cbmc/string__refinement_8h_source.html

 /*******************************************************************\


 Module: String support via creating string constraints and progressively

         instantiating the universal constraints as needed.

         The procedure is described in the PASS paper at HVC'13:

         "PASS: String Solving with Parameterized Array and Interval Automaton"

         by Guodong Li and Indradeep Ghosh


 Author: Alberto Griggio, alberto.griggio@gmail.com


 \*******************************************************************/


 #ifndef CPROVER_SOLVERS_REFINEMENT_STRING_REFINEMENT_H

 #define CPROVER_SOLVERS_REFINEMENT_STRING_REFINEMENT_H


 #include <util/union_find_replace.h>


 #include <solvers/refinement/bv_refinement.h>


 #include "string_constraint_generator.h"

 #include "string_dependencies.h"

 #include "string_refinement_util.h"


 #define OPT_STRING_REFINEMENT \

   "(no-refine-strings)" \

   "(string-printable)" \

   "(string-input-value):" \

   "(string-non-empty)" \

   "(max-nondet-string-length):"


 #define HELP_STRING_REFINEMENT                                                 \

   " {y--no-refine-strings} \t turn off string refinement\n"                    \

   " {y--string-printable} \t restrict to printable strings and characters\n"   \

   " {y--string-non-empty} \t restrict to non-empty strings (experimental)\n"   \

   " {y--string-input-value} {ust} \t "                                         \

   "restrict non-null strings to a fixed value {ust}; the switch can be used "  \

   "multiple times to give several strings\n"                                   \

   " {y--max-nondet-string-length} {un} \t "                                    \

   "bound the length of nondet (e.g. input) strings. Default is " +             \

     std::to_string(MAX_CONCRETE_STRING_SIZE - 1) +                             \

     "; note that setting the value higher than this does not work "            \

     "with {y--trace} or {y--validate-trace}.\n"


 // The integration of the string solver into CBMC is incomplete. Therefore,

 // it is not turned on by default and not all options are available.

 #define OPT_STRING_REFINEMENT_CBMC \

   "(refine-strings)" \

   "(string-printable)"


 #define HELP_STRING_REFINEMENT_CBMC                                            \

   " {y--refine-strings} \t use string refinement (experimental)\n"             \

   " {y--string-printable} \t restrict to printable strings (experimental)\n"


 #define DEFAULT_MAX_NB_REFINEMENT std::numeric_limits<size_t>::max()


 class string_refinementt final : public bv_refinementt

 {

 private:

   struct configt

   {

     std::size_t refinement_bound = 0;

     bool use_counter_example = true;

   };


 public:

   struct infot : public bv_refinementt::infot, public configt

   {

   };


   explicit string_refinementt(const infot &);


   std::string decision_procedure_text() const override

   {

     return "string refinement loop with " + prop.solver_text();

   }


   exprt get(const exprt &expr) const override;

   void set_to(const exprt &expr, bool value) override;


 protected:

   decision_proceduret::resultt dec_solve(const exprt &) override;


 private:

   // Base class

   typedef bv_refinementt supert;


   string_refinementt(const infot &, bool);


   const configt config_;

   std::size_t loop_bound_;

   string_constraint_generatort generator;


   // Simple constraints that have been given to the solver

   std::set<exprt> seen_instances;


   string_axiomst axioms;


   // Unquantified lemmas that have newly been added

   std::vector<exprt> current_constraints;


   // See the definition in the PASS article

   // Warning: this is indexed by array_expressions and not string expressions


   index_set_pairt index_sets;

   union_find_replacet symbol_resolve;


   std::vector<exprt> equations;


   string_dependenciest dependencies;


   void add_lemma(const exprt &lemma, bool simplify_lemma = true);

 };


 exprt substitute_array_lists(exprt expr, std::size_t string_max_length);


 // Declaration required for unit-test:

 union_find_replacet string_identifiers_resolution_from_equations(

   const std::vector<equal_exprt> &equations,

   const namespacet &ns,

   messaget::mstreamt &stream);


 // Declaration required for unit-test:

 exprt substitute_array_access(

   exprt expr,

   symbol_generatort &symbol_generator,

   const bool left_propagate);


 #endif

bv_refinement.h
Abstraction Refinement Loop.

bv_refinementt
Definition: bv_refinement.h:20

decision_proceduret::resultt
resultt
Result of running the decision procedure.
Definition: decision_procedure.h:45

exprt
Base class for all expressions.
Definition: expr.h:56

messaget::mstreamt
Definition: message.h:216

namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94

prop_conv_solvert::prop
propt & prop
Definition: prop_conv_solver.h:130

propt::solver_text
virtual std::string solver_text() const =0

string_constraint_generatort
Definition: string_constraint_generator.h:48

string_dependenciest
Keep track of dependencies between strings.
Definition: string_dependencies.h:23

string_refinementt
Definition: string_refinement.h:64

string_refinementt::generator
string_constraint_generatort generator
Definition: string_refinement.h:99

string_refinementt::decision_procedure_text
std::string decision_procedure_text() const override
Return a textual description of the decision procedure.
Definition: string_refinement.h:80

string_refinementt::symbol_resolve
union_find_replacet symbol_resolve
Definition: string_refinement.h:113

string_refinementt::supert
bv_refinementt supert
Definition: string_refinement.h:93

string_refinementt::equations
std::vector< exprt > equations
Definition: string_refinement.h:115

string_refinementt::axioms
string_axiomst axioms
Definition: string_refinement.h:104

string_refinementt::dec_solve
decision_proceduret::resultt dec_solve(const exprt &) override
Main decision procedure of the solver.
Definition: string_refinement.cpp:615

string_refinementt::string_refinementt
string_refinementt(const infot &)
Definition: string_refinement.cpp:165

string_refinementt::config_
const configt config_
Definition: string_refinement.h:97

string_refinementt::seen_instances
std::set< exprt > seen_instances
Definition: string_refinement.h:102

string_refinementt::set_to
void set_to(const exprt &expr, bool value) override
Record the constraints to ensure that the expression is true when the boolean is true and false other...
Definition: string_refinement.cpp:283

string_refinementt::dependencies
string_dependenciest dependencies
Definition: string_refinement.h:117

string_refinementt::index_sets
index_set_pairt index_sets
Definition: string_refinement.h:112

string_refinementt::loop_bound_
std::size_t loop_bound_
Definition: string_refinement.h:98

string_refinementt::get
exprt get(const exprt &expr) const override
Evaluates the given expression in the valuation found by string_refinementt::dec_solve.
Definition: string_refinement.cpp:1829

string_refinementt::current_constraints
std::vector< exprt > current_constraints
Definition: string_refinement.h:107

string_refinementt::add_lemma
void add_lemma(const exprt &lemma, bool simplify_lemma=true)
Add the given lemma to the solver.
Definition: string_refinement.cpp:908

symbol_generatort
Generation of fresh symbols of a given type.
Definition: array_pool.h:22

union_find_replacet
Similar interface to union-find for expressions, with a function for replacing sub-expressions by the...
Definition: union_find_replace.h:17

string_constraint_generator.h
Generates string constraints to link results from string functions with their arguments.

string_dependencies.h
Keeps track of dependencies between strings.

substitute_array_access
exprt substitute_array_access(exprt expr, symbol_generatort &symbol_generator, const bool left_propagate)
Create an equivalent expression where array accesses and 'with' expressions are replaced by 'if' expr...
Definition: string_refinement.cpp:1281

substitute_array_lists
exprt substitute_array_lists(exprt expr, std::size_t string_max_length)

string_identifiers_resolution_from_equations
union_find_replacet string_identifiers_resolution_from_equations(const std::vector< equal_exprt > &equations, const namespacet &ns, messaget::mstreamt &stream)
Symbol resolution for expressions of type string typet.
Definition: string_refinement.cpp:470

string_refinement_util.h

bv_refinementt::infot
Definition: bv_refinement.h:34

index_set_pairt
Definition: string_refinement_util.h:60

string_axiomst
Definition: string_refinement_util.h:66

string_refinementt::configt
Definition: string_refinement.h:67

string_refinementt::configt::use_counter_example
bool use_counter_example
Definition: string_refinement.h:69

string_refinementt::configt::refinement_bound
std::size_t refinement_bound
Definition: string_refinement.h:68

string_refinementt::infot
string_refinementt constructor arguments
Definition: string_refinement.h:75

union_find_replace.h