CBMC
dependence_graph.h
Go to the documentation of this file.
1 /*******************************************************************\
2 
3 Module: Field-Sensitive Program Dependence Analysis, Litvak et al.,
4  FSE 2010
5 
6 Author: Michael Tautschnig
7 
8 Date: August 2013
9 
10 \*******************************************************************/
11 
14 
15 #ifndef CPROVER_ANALYSES_DEPENDENCE_GRAPH_H
16 #define CPROVER_ANALYSES_DEPENDENCE_GRAPH_H
17 
18 #include <util/graph.h>
19 #include <util/threeval.h>
20 
21 #include "ai.h"
22 #include "cfg_dominators.h"
23 #include "reaching_definitions.h"
24 
25 class dependence_grapht;
26 
27 class dep_edget
28 {
29 public:
30  enum class kindt { NONE, CTRL, DATA, BOTH };
31 
32  void add(kindt _kind)
33  {
34  switch(kind)
35  {
36  case kindt::NONE:
37  kind=_kind;
38  break;
39  case kindt::DATA:
40  case kindt::CTRL:
41  if(kind!=_kind)
42  kind=kindt::BOTH;
43  break;
44  case kindt::BOTH:
45  break;
46  }
47  }
48 
49  kindt get() const
50  {
51  return kind;
52  }
53 
54 protected:
55  kindt kind;
56 };
57 
58 struct dep_nodet:public graph_nodet<dep_edget>
59 {
60  typedef graph_nodet<dep_edget>::edget edget;
61  typedef graph_nodet<dep_edget>::edgest edgest;
62 
63  goto_programt::const_targett PC;
64 };
65 
66 class dep_graph_domaint:public ai_domain_baset
67 {
68 public:
69  typedef grapht<dep_nodet>::node_indext node_indext;
70 
71  dep_graph_domaint(node_indext id, message_handlert &message_handler)
72  : has_values(false),
73  node_id(id),
74  has_changed(false),
75  message_handler(message_handler)
76  {
77  }
78 
79  bool merge(const dep_graph_domaint &src, trace_ptrt from, trace_ptrt to);
80 
81  void transform(
82  const irep_idt &function_from,
83  trace_ptrt trace_from,
84  const irep_idt &function_to,
85  trace_ptrt trace_to,
86  ai_baset &ai,
87  const namespacet &ns) final override;
88 
89  void output(
90  std::ostream &out,
91  const ai_baset &ai,
92  const namespacet &ns) const final override;
93 
94  jsont output_json(
95  const ai_baset &ai,
96  const namespacet &ns) const override;
97 
98  void make_top() final override
99  {
100  DATA_INVARIANT(node_id!=std::numeric_limits<node_indext>::max(),
101  "node_id must not be valid");
102 
103  has_values=tvt(true);
104  control_deps.clear();
105  control_dep_candidates.clear();
106  data_deps.clear();
107  }
108 
109  void make_bottom() final override
110  {
111  DATA_INVARIANT(node_id!=std::numeric_limits<node_indext>::max(),
112  "node_id must be valid");
113 
114  has_values=tvt(false);
115  control_deps.clear();
116  control_dep_candidates.clear();
117  data_deps.clear();
118 
119  has_changed = false;
120  }
121 
122  void make_entry() final override
123  {
124  DATA_INVARIANT(
125  node_id != std::numeric_limits<node_indext>::max(),
126  "node_id must not be valid");
127 
128  has_values = tvt::unknown();
129  control_deps.clear();
130  control_dep_candidates.clear();
131  data_deps.clear();
132 
133  has_changed = false;
134  }
135 
136  bool is_top() const final override
137  {
138  DATA_INVARIANT(node_id!=std::numeric_limits<node_indext>::max(),
139  "node_id must be valid");
140 
141  DATA_INVARIANT(
142  !has_values.is_true() ||
143  (control_deps.empty() && control_dep_candidates.empty() &&
144  data_deps.empty()),
145  "If the domain is top, it must have no dependencies");
146 
147  return has_values.is_true();
148  }
149 
150  bool is_bottom() const final override
151  {
152  DATA_INVARIANT(node_id!=std::numeric_limits<node_indext>::max(),
153  "node_id must be valid");
154 
155  DATA_INVARIANT(
156  !has_values.is_false() ||
157  (control_deps.empty() && control_dep_candidates.empty() &&
158  data_deps.empty()),
159  "If the domain is bottom, it must have no dependencies");
160 
161  return has_values.is_false();
162  }
163 
164  node_indext get_node_id() const
165  {
166  PRECONDITION(node_id != std::numeric_limits<node_indext>::max());
167  return node_id;
168  }
169 
170  void populate_dep_graph(
171  dependence_grapht &, goto_programt::const_targett) const;
172 
173 private:
174  tvt has_values;
175  node_indext node_id;
176  bool has_changed;
177 
178  typedef std::
179  set<goto_programt::const_targett, goto_programt::target_less_than>
180  depst;
181 
182  // Set of locations with control instructions on which the instruction at this
183  // location has a control dependency on
184  depst control_deps;
185 
186  // Set of locations with control instructions from which there is a path in
187  // the CFG to the current location (with the locations being in the same
188  // function). The set control_deps is a subset of this set.
189  depst control_dep_candidates;
190 
191  // Set of locations with instructions on which the instruction at this
192  // location has a data dependency on
193  depst data_deps;
194 
195  message_handlert &message_handler;
196 
197  friend const depst &
198  dependence_graph_test_get_control_deps(const dep_graph_domaint &);
199  friend const depst &
200  dependence_graph_test_get_data_deps(const dep_graph_domaint &);
201 
202  void control_dependencies(
203  const irep_idt &function_id,
204  goto_programt::const_targett from,
205  goto_programt::const_targett to,
206  dependence_grapht &dep_graph);
207 
208  void data_dependencies(
209  goto_programt::const_targett from,
210  const irep_idt &function_to,
211  goto_programt::const_targett to,
212  dependence_grapht &dep_graph,
213  const namespacet &ns);
214 };
215 
216 class dep_graph_domain_factoryt;
217 
218 class dependence_grapht:
219  public ait<dep_graph_domaint>,
220  public grapht<dep_nodet>
221 {
222 public:
223  using ait<dep_graph_domaint>::operator[];
224  using grapht<dep_nodet>::operator[];
225 
226  typedef std::map<irep_idt, cfg_post_dominatorst> post_dominators_mapt;
227 
228  dependence_grapht(const namespacet &_ns, message_handlert &);
229 
230  void initialize(const goto_functionst &goto_functions)
231  {
232  ait<dep_graph_domaint>::initialize(goto_functions);
233  rd(goto_functions, ns);
234 
235  for(const auto &entry : goto_functions.function_map)
236  {
237  const goto_programt &goto_program = entry.second.body;
238  if(!goto_program.empty())
239  {
240  end_function_map.emplace(
241  entry.first, std::prev(goto_program.instructions.end()));
242  }
243  }
244  }
245 
246  void initialize(const irep_idt &function, const goto_programt &goto_program)
247  {
248  ait<dep_graph_domaint>::initialize(function, goto_program);
249 
250  // The dependency graph requires that all nodes are explicitly created
251  forall_goto_program_instructions(i_it, goto_program)
252  get_state(i_it).make_bottom();
253 
254  if(!goto_program.empty())
255  {
256  cfg_post_dominatorst &pd = post_dominators[function];
257  pd(goto_program);
258 
259  end_function_map.emplace(
260  function, std::prev(goto_program.instructions.end()));
261  }
262  }
263 
264  void finalize()
265  {
266  for(const auto &location_state :
267  static_cast<location_sensitive_storaget &>(*storage).internal())
268  {
269  std::static_pointer_cast<dep_graph_domaint>(location_state.second)
270  ->populate_dep_graph(*this, location_state.first);
271  }
272  }
273 
274  void add_dep(
275  dep_edget::kindt kind,
276  goto_programt::const_targett from,
277  goto_programt::const_targett to);
278 
279  const post_dominators_mapt &cfg_post_dominators() const
280  {
281  return post_dominators;
282  }
283 
284  const reaching_definitions_analysist &reaching_definitions() const
285  {
286  return rd;
287  }
288 
289 protected:
290  friend dep_graph_domain_factoryt;
291  friend dep_graph_domaint;
292  const namespacet &ns;
293 
294  post_dominators_mapt post_dominators;
295  reaching_definitions_analysist rd;
296  std::map<irep_idt, goto_programt::const_targett> end_function_map;
297 };
298 
299 #endif // CPROVER_ANALYSES_DEPENDENCE_GRAPH_H
ai.h
Abstract Interpretation.
cfg_dominators.h
Compute dominators for CFG of goto_function.
ai_baset
This is the basic interface of the abstract interpreter with default implementations of the core func...
Definition: ai.h:117
ai_baset::initialize
virtual void initialize(const irep_idt &function_id, const goto_programt &goto_program)
Initialize all the abstract states for a single function.
Definition: ai.cpp:194
ai_domain_baset
The interface offered by a domain, allows code to manipulate domains without knowing their exact type...
Definition: ai_domain.h:54
ai_domain_baset::make_bottom
virtual void make_bottom()=0
no states
ai_domain_baset::trace_ptrt
ai_history_baset::trace_ptrt trace_ptrt
Definition: ai_domain.h:73
ait
ait supplies three of the four components needed: an abstract interpreter (in this case handling func...
Definition: ai.h:562
ait< dep_graph_domaint >::get_state
virtual statet & get_state(trace_ptrt p)
Get the state for the given history, creating it with the factory if it doesn't exist.
Definition: ai.h:515
cfg_dominators_templatet
Dominator graph.
Definition: cfg_dominators.h:37
dep_edget
Definition: dependence_graph.h:28
dep_edget::get
kindt get() const
Definition: dependence_graph.h:49
dep_edget::kind
kindt kind
Definition: dependence_graph.h:55
dep_edget::kindt
kindt
Definition: dependence_graph.h:30
dep_edget::kindt::CTRL
@ CTRL
dep_edget::kindt::BOTH
@ BOTH
dep_edget::kindt::NONE
@ NONE
dep_edget::kindt::DATA
@ DATA
dep_edget::add
void add(kindt _kind)
Definition: dependence_graph.h:32
dep_graph_domain_factoryt
This ensures that all domains are constructed with the node ID that links them to the graph part of t...
Definition: dependence_graph.cpp:342
dep_graph_domaint
Definition: dependence_graph.h:67
dep_graph_domaint::is_top
bool is_top() const final override
Definition: dependence_graph.h:136
dep_graph_domaint::dependence_graph_test_get_control_deps
friend const depst & dependence_graph_test_get_control_deps(const dep_graph_domaint &)
dep_graph_domaint::dep_graph_domaint
dep_graph_domaint(node_indext id, message_handlert &message_handler)
Definition: dependence_graph.h:71
dep_graph_domaint::has_values
tvt has_values
Definition: dependence_graph.h:174
dep_graph_domaint::control_dependencies
void control_dependencies(const irep_idt &function_id, goto_programt::const_targett from, goto_programt::const_targett to, dependence_grapht &dep_graph)
Definition: dependence_graph.cpp:52
dep_graph_domaint::depst
std::set< goto_programt::const_targett, goto_programt::target_less_than > depst
Definition: dependence_graph.h:180
dep_graph_domaint::data_deps
depst data_deps
Definition: dependence_graph.h:193
dep_graph_domaint::get_node_id
node_indext get_node_id() const
Definition: dependence_graph.h:164
dep_graph_domaint::merge
bool merge(const dep_graph_domaint &src, trace_ptrt from, trace_ptrt to)
Definition: dependence_graph.cpp:22
dep_graph_domaint::is_bottom
bool is_bottom() const final override
Definition: dependence_graph.h:150
dep_graph_domaint::node_id
node_indext node_id
Definition: dependence_graph.h:175
dep_graph_domaint::make_bottom
void make_bottom() final override
no states
Definition: dependence_graph.h:109
dep_graph_domaint::has_changed
bool has_changed
Definition: dependence_graph.h:176
dep_graph_domaint::control_deps
depst control_deps
Definition: dependence_graph.h:184
dep_graph_domaint::populate_dep_graph
void populate_dep_graph(dependence_grapht &, goto_programt::const_targett) const
Definition: dependence_graph.cpp:393
dep_graph_domaint::output_json
jsont output_json(const ai_baset &ai, const namespacet &ns) const override
Outputs the current value of the domain.
Definition: dependence_graph.cpp:311
dep_graph_domaint::transform
void transform(const irep_idt &function_from, trace_ptrt trace_from, const irep_idt &function_to, trace_ptrt trace_to, ai_baset &ai, const namespacet &ns) final override
how function calls are treated: a) there is an edge from each call site to the function head b) there...
Definition: dependence_graph.cpp:217
dep_graph_domaint::dependence_graph_test_get_data_deps
friend const depst & dependence_graph_test_get_data_deps(const dep_graph_domaint &)
dep_graph_domaint::control_dep_candidates
depst control_dep_candidates
Definition: dependence_graph.h:189
dep_graph_domaint::data_dependencies
void data_dependencies(goto_programt::const_targett from, const irep_idt &function_to, goto_programt::const_targett to, dependence_grapht &dep_graph, const namespacet &ns)
Definition: dependence_graph.cpp:154
dep_graph_domaint::make_top
void make_top() final override
all states – the analysis doesn't use this directly (see make_entry) and domains may refuse to implem...
Definition: dependence_graph.h:98
dep_graph_domaint::make_entry
void make_entry() final override
Make this domain a reasonable entry-point state For most domains top is sufficient.
Definition: dependence_graph.h:122
dep_graph_domaint::output
void output(std::ostream &out, const ai_baset &ai, const namespacet &ns) const final override
Definition: dependence_graph.cpp:272
dep_graph_domaint::message_handler
message_handlert & message_handler
Definition: dependence_graph.h:195
dep_graph_domaint::node_indext
grapht< dep_nodet >::node_indext node_indext
Definition: dependence_graph.h:69
dependence_grapht
Definition: dependence_graph.h:221
dependence_grapht::add_dep
void add_dep(dep_edget::kindt kind, goto_programt::const_targett from, goto_programt::const_targett to)
Definition: dependence_graph.cpp:376
dependence_grapht::dependence_grapht
dependence_grapht(const namespacet &_ns, message_handlert &)
Definition: dependence_graph.cpp:366
dependence_grapht::dep_graph_domain_factoryt
friend dep_graph_domain_factoryt
Definition: dependence_graph.h:290
dependence_grapht::reaching_definitions
const reaching_definitions_analysist & reaching_definitions() const
Definition: dependence_graph.h:284
dependence_grapht::cfg_post_dominators
const post_dominators_mapt & cfg_post_dominators() const
Definition: dependence_graph.h:279
dependence_grapht::rd
reaching_definitions_analysist rd
Definition: dependence_graph.h:295
dependence_grapht::post_dominators_mapt
std::map< irep_idt, cfg_post_dominatorst > post_dominators_mapt
Definition: dependence_graph.h:226
dependence_grapht::initialize
void initialize(const goto_functionst &goto_functions)
Initialize all the abstract states for a whole program.
Definition: dependence_graph.h:230
dependence_grapht::finalize
void finalize()
Override this to add a cleanup or post-processing step after fixedpoint has run.
Definition: dependence_graph.h:264
dependence_grapht::end_function_map
std::map< irep_idt, goto_programt::const_targett > end_function_map
Definition: dependence_graph.h:296
dependence_grapht::initialize
void initialize(const irep_idt &function, const goto_programt &goto_program)
Initialize all the abstract states for a single function.
Definition: dependence_graph.h:246
dependence_grapht::dep_graph_domaint
friend dep_graph_domaint
Definition: dependence_graph.h:291
dependence_grapht::post_dominators
post_dominators_mapt post_dominators
Definition: dependence_graph.h:294
dependence_grapht::ns
const namespacet & ns
Definition: dependence_graph.h:292
dstringt
dstringt has one field, an unsigned integer no which is an index into a static table of strings.
Definition: dstring.h:38
goto_functionst
A collection of goto functions.
Definition: goto_functions.h:25
goto_functionst::function_map
function_mapt function_map
Definition: goto_functions.h:29
goto_programt
A generic container class for the GOTO intermediate representation of one function.
Definition: goto_program.h:73
goto_programt::instructions
instructionst instructions
The list of instructions in the goto program.
Definition: goto_program.h:622
goto_programt::const_targett
instructionst::const_iterator const_targett
Definition: goto_program.h:615
goto_programt::empty
bool empty() const
Is the program empty?
Definition: goto_program.h:799
graph_nodet
This class represents a node in a directed graph.
Definition: graph.h:35
grapht
A generic directed graph with a parametric node type.
Definition: graph.h:167
jsont
Definition: json.h:27
location_sensitive_storaget
The most conventional storage; one domain per location.
Definition: ai_storage.h:154
location_sensitive_storaget::internal
state_mapt & internal(void)
Definition: ai_storage.h:169
message_handlert
Definition: message.h:28
namespacet
A namespacet is essentially one or two symbol tables bound together, to allow for symbol lookups in t...
Definition: namespace.h:94
reaching_definitions_analysist
Definition: reaching_definitions.h:352
tvt
Definition: threeval.h:20
tvt::is_false
bool is_false() const
Definition: threeval.h:26
tvt::is_true
bool is_true() const
Definition: threeval.h:25
tvt::unknown
static tvt unknown()
Definition: threeval.h:33
forall_goto_program_instructions
#define forall_goto_program_instructions(it, program)
Definition: goto_program.h:1229
graph.h
A Template Class for Graphs.
reaching_definitions.h
Range-based reaching definitions analysis (following Field- Sensitive Program Dependence Analysis,...
DATA_INVARIANT
#define DATA_INVARIANT(CONDITION, REASON)
This condition should be used to document that assumptions that are made on goto_functions,...
Definition: invariant.h:534
PRECONDITION
#define PRECONDITION(CONDITION)
Definition: invariant.h:463
dep_nodet
Definition: dependence_graph.h:59
dep_nodet::edget
graph_nodet< dep_edget >::edget edget
Definition: dependence_graph.h:60
dep_nodet::edgest
graph_nodet< dep_edget >::edgest edgest
Definition: dependence_graph.h:61
dep_nodet::PC
goto_programt::const_targett PC
Definition: dependence_graph.h:63