Packages/c/cbmc-doc-6.9.0-1.fc45.x86_64.rpm

/*******************************************************************\


Module: Fatal Assertions


Author: Daniel Kroening, dkr@amazon.com


\*******************************************************************/


#include "fatal_assertions.h"


#include <util/irep_hash.h>


#include <goto-programs/goto_functions.h>


#include <stack>

#include <unordered_set>


struct function_loc_pairt

{

  using function_itt = goto_functionst::function_mapt::const_iterator;


  function_loc_pairt(

    function_itt __function_it,

    goto_programt::const_targett __target)

    : function_it(__function_it), target(__target)

  {

  }


  function_itt function_it;

  goto_programt::const_targett target;


  bool operator==(const function_loc_pairt &other) const

  {

    return function_it->first == other.function_it->first &&

           target == other.target;

  }


};


struct function_itt_hasht

{

  using function_itt = goto_functionst::function_mapt::const_iterator;


  std::size_t operator()(const function_itt &function_it) const

  {

    return function_it->first.hash();

  }


};


struct function_loc_pair_hasht

{


  std::size_t operator()(const function_loc_pairt &p) const

  {

    auto h1 = p.function_it->first.hash();

    auto h2 = const_target_hash{}(p.target);

    return hash_combine(h1, h2);

  }


};


using loc_sett =

  std::unordered_set<function_loc_pairt, function_loc_pair_hasht>;


static loc_sett


reachable_fixpoint(const loc_sett &locs, const goto_functionst &goto_functions)

{

  // frontier set

  std::stack<function_loc_pairt> working;


  for(auto loc : locs)

    working.push(loc);


  loc_sett fixpoint;


  while(!working.empty())

  {

    auto loc = working.top();

    working.pop();


    auto insertion_result = fixpoint.insert(loc);

    if(!insertion_result.second)

      continue; // seen already


    if(loc.target->is_function_call())

    {

      // get the callee

      auto &function = loc.target->call_function();

      if(function.id() == ID_symbol)

      {

        // add the callee to the working set

        auto &function_identifier = to_symbol_expr(function).get_identifier();

        auto function_iterator =

          goto_functions.function_map.find(function_identifier);

        CHECK_RETURN(function_iterator != goto_functions.function_map.end());

        working.emplace(

          function_iterator,

          function_iterator->second.body.instructions.begin());

      }


      // add the next location to the working set

      working.emplace(loc.function_it, std::next(loc.target));

    }

    else

    {

      auto &body = loc.function_it->second.body;


      for(auto successor : body.get_successors(loc.target))

        working.emplace(loc.function_it, successor);

    }

  }


  return fixpoint;

}


void propagate_fatal_to_proven(

  propertiest &properties,

  const goto_functionst &goto_functions)

{

  // Iterate to find refuted fatal assertions. Anything reachalble

  // from there is a 'fatal loc'.

  loc_sett fatal_locs;


  for(auto function_it = goto_functions.function_map.begin();

      function_it != goto_functions.function_map.end();

      function_it++)

  {

    auto &body = function_it->second.body;

    for(auto target = body.instructions.begin();

        target != body.instructions.end();

        target++)

    {

      if(target->is_assert() && target->source_location().property_fatal())

      {

        auto id = target->source_location().get_property_id();

        auto property = properties.find(id);

        CHECK_RETURN(property != properties.end());


        // Status?

        if(property->second.status == property_statust::FAIL)

        {

          fatal_locs.emplace(function_it, target);

        }

      }

    }

  }


  // Saturate fixpoint.

  auto fixpoint = reachable_fixpoint(fatal_locs, goto_functions);


  // Now mark PASS assertions as UNKNOWN.

  for(auto &loc : fixpoint)

  {

    if(loc.target->is_assert())

    {

      auto id = loc.target->source_location().get_property_id();

      auto property = properties.find(id);

      CHECK_RETURN(property != properties.end());


      // Status?

      if(property->second.status == property_statust::PASS)

      {

        property->second.status = property_statust::UNKNOWN;

      }

    }

  }

}


void propagate_fatal_assertions(

  propertiest &properties,

  const goto_functionst &goto_functions)

{

  propagate_fatal_to_proven(properties, goto_functions);

}


goto_functionst
A collection of goto functions.
Definition goto_functions.h:25

goto_functionst::function_map
function_mapt function_map
Definition goto_functions.h:29

goto_programt::const_targett
instructionst::const_iterator const_targett
Definition goto_program.h:614

symbol_exprt::get_identifier
const irep_idt & get_identifier() const
Definition std_expr.h:161

loc_sett
std::unordered_set< function_loc_pairt, function_loc_pair_hasht > loc_sett
Definition fatal_assertions.cpp:58

reachable_fixpoint
static loc_sett reachable_fixpoint(const loc_sett &locs, const goto_functionst &goto_functions)
Definition fatal_assertions.cpp:62

propagate_fatal_assertions
void propagate_fatal_assertions(propertiest &properties, const goto_functionst &goto_functions)
Proven assertions after refuted fatal assertions are marked as UNKNOWN.
Definition fatal_assertions.cpp:167

propagate_fatal_to_proven
void propagate_fatal_to_proven(propertiest &properties, const goto_functionst &goto_functions)
Proven assertions after refuted fatal assertions are marked as UNKNOWN.
Definition fatal_assertions.cpp:114

fatal_assertions.h
Fatal Assertions.

goto_functions.h
Goto Programs with Functions.

irep_hash.h
irep hash functions

hash_combine
#define hash_combine(h1, h2)
Definition irep_hash.h:121

property_statust::UNKNOWN
@ UNKNOWN
The checker was unable to determine the status of the property.
Definition properties.h:30

property_statust::PASS
@ PASS
The property was not violated.
Definition properties.h:34

property_statust::FAIL
@ FAIL
The property was violated.
Definition properties.h:36

propertiest
std::map< irep_idt, property_infot > propertiest
A map of property IDs to property infos.
Definition properties.h:76

CHECK_RETURN
#define CHECK_RETURN(CONDITION)
Definition invariant.h:495

to_symbol_expr
const symbol_exprt & to_symbol_expr(const exprt &expr)
Cast an exprt to a symbol_exprt.
Definition std_expr.h:211

const_target_hash
Definition goto_program.h:1184

function_itt_hasht
Definition fatal_assertions.cpp:40

function_itt_hasht::operator()
std::size_t operator()(const function_itt &function_it) const
Definition fatal_assertions.cpp:42

function_itt_hasht::function_itt
goto_functionst::function_mapt::const_iterator function_itt
Definition fatal_assertions.cpp:41

function_loc_pair_hasht
Definition fatal_assertions.cpp:49

function_loc_pair_hasht::operator()
std::size_t operator()(const function_loc_pairt &p) const
Definition fatal_assertions.cpp:50

function_loc_pairt
Definition fatal_assertions.cpp:22

function_loc_pairt::target
goto_programt::const_targett target
Definition fatal_assertions.cpp:31

function_loc_pairt::function_it
function_itt function_it
Definition fatal_assertions.cpp:30

function_loc_pairt::function_loc_pairt
function_loc_pairt(function_itt __function_it, goto_programt::const_targett __target)
Definition fatal_assertions.cpp:24

function_loc_pairt::operator==
bool operator==(const function_loc_pairt &other) const
Definition fatal_assertions.cpp:32

function_loc_pairt::function_itt
goto_functionst::function_mapt::const_iterator function_itt
Definition fatal_assertions.cpp:23