CBMC
wp.cpp
Go to the documentation of this file.
1 /*******************************************************************\
2 
3 Module: Weakest Preconditions
4 
5 Author: Daniel Kroening, kroening@kroening.com
6 
7 \*******************************************************************/
8 
11 
12 #include "wp.h"
13 
14 // #include <langapi/language_util.h>
15 
16 #include "goto_instruction_code.h"
17 
18 #include <util/invariant.h>
19 #include <util/pointer_expr.h>
20 #include <util/std_code.h>
21 
22 bool has_nondet(const exprt &dest)
23 {
24  forall_operands(it, dest)
25  if(has_nondet(*it))
26  return true;
27 
28  if(dest.id()==ID_side_effect)
29  {
30  const side_effect_exprt &side_effect_expr=to_side_effect_expr(dest);
31  const irep_idt &statement=side_effect_expr.get_statement();
32 
33  if(statement==ID_nondet)
34  return true;
35  }
36 
37  return false;
38 }
39 
40 void approximate_nondet_rec(exprt &dest, unsigned &count)
41 {
42  if(dest.id()==ID_side_effect &&
43  to_side_effect_expr(dest).get_statement()==ID_nondet)
44  {
45  count++;
46  dest.set(ID_identifier, "wp::nondet::"+std::to_string(count));
47  dest.id(ID_nondet_symbol);
48  return;
49  }
50 
51  Forall_operands(it, dest)
52  approximate_nondet_rec(*it, count);
53 }
54 
55 void approximate_nondet(exprt &dest)
56 {
57  static unsigned count=0; // not proper, should be quantified
58  approximate_nondet_rec(dest, count);
59 }
60 
62 enum class aliasingt { A_MAY, A_MUST, A_MUSTNOT };
63 
64 aliasingt aliasing(
65  const exprt &e1, const exprt &e2,
66  const namespacet &ns)
67 {
68  // deal with some dereferencing
69  if(
70  e1.id() == ID_dereference &&
71  to_dereference_expr(e1).pointer().id() == ID_address_of)
72  {
73  return aliasing(
74  to_address_of_expr(to_dereference_expr(e1).pointer()).object(), e2, ns);
75  }
76 
77  if(
78  e2.id() == ID_dereference &&
79  to_dereference_expr(e2).pointer().id() == ID_address_of)
80  {
81  return aliasing(
82  e1, to_address_of_expr(to_dereference_expr(e2).pointer()).object(), ns);
83  }
84 
85  // fairly radical. Ignores struct prefixes and the like.
86  if(e1.type() != e2.type())
87  return aliasingt::A_MUSTNOT;
88 
89  // syntactically the same?
90  if(e1==e2)
91  return aliasingt::A_MUST;
92 
93  // the trivial case first
94  if(e1.id()==ID_symbol && e2.id()==ID_symbol)
95  {
96  if(to_symbol_expr(e1).get_identifier()==
97  to_symbol_expr(e2).get_identifier())
98  return aliasingt::A_MUST;
99  else
100  return aliasingt::A_MUSTNOT;
101  }
102 
103  // an array or struct will never alias with a variable,
104  // nor will a struct alias with an array
105 
106  if(e1.id()==ID_index || e1.id()==ID_struct)
107  if(e2.id()!=ID_dereference && e1.id()!=e2.id())
108  return aliasingt::A_MUSTNOT;
109 
110  if(e2.id()==ID_index || e2.id()==ID_struct)
111  if(e2.id()!=ID_dereference && e1.id()!=e2.id())
112  return aliasingt::A_MUSTNOT;
113 
114  // we give up, and say it may
115  // (could do much more here)
116 
117  return aliasingt::A_MAY;
118 }
119 
121 void substitute_rec(
122  exprt &dest,
123  const exprt &what,
124  const exprt &by,
125  const namespacet &ns)
126 {
127  if(dest.id()!=ID_address_of)
128  Forall_operands(it, dest)
129  substitute_rec(*it, what, by, ns);
130 
131  // possibly substitute?
132  if(dest.id()==ID_member ||
133  dest.id()==ID_index ||
134  dest.id()==ID_dereference ||
135  dest.id()==ID_symbol)
136  {
137  // could these be possible the same?
138  switch(aliasing(dest, what, ns))
139  {
140  case aliasingt::A_MUST:
141  dest=by; // they are always the same
142  break;
143 
144  case aliasingt::A_MAY:
145  {
146  // consider possible aliasing between 'what' and 'dest'
147  const address_of_exprt what_address(what);
148  const address_of_exprt dest_address(dest);
149 
150  equal_exprt alias_cond=equal_exprt(what_address, dest_address);
151 
152  const if_exprt if_expr(alias_cond, by, dest, dest.type());
153 
154  dest=if_expr;
155  return;
156  }
157 
158  case aliasingt::A_MUSTNOT:
159  // nothing to do
160  break;
161  }
162  }
163 }
164 
165 void rewrite_assignment(exprt &lhs, exprt &rhs)
166 {
167  if(lhs.id()==ID_member) // turn s.x:=e into s:=(s with .x=e)
168  {
169  const member_exprt member_expr=to_member_expr(lhs);
170  irep_idt component_name=member_expr.get_component_name();
171  exprt new_lhs=member_expr.struct_op();
172 
173  with_exprt new_rhs(new_lhs, exprt(ID_member_name), rhs);
174  new_rhs.where().set(ID_component_name, component_name);
175 
176  lhs=new_lhs;
177  rhs=new_rhs;
178 
179  rewrite_assignment(lhs, rhs); // rec. call
180  }
181  else if(lhs.id()==ID_index) // turn s[i]:=e into s:=(s with [i]=e)
182  {
183  const index_exprt index_expr=to_index_expr(lhs);
184  exprt new_lhs=index_expr.array();
185 
186  with_exprt new_rhs(new_lhs, index_expr.index(), rhs);
187 
188  lhs=new_lhs;
189  rhs=new_rhs;
190 
191  rewrite_assignment(lhs, rhs); // rec. call
192  }
193 }
194 
195 exprt wp_assign(
196  const code_assignt &code,
197  const exprt &post,
198  const namespacet &ns)
199 {
200  exprt pre=post;
201 
202  exprt lhs=code.lhs(),
203  rhs=code.rhs();
204 
205  // take care of non-determinism in the RHS
206  approximate_nondet(rhs);
207 
208  rewrite_assignment(lhs, rhs);
209 
210  // replace lhs by rhs in pre
211  substitute_rec(pre, lhs, rhs, ns);
212 
213  return pre;
214 }
215 
216 exprt wp_assume(
217  const code_assumet &code,
218  const exprt &post,
219  const namespacet &)
220 {
221  return implies_exprt(code.assumption(), post);
222 }
223 
224 exprt wp_decl(
225  const code_declt &code,
226  const exprt &post,
227  const namespacet &ns)
228 {
229  // Model decl(var) as var = nondet()
230  const exprt &var = code.symbol();
231  side_effect_expr_nondett nondet(var.type(), source_locationt());
232  code_assignt assignment(var, nondet);
233 
234  return wp_assign(assignment, post, ns);
235 }
236 
237 exprt wp(
238  const codet &code,
239  const exprt &post,
240  const namespacet &ns)
241 {
242  const irep_idt &statement=code.get_statement();
243 
244  if(statement==ID_assign)
245  return wp_assign(to_code_assign(code), post, ns);
246  else if(statement==ID_assume)
247  return wp_assume(to_code_assume(code), post, ns);
248  else if(statement==ID_skip)
249  return post;
250  else if(statement==ID_decl)
251  return wp_decl(to_code_decl(code), post, ns);
252  else if(statement==ID_assert)
253  return post;
254  else if(statement==ID_expression)
255  return post;
256  else if(statement==ID_printf)
257  return post; // ignored
258  else if(statement==ID_asm)
259  return post; // ignored
260  else if(statement==ID_fence)
261  return post; // ignored
262  INVARIANT_WITH_DIAGNOSTICS(
263  false, "sorry, wp(", id2string(statement), "...) is not implemented");
264 }
with_exprt
Operator to update elements in structs and arrays.
Definition: std_expr.h:2423
dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:36
aliasingt::A_MUST
@ A_MUST
substitute_rec
void substitute_rec(exprt &dest, const exprt &what, const exprt &by, const namespacet &ns)
replace 'what' by 'by' in 'dest', considering possible aliasing
Definition: wp.cpp:121
Forall_operands
#define Forall_operands(it, expr)
Definition: expr.h:27
goto_instruction_code.h
to_dereference_expr
const dereference_exprt & to_dereference_expr(const exprt &expr)
Cast an exprt to a dereference_exprt.
Definition: pointer_expr.h:716
code_assignt::rhs
exprt & rhs()
Definition: goto_instruction_code.h:48
to_index_expr
const index_exprt & to_index_expr(const exprt &expr)
Cast an exprt to an index_exprt.
Definition: std_expr.h:1478
if_exprt
The trinary if-then-else operator.
Definition: std_expr.h:2322
invariant.h
code_declt
A goto_instruction_codet representing the declaration of a local variable.
Definition: goto_instruction_code.h:204
code_assumet::assumption
const exprt & assumption() const
Definition: std_code.h:223
exprt
Base class for all expressions.
Definition: expr.h:55
has_nondet
bool has_nondet(const exprt &dest)
Definition: wp.cpp:22
to_code_decl
const code_declt & to_code_decl(const goto_instruction_codet &code)
Definition: goto_instruction_code.h:252
to_string
std::string to_string(const string_not_contains_constraintt &expr)
Used for debug printing.
Definition: string_constraint.cpp:58
approximate_nondet
void approximate_nondet(exprt &dest)
Approximate the non-deterministic choice in a way cheaper than by (proper) quantification.
Definition: wp.cpp:55
aliasingt
aliasingt
consider possible aliasing
Definition: wp.cpp:62
aliasingt::A_MUSTNOT
@ A_MUSTNOT
to_side_effect_expr
side_effect_exprt & to_side_effect_expr(exprt &expr)
Definition: std_code.h:1506
equal_exprt
Equality.
Definition: std_expr.h:1305
wp_decl
exprt wp_decl(const code_declt &code, const exprt &post, const namespacet &ns)
Definition: wp.cpp:224
INVARIANT_WITH_DIAGNOSTICS
#define INVARIANT_WITH_DIAGNOSTICS(CONDITION, REASON,...)
Same as invariant, with one or more diagnostics attached Diagnostics can be of any type that has a sp...
Definition: invariant.h:437
approximate_nondet_rec
void approximate_nondet_rec(exprt &dest, unsigned &count)
Definition: wp.cpp:40
namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:90
exprt::type
typet & type()
Return the type of the expression.
Definition: expr.h:84
to_code_assume
const code_assumet & to_code_assume(const codet &code)
Definition: std_code.h:251
id2string
const std::string & id2string(const irep_idt &d)
Definition: irep.h:47
get_identifier
static optionalt< smt_termt > get_identifier(const exprt &expr, const std::unordered_map< exprt, smt_identifier_termt, irep_hash > &expression_handle_identifiers, const std::unordered_map< exprt, smt_identifier_termt, irep_hash > &expression_identifiers)
Definition: smt2_incremental_decision_procedure.cpp:328
forall_operands
#define forall_operands(it, expr)
Definition: expr.h:20
irept::set
void set(const irep_idt &name, const irep_idt &value)
Definition: irep.h:420
member_exprt::struct_op
const exprt & struct_op() const
Definition: std_expr.h:2832
aliasing
aliasingt aliasing(const exprt &e1, const exprt &e2, const namespacet &ns)
Definition: wp.cpp:64
wp_assign
exprt wp_assign(const code_assignt &code, const exprt &post, const namespacet &ns)
Definition: wp.cpp:195
code_assumet
An assumption, which must hold in subsequent code.
Definition: std_code.h:216
pointer_expr.h
code_assignt::lhs
exprt & lhs()
Definition: goto_instruction_code.h:43
index_exprt::index
exprt & index()
Definition: std_expr.h:1450
index_exprt::array
exprt & array()
Definition: std_expr.h:1440
to_symbol_expr
const symbol_exprt & to_symbol_expr(const exprt &expr)
Cast an exprt to a symbol_exprt.
Definition: std_expr.h:222
irept::id
const irep_idt & id() const
Definition: irep.h:396
std_code.h
code_declt::symbol
symbol_exprt & symbol()
Definition: goto_instruction_code.h:212
side_effect_exprt::get_statement
const irep_idt & get_statement() const
Definition: std_code.h:1472
source_locationt
Definition: source_location.h:18
side_effect_expr_nondett
A side_effect_exprt that returns a non-deterministically chosen value.
Definition: std_code.h:1519
member_exprt
Extract member of struct or union.
Definition: std_expr.h:2793
aliasingt::A_MAY
@ A_MAY
rewrite_assignment
void rewrite_assignment(exprt &lhs, exprt &rhs)
Definition: wp.cpp:165
wp_assume
exprt wp_assume(const code_assumet &code, const exprt &post, const namespacet &)
Definition: wp.cpp:216
to_member_expr
const member_exprt & to_member_expr(const exprt &expr)
Cast an exprt to a member_exprt.
Definition: std_expr.h:2886
member_exprt::get_component_name
irep_idt get_component_name() const
Definition: std_expr.h:2816
implies_exprt
Boolean implication.
Definition: std_expr.h:2133
to_address_of_expr
const address_of_exprt & to_address_of_expr(const exprt &expr)
Cast an exprt to an address_of_exprt.
Definition: pointer_expr.h:408
wp
exprt wp(const codet &code, const exprt &post, const namespacet &ns)
Compute the weakest precondition of the given program piece code with respect to the expression post.
Definition: wp.cpp:237
index_exprt
Array index operator.
Definition: std_expr.h:1409
address_of_exprt
Operator to return the address of an object.
Definition: pointer_expr.h:370
code_assignt
A goto_instruction_codet representing an assignment in the program.
Definition: goto_instruction_code.h:22
codet::get_statement
const irep_idt & get_statement() const
Definition: std_code_base.h:65
with_exprt::where
exprt & where()
Definition: std_expr.h:2444
side_effect_exprt
An expression containing a side effect.
Definition: std_code.h:1449
wp.h
to_code_assign
const code_assignt & to_code_assign(const goto_instruction_codet &code)
Definition: goto_instruction_code.h:115
codet
Data structure for representing an arbitrary statement in a program.
Definition: std_code_base.h:28