Add global name map to goto_symex_state

JohnDumbell · JohnDumbell · commit 4fa79ae2b165 · 2019-02-28T14:58:42.000Z
This global name map will be used to check what generation is currently available for each level1 name, and shared across all states. This will only be used when a particular state tries to find out what the next free generation is. The main draw of this is that all branches will now assign unique generations that won't clash with assignments done across other branches. One minor downside is that in VCC's the generation number might jump sporadically (say from diffblue#4 to diffblue#40).
diff --git a/src/goto-instrument/accelerate/scratch_program.cpp b/src/goto-instrument/accelerate/scratch_program.cpp
@@ -35,8 +35,10 @@ bool scratch_programt::check_sat(bool do_slice)
   output(ns, "scratch", std::cout);
 #endif
 
+  global_name_mapt global_map;
   symex_state = util_make_unique<goto_symex_statet>(
-    symex_targett::sourcet(goto_functionst::entry_point(), *this));
+    symex_targett::sourcet(goto_functionst::entry_point(), *this),
+    global_map);
   symex.symex_with_state(
     *symex_state,
     [this](const irep_idt &key) -> const goto_functionst::goto_functiont & {
diff --git a/src/goto-symex/goto_symex_state.cpp b/src/goto-symex/goto_symex_state.cpp
@@ -29,8 +29,14 @@ Author: Daniel Kroening, kroening@kroening.com
 
 static void get_l1_name(exprt &expr);
 
-goto_symex_statet::goto_symex_statet(const symex_targett::sourcet &_source)
-  : goto_statet(_source), symex_target(nullptr), record_events(true), dirty()
+goto_symex_statet::goto_symex_statet(
+  const symex_targett::sourcet &_source,
+  global_name_mapt &global_map)
+  : goto_statet(_source),
+    symex_target(nullptr),
+    record_events(true),
+    dirty(),
+    global_name_map(global_map)
 {
   threads.resize(1);
   new_frame();
@@ -183,9 +189,7 @@ void goto_symex_statet::assignment(
 #endif
 
   // do the l2 renaming
-  const auto level2_it =
-    level2.current_names.emplace(l1_identifier, std::make_pair(lhs, 0)).first;
-  symex_renaming_levelt::increase_counter(level2_it);
+  increase_generation(l1_identifier, lhs);
   set_l2_indices(lhs, ns);
 
   // in case we happen to be multi-threaded, record the memory access
@@ -433,10 +437,7 @@ bool goto_symex_statet::l2_thread_read_encoding(
 
     if(a_s_read.second.empty())
     {
-      auto level2_it =
-        level2.current_names.emplace(l1_identifier, std::make_pair(ssa_l1, 0))
-          .first;
-      symex_renaming_levelt::increase_counter(level2_it);
+      increase_generation(l1_identifier, ssa_l1);
       a_s_read.first=level2.current_count(l1_identifier);
     }
 
@@ -472,10 +473,6 @@ bool goto_symex_statet::l2_thread_read_encoding(
     return true;
   }
 
-  const auto level2_it =
-    level2.current_names.emplace(l1_identifier, std::make_pair(ssa_l1, 0))
-      .first;
-
   // No event and no fresh index, but avoid constant propagation
   if(!record_events)
   {
@@ -485,7 +482,8 @@ bool goto_symex_statet::l2_thread_read_encoding(
   }
 
   // produce a fresh L2 name
-  symex_renaming_levelt::increase_counter(level2_it);
+  increase_generation(l1_identifier, ssa_l1);
+
   set_l2_indices(ssa_l1, ns);
   expr=ssa_l1;
 
@@ -497,6 +495,44 @@ bool goto_symex_statet::l2_thread_read_encoding(
   return true;
 }
 
+/// Allocates a fresh L2 name for the given L1 identifier, and makes it the
+/// latest generation on this path.
+void goto_symex_statet::increase_generation(
+  const irep_idt l1_identifier,
+  const ssa_exprt &lhs)
+{
+  auto current_emplace_res =
+    level2.current_names.emplace(l1_identifier, std::make_pair(lhs, 0));
+  auto global_emplace_res =
+    global_name_map.emplace(l1_identifier, std::make_pair(lhs, 0));
+
+  global_emplace_res.first->second.second++;
+  current_emplace_res.first->second.second =
+    global_emplace_res.first->second.second;
+}
+
+/// Allocates a fresh L2 name for the given L1 identifier, and makes it the
+/// latest generation on this path. Does nothing if there isn't an expression
+/// keyed by the l1 identifier.
+void goto_symex_statet::increase_generation_if_exists(
+  const irep_idt identifier)
+{
+  // If we can't find the name in the local scope, don't increase the global
+  // even if it exists there.
+  auto current_names_iter = level2.current_names.find(identifier);
+  if(current_names_iter == level2.current_names.end())
+    return;
+
+  // If we have a global store, increment its generation count, then assign
+  // that new value to our local scope.
+  auto global_names_iter = global_name_map.find(identifier);
+  if(global_names_iter != global_name_map.end())
+  {
+    global_names_iter->second.second++;
+    current_names_iter->second.second = global_names_iter->second.second;
+  }
+}
+
 /// thread encoding
 bool goto_symex_statet::l2_thread_write_encoding(
   const ssa_exprt &expr,
diff --git a/src/goto-symex/goto_symex_state.h b/src/goto-symex/goto_symex_state.h
@@ -135,6 +135,8 @@ struct framet
   }
 };
 
+using global_name_mapt = std::map<irep_idt, std::pair<ssa_exprt, unsigned>>;
+
 /// Central data structure: state.
 
 /// The state is a persistent data structure that symex maintains as it
@@ -146,7 +148,9 @@ struct framet
 class goto_symex_statet final : public goto_statet
 {
 public:
-  explicit goto_symex_statet(const symex_targett::sourcet &);
+  goto_symex_statet(
+    const symex_targett::sourcet &,
+    global_name_mapt &global_map);
   ~goto_symex_statet();
 
   /// \brief Fake "copy constructor" that initializes the `symex_target` member
@@ -317,6 +321,19 @@ class goto_symex_statet final : public goto_statet
   /// \brief Should the additional validation checks be run?
   bool run_validation_checks;
 
+  /// Allocates a fresh L2 name for the given L1 identifier, and makes it the
+  //  latest generation on this path.
+  void increase_generation(
+    const irep_idt l1_identifier,
+    const ssa_exprt &lhs);
+
+  /// Increases the generation of the L1 identifier. Does nothing if there
+  /// isn't an expression keyed by it.
+  void increase_generation_if_exists(
+    const irep_idt identifier);
+
+  global_name_mapt &global_name_map;
+
 private:
   /// \brief Dangerous, do not use
   ///
diff --git a/src/goto-symex/path_storage.h b/src/goto-symex/path_storage.h
@@ -90,6 +90,12 @@ class path_storaget
   /// Counter for nondet objects, which require unique names
   symex_nondet_generatort build_symex_nondet;
 
+  using global_name_mapt = std::map<irep_idt, std::pair<ssa_exprt, unsigned>>;
+
+  /// Tracks fresh L2 names across an entire symex run. This will be shared
+  /// across all states to allocate unique generations.
+  global_name_mapt level2_names;
+
 private:
   // Derived classes should override these methods, allowing the base class to
   // enforce preconditions.
diff --git a/src/goto-symex/renaming_level.cpp b/src/goto-symex/renaming_level.cpp
@@ -58,8 +58,7 @@ void symex_level1t::operator()(ssa_exprt &ssa_expr) const
   ssa_expr.set_level_1(it->second.second);
 }
 
-void symex_level1t::restore_from(
-  const symex_renaming_levelt::current_namest &other)
+void symex_level1t::restore_from(const current_namest &other)
 {
   auto it = current_names.begin();
   for(const auto &pair : other)
diff --git a/src/goto-symex/renaming_level.h b/src/goto-symex/renaming_level.h
@@ -18,6 +18,8 @@ Author: Romain Brenguier, romain.brenguier@diffblue.com
 #include <util/irep.h>
 #include <util/ssa_expr.h>
 
+class path_storaget;
+
 /// Wrapper for a \c current_names map, which maps each identifier to an SSA
 /// expression and a counter.
 /// This is extended by the different symex_level structures which are used
diff --git a/src/goto-symex/symex_dead.cpp b/src/goto-symex/symex_dead.cpp
@@ -49,7 +49,5 @@ void goto_symext::symex_dead(statet &state)
   state.propagation.erase(l1_identifier);
 
   // L2 renaming
-  auto level2_it = state.level2.current_names.find(l1_identifier);
-  if(level2_it != state.level2.current_names.end())
-    symex_renaming_levelt::increase_counter(level2_it);
+  state.increase_generation_if_exists(l1_identifier);
 }
diff --git a/src/goto-symex/symex_decl.cpp b/src/goto-symex/symex_decl.cpp
@@ -64,10 +64,8 @@ void goto_symext::symex_decl(statet &state, const symbol_exprt &expr)
   // L2 renaming
   // inlining may yield multiple declarations of the same identifier
   // within the same L1 context
-  const auto level2_it =
-    state.level2.current_names.emplace(l1_identifier, std::make_pair(ssa, 0))
-      .first;
-  symex_renaming_levelt::increase_counter(level2_it);
+  state.increase_generation(l1_identifier, ssa);
+
   const bool record_events=state.record_events;
   state.record_events=false;
   state.rename(ssa, ns);
diff --git a/src/goto-symex/symex_main.cpp b/src/goto-symex/symex_main.cpp
@@ -294,7 +294,7 @@ std::unique_ptr<goto_symext::statet> goto_symext::initialize_entry_point_state(
 
   // create and prepare the state
   auto state = util_make_unique<statet>(
-    symex_targett::sourcet(entry_point_id, start_function->body));
+    symex_targett::sourcet(entry_point_id, start_function->body), path_storage.level2_names);
   CHECK_RETURN(!state->threads.empty());
   CHECK_RETURN(!state->call_stack().empty());
 

Original file line number	Diff line number	Diff line change
`@@ -58,8 +58,7 @@ void symex_level1t::operator()(ssa_exprt &ssa_expr) const`
`58`	`58`	`ssa_expr.set_level_1(it->second.second);`
`59`	`59`	`}`
`60`	`60`
`61`		`-void symex_level1t::restore_from(`
`62`		`- const symex_renaming_levelt::current_namest &other)`
	`61`	`+void symex_level1t::restore_from(const current_namest &other)`
`63`	`62`	`{`
`64`	`63`	`auto it = current_names.begin();`
`65`	`64`	`for(const auto &pair : other)`
Original file line number	Diff line number	Diff line change
`@@ -49,7 +49,5 @@ void goto_symext::symex_dead(statet &state)`
`49`	`49`	`state.propagation.erase(l1_identifier);`
`50`	`50`
`51`	`51`	`// L2 renaming`
`52`		`- auto level2_it = state.level2.current_names.find(l1_identifier);`
`53`		`- if(level2_it != state.level2.current_names.end())`
`54`		`- symex_renaming_levelt::increase_counter(level2_it);`
	`52`	`+ state.increase_generation_if_exists(l1_identifier);`
`55`	`53`	`}`