar(e))

       result.insert(to_index_expr(e).index());

   });

   return result;

 }


 linear_functiont::linear_functiont(const exprt &f)

 {

   type = f.type();

   // list of expressions to process with a boolean flag telling whether they

   // appear positively or negatively (true is for positive)

   std::list<std::pair<exprt, bool>> to_process;

   to_process.emplace_back(f, true);


   while(!to_process.empty())

   {

     const exprt cur = to_process.back().first;

     bool positive = to_process.back().second;

     to_process.pop_back();

     if(auto integer = numeric_cast<mp_integer>(cur))

     {

       constant_coefficient += positive ? integer.value() : -integer.value();

     }

     else if(cur.id() == ID_plus)

     {

       for(const auto &op : cur.operands())

         to_process.emplace_back(op, positive);

     }

     else if(cur.id() == ID_minus)

     {

       to_process.emplace_back(to_minus_expr(cur).op1(), !positive);

       to_process.emplace_back(to_minus_expr(cur).op0(), positive);

     }

     else if(cur.id() == ID_unary_minus)

     {

       to_process.emplace_back(to_unary_minus_expr(cur).op(), !positive);

     }

     else

     {

       if(positive)

         ++coefficients[cur];

       else

         --coefficients[cur];

     }

   }

 }


 void linear_functiont::add(const linear_functiont &other)

 {

   PRECONDITION(type == other.type);

   constant_coefficient += other.constant_coefficient;

   for(auto pair : other.coefficients)

     coefficients[pair.first] += pair.second;

 }


 exprt linear_functiont::to_expr(bool negated) const

 {

   exprt sum = nil_exprt{};

   const exprt constant_expr = from_integer(constant_coefficient, type);

   if(constant_coefficient != 0)

     sum = negated ? (exprt)unary_minus_exprt{constant_expr} : constant_expr;


   for(const auto &term : coefficients)

   {

     const exprt &t = term.first;

     const mp_integer factor = negated ? (-term.second) : term.second;

     if(factor == -1)

     {

       if(sum.is_nil())

         sum = unary_minus_exprt(t);

       else

         sum = minus_exprt(sum, t);

     }

     else if(factor == 1)

     {

       if(sum.is_nil())

         sum = t;

       else

         sum = plus_exprt(sum, t);

     }

     else if(factor != 0)

     {

       const mult_exprt to_add{t, from_integer(factor, t.type())};

       if(sum.is_nil())

         sum = to_add;

       else

         sum = plus_exprt(sum, to_add);

     }

   }

   return sum.is_nil() ? from_integer(0, type) : sum;

 }


 exprt linear_functiont::solve(

   linear_functiont f,

   const exprt &var,

   const exprt &val)

 {

   auto it = f.coefficients.find(var);

   PRECONDITION(it != f.coefficients.end());

   PRECONDITION(it->second == 1 || it->second == -1);

   const bool positive = it->second == 1;


   // Transform `f` into `f(var <- 0)`

   f.coefficients.erase(it);

   // Transform `f(var <- 0)` into `f(var <- 0) - val`

   f.add(linear_functiont{unary_minus_exprt{val}});


   // If the coefficient of var is 1 then solution `val - f(var <- 0),

   // otherwise `f(var <- 0) - val`

   return f.to_expr(positive);

 }


 std::string linear_functiont::format()

 {

   std::ostringstream stream;

   stream << constant_coefficient;

   for(const auto &pair : coefficients)

     stream << " + " << pair.second << " * " << ::format(pair.first);

   return stream.str();

 }


 exprt instantiate(

   const string_constraintt &axiom,

   const exprt &str,

   const exprt &val)

 {

   exprt::operandst conjuncts;

   for(const auto &index : find_indexes(axiom.body, str, axiom.univ_var))

   {

     const exprt univ_var_value =

       linear_functiont::solve(linear_functiont{index}, axiom.univ_var, val);

     implies_exprt instance(

       and_exprt(

         binary_relation_exprt(axiom.univ_var, ID_ge, axiom.lower_bound),

         binary_relation_exprt(axiom.univ_var, ID_lt, axiom.upper_bound)),

       axiom.body);

     replace_expr(axiom.univ_var, univ_var_value, instance);

     conjuncts.push_back(instance);

   }

   return conjunction(conjuncts);

 }


 std::vector<exprt> instantiate_not_contains(

   const string_not_contains_constraintt &axiom,

   const std::set<std::pair<exprt, exprt>> &index_pairs,

   const std::unordered_map<string_not_contains_constraintt, symbol_exprt>

     &witnesses)

 {

   std::vector<exprt> lemmas;


   const array_string_exprt s0 = axiom.s0;

   const array_string_exprt s1 = axiom.s1;


   for(const auto &pair : index_pairs)

   {

     // We have s0[x+f(x)] and s1[f(x)], so to have i0 indexing s0 and i1

     // indexing s1, we need x = i0 - i1 and f(i0 - i1) = f(x) = i1.

     const exprt &i0 = pair.first;

     const exprt &i1 = pair.second;

     const minus_exprt val(i0, i1);

     const and_exprt universal_bound(

       binary_relation_exprt(axiom.univ_lower_bound, ID_le, val),

       binary_relation_exprt(axiom.univ_upper_bound, ID_gt, val));

     const exprt f = index_exprt(witnesses.at(axiom), val);

     const equal_exprt relevancy(f, i1);

     const and_exprt premise(relevancy, axiom.premise, universal_bound);


     const notequal_exprt differ(s0[i0], s1[i1]);

     const and_exprt existential_bound(

       binary_relation_exprt(axiom.exists_lower_bound, ID_le, i1),

       binary_relation_exprt(axiom.exists_upper_bound, ID_gt, i1));

     const and_exprt body(differ, existential_bound);


     const implies_exprt lemma(premise, body);

     lemmas.push_back(lemma);

   }


   return lemmas;

 }

from_integer
constant_exprt from_integer(const mp_integer &int_value, const typet &type)
Definition: arith_tools.cpp:100

arith_tools.h

s1
int8_t s1
Definition: bytecode_info.h:59

and_exprt
Boolean AND.
Definition: std_expr.h:2120

array_string_exprt
Definition: string_expr.h:68

binary_relation_exprt
A base class for relations, i.e., binary predicates whose two operands have the same type.
Definition: std_expr.h:762

equal_exprt
Equality.
Definition: std_expr.h:1361

exprt
Base class for all expressions.
Definition: expr.h:56

exprt::operandst
std::vector< exprt > operandst
Definition: expr.h:58

exprt::depth_end
depth_iteratort depth_end()
Definition: expr.cpp:249

exprt::depth_begin
depth_iteratort depth_begin()
Definition: expr.cpp:247

exprt::type
typet & type()
Return the type of the expression.
Definition: expr.h:84

exprt::operands
operandst & operands()
Definition: expr.h:94

implies_exprt
Boolean implication.
Definition: std_expr.h:2183

index_exprt
Array index operator.
Definition: std_expr.h:1465

irept::id
const irep_idt & id() const
Definition: irep.h:388

irept::is_nil
bool is_nil() const
Definition: irep.h:368

linear_functiont
Canonical representation of linear function, for instance, expression $x + x - y + 5 - 3$ would given...
Definition: string_constraint_instantiation.h:52

linear_functiont::to_expr
exprt to_expr(bool negated=false) const
Definition: string_constraint_instantiation.cpp:109

linear_functiont::solve
static exprt solve(linear_functiont f, const exprt &var, const exprt &val)
Return an expression y such that f(var <- y) = val.
Definition: string_constraint_instantiation.cpp:146

linear_functiont::linear_functiont
linear_functiont(const exprt &f)
Put an expression f composed of additions and subtractions into its cannonical representation.
Definition: string_constraint_instantiation.cpp:60

linear_functiont::type
typet type
Definition: string_constraint_instantiation.h:77

linear_functiont::coefficients
std::unordered_map< exprt, mp_integer, irep_hash > coefficients
Definition: string_constraint_instantiation.h:76

linear_functiont::format
std::string format()
Format the linear function as a string, can be used for debugging.
Definition: string_constraint_instantiation.cpp:166

linear_functiont::add
void add(const linear_functiont &other)
Make this function the sum of the current function with other.
Definition: string_constraint_instantiation.cpp:101

linear_functiont::constant_coefficient
mp_integer constant_coefficient
Definition: string_constraint_instantiation.h:75

minus_exprt
Binary minus.
Definition: std_expr.h:1061

mult_exprt
Binary multiplication Associativity is not specified.
Definition: std_expr.h:1107

nil_exprt
The NIL expression.
Definition: std_expr.h:3081

notequal_exprt
Disequality.
Definition: std_expr.h:1420

plus_exprt
The plus expression Associativity is not specified.
Definition: std_expr.h:1002

string_constraintt
Definition: string_constraint.h:56

string_constraintt::body
exprt body
Definition: string_constraint.h:63

string_constraintt::univ_var
symbol_exprt univ_var
Definition: string_constraint.h:60

string_constraintt::lower_bound
exprt lower_bound
Definition: string_constraint.h:61

string_constraintt::upper_bound
exprt upper_bound
Definition: string_constraint.h:62

string_refinementt::instantiate_not_contains
std::vector< exprt > instantiate_not_contains(const string_not_contains_constraintt &axiom, const std::set< std::pair< exprt, exprt >> &index_pairs, const std::unordered_map< string_not_contains_constraintt, symbol_exprt > &witnesses)
Instantiates a quantified formula representing not_contains by substituting the quantifiers and gener...
Definition: string_constraint_instantiation.cpp:203

symbol_exprt
Expression to hold a symbol (variable)
Definition: std_expr.h:131

unary_minus_exprt
The unary minus expression.
Definition: std_expr.h:484

expr_iterator.h
Forward depth-first search iterators These iterators' copy operations are expensive,...

format_expr.h

replace_expr
bool replace_expr(const exprt &what, const exprt &by, exprt &dest)
Definition: replace_expr.cpp:12

mp_integer
BigInt mp_integer
Definition: smt_terms.h:17

PRECONDITION
#define PRECONDITION(CONDITION)
Definition: invariant.h:463

conjunction
exprt conjunction(const exprt::operandst &op)
1) generates a conjunction for two or more operands 2) for one operand, returns the operand 3) return...
Definition: std_expr.cpp:83

to_unary_minus_expr
const unary_minus_exprt & to_unary_minus_expr(const exprt &expr)
Cast an exprt to a unary_minus_exprt.
Definition: std_expr.h:514

to_minus_expr
const minus_exprt & to_minus_expr(const exprt &expr)
Cast an exprt to a minus_exprt.
Definition: std_expr.h:1086

string_constraint.h
Defines string constraints.

contains
static bool contains(const exprt &index, const symbol_exprt &qvar)
Look for symbol qvar in the expression index and return true if found.
Definition: string_constraint_instantiation.cpp:26

instantiate
exprt instantiate(const string_constraintt &axiom, const exprt &str, const exprt &val)
Instantiates a string constraint by substituting the quantifiers.
Definition: string_constraint_instantiation.cpp:175

find_indexes
static std::unordered_set< exprt, irep_hash > find_indexes(const exprt &expr, const exprt &str, const symbol_exprt &qvar)
Find indexes of str used in expr that contains qvar, for instance with arguments (str[k+1]=='a'),...
Definition: string_constraint_instantiation.cpp:40

string_constraint_instantiation.h
Defines related function for string constraints.

string_not_contains_constraintt
Constraints to encode non containement of strings.
Definition: string_constraint.h:127

string_not_contains_constraintt::premise
exprt premise
Definition: string_constraint.h:130

string_not_contains_constraintt::exists_lower_bound
exprt exists_lower_bound
Definition: string_constraint.h:131

string_not_contains_constraintt::exists_upper_bound
exprt exists_upper_bound
Definition: string_constraint.h:132

string_not_contains_constraintt::s0
array_string_exprt s0
Definition: string_constraint.h:133

string_not_contains_constraintt::univ_lower_bound
exprt univ_lower_bound
Definition: string_constraint.h:128

string_not_contains_constraintt::univ_upper_bound
exprt univ_upper_bound
Definition: string_constraint.h:129

string_not_contains_constraintt::s1
array_string_exprt s1
Definition: string_constraint.h:134