cbmc/symex__target__equation_8h_source.html

 /*******************************************************************\


 Module: Generate Equation using Symbolic Execution


 Author: Daniel Kroening, kroening@kroening.com


 \*******************************************************************/


 #ifndef CPROVER_GOTO_SYMEX_SYMEX_TARGET_EQUATION_H

 #define CPROVER_GOTO_SYMEX_SYMEX_TARGET_EQUATION_H


 #include <algorithm>

 #include <iosfwd>

 #include <list>


 #include <util/invariant.h>

 #include <util/merge_irep.h>

 #include <util/message.h>

 #include <util/narrow.h>


 #include "ssa_step.h"

 #include "symex_target.h"


 class decision_proceduret;

 class namespacet;


 class symex_target_equationt:public symex_targett

 {

 public:

   explicit symex_target_equationt(message_handlert &message_handler)

     : log(message_handler)

   {

   }


   virtual ~symex_target_equationt() = default;


   virtual void shared_read(

     const exprt &guard,

     const ssa_exprt &ssa_object,

     unsigned atomic_section_id,

     const sourcet &source);


   virtual void shared_write(

     const exprt &guard,

     const ssa_exprt &ssa_object,

     unsigned atomic_section_id,

     const sourcet &source);


   virtual void assignment(

     const exprt &guard,

     const ssa_exprt &ssa_lhs,

     const exprt &ssa_full_lhs,

     const exprt &original_full_lhs,

     const exprt &ssa_rhs,

     const sourcet &source,

     assignment_typet assignment_type);


   virtual void decl(

     const exprt &guard,

     const ssa_exprt &ssa_lhs,

     const exprt &initializer,

     const sourcet &source,

     assignment_typet assignment_type);


   virtual void dead(

     const exprt &guard,

     const ssa_exprt &ssa_lhs,

     const sourcet &source);


   virtual void function_call(

     const exprt &guard,

     const irep_idt &function_id,

     const std::vector<renamedt<exprt, L2>> &ssa_function_arguments,

     const sourcet &source,

     bool hidden);


   virtual void function_return(

     const exprt &guard,

     const irep_idt &function_id,

     const sourcet &source,

     bool hidden);


   virtual void location(

     const exprt &guard,

     const sourcet &source);


   virtual void output(

     const exprt &guard,

     const sourcet &source,

     const irep_idt &output_id,

     const std::list<renamedt<exprt, L2>> &args);


   virtual void output_fmt(

     const exprt &guard,

     const sourcet &source,

     const irep_idt &output_id,

     const irep_idt &fmt,

     const std::list<exprt> &args);


   virtual void input(

     const exprt &guard,

     const sourcet &source,

     const irep_idt &input_id,

     const std::list<exprt> &args);


   virtual void assumption(

     const exprt &guard,

     const exprt &cond,

     const sourcet &source);


   virtual void assertion(

     const exprt &guard,

     const exprt &cond,

     const irep_idt &property_id,

     const std::string &msg,

     const sourcet &source);


   virtual void goto_instruction(

     const exprt &guard,

     const renamedt<exprt, L2> &cond,

     const sourcet &source);


   virtual void constraint(

     const exprt &cond,

     const std::string &msg,

     const sourcet &source);


   virtual void spawn(

     const exprt &guard,

     const sourcet &source);


   virtual void memory_barrier(

     const exprt &guard,

     const sourcet &source);


   virtual void atomic_begin(

     const exprt &guard,

     unsigned atomic_section_id,

     const sourcet &source);


   virtual void atomic_end(

     const exprt &guard,

     unsigned atomic_section_id,

     const sourcet &source);


   void convert(decision_proceduret &decision_procedure);


   void convert_without_assertions(decision_proceduret &decision_procedure);


   void convert_assignments(decision_proceduret &decision_procedure);


   void convert_decls(decision_proceduret &decision_procedure);


   void convert_assumptions(decision_proceduret &decision_procedure);


   void convert_assertions(

     decision_proceduret &decision_procedure,

     bool optimized_for_single_assertions = true);


   void convert_constraints(decision_proceduret &decision_procedure);


   void convert_goto_instructions(decision_proceduret &decision_procedure);


   void convert_guards(decision_proceduret &decision_procedure);


   void convert_function_calls(decision_proceduret &decision_procedure);


   void convert_io(decision_proceduret &decision_procedure);


   exprt make_expression() const;


   std::size_t count_assertions() const

   {

     return narrow_cast<std::size_t>(std::count_if(

       SSA_steps.begin(), SSA_steps.end(), [](const SSA_stept &step) {

         return step.is_assert() && !step.ignore && !step.converted;

       }));

   }


   std::size_t count_ignored_SSA_steps() const

   {

     return narrow_cast<std::size_t>(std::count_if(

       SSA_steps.begin(), SSA_steps.end(), [](const SSA_stept &step) {

         return step.ignore;

       }));

   }


   typedef std::list<SSA_stept> SSA_stepst;

   SSA_stepst SSA_steps;


   SSA_stepst::iterator get_SSA_step(std::size_t s)

   {

     SSA_stepst::iterator it=SSA_steps.begin();

     for(; s!=0; s--)

     {

       PRECONDITION(it != SSA_steps.end());

       it++;

     }

     return it;

   }


   void output(std::ostream &out) const;


   void clear()

   {

     SSA_steps.clear();

   }


   bool has_threads() const

   {

     return std::any_of(

       SSA_steps.begin(), SSA_steps.end(), [](const SSA_stept &step) {

         return step.source.thread_nr != 0;

       });

   }


   void validate(const namespacet &ns, const validation_modet vm) const

   {

     for(const SSA_stept &step : SSA_steps)

       step.validate(ns, vm);

   }


 protected:

   messaget log;


   // for enforcing sharing in the expressions stored

   merge_irept merge_irep;

   void merge_ireps(SSA_stept &SSA_step);


   // for unique I/O identifiers

   std::size_t io_count = 0;


   // for unique function call argument identifiers

   std::size_t argument_count = 0;

 };


 inline bool operator<(

   const symex_target_equationt::SSA_stepst::const_iterator a,

   const symex_target_equationt::SSA_stepst::const_iterator b)

 {

   return &(*a)<&(*b);

 }


 #endif // CPROVER_GOTO_SYMEX_SYMEX_TARGET_EQUATION_H

guard
static exprt guard(const exprt::operandst &guards, exprt cond)
Definition: c_safety_checks.cpp:69

SSA_stept
Single SSA step in the equation.
Definition: ssa_step.h:47

decision_proceduret
An interface for a decision procedure for satisfiability problems.
Definition: decision_procedure.h:22

dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38

exprt
Base class for all expressions.
Definition: expr.h:56

merge_irept
Definition: merge_irep.h:106

message_handlert
Definition: message.h:27

messaget
Class that provides messages with a built-in verbosity 'level'.
Definition: message.h:154

namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94

renamedt
Wrapper for expressions or types which have been renamed up to a given level.
Definition: renamed.h:33

ssa_exprt
Expression providing an SSA-renamed symbol of expressions.
Definition: ssa_expr.h:17

symex_target_equationt
Inheriting the interface of symex_targett this class represents the SSA form of the input program as ...
Definition: symex_target_equation.h:34

symex_target_equationt::constraint
virtual void constraint(const exprt &cond, const std::string &msg, const sourcet &source)
Record a global constraint: there is no guard limiting its scope.
Definition: symex_target_equation.cpp:314

symex_target_equationt::shared_read
virtual void shared_read(const exprt &guard, const ssa_exprt &ssa_object, unsigned atomic_section_id, const sourcet &source)
Read from a shared variable ssa_object (which is both the left- and the right–hand side of assignment...
Definition: symex_target_equation.cpp:30

symex_target_equationt::assertion
virtual void assertion(const exprt &guard, const exprt &cond, const irep_idt &property_id, const std::string &msg, const sourcet &source)
Record an assertion.
Definition: symex_target_equation.cpp:282

symex_target_equationt::input
virtual void input(const exprt &guard, const sourcet &source, const irep_idt &input_id, const std::list< exprt > &args)
Record an input.
Definition: symex_target_equation.cpp:252

symex_target_equationt::clear
void clear()
Definition: symex_target_equation.h:266

symex_target_equationt::make_expression
exprt make_expression() const

symex_target_equationt::SSA_steps
SSA_stepst SSA_steps
Definition: symex_target_equation.h:251

symex_target_equationt::output
virtual void output(const exprt &guard, const sourcet &source, const irep_idt &output_id, const std::list< renamedt< exprt, L2 >> &args)
Record an output.
Definition: symex_target_equation.cpp:216

symex_target_equationt::io_count
std::size_t io_count
Definition: symex_target_equation.h:293

symex_target_equationt::count_assertions
std::size_t count_assertions() const
Definition: symex_target_equation.h:234

symex_target_equationt::get_SSA_step
SSA_stepst::iterator get_SSA_step(std::size_t s)
Definition: symex_target_equation.h:253

symex_target_equationt::convert_decls
void convert_decls(decision_proceduret &decision_procedure)
Converts declarations: these are effectively ignored by the decision procedure.
Definition: symex_target_equation.cpp:383

symex_target_equationt::argument_count
std::size_t argument_count
Definition: symex_target_equation.h:296

symex_target_equationt::convert_assumptions
void convert_assumptions(decision_proceduret &decision_procedure)
Converts assumptions: convert the expression the assumption represents.
Definition: symex_target_equation.cpp:429

symex_target_equationt::count_ignored_SSA_steps
std::size_t count_ignored_SSA_steps() const
Definition: symex_target_equation.h:242

symex_target_equationt::convert_without_assertions
void convert_without_assertions(decision_proceduret &decision_procedure)
Interface method to initiate the conversion into a decision procedure format.
Definition: symex_target_equation.cpp:330

symex_target_equationt::assumption
virtual void assumption(const exprt &guard, const exprt &cond, const sourcet &source)
Record an assumption.
Definition: symex_target_equation.cpp:268

symex_target_equationt::validate
void validate(const namespacet &ns, const validation_modet vm) const
Definition: symex_target_equation.h:279

symex_target_equationt::atomic_begin
virtual void atomic_begin(const exprt &guard, unsigned atomic_section_id, const sourcet &source)
Record a beginning of an atomic section.
Definition: symex_target_equation.cpp:86

symex_target_equationt::SSA_stepst
std::list< SSA_stept > SSA_stepst
Definition: symex_target_equation.h:250

symex_target_equationt::spawn
virtual void spawn(const exprt &guard, const sourcet &source)
Record spawning a new thread.
Definition: symex_target_equation.cpp:63

symex_target_equationt::shared_write
virtual void shared_write(const exprt &guard, const ssa_exprt &ssa_object, unsigned atomic_section_id, const sourcet &source)
Write to a shared variable ssa_object: we effectively assign a value from this thread to be visible b...
Definition: symex_target_equation.cpp:46

symex_target_equationt::output_fmt
virtual void output_fmt(const exprt &guard, const sourcet &source, const irep_idt &output_id, const irep_idt &fmt, const std::list< exprt > &args)
Record formatted output.
Definition: symex_target_equation.cpp:233

symex_target_equationt::function_return
virtual void function_return(const exprt &guard, const irep_idt &function_id, const sourcet &source, bool hidden)
Record return from a function.
Definition: symex_target_equation.cpp:200

symex_target_equationt::atomic_end
virtual void atomic_end(const exprt &guard, unsigned atomic_section_id, const sourcet &source)
Record ending an atomic section.
Definition: symex_target_equation.cpp:100

symex_target_equationt::convert_assignments
void convert_assignments(decision_proceduret &decision_procedure)
Converts assignments: set the equality lhs==rhs to True.
Definition: symex_target_equation.cpp:361

symex_target_equationt::merge_ireps
void merge_ireps(SSA_stept &SSA_step)
Merging causes identical ireps to be shared.
Definition: symex_target_equation.cpp:700

symex_target_equationt::convert_guards
void convert_guards(decision_proceduret &decision_procedure)
Converts guards: convert the expression the guard represents.
Definition: symex_target_equation.cpp:404

symex_target_equationt::goto_instruction
virtual void goto_instruction(const exprt &guard, const renamedt< exprt, L2 > &cond, const sourcet &source)
Record a goto instruction.
Definition: symex_target_equation.cpp:300

symex_target_equationt::merge_irep
merge_irept merge_irep
Definition: symex_target_equation.h:289

symex_target_equationt::symex_target_equationt
symex_target_equationt(message_handlert &message_handler)
Definition: symex_target_equation.h:36

symex_target_equationt::convert
void convert(decision_proceduret &decision_procedure)
Interface method to initiate the conversion into a decision procedure format.
Definition: symex_target_equation.cpp:347

symex_target_equationt::~symex_target_equationt
virtual ~symex_target_equationt()=default

symex_target_equationt::dead
virtual void dead(const exprt &guard, const ssa_exprt &ssa_lhs, const sourcet &source)
Remove a variable from the scope.
Definition: symex_target_equation.cpp:161

symex_target_equationt::has_threads
bool has_threads() const
Definition: symex_target_equation.h:271

symex_target_equationt::location
virtual void location(const exprt &guard, const sourcet &source)
Record a location.
Definition: symex_target_equation.cpp:169

symex_target_equationt::convert_io
void convert_io(decision_proceduret &decision_procedure)
Converts I/O: for each argument build an equality between its symbol and the argument itself.
Definition: symex_target_equation.cpp:659

symex_target_equationt::assignment
virtual void assignment(const exprt &guard, const ssa_exprt &ssa_lhs, const exprt &ssa_full_lhs, const exprt &original_full_lhs, const exprt &ssa_rhs, const sourcet &source, assignment_typet assignment_type)
Write to a local variable.
Definition: symex_target_equation.cpp:113

symex_target_equationt::convert_function_calls
void convert_function_calls(decision_proceduret &decision_procedure)
Converts function calls: for each argument build an equality between its symbol and the argument itse...
Definition: symex_target_equation.cpp:619

symex_target_equationt::convert_constraints
void convert_constraints(decision_proceduret &decision_procedure)
Converts constraints: set the represented condition to True.
Definition: symex_target_equation.cpp:484

symex_target_equationt::log
messaget log
Definition: symex_target_equation.h:286

symex_target_equationt::convert_goto_instructions
void convert_goto_instructions(decision_proceduret &decision_procedure)
Converts goto instructions: convert the expression representing the condition of this goto.
Definition: symex_target_equation.cpp:457

symex_target_equationt::memory_barrier
virtual void memory_barrier(const exprt &guard, const sourcet &source)
Record creating a memory barrier.
Definition: symex_target_equation.cpp:74

symex_target_equationt::function_call
virtual void function_call(const exprt &guard, const irep_idt &function_id, const std::vector< renamedt< exprt, L2 >> &ssa_function_arguments, const sourcet &source, bool hidden)
Record a function call.
Definition: symex_target_equation.cpp:181

symex_target_equationt::decl
virtual void decl(const exprt &guard, const ssa_exprt &ssa_lhs, const exprt &initializer, const sourcet &source, assignment_typet assignment_type)
Declare a fresh variable.
Definition: symex_target_equation.cpp:135

symex_target_equationt::convert_assertions
void convert_assertions(decision_proceduret &decision_procedure, bool optimized_for_single_assertions=true)
Converts assertions: build a disjunction of negated assertions.
Definition: symex_target_equation.cpp:507

symex_targett
The interface of the target container for symbolic execution to record its symbolic steps into.
Definition: symex_target.h:25

symex_targett::assignment_typet
assignment_typet
Definition: symex_target.h:69

merge_irep.h

narrow.h

invariant.h

PRECONDITION
#define PRECONDITION(CONDITION)
Definition: invariant.h:463

message.h

ssa_step.h

symex_targett::sourcet
Identifies source in the context of symbolic execution.
Definition: symex_target.h:37

symex_target.h
Generate Equation using Symbolic Execution.

operator<
bool operator<(const symex_target_equationt::SSA_stepst::const_iterator a, const symex_target_equationt::SSA_stepst::const_iterator b)
Definition: symex_target_equation.h:299

validation_modet
validation_modet
Definition: validation_mode.h:13