Value-set analysis: templatise and virtualise to facilitate customisation #1413
Conversation
smowton
force-pushed
the
smowton/feature/prepare_vsa_for_subclasses
branch
from
2326217 to
0c56267
Compare
src/pointer-analysis/value_set.h
Outdated
| @@ -211,11 +211,11 @@ class value_sett | |||
| const exprt &expr, | |||
| const namespacet &ns); | |||
|
|
|||
| void apply_code( | |||
| virtual void apply_code( | |||
There was a problem hiding this comment.
In general public virtual methods in non-abstract classes are a code smell, as they have two many responsibilities. They specify both the public interface, and a customization point for derived classes (which is an implementation detail). Ideally, the two responsibilities should be decoupled by providing a private virtual method which is called by a public (non-virtual) method. Then, if interface requirements change, the interface can be adjusted independently of the implementation (and vice versa).
I'm particularly concerned about retroactively making this method virtual. Pre-existing clients which always expect this method to do the same thing could be broken when derived classes change its behavior.
| @@ -242,28 +242,28 @@ class value_sett | |||
| const namespacet &ns) const; | |||
|
|
|||
| protected: | |||
There was a problem hiding this comment.
Prefer to make these private if at all possible.
There was a problem hiding this comment.
The virtual override points definitely need defer-to-base I'm afraid
|
|
||
| class xmlt; | ||
|
|
||
| class value_set_analysist: | ||
| template<class Value_Sett> |
There was a problem hiding this comment.
Plz no camel snake case. ValueSet?
There was a problem hiding this comment.
I don't think adopting a different naming convention is a good way of disambiguating it from the existing value_sett. Perhaps selected_value_sett? Perhaps there is a better term. value_set_domaint?
| typedef static_analysist<domaint> baset; | ||
| typedef typename baset::locationt locationt; | ||
|
|
||
| explicit value_set_analysis_baset(const namespacet &_ns):baset(_ns) |
There was a problem hiding this comment.
No leading underscores on identifiers.
| virtual void initialize(const goto_functionst &goto_functions); | ||
| void initialize(const goto_programt &goto_program) | ||
| { | ||
| baset::initialize(goto_program); |
There was a problem hiding this comment.
Overridden methods calling base class methods is a code smell. It implies that the customization points have been chosen incorrectly. This should probably be refactored.
| { | ||
| baset::initialize(goto_program); | ||
| } | ||
| void initialize(const goto_functionst &goto_functions) |
There was a problem hiding this comment.
I think these methods are missing overrides too.
| var.new_element("identifier").data= | ||
| id2string(v_it->first); | ||
|
|
||
| #if 0 |
There was a problem hiding this comment.
If this is never used it should probably be removed.
There was a problem hiding this comment.
Shrug, that goes for the entire XML interface. I don't know who (if anyone) uses it and if they use this sometimes, so I'm leaving it alone.
| class value_set_domaint:public domain_baset | ||
| { | ||
| public: | ||
| value_sett value_set; | ||
| Value_Sett value_set; |
| break; | ||
| } | ||
|
|
||
| case RETURN: |
There was a problem hiding this comment.
Add a comment to make it clear that fall-through is desired.
src/pointer-analysis/value_set.h
Outdated
| @@ -242,28 +242,28 @@ class value_sett | |||
| const namespacet &ns) const; | |||
|
|
|||
| protected: | |||
| void get_value_set_rec( | |||
| virtual void get_value_set_rec( | |||
There was a problem hiding this comment.
Again, I find it extremely unlikely that these methods are already suitable customization points. It might be better to find a more focused group of custom behaviors which can be given private virtual interfaces, and called from these (still non-virtual) methods.
|
On Fri, 2017-09-22 at 13:26 +0000, Chris Smowton wrote:
This provides sufficient hooks in value-set analysis, a CBMC core pointer-analysis, to permit downstream products such as the security analyser to create derivatives that share most of its logic.
Sounds good.
VSA itself is currently unused, as revealed by the need to add support for DEAD statements before it can be used; this also adds unit tests to check its basic functionality has not broken in the meantime.
I don't quite recall the history but it was either written for CBMC but
we used a slightly different version or it was used in other tools;
possibly Wolverine...
VSA is based on `static_analysist` and so will need to be ported to `ait` in the future if we wish to continue using it;
Yes; this was the last part of the "we should probably only have one
general abstract interpretation framework".
however this should be orthogonal to permitting it to be customised like this.
Yes. There is also quite a bit of duplicate code in the various value
analysis variants; if you are refactoring it might be worth having a
look at that (the duplication was one of the motivations behind the
variable precision domain stuff). Do be a little careful though because
IIRC there are some subtle hacks in this code to handle C pointer
weirdness.
Longer term there may be a question over whether configurations of the
variable precision domain might replace the functionality of
pointer_analysis/ but even if it does, it will be a while before this
code is removed.
HTH
|
There was a problem hiding this comment.
This looks good - just a few minor corrections. I also agree with @reuk that the interface could probably be cleaned up so the public methods aren't virtual. I will read up on Value Set Analysis so that I can validate that the tests covers suitable cases - but they look very clean!
| @@ -12,10 +12,10 @@ Author: Daniel Kroening, [email protected] | |||
| #ifndef CPROVER_POINTER_ANALYSIS_SHOW_VALUE_SETS_H | |||
| #define CPROVER_POINTER_ANALYSIS_SHOW_VALUE_SETS_H | |||
|
|
|||
| #include <pointer-analysis/value_set_analysis.h> | |||
There was a problem hiding this comment.
Why swap this to a full include when forward declaration was sufficient?
There was a problem hiding this comment.
value_set_analysist is a template specialisation now; class value_set_analysist won't work as the forward-decl will clash with the actual definition. There might be a way around this but I don't know it.
|
|
||
| class xmlt; | ||
|
|
||
| class value_set_analysist: | ||
| template<class Value_Sett> |
There was a problem hiding this comment.
I don't think adopting a different naming convention is a good way of disambiguating it from the existing value_sett. Perhaps selected_value_sett? Perhaps there is a better term. value_set_domaint?
| { | ||
| source_locationt previous_location; | ||
|
|
||
| forall_goto_program_instructions(i_it, goto_program) |
There was a problem hiding this comment.
Nit: while in the area a range based for might be better here?
There was a problem hiding this comment.
True, re: this and below though I'll stick to just moving the code without many changes and perhaps clean up later.
| xmlt &i=dest.new_element("instruction"); | ||
| i.new_element()=::xml(location); | ||
|
|
||
| for(value_sett::valuest::const_iterator |
There was a problem hiding this comment.
Nit: the formatting on this for loop is a bit hard to follow. You might consider using auto to get each statement on one line or at least aligning each statement
| } | ||
| }; | ||
|
|
||
| typedef value_set_analysis_baset<value_sett> value_set_analysist; |
There was a problem hiding this comment.
This seems like a weird place to introduce a typedef? If really needed in the header file outside of the class, perhaps put it above the class?
unit/CustomVSATest.java
Outdated
| @@ -0,0 +1,51 @@ | |||
|
|
|||
| public class CustomVSATest { | |||
There was a problem hiding this comment.
Could this go in the same folder as the test to avoid cluttering unit
| // constructor callsites confusing the results we're trying to check: | ||
| goto_function_inline(goto_model, TEST_FUNCTION_NAME, null_output); | ||
|
|
||
| REQUIRE(!model_init_failed); |
There was a problem hiding this comment.
Any reason not to do this REQUIRE immediately after initalize_goto_model?
| /// * Adds an ID_unknown to the value of variable "maybe_unknown", and | ||
| /// to the possible referees of fields named unknown_field_ref and | ||
| /// variables named unknown_global_ref | ||
| class custom_value_sett:public value_sett |
There was a problem hiding this comment.
You might consider pulling this class out into a separate file with just the above documentation left in the test file since it isn't directly relevant to the test. Definitely not a requirement, so do disregard if you disagree.
smowton
force-pushed
the
smowton/feature/prepare_vsa_for_subclasses
branch
2 times, most recently
from
6daab40 to
c669ce3
Compare
|
Shrug, that goes for the entire XML interface. I don't know who (if anyone) uses it and if they use this sometimes, so I'm leaving it alone.
The XML interface was developed for a customer (I forget exactly who)
and I think there are several people who use it. Any decision to
depreciate it should be done across the whole code-base.
|
smowton
force-pushed
the
smowton/feature/prepare_vsa_for_subclasses
branch
2 times, most recently
from
8bba3bd to
2850f1a
Compare
|
|
||
| class xmlt; | ||
|
|
||
| class value_set_analysist: | ||
| template<class DomainValueSet> |
There was a problem hiding this comment.
Still think looks a bit awkward to have this non-conforming to name convention (pointing out in case this isn't intentional, not to start a flame war 😛)
|
Changed names again to VST, believe everything is applied now |
smowton
force-pushed
the
smowton/feature/prepare_vsa_for_subclasses
branch
from
2850f1a to
b6641dc
Compare
src/pointer-analysis/value_set.h
Outdated
|
|
||
| /// Expression simplification function; by default, plain old | ||
| /// util/simplify_expr, but can be customised by subclass. | ||
| expr_simplifiert simplifier; |
There was a problem hiding this comment.
Make private, and provide a protected method which allows this to be called (but nothing else)
src/pointer-analysis/value_set.h
Outdated
|
|
||
| explicit value_sett(expr_simplifiert simplifier): | ||
| location_number(0), | ||
| simplifier(simplifier) |
There was a problem hiding this comment.
Should std::move the simplifier
| #include <java_bytecode/java_types.h> | ||
| #include <pointer-analysis/value_set_analysis.h> | ||
|
|
||
| /// Counts calls to our custom simplifier, registered above: |
|
|
||
| #define TEST_PREFIX "java::CustomVSATest." | ||
| #define TEST_FUNCTION_NAME TEST_PREFIX "test:()V" | ||
| #define TEST_LOCAL_PREFIX TEST_FUNCTION_NAME "::" |
There was a problem hiding this comment.
You could use static constexpr const char * here and avoid the evil preprocessor
There was a problem hiding this comment.
AFAIK I can't concatenate them as is done here, so I'd prefer to leave as-is
| virtual void get_reference_set( | ||
| const namespacet &ns, | ||
| const exprt &expr, | ||
| value_setst::valuest &dest) | ||
| { | ||
| value_set.get_reference_set(expr, dest, ns); | ||
| value_set.read_reference_set(expr, dest, ns); |
There was a problem hiding this comment.
In general, if you are specifying interface requirements on a templated item, use non-member rather than member functions (i.e. read_reference_set(value_set, expr, dest, ns)). This allows pre-existing types to be used, without altering their definitions, as the template requirements can be fulfilled by providing external, non-member functions. If necessary, these can even be local to a translation unit, allowing template clients in different locations to use different implementations of these wrapper/interface functions.
There was a problem hiding this comment.
Don't follow this, could I have an example?
There was a problem hiding this comment.
Let's say I have a type that already exists - maybe it's a std::vector or something where we're not able to change the implementation. Now, if you were to use this type as your template parameter, you would probably find that it doesn't have the right member functions to satisfy the interface implicitly specified by the template class. The problem is that there's nothing you can do now - you can't modify the class definition to add the right methods.
If you use non-member functions inside your template, you have more flexibility to define appropriate implementations of these functions without modifying the original class. This also gives more flexibility when refactoring. At the moment, if you changed a method in one of your classes that's used as a VST, you would have to go and modify this template, too. However, if you use non-member functions you can just modify the non-member passthrough function to call the modified member function (one change), without having to make changes throughout the template class (potentially several changes).
This is about separating the general interface for a class (its member functions) from the specific interface required for a particular template class (non-member functions).
There was a problem hiding this comment.
OK, done this this time. In general I think this sort of layer of indirection should be introduced on demand though, as the case where we need it is fairly unlikely (maybe 10% chance of needing this over the life of the code, considering the template parameters are internal code, and the cost of introducing the indirection scales with the size of the implied interface, not the number of subclasses already providing it.
This templates value-set-analysis, so that it can be subclassed providing a value-set extension, and virtualizes value-set so it can similarly be extended.
We could be smarter with these; this at least enables us to process current standard GOTO programs.
smowton
force-pushed
the
smowton/feature/prepare_vsa_for_subclasses
branch
from
b6641dc to
e669c12
Compare
|
Comments 1-3 done, 4 declined, 5 I don't understand, please give an example? |
…nctions These provide an oportunity for future implementers of value-sets not to have to conform to the same public interface as value_sett, e.g. to provide some type they can't or don't want to augment and provide non-member function specialisations instead.
|
Change 5 now applied too. |
|
Hi, |
|
|
On Mon, 2017-10-16 at 01:28 -0700, Chris Smowton wrote:
1. Sorry, didn't think anybody was using this code except for goto-instrument.
It should be used in symex and in the dependency graph / slicer at a
minimum. As a generally point, we can't entirely assume that something
is unused just because it is not used in the main CBMC repository.
Also, where possible, introducing the new API, depreciating the old one
and then removing it later is A Good Thing. See the ai.h /
static_analysis.h divide.
|
|
I'm using value_set_domaint, which has changed quite a bit. I've fixed my stuff now, just it would be nice if there's a bit of a period of overlap for future changes like this. |
|
Ah ok, so would my writing typedef value_set_domaint templated_value_set_domaint<value_sett> have prevented problems, or were there further problems with value_set_domaint's internals? |
|
You would also need to keep the names of the functions within templated_value_set_domaint<value_sett> the same as the functions within value_set_domaint (e.g., get_value_set is now read_value_set, and a new get_value_set has been introduced) |
|
Ah crap, sure, that was because the 4-operand and 3-operand versions of In any case this is all now reverted per @kroening. |
|
That's great, thanks! |
64d81f1 Merge remote-tracking branch 'upstream/develop' into pull-support-20171019 9e05177 Merge pull request diffblue#1474 from diffblue/jbmc e847137 Merge pull request diffblue#1493 from reuk/reuk/output-instruction-const-ref e74e1d8 Merge pull request diffblue#1489 from svorenova/tg-865 09431fd Adding unit tests for the signature/descripture mismatch 9a59fb9 Renamed DiffBlue -> Diffblue 185206c cbmc cleanup d542f7e cbmc: clean out java 320eeaf use jbmc in regression tests 4286b86 added jbmc executable b61cb56 Resolving signature/descriptor mismatch for methods 62675bb Merge pull request diffblue#1494 from thk123/tests/adding-generic-unit-tests 69d67ab Modified unit test to compile 9e68466 Replace loop_id parameter with const instructiont& dbff05b Replace iterator with const value_type& in output_instruction signature 5191170 Merge pull request diffblue#1485 from diffblue/std_expr_typing 210a2f4 Merge pull request diffblue#1491 from andreast271/cbmc_parse_options_fix fbc54ad guard against spurious pointers in taint analysis 5d6ebfd Revert "test isn't ready yet" de668e6 upgrade uses of deprecated member_exprt constructor 9da3f4f elaborate typing of std_expr expression classes 36ac8c9 Merge pull request diffblue#1482 from reuk/reuk/more-cmake-errors 47c2a51 Merge pull request diffblue#1447 from NathanJPhillips/bugfix/calculate_max_string_length-unit-test b2b4ca5 Align options string with help function and options parser dfb11c2 Merge pull request diffblue#1480 from diffblue/java-types-cleanup 11c8aba Fixed calculate_max_string_length unit test to work in CLion 8f4f2ec Merge pull request diffblue#1473 from reuk/reuk/simplify-expr-fixup 1ad89a0 Merge pull request diffblue#1475 from martin-cs/goto-analyzer-6-part1 3c5df61 Merge pull request diffblue#1486 from diffblue/revert-1413-smowton/feature/prepare_vsa_for_subclasses 24f9867 Simplify a broader range of java primitive types a18d7ec Revert "Value-set analysis: templatise and virtualise to facilitate customisation" 88acdfd Merge pull request diffblue#1355 from diffblue/cleanout-config-dependency 7df77e8 Add the overrides that clang wants. e96e09b Regression test for constant propagator merge bug ba55a2f constant propagator fix 350aa96 Addressing constant domain review comments by Daniel Poetzl. 5e9b2f4 Fail CMake build if make-generated files are found 32dcad8 test approx-const-fp-array-variable-invalid-cast-const-fp now more generous 12d45c6 Remove config dependency from CVC and DPLIB solvers 00d25a2 Pointers now come with a width f4bc0ec cleanup of java_types.h 08b2332 disable two-way propagation for now 76abe8a Fix constant propagator. c0ce9de Merge pull request diffblue#1413 from smowton/smowton/feature/prepare_vsa_for_subclasses 0bf2ce8 Merge pull request diffblue#1478 from smowton/smowton/fix/doxygen_fixes 0e0b501 Merge pull request diffblue#1463 from diffblue/mem-safety-check 04aff7c Remove residual doc template fc02354 Fix docstyle in dump_c.cpp a99b254 Indirect value_set_domaint -> value_sett operations via non-member functions f94807d Merge pull request diffblue#1428 from romainbrenguier/refactor/find_index 433fdbf Merge pull request diffblue#1472 from reuk/reuk/label-tests df6a0b3 Merge pull request diffblue#1406 from NlightNFotis/fotis/generics_support 123162b Merge pull request diffblue#1476 from diffblue/remove_ID_reference e669c12 Add unit tests for value-set-analysis customisation 9465771 Value-set analysis: ignore DEAD statements a2c1685 Templatize and virtualize value-set analysis 8ea9dcb Use std::find_if instead of expr visitor 5e1eede Merge pull request diffblue#1454 from martin-cs/feature/string-solver-performance c73b758 Merge pull request diffblue#1452 from diffblue/call-seq-fix d735cc5 Added support for concretising a generic and adding it into the symbol table. f131b34 Remove ID_reference as front-ends use ID_pointer+ID_C_reference d67bc87 Merge pull request diffblue#1471 from reuk/reuk/more-expr-cast-updates 5777062 check that memory for memcpy, memset and memmove is accessible 808a6ad Created basic class for creating new java instantiations of classes 57c2c1f Label tests with CBMC bf4a103 Make a few changes suggested by @smowton b63eb99 Merge pull request diffblue#1418 from diffblue/address_of_unions e82701a Merge pull request diffblue#1456 from diffblue/preserve-hidden 3ff8448 Merge pull request diffblue#1468 from smowton/smowton/fix/unit_test_makefile_dependencies 1a81b3f Merge pull request diffblue#1341 from reuk/reuk/big-int-fixes 1d9eace Merge pull request diffblue#1465 from mgudemann/feature/string-solver-performance 987d384 Switch (!a | b) for (a => b) to clarrify the intent of the code. 40ff71b Avoid generating redundant constraints by iterating over n^2/2 rather than n^2 pairs. d8b25f3 Merge pull request diffblue#1470 from reuk/reuk/fix-null-dereferences 5fa7b9a Merge pull request diffblue#1466 from reuk/reuk/return-ptr-from-expr-cast 0832454 Fix a couple of places where a null pointer may be dereferenced 47e426f Merge pull request diffblue#1442 from andreast271/compilation-NDEBUG-enable 869043a Merge pull request diffblue#1464 from smowton/smowton/fix/messaget_copy_and_assign_operators 9f53e90 Return pointer from expr_try_dynamic_cast 838c8a1 Fix testing-utils Makefile dependency 691e9fb Merge pull request diffblue#1449 from diffblue/havoc_object 78cd286 Fix messaget's copy-constructor and operator= 1614c2c Merge pull request diffblue#1462 from reuk/reuk/symbol-table-pointer a9ba0f9 Modify/add symbol table lookup and get_writeable d19e737 Merge pull request diffblue#1461 from thk123/bugfix/correcting-includes-in-new-unit-tests 3b69fe1 Missing source file from Makefile d70a08a Util files were moved into a util library 0681219 Merge branch 'develop' of github.com:diffblue/cbmc into develop 8891466 test isn't ready yet (cmake variant) b8057d3 Merge pull request diffblue#1448 from diffblue/goto-analalyzer-taint-test beac327 added __CPROVER_havoc(...) 8118efa test isn't ready yet 19858f9 Fix zeroing of arrays in value set analysis 12fd5fe Fix identifying arrays in value set analysis e618169 Merge pull request diffblue#1434 from svorenova/generics_support 68e4d6b Merge pull request diffblue#1457 from reuk/reuk/testing-utils 7c545c8 Switch (!a | b) for (a => b) to clarrify the intent of the code. 438ba8d Avoid generating redundant constraints by iterating over n^2/2 rather than n^2 pairs. aacd436 Add new testing-utils library b7aaad0 Removing signature parsing for local variables 8d54be1 Adding exception and tests for missing closing delimiter 608c6b6 Disabling part of the unit test for generic classes e140bb7 Updating the calls of lookup method to reflect the new return type cfb5212 Resolving name shadowing 97e1b9a Adding a warning and a commentary for unsupported generics, cleaning 4f305de Handling wild card generics with exception 8f527f8 Cleaning java files 3a1962f Turning back on regression tests a9dc64d Disabling part of the unit test for generic classes 04e55be Reverting method descriptor loading 2f7925d Adding unit test for recursive generic class 764c651 Enable compilation with NDEBUG defined e8c75ac Adding unit test for generic array de5c040 Adding tests for generic functions 85c1574 Applied use of utility function for loading a class file 8c7f4e4 Adding unit test for java class that inherits from a generic class 1dd221d Correct handling of the java generic class signature 33afe48 Adding unit tests for parsing wild card functions a2344f8 Extending the tests for the generic class 35cd160 Deal with generic methods 7320c46 Correcting a typo 2f7f695 Adding some useful debug info 79f743b Adding conversions for wild cards a60ead4 Correctly handle nested generic types b59c659 When dealing with generic arrays we should treat them like ref arrays too 1bd95c0 Classes that aren't generic but inherit from a generic type have a signature b2f57e8 Fixing handling the case of * 31faaa6 Revert "Revert "TG-374 Feature/java support generics"" 89341da Merge pull request diffblue#227 from diffblue/feature/adding_goto_statistics_to_goto-instrument 99eb662 Merge pull request diffblue#1450 from reuk/reuk/join-strings 9cf47a2 Updates requested in the PR. 4c4a267 Adding computation and save of goto program statistics. 7fcfd30 Merge pull request diffblue#1453 from diffblue/integer-addressees 639d1aa Merge pull request diffblue#1451 from diffblue/time-stopping 7e42fd2 preserve hidden flag for functions 0346f87 Add a join function for strings 2b17564 integer dereferences are now re-written to a custom expression 202b509 fix for call-sequences and call-graph f159bd5 more time stopping functionality ba96dde Merge pull request diffblue#1441 from reuk/reuk/expr-cast-for-code-types 086d6da moved taint-related tests for goto-analyzer into separate subdirectory c25e56f Respond to @NathanJPhillips' review feedback 3a4d364 Add checked_cast signatures 47a13c7 Remove unnecessary explicit typelists bc3d79b Use decay instead of remove_const(remove_reference) f9c1c70 Reorder and hide functions in expr_cast 800adbe Allow dynamic expr cast with code types 3ce8f11 Fix comparison in expr_cast.h 48b154a Bugfix: Exclude functions without bodies from GOTO statistics. 22a68fe Merge pull request diffblue#1444 from smowton/upstream/restrict-symbol-table d577d40 Merge pull request diffblue#1445 from smowton/smowton/feature/test-pl-interrupt b01ff65 Test.pl: exit if a test is interrupted 6794191 Improve symbol table documentation d320187 Linter fixes 53e1ca2 Made move constructor strong exception safe 9f4e933 Changed interface to symbol_tablet::insert e35f2fc Misc review requests a9d802b Made lookup return optional d1d502f Restricted interface of current symbol_tablet 478dc8a Merge pull request diffblue#1371 from NathanJPhillips/feature/unhide-error b790095 Merge pull request diffblue#1443 from tautschnig/fix-library-check ab2f3c3 Merge pull request diffblue#1438 from reuk/reuk/simplify-expr-improvement e865729 Updated comment 1def64c Added INVARIANT to symbol_tablet::remove 7798daa Add move insert to symbol_table b14a495 Tidy up symbol_tablet::move 6be5fd5 Merge pull request diffblue#1394 from smowton/smowton/feature/split_frontend_final_stage 14eecf6 library_check: use the build-system configured C compiler 3197045 library_check: rename _mm_*fence functions 6bc86e1 Merge pull request diffblue#222 from diffblue/feature/lexicographical_ordered_dump_of_functions_and_symbols a73ee46 Merge pull request diffblue#224 from diffblue/feature/file_utils_add_parsing_of_file_extension 421f4eb Merge pull request diffblue#226 from diffblue/feature/goto_statistics 1d87928 Add unit test for new behavior 9ea7414 Set up config in unit tests 0e2b13f Remove tautological typecasts 901d745 Switch to C++11 for-loops in language_file.cpp c7c8022 Add tests for mixed GOTO and C input 05f2f3c Split the entry-point-generation phase into two parts 268d196 Display error in catch(...) 6888dd2 Merge pull request diffblue#1436 from smowton/smowton/initialize-goto-model-opaque-stub-generation 6d9f029 Updates requested in the PR. 6f8ebe4 Updates requested in the PR. d4a04ac Added support of Windows platform to parsing file extension. 1884d67 Merge pull request diffblue#221 from diffblue/bugfix/INVARIANT_while(0)_to_while(false) 39a774f Introducing GOTO program statistics. 821ba1c Updates requested in the PR. 9266de0 Add parsing of file extension from file path-name. a9fa893 Merge pull request diffblue#1437 from smowton/smowton/fix-object-factory-globals 632ae4b Updates to recording_symbol_tablet 7545fc5 Merge pull request diffblue#1409 from thk123/bugfix/lang-args-missing 7fb835c Merge pull request diffblue#1433 from thk123/bugfix/doxy-script-documentation 56b0b26 Added lexicographical order to textual dump of functions and symbols. 58ef65b Object factory: initialise global symbols in place c41acce Set opaque stub generation in initialize-goto-model ef76441 Corrected error in the run_diff script 897aaf6 Merge pull request diffblue#1431 from thk123/feature/java-load-class-utility 79324b3 INVARIANT: while(0) -> while(false) 774bfdb Correcting type in the extendor class 46cbec6 Created utility function for loading a class file 8151e91 Merge pull request diffblue#1429 from janmroczkowski/janmroczkowski/unified_difft-remove-unused-identifier 3ceb89b Merge pull request diffblue#1390 from diffblue/fix_pointer_type 733f7b2 Added is_success and is_error helpers 5e7f3f7 Added implicit constructors to main_function_resultt to make code in get_main_symbol even briefer 3317a3a Tidied up code in get_main_symbol 47fe36f Changed main_function_resultt to use an enum instead of a collection of bools 8bb39ca Merge pull request diffblue#1427 from LAJW/feature/string-replace-single-character-strings a084a6a Reverting indentation in order to make the compiler silent. f948c2f Readability improvement fc7c615 Remove unused function identifier c063d01 Merge pull request diffblue#1259 from romainbrenguier/cleaning/factor-assign-java-string c24e6c9 Update regression test that can randomly fail df88b49 Rename operand_to_process into expr_to_process e0441cb Add example where the solver potentially runing out of memory 52a08d8 Setting string-max-length on strings test 02e42da Adding unit test for convert exprt to string exprt 870814e Make code_assign_java_string_to_string_expr append to a code argument e8491a6 Factoring assign_java_string_to_string_expr with process_operands 00af153 Add comment on implementation status of String.replace f2fab1a String.replace for single-character strings fade69f Move expr_cast to a separate file e4b5e12 Merge pull request diffblue#218 from diffblue/cleanup/typo 5fecceb Added recording_symbol_tablet 4d65951 Split storage for symbol_tablet into a concrete derived type 7b254e2 Made move constructor strong exception safe d66c0bc Changed interface to symbol_tablet::insert 6dc1213 Typo in reachable 51e493e Merge pull request diffblue#1422 from reuk/reuk/library-check-dep 27e1f2a Merge pull request diffblue#1423 from janmroczkowski/janmroczkowski/fresh_symbol-reset_temporary_counter 15af645 Merge pull request diffblue#1426 from reuk/reuk/download-project db9a0a7 Updates requested in the PR. d00c03d Introducing "enable_ccache" switch (default on) into our build system. 88c2f9c Use DownloadProject method for integrating sat libraries bc593c5 Add DownloadProject cmake script 0cc696b introduced ID_frontend_pointer cc63551 revert bits of a9806c0; the width of these pointers is done during the conversion phase 8fdb06f preserve location of pointer types de493ae Merge pull request diffblue#1412 from diffblue/java-object-factory-bug 7c3239b Merge pull request diffblue#1417 from diffblue/builtin_memset 368bb27 Merge pull request diffblue#1421 from jasigal/refactor/string-refinement-decision-procedure#TG-672 f079156 Merge pull request diffblue#205 from diffblue/feature/restrict-symbol-table 2462077 Misc review requests 98d0082 Made lookup return optional db69023 Restricted interface of current symbol_tablet ea74c6d Updated comment 909b557 Added INVARIANT to symbol_tablet::remove bd3ee6e Add move insert to symbol_table e67f326 TG-672 Added universal constraint counter-examples, assumed fix-point with no not contains constraints is equi-SAT 72a537a TG-672 Remove some unused concretizing code 95efc6f TG-672 Grouped string axioms together a65407e TG-672 Grouped index sets together 503c49d TG-672 Removed unneeded code (current index set display, extra invariant check) 45af45d TG-672 Uniformity in algorithm for treatement of universal and not contains constraints dd03003 TG-672 Fixed correctness issue in main loop of algorithm and added first UNSAT return dfa3ffd TG-672 Replaced `push_back` with `emplace_back` ac1b620 TG-672 Fixed `expr_cast` to be unambiguous and added `const` and `const` references throughout eb5726e Add reset_temporary_counter to fresh_symbol b5fe7e3 TG-672 Initial refactoring (renaming, code removal) 438d9f0 Merge pull request diffblue#1401 from janmroczkowski/janmroczkowski/java_bytecode_convert_classt-add_array_types-fix 18aacc0 Add full JSON-structured output for value-set analysis 0cdd9c6 Improve structure of JSON static-analysis dump 7df9f15 Add LVSA summary dump-to-JSON 83ee7d4 Only re-run library-check when ansi-c changes 2adc013 symex: fix address_of unions cd8d494 added __builtin_memset fcd470a only attempt to translate nondet sideeffects for Java code b9dfda9 Fix to java_bytecode_convert_classt.add_array_types 61c6489 Verify that language options have been initialized e3ad6c0 Update Big-Int with copy, move, swap git-subtree-dir: cbmc git-subtree-split: 64d81f1
This provides sufficient hooks in value-set analysis, a CBMC core pointer-analysis, to permit downstream products such as the security analyser to create derivatives that share most of its logic.
VSA itself is currently unused, as revealed by the need to add support for DEAD statements before it can be used; this also adds unit tests to check its basic functionality has not broken in the meantime.
VSA is based on
static_analysistand so will need to be ported toaitin the future if we wish to continue using it; however this should be orthogonal to permitting it to be customised like this.