cbmc/symex__bmc__incremental__one__loop_8cpp_source.html

 /*******************************************************************\


 Module: Incremental Bounded Model Checking for ANSI-C


 Author: Peter Schrammel, Daniel Kroening, kroening@kroening.com


 \*******************************************************************/


 #include <limits>


 #include "symex_bmc_incremental_one_loop.h"


 #include <util/structured_data.h>


 #include <goto-instrument/unwindset.h>


 symex_bmc_incremental_one_loopt::symex_bmc_incremental_one_loopt(

   message_handlert &message_handler,

   const symbol_tablet &outer_symbol_table,

   symex_target_equationt &target,

   const optionst &options,

   path_storaget &path_storage,

   guard_managert &guard_manager,

   unwindsett &unwindset,

   ui_message_handlert::uit output_ui)

   : symex_bmct(

       message_handler,

       outer_symbol_table,

       target,

       options,

       path_storage,

       guard_manager,

       unwindset),

     incr_loop_id(options.get_option("incremental-loop")),

     incr_max_unwind(

       options.is_set("unwind-max") ? options.get_signed_int_option("unwind-max")

                                    : std::numeric_limits<unsigned>::max()),

     incr_min_unwind(

       options.is_set("unwind-min") ? options.get_signed_int_option("unwind-min")

                                    : 0),

     output_ui(output_ui)

 {

   // the intended behaviour is to stop asserts that are violated before the

   // unwind

   // therefore if the min-unwind is 1, then we do one unwind and immediately

   // start checking for properties

   ignore_assertions =

     incr_min_unwind > 1 &&

     options.get_bool_option("ignore-properties-before-unwind-min");

 }


 bool symex_bmc_incremental_one_loopt::should_stop_unwind(

   const symex_targett::sourcet &source,

   const call_stackt &context,

   unsigned unwind)

 {

   const irep_idt id = goto_programt::loop_id(source.function_id, *source.pc);


   tvt abort_unwind_decision;

   unsigned this_loop_limit = std::numeric_limits<unsigned>::max();


   // use the incremental limits if it is the specified incremental loop

   if(id == incr_loop_id)

   {

     this_loop_limit = incr_max_unwind;

     if(unwind + 1 >= incr_min_unwind)

       ignore_assertions = false;


     abort_unwind_decision = tvt(unwind >= this_loop_limit);

   }

   else

   {

     for(auto handler : loop_unwind_handlers)

     {

       abort_unwind_decision =

         handler(context, source.pc->loop_number, unwind, this_loop_limit);

       if(abort_unwind_decision.is_known())

         break;

     }


     // If no handler gave an opinion, use standard command-line --unwindset

     // / --unwind options to decide:

     if(abort_unwind_decision.is_unknown())

     {

       auto limit = unwindset.get_limit(id, source.thread_nr);


       if(!limit.has_value())

         abort_unwind_decision = tvt(false);

       else

         abort_unwind_decision = tvt(unwind >= *limit);

     }

   }


   INVARIANT(

     abort_unwind_decision.is_known(), "unwind decision should be taken by now");

   bool abort = abort_unwind_decision.is_true();


   log_unwinding(unwind);

   log.statistics() << (abort ? "Not unwinding" : "Unwinding") << " loop " << id

                    << " iteration " << unwind;


   if(this_loop_limit != std::numeric_limits<unsigned>::max())

     log.statistics() << " (" << this_loop_limit << " max)";


   log.statistics() << " " << source.pc->source_location() << " thread "

                    << source.thread_nr << log.eom;


   return abort;

 }


 bool symex_bmc_incremental_one_loopt::check_break(

   const irep_idt &loop_id,

   unsigned unwind)

 {

   if(unwind < incr_min_unwind)

     return false;


   // loop specified by incremental-loop

   return (loop_id == incr_loop_id);

 }


 bool symex_bmc_incremental_one_loopt::from_entry_point_of(

   const get_goto_functiont &get_goto_function,

   symbol_tablet &new_symbol_table)

 {

   state = initialize_entry_point_state(get_goto_function);


   new_symbol_table = symex_with_state(*state, get_goto_function);


   return should_pause_symex;

 }


 bool symex_bmc_incremental_one_loopt::resume(

   const get_goto_functiont &get_goto_function)

 {

   should_pause_symex = false;


   state->symbol_table = symex_with_state(*state, get_goto_function);


   return should_pause_symex;

 }

 void symex_bmc_incremental_one_loopt::log_unwinding(unsigned unwind)

 {

   structured_datat data{{{labelt({"current", "unwinding"}),

                           structured_data_entryt::data_node(

                             json_numbert{std::to_string(unwind)})}}};

   log.statistics() << data;

 }

call_stackt
Definition: call_stack.h:15

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38

goto_programt::loop_id
static irep_idt loop_id(const irep_idt &function_id, const instructiont &instruction)
Human-readable loop name.
Definition: goto_program.h:792

goto_symext::symex_with_state
virtual symbol_tablet symex_with_state(statet &state, const get_goto_functiont &get_goto_functions)
Symbolically execute the entire program starting from entry point.
Definition: symex_main.cpp:323

goto_symext::ignore_assertions
bool ignore_assertions
If this flag is set to true then assertions will be temporarily ignored by the symbolic executions.
Definition: goto_symex.h:171

goto_symext::get_goto_function
static get_goto_functiont get_goto_function(abstract_goto_modelt &goto_model)
Return a function to get/load a goto function from the given goto model Create a default delegate to ...
Definition: symex_main.cpp:492

goto_symext::initialize_entry_point_state
std::unique_ptr< statet > initialize_entry_point_state(const get_goto_functiont &get_goto_function)
Initialize the symbolic execution and the given state with the beginning of the entry point function.
Definition: symex_main.cpp:397

goto_symext::get_goto_functiont
std::function< const goto_functionst::goto_functiont &(const irep_idt &)> get_goto_functiont
The type of delegate functions that retrieve a goto_functiont for a particular function identifier.
Definition: goto_symex.h:93

goto_symext::log
messaget log
The messaget to write log messages to.
Definition: goto_symex.h:278

goto_symext::should_pause_symex
bool should_pause_symex
Set when states are pushed onto the workqueue If this flag is set at the end of a symbolic execution ...
Definition: goto_symex.h:167

json_numbert
Definition: json.h:289

message_handlert
Definition: message.h:27

messaget::statistics
mstreamt & statistics() const
Definition: message.h:411

messaget::eom
static eomt eom
Definition: message.h:289

optionst
Definition: options.h:23

optionst::get_bool_option
bool get_bool_option(const std::string &option) const
Definition: options.cpp:44

path_storaget
Storage for symbolic execution paths to be resumed later.
Definition: path_storage.h:38

structured_datat
A way of representing nested key/value data.
Definition: structured_data.h:74

symbol_tablet
The symbol table.
Definition: symbol_table.h:14

symex_bmc_incremental_one_loopt::incr_min_unwind
const unsigned incr_min_unwind
Definition: symex_bmc_incremental_one_loop.h:39

symex_bmc_incremental_one_loopt::resume
bool resume(const get_goto_functiont &get_goto_function)
Return true if symex can be resumed.
Definition: symex_bmc_incremental_one_loop.cpp:136

symex_bmc_incremental_one_loopt::symex_bmc_incremental_one_loopt
symex_bmc_incremental_one_loopt(message_handlert &, const symbol_tablet &outer_symbol_table, symex_target_equationt &, const optionst &, path_storaget &, guard_managert &, unwindsett &, ui_message_handlert::uit output_ui)
Definition: symex_bmc_incremental_one_loop.cpp:17

symex_bmc_incremental_one_loopt::from_entry_point_of
bool from_entry_point_of(const get_goto_functiont &get_goto_function, symbol_tablet &new_symbol_table)
Return true if symex can be resumed.
Definition: symex_bmc_incremental_one_loop.cpp:125

symex_bmc_incremental_one_loopt::incr_max_unwind
const unsigned incr_max_unwind
Definition: symex_bmc_incremental_one_loop.h:38

symex_bmc_incremental_one_loopt::incr_loop_id
const irep_idt incr_loop_id
Definition: symex_bmc_incremental_one_loop.h:37

symex_bmc_incremental_one_loopt::log_unwinding
void log_unwinding(unsigned unwind)
Definition: symex_bmc_incremental_one_loop.cpp:145

symex_bmc_incremental_one_loopt::check_break
bool check_break(const irep_idt &loop_id, unsigned unwind) override
Defines condition for interrupting symbolic execution for incremental BMC.
Definition: symex_bmc_incremental_one_loop.cpp:114

symex_bmc_incremental_one_loopt::state
std::unique_ptr< goto_symext::statet > state
Definition: symex_bmc_incremental_one_loop.h:41

symex_bmc_incremental_one_loopt::should_stop_unwind
bool should_stop_unwind(const symex_targett::sourcet &source, const call_stackt &context, unsigned unwind) override
Determine whether to unwind a loop.
Definition: symex_bmc_incremental_one_loop.cpp:52

symex_bmct
Definition: symex_bmc.h:24

symex_bmct::loop_unwind_handlers
std::vector< loop_unwind_handlert > loop_unwind_handlers
Callbacks that may provide an unwind/do-not-unwind decision for a loop.
Definition: symex_bmc.h:88

symex_bmct::unwindset
unwindsett & unwindset
Definition: symex_bmc.h:84

symex_target_equationt
Inheriting the interface of symex_targett this class represents the SSA form of the input program as ...
Definition: symex_target_equation.h:34

tvt
Definition: threeval.h:20

tvt::is_known
bool is_known() const
Definition: threeval.h:28

tvt::is_unknown
bool is_unknown() const
Definition: threeval.h:27

tvt::is_true
bool is_true() const
Definition: threeval.h:25

ui_message_handlert::uit
uit
Definition: ui_message.h:24

unwindsett
Definition: unwindset.h:26

unwindsett::get_limit
std::optional< unsigned > get_limit(const irep_idt &loop, unsigned thread_id) const
Definition: unwindset.cpp:191

abort
void abort(void)
Definition: stdlib.c:128

to_string
std::string to_string(const string_not_contains_constraintt &expr)
Used for debug printing.
Definition: string_constraint.cpp:58

guard_expr_managert
This is unused by this implementation of guards, but can be used by other implementations of the same...
Definition: guard_expr.h:20

labelt
Definition: structured_data.h:17

structured_data_entryt::data_node
static structured_data_entryt data_node(const jsont &data)
Definition: structured_data.cpp:64

symex_targett::sourcet
Identifies source in the context of symbolic execution.
Definition: symex_target.h:37

symex_targett::sourcet::thread_nr
unsigned thread_nr
Definition: symex_target.h:38

symex_targett::sourcet::pc
goto_programt::const_targett pc
Definition: symex_target.h:42

symex_targett::sourcet::function_id
irep_idt function_id
Definition: symex_target.h:39

structured_data.h

symex_bmc_incremental_one_loop.h

unwindset.h
Loop unwinding.

validation_modet::INVARIANT
@ INVARIANT