Convert --unreachable-instructions, --unreachable-functions and --reachable-functions

martin · martin · commit 1275983b1c1a · 2017-12-05T11:17:25.000Z
from specific to general tasks.

If the options are given on their own then the specific version is used.  If a domain
is given as well then that is run and used to determine what is (un)reachable.
diff --git a/regression/goto-analyzer/reachable-functions-basic-json/test.desc b/regression/goto-analyzer/reachable-functions-basic-json/test.desc
@@ -0,0 +1,9 @@
+CORE
+../unreachable-instructions-basic-text/unreachable.c
+--reachable-functions --json -
+"function": "main",$
+"function": "dead_inside",$
+"function": "obviously_dead",$
+"function": "not_obviously_dead",$
+--
+^warning: ignoring
diff --git a/regression/goto-analyzer/reachable-functions-basic-text/test.desc b/regression/goto-analyzer/reachable-functions-basic-text/test.desc
@@ -0,0 +1,9 @@
+CORE
+../unreachable-instructions-basic-text/unreachable.c
+--reachable-functions
+unreachable.c main 35 42$
+unreachable.c dead_inside 8 14$
+unreachable.c obviously_dead 16 23$
+unreachable.c not_obviously_dead 25 31$
+--
+^warning: ignoring
diff --git a/regression/goto-analyzer/reachable-functions-domain-text/test.desc b/regression/goto-analyzer/reachable-functions-domain-text/test.desc
@@ -0,0 +1,11 @@
+CORE
+../unreachable-instructions-basic-text/unreachable.c
+--reachable-functions --constants
+^EXIT=0$
+^SIGNAL=0$
+unreachable.c main 35 42$
+unreachable.c dead_inside 8 14$
+unreachable.c obviously_dead 16 23$
+unreachable.c not_obviously_dead 25 31$
+--
+^warning: ignoring
diff --git a/regression/goto-analyzer/unreachable-functions-basic-json/test.desc b/regression/goto-analyzer/unreachable-functions-basic-json/test.desc
@@ -0,0 +1,9 @@
+CORE
+../unreachable-instructions-basic-text/unreachable.c
+--unreachable-functions --json -
+"file name": ".*unreachable.c",
+"first line": 3,
+"function": "not_called",
+"last line": 6
+--
+^warning: ignoring
diff --git a/regression/goto-analyzer/unreachable-functions-basic-text/test.desc b/regression/goto-analyzer/unreachable-functions-basic-text/test.desc
@@ -0,0 +1,6 @@
+CORE
+../unreachable-instructions-basic-text/unreachable.c
+--unreachable-functions
+unreachable.c not_called 3 6$
+--
+^warning: ignoring
diff --git a/regression/goto-analyzer/unreachable-functions-domain-text/test.desc b/regression/goto-analyzer/unreachable-functions-domain-text/test.desc
@@ -0,0 +1,8 @@
+CORE
+../unreachable-instructions-basic-text/unreachable.c
+--unreachable-functions --constants
+^EXIT=0$
+^SIGNAL=0$
+unreachable.c not_called 3 6$
+--
+^warning: ignoring
diff --git a/regression/goto-analyzer/unreachable-instructions-basic-json/test.desc b/regression/goto-analyzer/unreachable-instructions-basic-json/test.desc
@@ -0,0 +1,21 @@
+CORE
+../unreachable-instructions-basic-text/unreachable.c
+--unreachable-instructions --json -
+"function": "not_called",
+"unreachableInstructions":
+"sourceLocation":
+"function": "not_called",
+"line": "5",
+"statement": "not_called#return_value = x \+ x;"
+"sourceLocation":
+"function": "not_called",
+"line": "5",
+"statement": "GOTO 1"
+"function": "dead_inside",
+"unreachableInstructions":
+"sourceLocation":
+"function": "dead_inside",
+"line": "12",
+"statement": "y = y \+ 1;"
+--
+^warning: ignoring
diff --git a/regression/goto-analyzer/unreachable-instructions-basic-text/test.desc b/regression/goto-analyzer/unreachable-instructions-basic-text/test.desc
@@ -0,0 +1,15 @@
+CORE
+unreachable.c
+--unreachable-instructions
+^EXIT=0$
+^SIGNAL=0$
+not_called
+// 28 file unreachable.c line 5 function not_called$
+not_called#return_value = x \+ x;$
+// 29 file unreachable.c line 5 function not_called$
+GOTO 1$
+dead_inside
+// 34 file unreachable.c line 12 function dead_inside$
+y = y \+ 1;$
+--
+^warning: ignoring
diff --git a/regression/goto-analyzer/unreachable-instructions-basic-text/unreachable.c b/regression/goto-analyzer/unreachable-instructions-basic-text/unreachable.c
@@ -0,0 +1,42 @@
+#include <assert.h>
+
+int not_called(int x)
+{
+  return x + x;
+}
+
+int dead_inside(int x)
+{
+  int y = x + x;
+  goto end;
+  ++y;
+ end : return y;
+}
+
+int obviously_dead(int x)
+{
+  if (0)
+  {
+    x++;
+  }
+  return x;
+}
+
+int not_obviously_dead(int x)
+{
+  if (dead_inside(x) != x + x) {
+    x++;
+  }
+  return obviously_dead(x);
+}
+
+int nondet_int(void);
+
+int main(int argc, char **argv)
+{
+  int x = 23;
+
+  assert(x == not_obviously_dead(x));
+
+  return;
+}
diff --git a/regression/goto-analyzer/unreachable-instructions-domain-text/test.desc b/regression/goto-analyzer/unreachable-instructions-domain-text/test.desc
@@ -0,0 +1,18 @@
+CORE
+../unreachable-instructions-basic-text/unreachable.c
+--unreachable-instructions --constants
+^EXIT=0$
+^SIGNAL=0$
+not_called
+// 28 file unreachable.c line 5 function not_called$
+not_called#return_value = x \+ x;$
+// 29 file unreachable.c line 5 function not_called$
+GOTO 1$
+dead_inside
+// 34 file unreachable.c line 12 function dead_inside$
+y = y \+ 1;$
+obviously_dead
+// 40 file unreachable-instructions-basic-text/unreachable.c line 20 function obviously_dead
+x = x \+ 1;
+--
+^warning: ignoring
diff --git a/src/goto-analyzer/goto_analyzer_parse_options.cpp b/src/goto-analyzer/goto_analyzer_parse_options.cpp
@@ -146,20 +146,26 @@ void goto_analyzer_parse_optionst::get_command_line_options(optionst &options)
     options.set_option("taint", true);
     options.set_option("specific-analysis", true);
   }
+  // For backwards compatibility,
+  // these are first recognised as specific analyses
+  bool reachability_task = false;
   if(cmdline.isset("unreachable-instructions"))
   {
     options.set_option("unreachable-instructions", true);
     options.set_option("specific-analysis", true);
+    reachability_task = true;
   }
   if(cmdline.isset("unreachable-functions"))
   {
     options.set_option("unreachable-functions", true);
     options.set_option("specific-analysis", true);
+    reachability_task = true;
   }
   if(cmdline.isset("reachable-functions"))
   {
     options.set_option("reachable-functions", true);
     options.set_option("specific-analysis", true);
+    reachability_task = true;
   }
   if(cmdline.isset("show-local-may-alias"))
   {
@@ -244,7 +250,7 @@ void goto_analyzer_parse_optionst::get_command_line_options(optionst &options)
     options.set_option("general-analysis", true);
   }
 
-  if (options.get_bool_option("general-analysis"))
+  if(options.get_bool_option("general-analysis") || reachability_task)
   {
     // Abstract interpreter choice
     if(cmdline.isset("location-sensitive"))
@@ -280,12 +286,24 @@ void goto_analyzer_parse_optionst::get_command_line_options(optionst &options)
       options.set_option("domain set", true);
     }
 
-
-    if(!options.get_bool_option("domain set"))
+    // Reachability questions, when given with a domain swap from specific
+    // to general tasks so that they can use the domain & parameterisations.
+    if(reachability_task)
     {
-      // Deafult to constants as it is light-weight but useful
-      status() << "Domain defaults to --constants" << eom;
-      options.set_option("constants", true);
+      if(options.get_bool_option("domain set"))
+      {
+        options.set_option("specific-analysis", false);
+        options.set_option("general-analysis", true);
+      }
+    }
+    else
+    {
+      if(!options.get_bool_option("domain set"))
+      {
+        // Default to constants as it is light-weight but useful
+        status() << "Domain not specified, defaulting to --constants" << eom;
+        options.set_option("constants", true);
+      }
     }
   }
 }
@@ -468,7 +486,9 @@ int goto_analyzer_parse_optionst::perform_analysis(const optionst &options)
     }
   }
 
-  if(options.get_bool_option("unreachable-instructions"))
+  // If no domain is given, this lightweight version of the analysis is used.
+  if(options.get_bool_option("unreachable-instructions") &&
+     options.get_bool_option("specific-analysis"))
   {
     const std::string json_file=cmdline.get_value("json");
 
@@ -492,7 +512,8 @@ int goto_analyzer_parse_optionst::perform_analysis(const optionst &options)
     return 0;
   }
 
-  if(options.get_bool_option("unreachable-functions"))
+  if(options.get_bool_option("unreachable-functions") &&
+     options.get_bool_option("specific-analysis"))
   {
     const std::string json_file=cmdline.get_value("json");
 
@@ -516,7 +537,8 @@ int goto_analyzer_parse_optionst::perform_analysis(const optionst &options)
     return 0;
   }
 
-  if(options.get_bool_option("reachable-functions"))
+  if(options.get_bool_option("reachable-functions") &&
+     options.get_bool_option("specific-analysis"))
   {
     const std::string json_file=cmdline.get_value("json");
 
@@ -629,6 +651,30 @@ int goto_analyzer_parse_optionst::perform_analysis(const optionst &options)
                                  get_message_handler(),
                                  out);
     }
+    else if(options.get_bool_option("unreachable-instructions"))
+    {
+      result = static_unreachable_instructions(goto_model,
+                                               *analyzer,
+                                               options,
+                                               get_message_handler(),
+                                               out);
+    }
+    else if(options.get_bool_option("unreachable-functions"))
+    {
+      result = static_unreachable_functions(goto_model,
+                                            *analyzer,
+                                            options,
+                                            get_message_handler(),
+                                            out);
+    }
+    else if(options.get_bool_option("reachable-functions"))
+    {
+      result = static_reachable_functions(goto_model,
+                                          *analyzer,
+                                          options,
+                                          get_message_handler(),
+                                          out);
+    }
     else
     {
       error() << "Unhandled task" << eom;
@@ -774,6 +820,11 @@ void goto_analyzer_parse_optionst::help()
     " --verify                     use the abstract domains to check assertions\n"
     // NOLINTNEXTLINE(whitespace/line_length)
     " --simplify file_name         use the abstract domains to simplify the program\n"
+    " --unreachable-instructions   list dead code\n"
+    // NOLINTNEXTLINE(whitespace/line_length)
+    " --unreachable-functions      list functions unreachable from the entry point\n"
+    // NOLINTNEXTLINE(whitespace/line_length)
+    " --reachable-functions        list functions reachable from the entry point\n"
     "\n"
     "Abstract interpreter options:\n"
     // NOLINTNEXTLINE(whitespace/line_length)
@@ -796,11 +847,6 @@ void goto_analyzer_parse_optionst::help()
     "Specific analyses:\n"
     // NOLINTNEXTLINE(whitespace/line_length)
     " --taint file_name            perform taint analysis using rules in given file\n"
-    " --unreachable-instructions   list dead code\n"
-    // NOLINTNEXTLINE(whitespace/line_length)
-    " --unreachable-functions      list functions unreachable from the entry point\n"
-    // NOLINTNEXTLINE(whitespace/line_length)
-    " --reachable-functions        list functions reachable from the entry point\n"
     "\n"
     "C/C++ frontend options:\n"
     " -I path                      set include path (C/C++)\n"
diff --git a/src/goto-analyzer/unreachable_instructions.cpp b/src/goto-analyzer/unreachable_instructions.cpp
diff --git a/src/goto-analyzer/unreachable_instructions.h b/src/goto-analyzer/unreachable_instructions.h
