cprover
Loading...
Searching...
No Matches
field_sensitivity.h
Go to the documentation of this file.
1/*******************************************************************\
2
3Module: Field-sensitive SSA
4
5Author: Michael Tautschnig
6
7\*******************************************************************/
8
9#ifndef CPROVER_GOTO_SYMEX_FIELD_SENSITIVITY_H
10#define CPROVER_GOTO_SYMEX_FIELD_SENSITIVITY_H
11
12#include <util/ssa_expr.h>
13
14class byte_extract_exprt;
15class namespacet;
16class goto_symex_statet;
17class symex_targett;
18class value_sett;
19
20class field_sensitive_ssa_exprt : public exprt
21{
22public:
23 field_sensitive_ssa_exprt(const ssa_exprt &ssa, exprt::operandst &&fields)
24 : exprt(ID_field_sensitive_ssa, ssa.type(), std::move(fields))
25 {
26 add(ID_expression, ssa);
27 }
28
29 const ssa_exprt &get_object_ssa() const
30 {
31 return static_cast<const ssa_exprt &>(find(ID_expression));
32 }
33};
34
35template <>
36inline bool can_cast_expr<field_sensitive_ssa_exprt>(const exprt &base)
37{
38 return base.id() == ID_field_sensitive_ssa;
39}
40
41inline const field_sensitive_ssa_exprt &
42to_field_sensitive_ssa_expr(const exprt &expr)
43{
44 PRECONDITION(expr.id() == ID_field_sensitive_ssa);
45 const field_sensitive_ssa_exprt &ret =
46 static_cast<const field_sensitive_ssa_exprt &>(expr);
47 return ret;
48}
49
50inline field_sensitive_ssa_exprt &to_field_sensitive_ssa_expr(exprt &expr)
51{
52 PRECONDITION(expr.id() == ID_field_sensitive_ssa);
53 field_sensitive_ssa_exprt &ret =
54 static_cast<field_sensitive_ssa_exprt &>(expr);
55 return ret;
56}
57
118class field_sensitivityt
119{
120public:
125 field_sensitivityt(
126 std::size_t max_array_size,
127 bool should_simplify,
128 const irep_idt &language_mode)
129 : max_field_sensitivity_array_size(max_array_size),
130 should_simplify(should_simplify),
131 language_mode(language_mode)
132 {
133 }
134
146 void field_assignments(
147 const namespacet &ns,
148 goto_symex_statet &state,
149 const ssa_exprt &lhs,
150 const exprt &rhs,
151 symex_targett &target,
152 bool allow_pointer_unsoundness) const;
153
167 [[nodiscard]] exprt
168 apply(const namespacet &ns, goto_symex_statet &state, exprt expr, bool write)
169 const;
171 [[nodiscard]] exprt apply(
172 const namespacet &ns,
173 goto_symex_statet &state,
174 ssa_exprt expr,
175 bool write) const;
176
189 [[nodiscard]] exprt get_fields(
190 const namespacet &ns,
191 goto_symex_statet &state,
192 const ssa_exprt &ssa_expr,
193 bool disjoined_fields_only) const;
194
204 [[nodiscard]] bool
205 is_divisible(const ssa_exprt &expr, bool disjoined_fields_only) const;
206
207private:
208 const std::size_t max_field_sensitivity_array_size;
209
210 const bool should_simplify;
211 const irep_idt &language_mode;
212
213 void field_assignments_rec(
214 const namespacet &ns,
215 goto_symex_statet &state,
216 const exprt &lhs_fs,
217 const exprt &ssa_rhs,
218 symex_targett &target,
219 bool allow_pointer_unsoundness) const;
220
221 [[nodiscard]] exprt simplify_opt(
222 exprt e,
223 const value_sett &value_set,
224 const namespacet &ns) const;
225
227 [[nodiscard]] exprt apply_byte_extract(
228 const namespacet &ns,
229 goto_symex_statet &state,
230 const byte_extract_exprt &expr,
231 bool write) const;
232};
233
234#endif // CPROVER_GOTO_SYMEX_FIELD_SENSITIVITY_H
byte_extract_exprt
Expression of type type extracted from some object op starting at position offset (given in number of...
Definition byte_operators.h:29
exprt
Base class for all expressions.
Definition expr.h:57
exprt::operandst
std::vector< exprt > operandst
Definition expr.h:59
exprt::exprt
exprt()
Definition expr.h:62
exprt::type
typet & type()
Return the type of the expression.
Definition expr.h:85
field_sensitive_ssa_exprt
Definition field_sensitivity.h:21
field_sensitive_ssa_exprt::field_sensitive_ssa_exprt
field_sensitive_ssa_exprt(const ssa_exprt &ssa, exprt::operandst &&fields)
Definition field_sensitivity.h:23
field_sensitive_ssa_exprt::get_object_ssa
const ssa_exprt & get_object_ssa() const
Definition field_sensitivity.h:29
field_sensitivityt::simplify_opt
exprt simplify_opt(exprt e, const value_sett &value_set, const namespacet &ns) const
Definition field_sensitivity.cpp:616
field_sensitivityt::should_simplify
const bool should_simplify
Definition field_sensitivity.h:210
field_sensitivityt::apply_byte_extract
exprt apply_byte_extract(const namespacet &ns, goto_symex_statet &state, const byte_extract_exprt &expr, bool write) const
Turn an expression expr into a field-sensitive SSA expression.
Definition field_sensitivity.cpp:34
field_sensitivityt::max_field_sensitivity_array_size
const std::size_t max_field_sensitivity_array_size
Definition field_sensitivity.h:208
field_sensitivityt::field_sensitivityt
field_sensitivityt(std::size_t max_array_size, bool should_simplify, const irep_idt &language_mode)
Definition field_sensitivity.h:125
field_sensitivityt::get_fields
exprt get_fields(const namespacet &ns, goto_symex_statet &state, const ssa_exprt &ssa_expr, bool disjoined_fields_only) const
Compute an expression representing the individual components of a field-sensitive SSA representation ...
Definition field_sensitivity.cpp:264
field_sensitivityt::field_assignments_rec
void field_assignments_rec(const namespacet &ns, goto_symex_statet &state, const exprt &lhs_fs, const exprt &ssa_rhs, symex_targett &target, bool allow_pointer_unsoundness) const
Assign to the individual fields lhs_fs of a non-expanded symbol lhs.
Definition field_sensitivity.cpp:392
field_sensitivityt::apply
exprt apply(const namespacet &ns, goto_symex_statet &state, exprt expr, bool write) const
Turn an expression expr into a field-sensitive SSA expression.
Definition field_sensitivity.cpp:125
field_sensitivityt::field_assignments
void field_assignments(const namespacet &ns, goto_symex_statet &state, const ssa_exprt &lhs, const exprt &rhs, symex_targett &target, bool allow_pointer_unsoundness) const
Assign to the individual fields of a non-expanded symbol lhs.
Definition field_sensitivity.cpp:357
field_sensitivityt::language_mode
const irep_idt & language_mode
Definition field_sensitivity.h:211
field_sensitivityt::is_divisible
bool is_divisible(const ssa_exprt &expr, bool disjoined_fields_only) const
Determine whether expr would translate to an atomic SSA expression (returns false) or a composite obj...
Definition field_sensitivity.cpp:588
goto_symex_statet
Central data structure: state.
Definition goto_symex_state.h:42
irept::find
const irept & find(const irep_idt &name) const
Definition irep.cpp:93
irept::id
const irep_idt & id() const
Definition irep.h:388
irept::add
irept & add(const irep_idt &name)
Definition irep.cpp:103
namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition namespace.h:91
ssa_exprt
Expression providing an SSA-renamed symbol of expressions.
Definition ssa_expr.h:17
symex_targett
The interface of the target container for symbolic execution to record its symbolic steps into.
Definition symex_target.h:25
value_sett
State type in value_set_domaint, used in value-set analysis and goto-symex.
Definition value_set.h:43
can_cast_expr< field_sensitive_ssa_exprt >
bool can_cast_expr< field_sensitive_ssa_exprt >(const exprt &base)
Definition field_sensitivity.h:36
to_field_sensitive_ssa_expr
const field_sensitive_ssa_exprt & to_field_sensitive_ssa_expr(const exprt &expr)
Definition field_sensitivity.h:42
std
STL namespace.
PRECONDITION
#define PRECONDITION(CONDITION)
Definition invariant.h:463
ssa_expr.h
irep_idt
dstringt irep_idt
Definition verification_result.h:16